extern int
lzma_decode
(const unsigned char *in_start, size_t in_len, unsigned char *out_start, size_t *pout_len, size_t out_max)
{
size_t nn = out_max;
int x = Lzma86_Decode(out_start, &nn, in_start, &in_len);
*pout_len = nn;
return x == SZ_OK;
}
void WritePieces(HANDLE hProcess)
{
DWORD dwBaseAddress, dwOld;
Byte *pbyOutBuffer;
SizeT sizeMaxSize = 0, outSize = 0;
hHeap = GetProcessHeap();
pbyOutBuffer = (Byte *)HeapAlloc(hHeap, 0, 0);
UInt64 outSize64;
SizeT inSize;
Byte *inBuffer;
for (size_t ix = 0; ix != sizeof(Array_of_Data) / sizeof(tagArray_of_Data); ++ix)
{
Lzma86_GetUnpackSize((Byte *)(Array_of_Data[ix].data),
Array_of_Data[ix].nSize,
&outSize64);
outSize = (SizeT)outSize64;
if (outSize > sizeMaxSize)
{
sizeMaxSize = outSize;
pbyOutBuffer = (Byte *)HeapReAlloc(hHeap, 0, pbyOutBuffer, sizeMaxSize);
}
inSize = Array_of_Data[ix].nSize;
inBuffer = (Byte *)Array_of_Data[ix].data;
Lzma86_Decode(pbyOutBuffer, &outSize, inBuffer, &inSize);
dwBaseAddress = *(DWORD *)pbyOutBuffer;
outSize -= 4;
VirtualAllocEx(hProcess,
(LPVOID)dwBaseAddress,
outSize,
MEM_COMMIT,
PAGE_EXECUTE_READWRITE);
VirtualProtectEx(hProcess, (LPVOID)dwBaseAddress,
outSize, PAGE_EXECUTE_READWRITE, &dwOld);
WriteProcessMemory(hProcess,
(LPVOID)dwBaseAddress,
pbyOutBuffer + 4,
outSize,
0);
}
WriteProcessMemory(hProcess, (LPVOID)0x54A6DD, "\x7", 1, NULL);
HeapFree(hHeap, 0, pbyOutBuffer);
}
void __stdcall ExtractDict(PBYTE *pbDict)
{
UInt64 outSize64;
Byte *inBuffer;
SizeT inSize, outSize;
for (char i = 0; i != countof(Array_of_Data); ++i)
{
Lzma86_GetUnpackSize((Byte *)(Array_of_Data[i].data),
Array_of_Data[i].nSize, &outSize64);
outSize = (SizeT)outSize64;
pbDict[i] = (PBYTE)HeapAlloc(hHeap, 0, outSize);
inSize = Array_of_Data[i].nSize;
inBuffer = (Byte *)Array_of_Data[i].data;
Lzma86_Decode(pbDict[i], &outSize, inBuffer, &inSize);
}
}