const Result CtrlrWindows::getDefaultResources(MemoryBlock& dataToWrite)
{
#ifdef DEBUG_INSTANCE
File temp("c:\\devel\\debug_small.bpanelz");
MemoryBlock data;
{
ScopedPointer <FileInputStream> fis (temp.createInputStream());
fis->readIntoMemoryBlock (data);
}
ValueTree t = ValueTree::readFromGZIPData(data.getData(), data.getSize());
if (t.isValid())
{
ValueTree r = t.getChildWithName (Ids::resourceExportList);
if (r.isValid())
{
MemoryOutputStream mos (dataToWrite, false);
{
GZIPCompressorOutputStream gzipOutputStream (&mos);
r.writeToStream(gzipOutputStream);
gzipOutputStream.flush();
}
return (Result::ok());
}
}
else
{
return (Result::fail("Windows Native: getDefaultResources got data but couldn't parse it as a compressed ValueTree"));
}
#endif
return (readResource (nullptr, MAKEINTRESOURCE(CTRLR_INTERNAL_RESOURCES_RESID), RT_RCDATA, dataToWrite));
}
const Result CtrlrWindows::getDefaultPanel(MemoryBlock &dataToWrite)
{
#ifdef DEBUG_INSTANCE
File temp("c:\\devel\\debug_small.bpanelz");
temp.loadFileAsData (dataToWrite);
return (Result::ok());
#endif
return (readResource (nullptr, MAKEINTRESOURCE(CTRLR_INTERNAL_PANEL_RESID), RT_RCDATA, dataToWrite));
}
int loadResource(const char *fileName, short int arg_4, unsigned char** ptr)
{
FILE* resourceFile;
int headerSize;
int offToData;
int dataSize;
int compressedSize;
short int mode;
unsigned char *temp;
resourceFile=openResource(fileName);
if(!resourceFile)
return (-1);
readResource(resourceFile,(char*)&headerSize,4);
if(arg_4>=headerSize/4)
{
closeResource(resourceFile);
return (-1);
}
fseek(resourceFile,arg_4*4,SEEK_SET);
readResource(resourceFile,(char*)&offToData,4);
fseek(resourceFile,offToData,SEEK_SET);
readResource(resourceFile,(char*)&dataSize,4);
readResource(resourceFile,(char*)&compressedSize,4);
readResource(resourceFile,(char*)&mode,2);
*ptr=(unsigned char*)malloc(dataSize);
if(!(*ptr))
return (-1);
if(mode<=0) // uncompressed
{
readResource(resourceFile,(char*)*ptr,dataSize);
}
else // compressed: both modes (1 & 2)
{
temp=(unsigned char*)malloc(compressedSize);
readResource(resourceFile,(char*)temp,compressedSize);
decompResource(dataSize,*ptr,temp,(unsigned char)mode);
free(temp);
}
closeResource(resourceFile);
return dataSize;
}
ResourceExtractor::ResourceExtractor(const boost::property_tree::ptree& engineTree)
: IMutationEngine("ResourceExtractor")
, IXMLParser("ResourceExtractor")
{
validateSubtree(engineTree);
for(const boost::property_tree::ptree::value_type& node : engineTree)
{
std::string nodeName = node.first.data();
if(!findInRequiredSubnodes(nodeName))
continue;
if(nodeName == "Resource")
readResource(node.second);
}
}
Model ModelMaker::createFromXML(const QDomDocument& doc)
{
Model model;
if (doc.isNull())
return model;
QDomElement rdfNode = doc.documentElement();
QDomNodeList list = rdfNode.childNodes();
for (uint i = 0; i < list.length(); ++i)
{
if (list.item(i).isElement())
{
QDomElement el = list.item(i).toElement();
readResource(model, el);
}
}
return model;
}
bool Web::parseResource(cu32 startOfURI) const {
string uri;
if('/' == _httpRequest[startOfURI] && ' ' == _httpRequest[startOfURI + 1]) {
uri = defaultPage;
}
else {
u32 endOfURI = _httpRequest.find(" ", startOfURI);
uri = _httpRequest.substr(startOfURI, endOfURI - startOfURI);
}
u32 length = 0;
u8* resource = NULL;
if(FR_OK != readResource(uri.c_str(), resource, length)) {UARTprintf("Failed to get resource\n");}
string header;
makeHttpHeader(header, length);
if (ERR_OK != netconn_write(_connectionFromClient, header.c_str(), header.size(), NETCONN_COPY)) {UARTprintf("Failed to send default page\n");}
if (ERR_OK != netconn_write(_connectionFromClient, resource, length, NETCONN_NOCOPY)) {UARTprintf("Failed to send default page\n");}
delete resource;
return true;
}
const Result CtrlrWindows::getSignature(MemoryBlock &dataToWrite)
{
return (readResource (nullptr, MAKEINTRESOURCE(CTRLR_INTERNAL_SIGNATURE_RESID), RT_RCDATA, dataToWrite));
}
ResourcePtr ModelMaker::readResource(Model& model, const QDomElement& el)
{
QString rdfns = RDFVocab::self()->namespaceURI();
QString about = QLatin1String("about");
QString resource = QLatin1String("resource");
QString descriptionStr = QLatin1String("Description");
ResourcePtr res;
ResourcePtr type = model.createResource(el.namespaceURI() + el.localName());
if (*type == *(RDFVocab::self()->seq()))
{
SequencePtr seq = model.createSequence(el.attribute(about));
res = seq;
}
else
{
res = model.createResource(el.attribute(about));
}
model.addStatement(res, RDFVocab::self()->type(), type);
QDomNodeList children = el.childNodes();
bool isSeq = res->isSequence();
for (uint i = 0; i < children.length(); ++i)
{
if (children.item(i).isElement())
{
QDomElement ce = children.item(i).toElement();
PropertyPtr pred = model.createProperty(ce.namespaceURI() + ce.localName());
if (ce.hasAttribute(resource)) // referenced Resource via (rdf:)resource
{
NodePtr obj = model.createResource(ce.attribute(resource));
if (isSeq && *pred == *(RDFVocab::self()->li()))
{
SequencePtr tseq = boost::static_pointer_cast<Sequence>(res);
tseq->append(obj);
}
else
model.addStatement(res, pred, obj);
}
else if (!ce.text().isEmpty() && ce.lastChildElement().isNull()) // Literal
{
NodePtr obj = model.createLiteral(ce.text());
if (isSeq && *pred == *(RDFVocab::self()->li()))
{
SequencePtr tseq = boost::static_pointer_cast<Sequence>(res);
tseq->append(obj);
}
else
model.addStatement(res, pred, obj);
}
else // embedded description
{
QDomElement re = ce.lastChildElement();
QString uri = re.attribute(about);
// read recursively
NodePtr obj = readResource(model, re);
if (isSeq && *pred == *(RDFVocab::self()->li()))
{
SequencePtr tseq = boost::static_pointer_cast<Sequence>(res);
tseq->append(obj);
}
else
model.addStatement(res, pred, obj);
}
//TODO: bag, reification (nice to have, but not important for basic RSS 1.0)
}
}
return res;
}
void functionHookedByCuckoo()
{
string functions[12][100];
string res(reinterpret_cast< char const* >(readResource(IDR_TEXT3)));
vector<string> sep = split(res, '\n');
for (int i = 0; i < sep.size(); i++)
{
replace(sep[i], "\r", "");
string buf;
stringstream ss(sep[i]);
string d_f[2];
while (ss >> buf)
{
if (buf.find(",") != std::string::npos)
{
buf.erase(buf.end() - 1);
d_f[0] = buf + ".dll";
}
else
d_f[1] = buf;
}
bool flag = false;
for (size_t i = 0; i < 12; i++)
{
if (d_f[0] == functions[i][0])
{
for (size_t j = 0; j < 100; j++)
{
if (functions[i][j] == "")
{
functions[i][j] = d_f[1];
break;
}
}
flag = true;
break;
}
}
if (!flag)
{
for (size_t i = 0; i < 12; i++)
{
if (functions[i][0] == "")
{
functions[i][0] = d_f[0];
functions[i][1] = d_f[1];
break;
}
}
}
}
/*
ifstream myfile("dllandFunctions.txt");
string line;
if (myfile.is_open())
{
while (getline(myfile, line))
{
string buf;
stringstream ss(line);
string d_f[2];
while (ss >> buf)
{
if (buf.find(",") != std::string::npos)
{
buf.erase(buf.end() - 1);
d_f[0] = buf + ".dll";
}
else
d_f[1] = buf;
}
bool flag = false;
for (size_t i = 0; i < 12; i++)
{
if (d_f[0] == functions[i][0])
{
for (size_t j = 0; j < 100; j++)
{
if (functions[i][j] == "")
{
functions[i][j] = d_f[1];
break;
}
}
flag = true;
break;
}
}
if (!flag)
{
for (size_t i = 0; i < 12; i++)
{
if (functions[i][0] == "")
{
functions[i][0] = d_f[0];
functions[i][1] = d_f[1];
break;
}
}
}
}
myfile.close();
}
*/
FARPROC addr;
try
{
for (size_t i = 0; i < 12; i++)
{
for (size_t j = 0; j < 100; j++)
{
if (functions[i][j] != "")
{
addr = GetProcAddress(LoadLibraryA(functions[i][0].c_str()), functions[i][j].c_str());
if (addr == 0x00000000) continue;
else if (*(BYTE *)addr == 0xE9) {
createAndWriteFile("functionHookedByCuckoo.txt");
printf("Cuckoo detected (Function hook)!!\n"); break;
}
}
}
}
}
catch (int e)
{
perror("ERROR");
}
}
