Пример #1
0
//==========================================================
//	メインの関数
//==========================================================
BOOL WINAPI WinMain(HINSTANCE hInstance,
					HINSTANCE hPrevInstance,
					LPSTR lpCmdLine,
					int nShowCmd)
{
	TCHAR szDLLPath[MAX_PATH];

	//注入したいDLLのフルパスを取得
	GetModuleFileName( NULL, szDLLPath, sizeof( szDLLPath ) );
	lstrcpy( ( strrchr( szDLLPath, '\\' ) + 1 ), DLL_FILE_NAME );
	
	//とりあえず、本当にDLLが存在するか調べる
	HMODULE hDLL;
	hDLL = LoadLibraryEx(
		szDLLPath,
		NULL,
		LOAD_LIBRARY_AS_DATAFILE);
	if(hDLL == NULL){

		MessageBox(
			NULL,
			"DLLが同じディレクトリに見つかりません。",
			"確認",
			MB_ICONEXCLAMATION);
		
		return -1;
	}

	if(InjectToProcess(szDLLPath,TARGET_PROCESS) == FALSE){

		MessageBox(
			NULL,
			"DLLの注入に失敗しました。\n"
			"InternetExplorerが起動しているか確認してください。\n"
			"また、CreateRemoteThread関数を使用しているので\n"
			"このプログラムは、WindowsNT系専用です。",
			"確認",
			MB_ICONEXCLAMATION);

	}

	return TRUE;

}
Пример #2
0
INT_PTR CALLBACK ShellProc(
  _In_  HWND hwndDlg,
  _In_  UINT uMsg,
  _In_  WPARAM wParam,
  _In_  LPARAM lParam
  )
{
	int idx;
	PWSTR exePath;
	wchar_t addrString[16];
	DWORD address;
	switch (uMsg) 
	{ 
	case WM_COMMAND: 
		switch (LOWORD(wParam)) 
		{ 
		case IDOK: 
			{
				int ccnt=GetDlgItemText(hwndDlg,IDC_ADDRESS,addrString,15);
                if(ccnt==0)
                    address=0;
				else if(!StrToIntEx(addrString,STIF_SUPPORT_HEX,(int*)&address))
				{
					MessageBox(hwndDlg,L"Function address must be a hex number.",0,0);
					break;
				}
				
				int len=GetWindowTextLength(GetDlgItem(hwndDlg,IDC_EXEPATH));

				if(len==0)
				{
					MessageBox(hwndDlg,L"Please select the exe file",0,0);
					break;
				}

				exePath=new wchar_t[len+1];
				if(exePath==0)
				{
					delete[] exePath;
					MessageBox(hwndDlg,L"Not enough memory",0,0);
					break;
				}

				GetDlgItemText(hwndDlg,IDC_EXEPATH,exePath,len+1);
				
				STARTUPINFO si;
				memset1(&si,0,sizeof(si));
				si.cb=sizeof(si);
				PROCESS_INFORMATION pi;
				if(!CreateProcess(0,exePath,0,0,FALSE,CREATE_SUSPENDED,0,0,&si,&pi))
				{
					delete[] exePath;
					MessageBox(hwndDlg,L"Can't start exe!",0,0);
					break;
				}
				delete[] exePath;

				int pathLen=256;
				wchar_t* dllPath=new wchar_t[pathLen];
				int retlen=GetModuleFileName(0,dllPath,pathLen);
				while(GetLastError()==ERROR_INSUFFICIENT_BUFFER)
				{
					delete[] dllPath;
					pathLen*=2;
					dllPath=new wchar_t[pathLen];
					retlen=GetModuleFileName(0,dllPath,pathLen);
				};
				wchar_t* p=dllPath+retlen;
				for(;p>dllPath;p--)
					if(*p==L'\\')
						break;
				*(p+1)=L'\0';
				lstrcat(dllPath,L"extractor.dll");

				int rslt=InjectToProcess(pi.hProcess,pi.hThread,dllPath,(DecoprFunc)address);
				delete[] dllPath;
				if(rslt<0)
				{
					MessageBox(hwndDlg,L"Failed to inject process",0,0);
					break;
				}

				wchar_t pipeName[30];
				wsprintf(pipeName,PIPE_NAME,pi.dwProcessId);

				HANDLE pipe=CreateNamedPipe(pipeName,PIPE_ACCESS_DUPLEX,PIPE_TYPE_BYTE|PIPE_READMODE_BYTE|PIPE_WAIT,
					PIPE_UNLIMITED_INSTANCES,256,256,0,0);

				if(pipe==INVALID_HANDLE_VALUE)
				{
					MessageBox(hwndDlg,L"Faild to create pipe",0,0);
					TerminateProcess(pi.hProcess,0);
					break;
				}
				
				ResumeThread(pi.hThread);

				rslt=PipeComm(pipe,address);
				CloseHandle(pipe);
				if(rslt<0)
				{
					MessageBox(hwndDlg,L"Failed to communicated with sub process",0,0);
					break;
				}

			}
			// Fall through. 

		case IDCANCEL: 
			EndDialog(hwndDlg, wParam); 
			return TRUE; 

		case IDC_ADDRESS:
			if(HIWORD(wParam)==EN_CHANGE)
			{
				idx=SendDlgItemMessage(hwndDlg,IDC_GAMELIST,CB_GETCURSEL,0,0);
				if(idx<g_gameCount)
				{
					int cnt=GetDlgItemText(hwndDlg,IDC_ADDRESS,addrString,15);
                    if(cnt==0)
                        SendDlgItemMessage(hwndDlg,IDC_GAMELIST,CB_SETCURSEL,0,0);
					else if(idx!=CB_ERR && !(StrToIntEx(addrString,STIF_SUPPORT_HEX,(int*)&address) && address==g_gameList[idx].funcAddress))
						SendDlgItemMessage(hwndDlg,IDC_GAMELIST,CB_SETCURSEL,-1,0);
				}
			}
			break;

		case IDC_GAMELIST:
			switch (HIWORD(wParam))
			{
			case CBN_SELCHANGE:
				idx=SendDlgItemMessage(hwndDlg,IDC_GAMELIST,CB_GETCURSEL,0,0);
                if(idx==0)
                {
                    SetDlgItemText(hwndDlg,IDC_ADDRESS,L"");
                }
				else if(idx!=CB_ERR && idx<g_gameCount)
				{
					wsprintf(addrString,L"0x%X",g_gameList[idx].funcAddress);
					SetDlgItemText(hwndDlg,IDC_ADDRESS,addrString);
				}
				break;
			}
			break;

		case IDC_BROWSE:
			if(SUCCEEDED(BasicFileOpen(&exePath)))
			{
				SetDlgItemText(hwndDlg,IDC_EXEPATH,exePath);
				CoTaskMemFree(exePath);
			}
			break;
		case IDC_ABOUT:
			MessageBox(hwndDlg,L"fxckBGI - an extractor for BGI engine.\n\tv" PRODUCT_VERSION L" by AmaF",L"About",MB_ICONINFORMATION);
			break;
		} 
		break;

	case WM_INITDIALOG:
		g_hwnd=hwndDlg;
		HICON icon=LoadIcon(g_hInstance,(LPCWSTR)IDI_ICON1);
		SendMessage(hwndDlg,WM_SETICON,ICON_SMALL,(LPARAM)icon);

        for(int i=0;i<g_gameCount;i++)
        {
            SendDlgItemMessage(hwndDlg,IDC_GAMELIST,CB_ADDSTRING,0,(LPARAM)(g_gameList[i].gameName));
        }
        SendDlgItemMessage(hwndDlg,IDC_GAMELIST,CB_SETCURSEL,0,0);
		return TRUE;
	} 
	return FALSE; 
}