DWORD WINAPI EV_DebugThread(LPVOID lpStartAddress)
{
EV_fdFileIsDll=false;
unsigned int EV_fdEntryPoint=0;
EV_fdProcessInfo=0;
EV_bpvp_set=false;
DWORD EV_bytes_read=0;
FILE_STATUS_INFO inFileStatus= {0};
IsPE32FileValidEx(EV_szFileName, UE_DEPTH_SURFACE, &inFileStatus);
HANDLE hFile, fileMap;
EV_fdEntryPoint=(long)GetPE32Data(EV_szFileName, 0, UE_OEP);
StaticFileLoad(EV_szFileName, UE_ACCESS_READ, false, &hFile, &EV_bytes_read, &fileMap, &EV_va);
StaticFileClose(hFile);
EV_fdFileIsDll=inFileStatus.FileIsDLL;
if(!EV_fdFileIsDll)
{
EV_fdProcessInfo=(LPPROCESS_INFORMATION)InitDebugEx(EV_szFileName, 0, 0, (void*)EV_cbEntry);
}
else
{
EV_fdProcessInfo=(LPPROCESS_INFORMATION)InitDLLDebug(EV_szFileName, false, 0, 0, (void*)EV_cbEntry);
}
if(EV_fdProcessInfo)
{
DebugLoop();
RemoveListDuplicates(EV_shared, IDC_LIST);
return 0;
}
else
{
MessageBoxA(EV_shared, "Something went wrong during initialization...", "Error!", MB_ICONERROR);
return 0;
}
return 1;
}
void VF_Version(char* szFileName, char* szVersion, cbErrorMessage ErrorMessageCallback)
{
FILE_STATUS_INFO inFileStatus= {0};
g_szVersion=szVersion;
g_fdFileIsDll=false;
g_fdProcessInfo=0;
g_ErrorMessageCallback=ErrorMessageCallback;
IsPE32FileValidEx(szFileName, UE_DEPTH_SURFACE, &inFileStatus);
if(inFileStatus.FileIs64Bit)
{
ErrorMessageCallback((char*)"64-bit files are not (yet) supported!", (char*)"Error!");
return;
}
HANDLE hFile, fileMap;
ULONG_PTR va;
DWORD bytes_read=0;
StaticFileLoad(szFileName, UE_ACCESS_READ, false, &hFile, &bytes_read, &fileMap, &va);
if(!IsArmadilloProtected(va))
{
ErrorMessageCallback((char*)"Not armadillo protected...", (char*)"Error!");
return;
}
StaticFileClose(hFile);
g_fdFileIsDll=inFileStatus.FileIsDLL;
if(!g_fdFileIsDll)
g_fdProcessInfo=(LPPROCESS_INFORMATION)InitDebugEx(szFileName, 0, 0, (void*)cbEntry);
else
g_fdProcessInfo=(LPPROCESS_INFORMATION)InitDLLDebug(szFileName, false, 0, 0, (void*)cbEntry);
if(g_fdProcessInfo)
DebugLoop();
else
ErrorMessageCallback((char*)"Something went wrong during initialization...", (char*)"Error!");
}
DWORD WINAPI IH_DebugThread(LPVOID lpStartAddress) //Thread for debugging
{
g_bFileIsDll=false;
g_fdImageBase=0;
g_fdEntryPoint=0;
IH_fdProcessInfo=0;
g_OutputDebugStringATotalCount=0;
g_OutputDebugStringAMinorCount=0;
DWORD IH_bytes_read=0;
FILE_STATUS_INFO inFileStatus= {0};
IsPE32FileValidEx(g_szFileName, UE_DEPTH_SURFACE, &inFileStatus);
if(inFileStatus.FileIs64Bit)
{
g_ErrorMessageCallback((char*)"64-bit files are not (yet) supported!", (char*)"Error!");
return 0;
}
HANDLE hFile, fileMap;
ULONG_PTR va;
//g_fdImageBase=(long)GetPE32Data(g_szFileName, 0, UE_IMAGEBASE);
//g_PtrTargetData->ImageBase=g_fdImageBase;
g_fdEntryPoint=(long)GetPE32Data(g_szFileName, 0, UE_OEP);
StaticFileLoad(g_szFileName, UE_ACCESS_READ, false, &hFile, &IH_bytes_read, &fileMap, &va);
g_fdEntrySectionNumber=GetPE32SectionNumberFromVA(va, g_fdEntryPoint+GetPE32Data(g_szFileName, 0, UE_IMAGEBASE));
g_PtrTargetData->EntrySectionNumber=g_fdEntrySectionNumber;
StaticFileClose(hFile);
g_fdEntrySectionSize= (long)GetPE32Data(g_szFileName, g_fdEntrySectionNumber, UE_SECTIONVIRTUALSIZE);
g_fdEntrySectionOffset=(long)GetPE32Data(g_szFileName, g_fdEntrySectionNumber, UE_SECTIONVIRTUALOFFSET);
g_bFileIsDll=inFileStatus.FileIsDLL;
if(g_bFileIsDll==false)
{
IH_fdProcessInfo=(LPPROCESS_INFORMATION)InitDebugEx(g_szFileName, 0, 0, (void*)IH_cbEntryPoint);
}
else
{
IH_fdProcessInfo=(LPPROCESS_INFORMATION)InitDLLDebug(g_szFileName, false, 0, 0, (void*)IH_cbDllEntryPoint);
}
if(IH_fdProcessInfo)
{
DebugLoop();
return 0;
}
else
{
g_ErrorMessageCallback((char*)"Something went wrong during initialization...", (char*)"Error!");
return 0;
}
return 1;
}
DWORD WINAPI CT_FindCertificates(void* lpvoid)
{
CT_created_log=false;
CT_isdebugging=true;
patched_magic_jump=false;
fdProcessInfo=0;
magic_value_addr=0;
encrypted_cert_real=0;
encrypted_cert_real_size=0;
cert_func_count=0;
if(CT_cert_data)
{
if(CT_cert_data->projectid)
free2(CT_cert_data->projectid);
if(CT_cert_data->customer_service)
free2(CT_cert_data->customer_service);
if(CT_cert_data->website)
free2(CT_cert_data->website);
if(CT_cert_data->unknown_string)
free2(CT_cert_data->unknown_string);
if(CT_cert_data->stolen_keys)
free2(CT_cert_data->stolen_keys);
if(CT_cert_data->intercepted_libs)
free2(CT_cert_data->intercepted_libs);
if(CT_cert_data->raw_data)
free2(CT_cert_data->raw_data);
if(CT_cert_data->encrypted_data)
free2(CT_cert_data->encrypted_data);
free2(CT_cert_data);
}
CT_cert_data=(CERT_DATA*)malloc2(sizeof(CERT_DATA));
memset(CT_cert_data, 0, sizeof(CERT_DATA));
InitVariables(program_dir, (CT_DATA*)CT_cert_data, StopDebug, 1, GetParent(CT_shared));
FILE_STATUS_INFO inFileStatus= {0};
CT_time1=GetTickCount();
IsPE32FileValidEx(CT_szFileName, UE_DEPTH_SURFACE, &inFileStatus);
if(inFileStatus.FileIs64Bit)
{
MessageBoxA(CT_shared, "64-bit files are not (yet) supported!", "Error!", MB_ICONERROR);
return 0;
}
HANDLE hFile, fileMap;
ULONG_PTR va;
DWORD bytes_read=0;
StaticFileLoad(CT_szFileName, UE_ACCESS_READ, false, &hFile, &bytes_read, &fileMap, &va);
if(!IsArmadilloProtected(va))
{
InitVariables(program_dir, 0, StopDebug, 0, 0);
CT_isdebugging=false;
MessageBoxA(CT_shared, "Not armadillo protected...", "Error!", MB_ICONERROR);
return 0;
}
StaticFileClose(hFile);
fdFileIsDll=inFileStatus.FileIsDLL;
if(!fdFileIsDll)
fdProcessInfo=(LPPROCESS_INFORMATION)InitDebugEx(CT_szFileName, 0, 0, (void*)CT_cbEntry);
else
fdProcessInfo=(LPPROCESS_INFORMATION)InitDLLDebug(CT_szFileName, false, 0, 0, (void*)CT_cbEntry);
if(fdProcessInfo)
{
EnableWindow(GetDlgItem(CT_shared, IDC_BTN_START), 0);
DebugLoop();
InitVariables(program_dir, 0, StopDebug, 0, 0);
CT_ParseCerts();
}
else
MessageBoxA(CT_shared, "Something went wrong during initialization...", "Error!", MB_ICONERROR);
InitVariables(program_dir, 0, StopDebug, 0, 0);
CT_isdebugging=false;
return 0;
}
