Inicio Explorar Axuda
Iniciar sesión
videogamepreservation
/
golgotha
réplica de https://github.com/videogamepreservation/golgotha
Seguir 2
Destacar 0
Fork 0
Ficheiros Incidencias 0 Wiki
Rama: master
Ramas Etiquetas
golgotha
/
i4
/
main
/
win32_self_modify.cc

win32_self_modify.cc 2.0 KB
Permalink Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960 
  1. /********************************************************************** <BR>
    2. 

  2.   This file is part of Crack dot Com's free source code release of
    3. 

  3.   Golgotha. <a href="http://www.crack.com/golgotha_release"> <BR> for
    4. 

  4.   information about compiling & licensing issues visit this URL</a> 
    5. 

  5.   <PRE> If that doesn't help, contact Jonathan Clark at 
    6. 

  6.   golgotha_source@usa.net (Subject should have "GOLG" in it) 
    7. 

  7. ***********************************************************************/
    8. 

  8. 

  9. 

  10. #include <windows.h>
    11. 

  11. #include <process.h>
    12. 

  12. #include "error/error.hh"
    13. 

  13. #include "init/init.hh"
    14. 

  14. 

  15. class r1_self_modify_class : public i4_init_class
    16. 

  16. {
    17. 

  17. public:
    18. 

  18. 

  19.   void init()
    20. 

  20.   {
    21. 

  21.     HMODULE                       OurModule = GetModuleHandle(0);
    22. 

  22.     BYTE                         *pBaseOfImage = 0;
    23. 

  23. 

  24.     if ( (GetVersion() & 0xC0000000) == 0x80000000)
    25. 

  25.     {
    26. 

  26.       // We're on Win32s, so get the real pointer
    27. 

  27.       HMODULE                       Win32sKernel = GetModuleHandle("W32SKRNL.DLL");
    28. 

  28. 

  29.       typedef DWORD __stdcall       translator(DWORD);
    30. 

  30.       translator                   *pImteFromHModule =
    31. 

  31.         (translator *) GetProcAddress(Win32sKernel, "_ImteFromHModule@4");
    32. 

  32.       translator                   *pBaseAddrFromImte =
    33. 

  33.         (translator *) GetProcAddress(Win32sKernel, "_BaseAddrFromImte@4");
    34. 

  34. 

  35.       if (pImteFromHModule && pBaseAddrFromImte)
    36. 

  36.       {
    37. 

  37.         DWORD                         Imte = (*pImteFromHModule) ( (DWORD) OurModule);
    38. 

  38. 

  39.         pBaseOfImage = (BYTE *) (*pBaseAddrFromImte) (Imte);
    40. 

  40.       }
    41. 

  41.     }
    42. 

  42.     else
    43. 

  43.       pBaseOfImage = (BYTE *) OurModule;
    44. 

  44. 

  45. 

  46.     if (pBaseOfImage)
    47. 

  47.     {
    48. 

  48.       IMAGE_OPTIONAL_HEADER        *pHeader = (IMAGE_OPTIONAL_HEADER *)
    49. 

  49.         (pBaseOfImage + ( (IMAGE_DOS_HEADER *) pBaseOfImage)->e_lfanew +
    50. 

  50.          sizeof (IMAGE_NT_SIGNATURE) + sizeof (IMAGE_FILE_HEADER));
    51. 

  51. 

  52.       DWORD                         OldRights;
    53. 

  53. 

  54.       VirtualProtect(pBaseOfImage + pHeader->BaseOfCode, pHeader->SizeOfCode,
    55. 

  55.                      PAGE_READWRITE, &OldRights);
    56. 

  56.     }
    57. 

  57.   }
    58. 

  58. 

  59. } r1_self_modify_instance;
    60. 

  60.