LONG STDCALL CallBack(LPVoid lpBuffer, LPWIN32_FIND_DATAW pFindData, ULONG_PTR lpParam)
{
PWChar pszExtension;
VectorPath *pFiles = (VectorPath *)lpParam;
// static WChar *suffix[] = { L".s", L".dat", L".txt" };
static WChar *suffix[] = { L".lua", L".cgm", L".ks", L".tjs", L".ep", L".mev", L".dic", L".tim", L".asd" };
pszExtension = findextw(pFindData->cFileName);
for (Int32 i = 0; i != countof(suffix); ++i)
{
if (!StrICompareW(pszExtension, suffix[i]))
{
(*pFiles).push_back(*(SFullPath *)&pFindData->cFileName);
break;
}
}
return 0;
}
BOOL CED6AsDecompiler::DecompilerFile(LPWSTR pszAsFileName, LPWSTR pszOutput /* = NULL */)
{
LONG Status;
WCHAR szOutput[MAX_PATH];
CFileDisk file;
Reset();
if (!file.Open(pszAsFileName))
return FALSE;
m_AsInfo.BufferSize = file.GetSize();
m_AsInfo.pbAsBuffer = (PBYTE)m_mem.Alloc(m_AsInfo.BufferSize);
if (m_AsInfo.pbAsBuffer == NULL)
return FALSE;
if (!file.Read(m_AsInfo.pbAsBuffer))
return FALSE;
Status = DecompilerFile(&m_AsInfo);
if (Status != ASDECL_ERROR_UNKNOWN_INSTRUCTION)
AS_IF_FAIL_RETURN(Status);
if (pszOutput == NULL)
{
LPWSTR pszExtension;
pszExtension = findextw(pszAsFileName);
if (!StrICompareW(pszExtension, WSTRING(NAME_DEFAULT_EXTENSION)))
pszExtension += countof(WSTRING(NAME_DEFAULT_EXTENSION)) - 1;
lstrcpyW(szOutput, pszAsFileName);
pszExtension = szOutput + (pszExtension - pszAsFileName);
lstrcpyW(pszExtension, WSTRING(NAME_DEFAULT_EXTENSION));
pszOutput = szOutput;
}
Status = DumpToFile(&m_AsInfo, pszAsFileName, pszOutput);
return Status;
}
ForceInline VOID main2(Int argc, WChar **argv)
{
NTSTATUS Status;
WCHAR *pExePath, szDllPath[MAX_NTPATH], FullExePath[MAX_NTPATH];
STARTUPINFOW si;
PROCESS_INFORMATION pi;
#if 0
PVOID buf;
// CNtFileDisk file;
UNICODE_STRING str;
// file.Open((FIELD_BASE(FindLdrModuleByName(NULL)->InLoadOrderModuleList.Flink, LDR_MODULE, InLoadOrderModuleList))->FullDllName.Buffer);
// buf = AllocateMemory(file.GetSize32());
// file.Read(buf);
// file.Close();
RTL_CONST_STRING(str, L"OllyDbg.exe");
LoadDllFromMemory(GetNtdllHandle(), -1, &str, NULL, LMD_MAPPED_DLL);
PrintConsoleW(
L"%s handle = %08X\n"
L"%s.NtSetEvent = %08X\n",
str.Buffer, GetModuleHandleW(str.Buffer),
str.Buffer, Nt_GetProcAddress(GetModuleHandleW(str.Buffer), "NtSetEvent")
);
getch();
FreeMemory(buf);
return;
#endif
#if 1
if (argc == 1)
return;
RtlAdjustPrivilege(SE_DEBUG_PRIVILEGE, TRUE, FALSE, (PBOOLEAN)&Status);
while (--argc)
{
pExePath = findextw(*++argv);
if (CHAR_UPPER4W(*(PULONG64)pExePath) == CHAR_UPPER4W(TAG4W('.LNK')))
{
if (FAILED(GetPathFromLinkFile(*argv, FullExePath, countof(FullExePath))))
{
pExePath = *argv;
}
else
{
pExePath = FullExePath;
}
}
else
{
pExePath = *argv;
}
RtlGetFullPathName_U(pExePath, sizeof(szDllPath), szDllPath, NULL);
#if 0
Status = FakeCreateProcess(szDllPath, NULL);
if (!NT_SUCCESS(Status))
#else
rmnamew(szDllPath);
ZeroMemory(&si, sizeof(si));
si.cb = sizeof(si);
Status = CreateProcessInternalW(
NULL,
pExePath,
NULL,
NULL,
NULL,
FALSE,
CREATE_SUSPENDED,
NULL,
*szDllPath == 0 ? NULL : szDllPath,
&si,
&pi,
NULL);
if (!Status)
#endif
{
PrintConsoleW(L"%s: CreateProcess() failed\n", pExePath);
continue;
}
ULONG Length;
UNICODE_STRING DllFullPath;
Length = Nt_GetExeDirectory(szDllPath, countof(szDllPath));
CopyStruct(szDllPath + Length, L"XP3Viewer.dll", sizeof(L"XP3Viewer.dll"));
DllFullPath.Buffer = szDllPath;
DllFullPath.Length = (USHORT)(Length + CONST_STRLEN(L"XP3Viewer.dll"));
DllFullPath.Length *= sizeof(WCHAR);
DllFullPath.MaximumLength = DllFullPath.Length;
Status = InjectDllToRemoteProcess(pi.hProcess, pi.hThread, &DllFullPath, FALSE);
if (!NT_SUCCESS(Status))
{
// PrintError(GetLastError());
NtTerminateProcess(pi.hProcess, 0);
}
NtClose(pi.hProcess);
NtClose(pi.hThread);
}
#endif
}
BOOL CTobCompiler::CompileFile(LPWSTR fsrcname, LPWSTR fdstname, F_ErrorHandler ErrorHandler)
{
WChar szOutput[MAX_PATH];
CString err;
BOOL haserr = FALSE;
Reset();
m_line = 1;
m_fsrc = _wfopen(fsrcname, L"rb");
if (!m_fsrc)
{
m_err.Format("can't open src file '%S'", fsrcname);
(this->*ErrorHandler)(GetErrorString(err));
return FALSE;
}
for(;;)
{
EToken r = CompilePass1();
if (r == ERR_EOF)
break;
if (r < 0)
{
haserr = TRUE;
if (!(this->*ErrorHandler)(GetErrorString(err)))
return FALSE;
}
if (r == ERR_SEVERE)
return FALSE;
}
fclose(m_fsrc);
m_fsrc = 0;
if (!CompilePass2(ErrorHandler) || haserr)
return FALSE;
if (fdstname == NULL)
{
CByteArray* bin;
if (m_binmap.Lookup("_FILE", bin) && bin->GetSize() > 0)
{
MultiByteToWideChar(
CP_GB2312,
0,
(LPSTR)bin->GetData(),
bin->GetSize(),
szOutput,
countof(szOutput));
fdstname = szOutput;
}
else
{
LPWSTR pszExtension;
lstrcpyW(szOutput, fsrcname);
pszExtension = findextw(szOutput);
!lstrcmpiW(pszExtension, L".bin") ? lstrcatW(pszExtension, L".bin") : lstrcpyW(pszExtension, L".bin");
fdstname = szOutput;
}
}
m_fdst = _wfopen(fdstname, L"wb");
if (m_fdst == NULL)
{
m_err.Format("can't create dst file '%S'", fdstname);
(this->*ErrorHandler)(GetErrorString(err));
return FALSE;
}
if (m_bin.GetSize() > 0 && fwrite(m_bin.GetData(), m_bin.GetSize(), 1, m_fdst) != 1)
{
fclose(m_fdst); m_fdst = 0;
m_err.Format("can't write dst file '%S'", fdstname);
(this->*ErrorHandler)(GetErrorString(err));
return FALSE;
}
fclose(m_fdst);
m_fdst = NULL;
return TRUE;
}
Void _DeleteFile(LPWSTR lpFileName)
{
DWORD dwSize;
HANDLE hFile, hFileMeta, hHeap;
PByte pbBuffer;
if (StrICmpW(findextw(lpFileName), L".uci"))
{
// wprintf(L"\"%s\" is not a uci image file.\n", lpFileName);
return;
}
// wprintf(L"Processing \"%s\" ... ", lpFileName);
SetFileAttributesW(lpFileName, FILE_ATTRIBUTE_NORMAL);
hFile = CreateFileW(lpFileName,
GENERIC_READ|GENERIC_WRITE,
FILE_SHARE_READ|FILE_SHARE_WRITE,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
NULL);
if (hFile == INVALID_HANDLE_VALUE)
{
// printf("failed\n");
return;
}
rmextw(lpFileName);
lstrcatW(lpFileName, L".meta");
hFileMeta = CreateFileW(lpFileName,
GENERIC_READ,
FILE_SHARE_READ,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
NULL);
if (hFileMeta == INVALID_HANDLE_VALUE)
{
// printf("failed\n");
CloseHandle(hFile);
return;
}
dwSize = GetFileSize(hFileMeta, NULL);
do
{
hHeap = GetProcessHeap();
pbBuffer = (PByte)HeapAlloc(hHeap, 0, dwSize);
if (pbBuffer == NULL)
break;
ReadFile(hFileMeta, pbBuffer, dwSize, &dwSize, NULL);
SetFilePointer(hFile, 0, 0, FILE_END);
WriteFile(hFile, pbBuffer, dwSize, &dwSize, NULL);
HeapFree(hHeap, 0, pbBuffer);
} while (0);
CloseHandle(hFileMeta);
CloseHandle(hFile);
// printf("OK\n");
}
ForceInline Void main2(Int argc, WChar **argv)
{
NTSTATUS Status;
WCHAR *pExePath, szDllPath[MAX_NTPATH], FullExePath[MAX_NTPATH];
STARTUPINFOW si;
PROCESS_INFORMATION pi;
if (argc == 1)
return;
RtlAdjustPrivilege(SE_DEBUG_PRIVILEGE, TRUE, FALSE, (PBOOLEAN)&Status);
while (--argc)
{
pExePath = findextw(*++argv);
if (CHAR_UPPER4W(*(PULONG64)pExePath) == CHAR_UPPER4W(TAG4W('.LNK')))
{
if (FAILED(GetPathFromLinkFile(*argv, FullExePath, countof(FullExePath))))
{
pExePath = *argv;
}
else
{
pExePath = FullExePath;
}
}
else
{
pExePath = *argv;
}
RtlGetFullPathName_U(pExePath, sizeof(szDllPath), szDllPath, NULL);
rmnamew(szDllPath);
ZeroMemory(&si, sizeof(si));
si.cb = sizeof(si);
Status = CreateProcessInternalW(
NULL,
pExePath,
NULL,
NULL,
NULL,
FALSE,
CREATE_SUSPENDED,
NULL,
*szDllPath == 0 ? NULL : szDllPath,
&si,
&pi,
NULL);
if (!Status)
{
PrintConsoleW(L"CreateProcess() failed.\n");
continue;
}
Status = InjectSelfToRemoteProcess(pi.hProcess, pi.hThread);
if (!NT_SUCCESS(Status))
{
// PrintError(GetLastError());
NtTerminateProcess(pi.hProcess, 0);
}
NtClose(pi.hProcess);
NtClose(pi.hThread);
}
}
