inline void WriteProcessMemory_Throwing(const Process& process, void* dst, const void* src, SIZE_T size)
{
SIZE_T numBytesWritten = 0;
if (!WriteProcessMemory(process.handle(), dst, src, size, &numBytesWritten))
{
DWORD errcode = GetLastError();
BOOST_THROW_EXCEPTION(ex_injection() << e_api_function("WriteProcessMemory") << e_text("could not write to memory in remote process") << e_last_error(errcode));
}
if (numBytesWritten != size)
BOOST_THROW_EXCEPTION(ex_injection() << e_api_function("WriteProcessMemory") << e_text("only wrote " + to_string(numBytesWritten) + "/" + to_string(size) + " bytes"));
}
inline void ReadProcessMemory_Throwing(const Process& process, void* address, void* out, SIZE_T size)
{
SIZE_T numBytesRead = (SIZE_T)-1;
if (!ReadProcessMemory(process.handle(), address, out, size, &numBytesRead))
{
DWORD errcode = GetLastError();
BOOST_THROW_EXCEPTION(ex_injection() << e_api_function("ReadProcessMemory") << e_text("could not read memory") << e_last_error(errcode) << e_process(process));
}
if (numBytesRead != size)
BOOST_THROW_EXCEPTION(ex_injection() << e_api_function("ReadProcessMemory") << e_text("only read " + to_string(numBytesRead) + "/" + to_string(size) + " //tes") << e_process(process));
}
Module Process::getInjected(const Library& lib)
{
if (Module module = isInjected(lib))
return module;
else
BOOST_THROW_EXCEPTION(ex_injection() << e_text("failed to find injected library") << e_process(*this) << e_library(lib.path()));
}
Module Process::getInjected(HMODULE hmodule)
{
if (Module module = isInjected(hmodule))
return module;
else
BOOST_THROW_EXCEPTION(ex_injection() << e_text("failed to find module handle") << e_process(*this));
}
inline HANDLE GetStdHandle_Throwing(DWORD nStdHandle)
{
HANDLE h = GetStdHandle(nStdHandle);
if (h == INVALID_HANDLE_VALUE)
{
DWORD errcode = GetLastError();
BOOST_THROW_EXCEPTION(ex_injection() << e_api_function("GetStdHandle") << e_text("error getting handle") << e_last_error(errcode));
}
return h;
}
inline void* VirtualAllocEx_Throwing(const Process& proc, void* address, SIZE_T size, DWORD allocationType, DWORD protect)
{
void* area = VirtualAllocEx(proc.handle(), address, size, allocationType, protect);
if (!area)
{
DWORD errcode = GetLastError();
BOOST_THROW_EXCEPTION(ex_injection() << e_api_function("VirtualAllocEx") << e_text("could not allocate memory") << e_last_error(errcode) << e_process(proc));
}
return area;
}
bool Process::is64bit() const
{
SYSTEM_INFO systemInfo = getNativeSystemInfo();
if (systemInfo.wProcessorArchitecture == PROCESSOR_ARCHITECTURE_AMD64) // x64
return Module::kernel32().isWow64Process(*this);
else if (systemInfo.wProcessorArchitecture == PROCESSOR_ARCHITECTURE_INTEL) // x86
return false;
else
BOOST_THROW_EXCEPTION(ex_injection() << e_text("failed to determine whether x86 or x64") << e_process(*this));
}
DWORD Process::runInHiddenThread(PTHREAD_START_ROUTINE startAddress, LPVOID parameter)
{
Thread thread = createRemoteThread(startAddress, parameter, CREATE_SUSPENDED);
thread.setPriority(THREAD_PRIORITY_TIME_CRITICAL);
thread.hideFromDebugger();
thread.resume();
DWORD exitCode = thread.waitForTermination();
if (!exitCode)
BOOST_THROW_EXCEPTION(ex_injection() << e_text("call to function in remote process failed"));
return exitCode;
}
Process Process::open(const pid_t& pid, bool inheritHandle, DWORD desiredAccess)
{
Process proc(pid, OpenProcess(desiredAccess, inheritHandle, pid));
if (!proc.handle())
{
DWORD errcode = GetLastError();
BOOST_THROW_EXCEPTION(ex_injection() << e_api_function("OpenProcess") << e_text("could not get handle to process") << e_pid(pid) << e_last_error(errcode));
}
else
return proc;
}
Module Process::inject(const Library& lib)
{
if (isInjected(lib))
BOOST_THROW_EXCEPTION(ex_injection() << e_text("library already in process") << e_library(lib.path()) << e_process(*this));
// copy the pathname to the remote process
SIZE_T libPathLen = (lib.path().wstring().size() + 1) * sizeof(wchar_t);
MemoryArea libFileRemote = alloc(libPathLen, true, MEM_COMMIT, PAGE_READWRITE);
libFileRemote.write((void*)(lib.path().c_str()));
PTHREAD_START_ROUTINE loadLibraryW = (PTHREAD_START_ROUTINE)Module::kernel32().getProcAddress("LoadLibraryW");
/*DWORD exitCode =*/ runInHiddenThread(loadLibraryW, libFileRemote.address());
return isInjected(lib);
}
Process Process::findByWindow(wstring className, wstring windowName)
{
HWND hwnd = FindWindowW(className.empty() ? nullptr : className.c_str(), windowName.empty() ? nullptr : windowName.c_str());
if (!hwnd)
{
DWORD errcode = GetLastError();
BOOST_THROW_EXCEPTION(ex_injection() << e_api_function("FindWindow") << e_text("could not find window class:'" + to_string(className) + "' title:'" + to_string(windowName) + "'") << e_last_error(errcode));
}
pid_t pid = 0;
GetWindowThreadProcessId(hwnd, &pid);
if (pid == 0)
BOOST_THROW_EXCEPTION(ex_injection() << e_api_function("GetWindowThreadProcessId") << e_text("could not get process id for window class:'" + to_string(className) + "' title:'" + to_string(windowName) + "'"));
return Process::open(pid);
}
Process Process::findByExeName(wstring name)
{
WinHandle procSnap(CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0), CloseHandle);
if (procSnap.handle() == INVALID_HANDLE_VALUE)
{
DWORD errcode = GetLastError();
BOOST_THROW_EXCEPTION(ex_injection() << e_api_function("CreateToolhelp32Snapshot") << e_text("could not get process snapshot for '" + to_string(name) + "'") << e_last_error(errcode));
}
PROCESSENTRY32W pe32 = { sizeof(PROCESSENTRY32W) };
if (Process32FirstW(procSnap.handle(), &pe32))
{
do
{
if (boost::iequals(name, pe32.szExeFile))
return Process::open(pe32.th32ProcessID);
} while (Process32NextW(procSnap.handle(), &pe32));
}
BOOST_THROW_EXCEPTION(ex_injection() << e_text("could not get find process '" + to_string(name) + "'"));
}
int c_text(void){
c_bss = e_text();
c_data = e_data;
return c_bss;
}
