void Process::remoteDllMainCall(LPVOID lpModuleEntry, HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
struct DLLMAINCALL dllMainCall = { (DLLMAIN)lpModuleEntry, hModule, ul_reason_for_call, lpReserved };
SIZE_T DllMainWrapperSize = (SIZE_T)DllMainWrapper_end - (SIZE_T)DllMainWrapper;
MemoryArea param = alloc(sizeof(struct DLLMAINCALL));
MemoryArea dllCallWrapper = alloc((SIZE_T)((DWORD_PTR)DllMainWrapper_end - (DWORD_PTR)DllMainWrapper));
param.write((LPCVOID)&dllMainCall, sizeof(struct DLLMAINCALL));
dllCallWrapper.write((LPCVOID)DllMainWrapper, DllMainWrapperSize);
runInHiddenThread((LPTHREAD_START_ROUTINE)dllCallWrapper.address(), param.address());
}
bool MemoryManagerV3::uploadFunclet(FuncletCode::Type type)
{
const FuncletCode& funclet = parent->getFunclet(type);
const uint8_t* code = (uint8_t*)funclet.code();
const size_t count = funclet.codeSize();
vector<uint32_t> tmp(code, code + count); // copy funclet into vector
MemoryArea* ram = this->getMemoryArea("system", 0);
return ram && ram->write(0, &tmp[0], count) && ram->sync();
}
Module Process::inject(const Library& lib)
{
if (isInjected(lib))
BOOST_THROW_EXCEPTION(ex_injection() << e_text("library already in process") << e_library(lib.path()) << e_process(*this));
// copy the pathname to the remote process
SIZE_T libPathLen = (lib.path().wstring().size() + 1) * sizeof(wchar_t);
MemoryArea libFileRemote = alloc(libPathLen, true, MEM_COMMIT, PAGE_READWRITE);
libFileRemote.write((void*)(lib.path().c_str()));
PTHREAD_START_ROUTINE loadLibraryW = (PTHREAD_START_ROUTINE)Module::kernel32().getProcAddress("LoadLibraryW");
/*DWORD exitCode =*/ runInHiddenThread(loadLibraryW, libFileRemote.address());
return isInjected(lib);
}