├── AESloader ├── AES.cpp ├── AES.h ├── AESEncoder.cpp ├── AESloader.vcxproj ├── AESloader.vcxproj.filters ├── AESloader.vcxproj.user └── x64 │ └── Release │ ├── AESEncoder.Build.CppClean.log │ ├── AESEncoder.exe.recipe │ ├── AESloader.log │ └── AESloader.vcxproj.FileListAbsolute.txt ├── AvoidRandomKill.sln ├── AvoidRandomKill ├── AES.cpp ├── AES.h ├── AvoidRandomKill.vcxproj ├── AvoidRandomKill.vcxproj.filters ├── AvoidRandomKill.vcxproj.user ├── My_RandomEncrypt.cpp ├── Release │ ├── AES.obj │ ├── AvoidRandomKill.Build.CppClean.log │ ├── AvoidRandomKill.exe.recipe │ ├── AvoidRandomKill.iobj │ ├── AvoidRandomKill.ipdb │ ├── AvoidRandomKill.log │ ├── AvoidRandomKill.tlog │ │ ├── AvoidRandomKill.lastbuildstate │ │ ├── CL.command.1.tlog │ │ ├── CL.read.1.tlog │ │ ├── CL.write.1.tlog │ │ ├── link.command.1.tlog │ │ ├── link.read.1.tlog │ │ └── link.write.1.tlog │ ├── AvoidRandomKill.vcxproj.FileListAbsolute.txt │ ├── test.obj │ └── vc143.pdb └── x64 │ └── Release │ ├── AvoidRandomKill.Build.CppClean.log │ ├── AvoidRandomKill.exe.recipe │ ├── AvoidRandomKill.log │ ├── AvoidRandomKill.tlog │ ├── AvoidRandomKill.lastbuildstate │ ├── CL.command.1.tlog │ ├── CL.read.1.tlog │ ├── CL.write.1.tlog │ ├── link.command.1.tlog │ ├── link.read.1.tlog │ └── link.write.1.tlog │ ├── AvoidRandomKill.vcxproj.FileListAbsolute.txt │ ├── My_Rando.2bfaf78a.tlog │ ├── CL.command.1.tlog │ ├── CL.read.1.tlog │ ├── CL.write.1.tlog │ ├── My_RandomEncrypt_Bypass.lastbuildstate │ ├── link.command.1.tlog │ ├── link.read.1.tlog │ └── link.write.1.tlog │ ├── My_RandomEncrypt.Build.CppClean.log │ ├── My_RandomEncrypt.exe.recipe │ ├── My_RandomEncrypt_Bypass.Build.CppClean.log │ └── My_RandomEncrypt_Bypass.exe.recipe ├── Detours ├── include │ ├── detours.h │ ├── detver.h │ └── syelog.h └── lib.all │ ├── detours_x64.lib │ └── detours_x86.lib └── README.md /AESloader/AES.cpp: -------------------------------------------------------------------------------- 1 | #include "AES.h" 2 | 3 | AES::AES(const AESKeyLength keyLength) { 4 | switch (keyLength) { 5 | case AESKeyLength::AES_128: 6 | this->Nk = 4; 7 | this->Nr = 10; 8 | break; 9 | case AESKeyLength::AES_192: 10 | this->Nk = 6; 11 | this->Nr = 12; 12 | break; 13 | case AESKeyLength::AES_256: 14 | this->Nk = 8; 15 | this->Nr = 14; 16 | break; 17 | } 18 | } 19 | 20 | unsigned char* AES::EncryptECB(const unsigned char in[], unsigned int inLen, 21 | const unsigned char key[]) { 22 | CheckLength(inLen); 23 | unsigned char* out = new unsigned char[inLen]; 24 | unsigned char* roundKeys = new unsigned char[4 * Nb * (Nr + 1)]; 25 | KeyExpansion(key, roundKeys); 26 | for (unsigned int i = 0; i < inLen; i += blockBytesLen) { 27 | EncryptBlock(in + i, out + i, roundKeys); 28 | } 29 | 30 | delete[] roundKeys; 31 | 32 | return out; 33 | } 34 | 35 | unsigned char* AES::DecryptECB(const unsigned char in[], unsigned int inLen, 36 | const unsigned char key[]) { 37 | CheckLength(inLen); 38 | unsigned char* out = new unsigned char[inLen]; 39 | unsigned char* roundKeys = new unsigned char[4 * Nb * (Nr + 1)]; 40 | KeyExpansion(key, roundKeys); 41 | for (unsigned int i = 0; i < inLen; i += blockBytesLen) { 42 | DecryptBlock(in + i, out + i, roundKeys); 43 | } 44 | 45 | delete[] roundKeys; 46 | 47 | return out; 48 | } 49 | 50 | unsigned char* AES::EncryptCBC(const unsigned char in[], unsigned int inLen, 51 | const unsigned char key[], 52 | const unsigned char* iv) { 53 | CheckLength(inLen); 54 | unsigned char* out = new unsigned char[inLen]; 55 | unsigned char block[blockBytesLen]; 56 | unsigned char* roundKeys = new unsigned char[4 * Nb * (Nr + 1)]; 57 | KeyExpansion(key, roundKeys); 58 | memcpy(block, iv, blockBytesLen); 59 | for (unsigned int i = 0; i < inLen; i += blockBytesLen) { 60 | XorBlocks(block, in + i, block, blockBytesLen); 61 | EncryptBlock(block, out + i, roundKeys); 62 | memcpy(block, out + i, blockBytesLen); 63 | } 64 | 65 | delete[] roundKeys; 66 | 67 | return out; 68 | } 69 | 70 | unsigned char* AES::DecryptCBC(const unsigned char in[], unsigned int inLen, 71 | const unsigned char key[], 72 | const unsigned char* iv) { 73 | CheckLength(inLen); 74 | unsigned char* out = new unsigned char[inLen]; 75 | unsigned char block[blockBytesLen]; 76 | unsigned char* roundKeys = new unsigned char[4 * Nb * (Nr + 1)]; 77 | KeyExpansion(key, roundKeys); 78 | memcpy(block, iv, blockBytesLen); 79 | for (unsigned int i = 0; i < inLen; i += blockBytesLen) { 80 | DecryptBlock(in + i, out + i, roundKeys); 81 | XorBlocks(block, out + i, out + i, blockBytesLen); 82 | memcpy(block, in + i, blockBytesLen); 83 | } 84 | 85 | delete[] roundKeys; 86 | 87 | return out; 88 | } 89 | 90 | unsigned char* AES::EncryptCFB(const unsigned char in[], unsigned int inLen, 91 | const unsigned char key[], 92 | const unsigned char* iv) { 93 | CheckLength(inLen); 94 | unsigned char* out = new unsigned char[inLen]; 95 | unsigned char block[blockBytesLen]; 96 | unsigned char encryptedBlock[blockBytesLen]; 97 | unsigned char* roundKeys = new unsigned char[4 * Nb * (Nr + 1)]; 98 | KeyExpansion(key, roundKeys); 99 | memcpy(block, iv, blockBytesLen); 100 | for (unsigned int i = 0; i < inLen; i += blockBytesLen) { 101 | EncryptBlock(block, encryptedBlock, roundKeys); 102 | XorBlocks(in + i, encryptedBlock, out + i, blockBytesLen); 103 | memcpy(block, out + i, blockBytesLen); 104 | } 105 | 106 | delete[] roundKeys; 107 | 108 | return out; 109 | } 110 | 111 | unsigned char* AES::DecryptCFB(const unsigned char in[], unsigned int inLen, 112 | const unsigned char key[], 113 | const unsigned char* iv) { 114 | CheckLength(inLen); 115 | unsigned char* out = new unsigned char[inLen]; 116 | unsigned char block[blockBytesLen]; 117 | unsigned char encryptedBlock[blockBytesLen]; 118 | unsigned char* roundKeys = new unsigned char[4 * Nb * (Nr + 1)]; 119 | KeyExpansion(key, roundKeys); 120 | memcpy(block, iv, blockBytesLen); 121 | for (unsigned int i = 0; i < inLen; i += blockBytesLen) { 122 | EncryptBlock(block, encryptedBlock, roundKeys); 123 | XorBlocks(in + i, encryptedBlock, out + i, blockBytesLen); 124 | memcpy(block, in + i, blockBytesLen); 125 | } 126 | 127 | delete[] roundKeys; 128 | 129 | return out; 130 | } 131 | 132 | void AES::CheckLength(unsigned int len) { 133 | if (len % blockBytesLen != 0) { 134 | throw std::length_error("Plaintext length must be divisible by " + 135 | std::to_string(blockBytesLen)); 136 | } 137 | } 138 | 139 | void AES::EncryptBlock(const unsigned char in[], unsigned char out[], 140 | unsigned char* roundKeys) { 141 | unsigned char state[4][Nb]; 142 | unsigned int i, j, round; 143 | 144 | for (i = 0; i < 4; i++) { 145 | for (j = 0; j < Nb; j++) { 146 | state[i][j] = in[i + 4 * j]; 147 | } 148 | } 149 | 150 | AddRoundKey(state, roundKeys); 151 | 152 | for (round = 1; round <= Nr - 1; round++) { 153 | SubBytes(state); 154 | ShiftRows(state); 155 | MixColumns(state); 156 | AddRoundKey(state, roundKeys + round * 4 * Nb); 157 | } 158 | 159 | SubBytes(state); 160 | ShiftRows(state); 161 | AddRoundKey(state, roundKeys + Nr * 4 * Nb); 162 | 163 | for (i = 0; i < 4; i++) { 164 | for (j = 0; j < Nb; j++) { 165 | out[i + 4 * j] = state[i][j]; 166 | } 167 | } 168 | } 169 | 170 | void AES::DecryptBlock(const unsigned char in[], unsigned char out[], 171 | unsigned char* roundKeys) { 172 | unsigned char state[4][Nb]; 173 | unsigned int i, j, round; 174 | 175 | for (i = 0; i < 4; i++) { 176 | for (j = 0; j < Nb; j++) { 177 | state[i][j] = in[i + 4 * j]; 178 | } 179 | } 180 | 181 | AddRoundKey(state, roundKeys + Nr * 4 * Nb); 182 | 183 | for (round = Nr - 1; round >= 1; round--) { 184 | InvSubBytes(state); 185 | InvShiftRows(state); 186 | AddRoundKey(state, roundKeys + round * 4 * Nb); 187 | InvMixColumns(state); 188 | } 189 | 190 | InvSubBytes(state); 191 | InvShiftRows(state); 192 | AddRoundKey(state, roundKeys); 193 | 194 | for (i = 0; i < 4; i++) { 195 | for (j = 0; j < Nb; j++) { 196 | out[i + 4 * j] = state[i][j]; 197 | } 198 | } 199 | } 200 | 201 | void AES::SubBytes(unsigned char state[4][Nb]) { 202 | unsigned int i, j; 203 | unsigned char t; 204 | for (i = 0; i < 4; i++) { 205 | for (j = 0; j < Nb; j++) { 206 | t = state[i][j]; 207 | state[i][j] = sbox[t / 16][t % 16]; 208 | } 209 | } 210 | } 211 | 212 | void AES::ShiftRow(unsigned char state[4][Nb], unsigned int i, 213 | unsigned int n) // shift row i on n positions 214 | { 215 | unsigned char tmp[Nb]; 216 | for (unsigned int j = 0; j < Nb; j++) { 217 | tmp[j] = state[i][(j + n) % Nb]; 218 | } 219 | memcpy(state[i], tmp, Nb * sizeof(unsigned char)); 220 | } 221 | 222 | void AES::ShiftRows(unsigned char state[4][Nb]) { 223 | ShiftRow(state, 1, 1); 224 | ShiftRow(state, 2, 2); 225 | ShiftRow(state, 3, 3); 226 | } 227 | 228 | unsigned char AES::xtime(unsigned char b) // multiply on x 229 | { 230 | return (b << 1) ^ (((b >> 7) & 1) * 0x1b); 231 | } 232 | 233 | void AES::MixColumns(unsigned char state[4][Nb]) { 234 | unsigned char temp_state[4][Nb]; 235 | 236 | for (size_t i = 0; i < 4; ++i) { 237 | memset(temp_state[i], 0, 4); 238 | } 239 | 240 | for (size_t i = 0; i < 4; ++i) { 241 | for (size_t k = 0; k < 4; ++k) { 242 | for (size_t j = 0; j < 4; ++j) { 243 | if (CMDS[i][k] == 1) 244 | temp_state[i][j] ^= state[k][j]; 245 | else 246 | temp_state[i][j] ^= GF_MUL_TABLE[CMDS[i][k]][state[k][j]]; 247 | } 248 | } 249 | } 250 | 251 | for (size_t i = 0; i < 4; ++i) { 252 | memcpy(state[i], temp_state[i], 4); 253 | } 254 | } 255 | 256 | void AES::AddRoundKey(unsigned char state[4][Nb], unsigned char* key) { 257 | unsigned int i, j; 258 | for (i = 0; i < 4; i++) { 259 | for (j = 0; j < Nb; j++) { 260 | state[i][j] = state[i][j] ^ key[i + 4 * j]; 261 | } 262 | } 263 | } 264 | 265 | void AES::SubWord(unsigned char* a) { 266 | int i; 267 | for (i = 0; i < 4; i++) { 268 | a[i] = sbox[a[i] / 16][a[i] % 16]; 269 | } 270 | } 271 | 272 | void AES::RotWord(unsigned char* a) { 273 | unsigned char c = a[0]; 274 | a[0] = a[1]; 275 | a[1] = a[2]; 276 | a[2] = a[3]; 277 | a[3] = c; 278 | } 279 | 280 | void AES::XorWords(unsigned char* a, unsigned char* b, unsigned char* c) { 281 | int i; 282 | for (i = 0; i < 4; i++) { 283 | c[i] = a[i] ^ b[i]; 284 | } 285 | } 286 | 287 | void AES::Rcon(unsigned char* a, unsigned int n) { 288 | unsigned int i; 289 | unsigned char c = 1; 290 | for (i = 0; i < n - 1; i++) { 291 | c = xtime(c); 292 | } 293 | 294 | a[0] = c; 295 | a[1] = a[2] = a[3] = 0; 296 | } 297 | 298 | void AES::KeyExpansion(const unsigned char key[], unsigned char w[]) { 299 | unsigned char temp[4]; 300 | unsigned char rcon[4]; 301 | 302 | unsigned int i = 0; 303 | while (i < 4 * Nk) { 304 | w[i] = key[i]; 305 | i++; 306 | } 307 | 308 | i = 4 * Nk; 309 | while (i < 4 * Nb * (Nr + 1)) { 310 | temp[0] = w[i - 4 + 0]; 311 | temp[1] = w[i - 4 + 1]; 312 | temp[2] = w[i - 4 + 2]; 313 | temp[3] = w[i - 4 + 3]; 314 | 315 | if (i / 4 % Nk == 0) { 316 | RotWord(temp); 317 | SubWord(temp); 318 | Rcon(rcon, i / (Nk * 4)); 319 | XorWords(temp, rcon, temp); 320 | } 321 | else if (Nk > 6 && i / 4 % Nk == 4) { 322 | SubWord(temp); 323 | } 324 | 325 | w[i + 0] = w[i - 4 * Nk] ^ temp[0]; 326 | w[i + 1] = w[i + 1 - 4 * Nk] ^ temp[1]; 327 | w[i + 2] = w[i + 2 - 4 * Nk] ^ temp[2]; 328 | w[i + 3] = w[i + 3 - 4 * Nk] ^ temp[3]; 329 | i += 4; 330 | } 331 | } 332 | 333 | void AES::InvSubBytes(unsigned char state[4][Nb]) { 334 | unsigned int i, j; 335 | unsigned char t; 336 | for (i = 0; i < 4; i++) { 337 | for (j = 0; j < Nb; j++) { 338 | t = state[i][j]; 339 | state[i][j] = inv_sbox[t / 16][t % 16]; 340 | } 341 | } 342 | } 343 | 344 | void AES::InvMixColumns(unsigned char state[4][Nb]) { 345 | unsigned char temp_state[4][Nb]; 346 | 347 | for (size_t i = 0; i < 4; ++i) { 348 | memset(temp_state[i], 0, 4); 349 | } 350 | 351 | for (size_t i = 0; i < 4; ++i) { 352 | for (size_t k = 0; k < 4; ++k) { 353 | for (size_t j = 0; j < 4; ++j) { 354 | temp_state[i][j] ^= GF_MUL_TABLE[INV_CMDS[i][k]][state[k][j]]; 355 | } 356 | } 357 | } 358 | 359 | for (size_t i = 0; i < 4; ++i) { 360 | memcpy(state[i], temp_state[i], 4); 361 | } 362 | } 363 | 364 | void AES::InvShiftRows(unsigned char state[4][Nb]) { 365 | ShiftRow(state, 1, Nb - 1); 366 | ShiftRow(state, 2, Nb - 2); 367 | ShiftRow(state, 3, Nb - 3); 368 | } 369 | 370 | void AES::XorBlocks(const unsigned char* a, const unsigned char* b, 371 | unsigned char* c, unsigned int len) { 372 | for (unsigned int i = 0; i < len; i++) { 373 | c[i] = a[i] ^ b[i]; 374 | } 375 | } 376 | 377 | void AES::printHexArray(unsigned char a[], unsigned int n) { 378 | for (unsigned int i = 0; i < n; i++) { 379 | printf("%02x ", a[i]); 380 | } 381 | } 382 | 383 | void AES::printHexVector(std::vector a) { 384 | for (unsigned int i = 0; i < a.size(); i++) { 385 | printf("%02x ", a[i]); 386 | } 387 | } 388 | 389 | std::vector AES::ArrayToVector(unsigned char* a, 390 | unsigned int len) { 391 | std::vector v(a, a + len * sizeof(unsigned char)); 392 | return v; 393 | } 394 | 395 | unsigned char* AES::VectorToArray(std::vector& a) { 396 | return a.data(); 397 | } 398 | 399 | std::vector AES::EncryptECB(std::vector in, 400 | std::vector key) { 401 | unsigned char* out = EncryptECB(VectorToArray(in), (unsigned int)in.size(), 402 | VectorToArray(key)); 403 | std::vector v = ArrayToVector(out, in.size()); 404 | delete[] out; 405 | return v; 406 | } 407 | 408 | std::vector AES::DecryptECB(std::vector in, 409 | std::vector key) { 410 | unsigned char* out = DecryptECB(VectorToArray(in), (unsigned int)in.size(), 411 | VectorToArray(key)); 412 | std::vector v = ArrayToVector(out, (unsigned int)in.size()); 413 | delete[] out; 414 | return v; 415 | } 416 | 417 | std::vector AES::EncryptCBC(std::vector in, 418 | std::vector key, 419 | std::vector iv) { 420 | unsigned char* out = EncryptCBC(VectorToArray(in), (unsigned int)in.size(), 421 | VectorToArray(key), VectorToArray(iv)); 422 | std::vector v = ArrayToVector(out, in.size()); 423 | delete[] out; 424 | return v; 425 | } 426 | 427 | std::vector AES::DecryptCBC(std::vector in, 428 | std::vector key, 429 | std::vector iv) { 430 | unsigned char* out = DecryptCBC(VectorToArray(in), (unsigned int)in.size(), 431 | VectorToArray(key), VectorToArray(iv)); 432 | std::vector v = ArrayToVector(out, (unsigned int)in.size()); 433 | delete[] out; 434 | return v; 435 | } 436 | 437 | std::vector AES::EncryptCFB(std::vector in, 438 | std::vector key, 439 | std::vector iv) { 440 | unsigned char* out = EncryptCFB(VectorToArray(in), (unsigned int)in.size(), 441 | VectorToArray(key), VectorToArray(iv)); 442 | std::vector v = ArrayToVector(out, in.size()); 443 | delete[] out; 444 | return v; 445 | } 446 | 447 | std::vector AES::DecryptCFB(std::vector in, 448 | std::vector key, 449 | std::vector iv) { 450 | unsigned char* out = DecryptCFB(VectorToArray(in), (unsigned int)in.size(), 451 | VectorToArray(key), VectorToArray(iv)); 452 | std::vector v = ArrayToVector(out, (unsigned int)in.size()); 453 | delete[] out; 454 | return v; 455 | } -------------------------------------------------------------------------------- /AESloader/AES.h: -------------------------------------------------------------------------------- 1 | #ifndef _AES_H_ 2 | #define _AES_H_ 3 | 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | 11 | enum class AESKeyLength { AES_128, AES_192, AES_256 }; 12 | 13 | class AES { 14 | private: 15 | static constexpr unsigned int Nb = 4; 16 | static constexpr unsigned int blockBytesLen = 4 * Nb * sizeof(unsigned char); 17 | 18 | unsigned int Nk; 19 | unsigned int Nr; 20 | 21 | void SubBytes(unsigned char state[4][Nb]); 22 | 23 | void ShiftRow(unsigned char state[4][Nb], unsigned int i, 24 | unsigned int n); // shift row i on n positions 25 | 26 | void ShiftRows(unsigned char state[4][Nb]); 27 | 28 | unsigned char xtime(unsigned char b); // multiply on x 29 | 30 | void MixColumns(unsigned char state[4][Nb]); 31 | 32 | void AddRoundKey(unsigned char state[4][Nb], unsigned char* key); 33 | 34 | void SubWord(unsigned char* a); 35 | 36 | void RotWord(unsigned char* a); 37 | 38 | void XorWords(unsigned char* a, unsigned char* b, unsigned char* c); 39 | 40 | void Rcon(unsigned char* a, unsigned int n); 41 | 42 | void InvSubBytes(unsigned char state[4][Nb]); 43 | 44 | void InvMixColumns(unsigned char state[4][Nb]); 45 | 46 | void InvShiftRows(unsigned char state[4][Nb]); 47 | 48 | void CheckLength(unsigned int len); 49 | 50 | void KeyExpansion(const unsigned char key[], unsigned char w[]); 51 | 52 | void EncryptBlock(const unsigned char in[], unsigned char out[], 53 | unsigned char key[]); 54 | 55 | void DecryptBlock(const unsigned char in[], unsigned char out[], 56 | unsigned char key[]); 57 | 58 | void XorBlocks(const unsigned char* a, const unsigned char* b, 59 | unsigned char* c, unsigned int len); 60 | 61 | std::vector ArrayToVector(unsigned char* a, unsigned int len); 62 | 63 | unsigned char* VectorToArray(std::vector& a); 64 | 65 | public: 66 | explicit AES(const AESKeyLength keyLength = AESKeyLength::AES_256); 67 | 68 | unsigned char* EncryptECB(const unsigned char in[], unsigned int inLen, 69 | const unsigned char key[]); 70 | 71 | unsigned char* DecryptECB(const unsigned char in[], unsigned int inLen, 72 | const unsigned char key[]); 73 | 74 | unsigned char* EncryptCBC(const unsigned char in[], unsigned int inLen, 75 | const unsigned char key[], const unsigned char* iv); 76 | 77 | unsigned char* DecryptCBC(const unsigned char in[], unsigned int inLen, 78 | const unsigned char key[], const unsigned char* iv); 79 | 80 | unsigned char* EncryptCFB(const unsigned char in[], unsigned int inLen, 81 | const unsigned char key[], const unsigned char* iv); 82 | 83 | unsigned char* DecryptCFB(const unsigned char in[], unsigned int inLen, 84 | const unsigned char key[], const unsigned char* iv); 85 | 86 | std::vector EncryptECB(std::vector in, 87 | std::vector key); 88 | 89 | std::vector DecryptECB(std::vector in, 90 | std::vector key); 91 | 92 | std::vector EncryptCBC(std::vector in, 93 | std::vector key, 94 | std::vector iv); 95 | 96 | std::vector DecryptCBC(std::vector in, 97 | std::vector key, 98 | std::vector iv); 99 | 100 | std::vector EncryptCFB(std::vector in, 101 | std::vector key, 102 | std::vector iv); 103 | 104 | std::vector DecryptCFB(std::vector in, 105 | std::vector key, 106 | std::vector iv); 107 | 108 | void printHexArray(unsigned char a[], unsigned int n); 109 | 110 | void printHexVector(std::vector a); 111 | }; 112 | 113 | const unsigned char sbox[16][16] = { 114 | {0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 115 | 0xfe, 0xd7, 0xab, 0x76}, 116 | {0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 117 | 0x9c, 0xa4, 0x72, 0xc0}, 118 | {0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 119 | 0x71, 0xd8, 0x31, 0x15}, 120 | {0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 121 | 0xeb, 0x27, 0xb2, 0x75}, 122 | {0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 123 | 0x29, 0xe3, 0x2f, 0x84}, 124 | {0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 125 | 0x4a, 0x4c, 0x58, 0xcf}, 126 | {0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 127 | 0x50, 0x3c, 0x9f, 0xa8}, 128 | {0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 129 | 0x10, 0xff, 0xf3, 0xd2}, 130 | {0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 131 | 0x64, 0x5d, 0x19, 0x73}, 132 | {0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 133 | 0xde, 0x5e, 0x0b, 0xdb}, 134 | {0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 135 | 0x91, 0x95, 0xe4, 0x79}, 136 | {0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 137 | 0x65, 0x7a, 0xae, 0x08}, 138 | {0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 139 | 0x4b, 0xbd, 0x8b, 0x8a}, 140 | {0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 141 | 0x86, 0xc1, 0x1d, 0x9e}, 142 | {0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 143 | 0xce, 0x55, 0x28, 0xdf}, 144 | {0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 145 | 0xb0, 0x54, 0xbb, 0x16} }; 146 | 147 | const unsigned char inv_sbox[16][16] = { 148 | {0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 149 | 0x81, 0xf3, 0xd7, 0xfb}, 150 | {0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 151 | 0xc4, 0xde, 0xe9, 0xcb}, 152 | {0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 153 | 0x42, 0xfa, 0xc3, 0x4e}, 154 | {0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 155 | 0x6d, 0x8b, 0xd1, 0x25}, 156 | {0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 157 | 0x5d, 0x65, 0xb6, 0x92}, 158 | {0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 159 | 0xa7, 0x8d, 0x9d, 0x84}, 160 | {0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 161 | 0xb8, 0xb3, 0x45, 0x06}, 162 | {0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 163 | 0x01, 0x13, 0x8a, 0x6b}, 164 | {0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 165 | 0xf0, 0xb4, 0xe6, 0x73}, 166 | {0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 167 | 0x1c, 0x75, 0xdf, 0x6e}, 168 | {0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 169 | 0xaa, 0x18, 0xbe, 0x1b}, 170 | {0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 171 | 0x78, 0xcd, 0x5a, 0xf4}, 172 | {0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 173 | 0x27, 0x80, 0xec, 0x5f}, 174 | {0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 175 | 0x93, 0xc9, 0x9c, 0xef}, 176 | {0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 177 | 0x83, 0x53, 0x99, 0x61}, 178 | {0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 179 | 0x55, 0x21, 0x0c, 0x7d} }; 180 | 181 | /// Galois Multiplication lookup tables 182 | static const unsigned char GF_MUL_TABLE[15][256] = { 183 | {}, 184 | {}, 185 | 186 | // mul 2 187 | {0x00, 0x02, 0x04, 0x06, 0x08, 0x0a, 0x0c, 0x0e, 0x10, 0x12, 0x14, 0x16, 188 | 0x18, 0x1a, 0x1c, 0x1e, 0x20, 0x22, 0x24, 0x26, 0x28, 0x2a, 0x2c, 0x2e, 189 | 0x30, 0x32, 0x34, 0x36, 0x38, 0x3a, 0x3c, 0x3e, 0x40, 0x42, 0x44, 0x46, 190 | 0x48, 0x4a, 0x4c, 0x4e, 0x50, 0x52, 0x54, 0x56, 0x58, 0x5a, 0x5c, 0x5e, 191 | 0x60, 0x62, 0x64, 0x66, 0x68, 0x6a, 0x6c, 0x6e, 0x70, 0x72, 0x74, 0x76, 192 | 0x78, 0x7a, 0x7c, 0x7e, 0x80, 0x82, 0x84, 0x86, 0x88, 0x8a, 0x8c, 0x8e, 193 | 0x90, 0x92, 0x94, 0x96, 0x98, 0x9a, 0x9c, 0x9e, 0xa0, 0xa2, 0xa4, 0xa6, 194 | 0xa8, 0xaa, 0xac, 0xae, 0xb0, 0xb2, 0xb4, 0xb6, 0xb8, 0xba, 0xbc, 0xbe, 195 | 0xc0, 0xc2, 0xc4, 0xc6, 0xc8, 0xca, 0xcc, 0xce, 0xd0, 0xd2, 0xd4, 0xd6, 196 | 0xd8, 0xda, 0xdc, 0xde, 0xe0, 0xe2, 0xe4, 0xe6, 0xe8, 0xea, 0xec, 0xee, 197 | 0xf0, 0xf2, 0xf4, 0xf6, 0xf8, 0xfa, 0xfc, 0xfe, 0x1b, 0x19, 0x1f, 0x1d, 198 | 0x13, 0x11, 0x17, 0x15, 0x0b, 0x09, 0x0f, 0x0d, 0x03, 0x01, 0x07, 0x05, 199 | 0x3b, 0x39, 0x3f, 0x3d, 0x33, 0x31, 0x37, 0x35, 0x2b, 0x29, 0x2f, 0x2d, 200 | 0x23, 0x21, 0x27, 0x25, 0x5b, 0x59, 0x5f, 0x5d, 0x53, 0x51, 0x57, 0x55, 201 | 0x4b, 0x49, 0x4f, 0x4d, 0x43, 0x41, 0x47, 0x45, 0x7b, 0x79, 0x7f, 0x7d, 202 | 0x73, 0x71, 0x77, 0x75, 0x6b, 0x69, 0x6f, 0x6d, 0x63, 0x61, 0x67, 0x65, 203 | 0x9b, 0x99, 0x9f, 0x9d, 0x93, 0x91, 0x97, 0x95, 0x8b, 0x89, 0x8f, 0x8d, 204 | 0x83, 0x81, 0x87, 0x85, 0xbb, 0xb9, 0xbf, 0xbd, 0xb3, 0xb1, 0xb7, 0xb5, 205 | 0xab, 0xa9, 0xaf, 0xad, 0xa3, 0xa1, 0xa7, 0xa5, 0xdb, 0xd9, 0xdf, 0xdd, 206 | 0xd3, 0xd1, 0xd7, 0xd5, 0xcb, 0xc9, 0xcf, 0xcd, 0xc3, 0xc1, 0xc7, 0xc5, 207 | 0xfb, 0xf9, 0xff, 0xfd, 0xf3, 0xf1, 0xf7, 0xf5, 0xeb, 0xe9, 0xef, 0xed, 208 | 0xe3, 0xe1, 0xe7, 0xe5}, 209 | 210 | // mul 3 211 | {0x00, 0x03, 0x06, 0x05, 0x0c, 0x0f, 0x0a, 0x09, 0x18, 0x1b, 0x1e, 0x1d, 212 | 0x14, 0x17, 0x12, 0x11, 0x30, 0x33, 0x36, 0x35, 0x3c, 0x3f, 0x3a, 0x39, 213 | 0x28, 0x2b, 0x2e, 0x2d, 0x24, 0x27, 0x22, 0x21, 0x60, 0x63, 0x66, 0x65, 214 | 0x6c, 0x6f, 0x6a, 0x69, 0x78, 0x7b, 0x7e, 0x7d, 0x74, 0x77, 0x72, 0x71, 215 | 0x50, 0x53, 0x56, 0x55, 0x5c, 0x5f, 0x5a, 0x59, 0x48, 0x4b, 0x4e, 0x4d, 216 | 0x44, 0x47, 0x42, 0x41, 0xc0, 0xc3, 0xc6, 0xc5, 0xcc, 0xcf, 0xca, 0xc9, 217 | 0xd8, 0xdb, 0xde, 0xdd, 0xd4, 0xd7, 0xd2, 0xd1, 0xf0, 0xf3, 0xf6, 0xf5, 218 | 0xfc, 0xff, 0xfa, 0xf9, 0xe8, 0xeb, 0xee, 0xed, 0xe4, 0xe7, 0xe2, 0xe1, 219 | 0xa0, 0xa3, 0xa6, 0xa5, 0xac, 0xaf, 0xaa, 0xa9, 0xb8, 0xbb, 0xbe, 0xbd, 220 | 0xb4, 0xb7, 0xb2, 0xb1, 0x90, 0x93, 0x96, 0x95, 0x9c, 0x9f, 0x9a, 0x99, 221 | 0x88, 0x8b, 0x8e, 0x8d, 0x84, 0x87, 0x82, 0x81, 0x9b, 0x98, 0x9d, 0x9e, 222 | 0x97, 0x94, 0x91, 0x92, 0x83, 0x80, 0x85, 0x86, 0x8f, 0x8c, 0x89, 0x8a, 223 | 0xab, 0xa8, 0xad, 0xae, 0xa7, 0xa4, 0xa1, 0xa2, 0xb3, 0xb0, 0xb5, 0xb6, 224 | 0xbf, 0xbc, 0xb9, 0xba, 0xfb, 0xf8, 0xfd, 0xfe, 0xf7, 0xf4, 0xf1, 0xf2, 225 | 0xe3, 0xe0, 0xe5, 0xe6, 0xef, 0xec, 0xe9, 0xea, 0xcb, 0xc8, 0xcd, 0xce, 226 | 0xc7, 0xc4, 0xc1, 0xc2, 0xd3, 0xd0, 0xd5, 0xd6, 0xdf, 0xdc, 0xd9, 0xda, 227 | 0x5b, 0x58, 0x5d, 0x5e, 0x57, 0x54, 0x51, 0x52, 0x43, 0x40, 0x45, 0x46, 228 | 0x4f, 0x4c, 0x49, 0x4a, 0x6b, 0x68, 0x6d, 0x6e, 0x67, 0x64, 0x61, 0x62, 229 | 0x73, 0x70, 0x75, 0x76, 0x7f, 0x7c, 0x79, 0x7a, 0x3b, 0x38, 0x3d, 0x3e, 230 | 0x37, 0x34, 0x31, 0x32, 0x23, 0x20, 0x25, 0x26, 0x2f, 0x2c, 0x29, 0x2a, 231 | 0x0b, 0x08, 0x0d, 0x0e, 0x07, 0x04, 0x01, 0x02, 0x13, 0x10, 0x15, 0x16, 232 | 0x1f, 0x1c, 0x19, 0x1a}, 233 | 234 | {}, 235 | {}, 236 | {}, 237 | {}, 238 | {}, 239 | 240 | // mul 9 241 | {0x00, 0x09, 0x12, 0x1b, 0x24, 0x2d, 0x36, 0x3f, 0x48, 0x41, 0x5a, 0x53, 242 | 0x6c, 0x65, 0x7e, 0x77, 0x90, 0x99, 0x82, 0x8b, 0xb4, 0xbd, 0xa6, 0xaf, 243 | 0xd8, 0xd1, 0xca, 0xc3, 0xfc, 0xf5, 0xee, 0xe7, 0x3b, 0x32, 0x29, 0x20, 244 | 0x1f, 0x16, 0x0d, 0x04, 0x73, 0x7a, 0x61, 0x68, 0x57, 0x5e, 0x45, 0x4c, 245 | 0xab, 0xa2, 0xb9, 0xb0, 0x8f, 0x86, 0x9d, 0x94, 0xe3, 0xea, 0xf1, 0xf8, 246 | 0xc7, 0xce, 0xd5, 0xdc, 0x76, 0x7f, 0x64, 0x6d, 0x52, 0x5b, 0x40, 0x49, 247 | 0x3e, 0x37, 0x2c, 0x25, 0x1a, 0x13, 0x08, 0x01, 0xe6, 0xef, 0xf4, 0xfd, 248 | 0xc2, 0xcb, 0xd0, 0xd9, 0xae, 0xa7, 0xbc, 0xb5, 0x8a, 0x83, 0x98, 0x91, 249 | 0x4d, 0x44, 0x5f, 0x56, 0x69, 0x60, 0x7b, 0x72, 0x05, 0x0c, 0x17, 0x1e, 250 | 0x21, 0x28, 0x33, 0x3a, 0xdd, 0xd4, 0xcf, 0xc6, 0xf9, 0xf0, 0xeb, 0xe2, 251 | 0x95, 0x9c, 0x87, 0x8e, 0xb1, 0xb8, 0xa3, 0xaa, 0xec, 0xe5, 0xfe, 0xf7, 252 | 0xc8, 0xc1, 0xda, 0xd3, 0xa4, 0xad, 0xb6, 0xbf, 0x80, 0x89, 0x92, 0x9b, 253 | 0x7c, 0x75, 0x6e, 0x67, 0x58, 0x51, 0x4a, 0x43, 0x34, 0x3d, 0x26, 0x2f, 254 | 0x10, 0x19, 0x02, 0x0b, 0xd7, 0xde, 0xc5, 0xcc, 0xf3, 0xfa, 0xe1, 0xe8, 255 | 0x9f, 0x96, 0x8d, 0x84, 0xbb, 0xb2, 0xa9, 0xa0, 0x47, 0x4e, 0x55, 0x5c, 256 | 0x63, 0x6a, 0x71, 0x78, 0x0f, 0x06, 0x1d, 0x14, 0x2b, 0x22, 0x39, 0x30, 257 | 0x9a, 0x93, 0x88, 0x81, 0xbe, 0xb7, 0xac, 0xa5, 0xd2, 0xdb, 0xc0, 0xc9, 258 | 0xf6, 0xff, 0xe4, 0xed, 0x0a, 0x03, 0x18, 0x11, 0x2e, 0x27, 0x3c, 0x35, 259 | 0x42, 0x4b, 0x50, 0x59, 0x66, 0x6f, 0x74, 0x7d, 0xa1, 0xa8, 0xb3, 0xba, 260 | 0x85, 0x8c, 0x97, 0x9e, 0xe9, 0xe0, 0xfb, 0xf2, 0xcd, 0xc4, 0xdf, 0xd6, 261 | 0x31, 0x38, 0x23, 0x2a, 0x15, 0x1c, 0x07, 0x0e, 0x79, 0x70, 0x6b, 0x62, 262 | 0x5d, 0x54, 0x4f, 0x46}, 263 | 264 | {}, 265 | 266 | // mul 11 267 | {0x00, 0x0b, 0x16, 0x1d, 0x2c, 0x27, 0x3a, 0x31, 0x58, 0x53, 0x4e, 0x45, 268 | 0x74, 0x7f, 0x62, 0x69, 0xb0, 0xbb, 0xa6, 0xad, 0x9c, 0x97, 0x8a, 0x81, 269 | 0xe8, 0xe3, 0xfe, 0xf5, 0xc4, 0xcf, 0xd2, 0xd9, 0x7b, 0x70, 0x6d, 0x66, 270 | 0x57, 0x5c, 0x41, 0x4a, 0x23, 0x28, 0x35, 0x3e, 0x0f, 0x04, 0x19, 0x12, 271 | 0xcb, 0xc0, 0xdd, 0xd6, 0xe7, 0xec, 0xf1, 0xfa, 0x93, 0x98, 0x85, 0x8e, 272 | 0xbf, 0xb4, 0xa9, 0xa2, 0xf6, 0xfd, 0xe0, 0xeb, 0xda, 0xd1, 0xcc, 0xc7, 273 | 0xae, 0xa5, 0xb8, 0xb3, 0x82, 0x89, 0x94, 0x9f, 0x46, 0x4d, 0x50, 0x5b, 274 | 0x6a, 0x61, 0x7c, 0x77, 0x1e, 0x15, 0x08, 0x03, 0x32, 0x39, 0x24, 0x2f, 275 | 0x8d, 0x86, 0x9b, 0x90, 0xa1, 0xaa, 0xb7, 0xbc, 0xd5, 0xde, 0xc3, 0xc8, 276 | 0xf9, 0xf2, 0xef, 0xe4, 0x3d, 0x36, 0x2b, 0x20, 0x11, 0x1a, 0x07, 0x0c, 277 | 0x65, 0x6e, 0x73, 0x78, 0x49, 0x42, 0x5f, 0x54, 0xf7, 0xfc, 0xe1, 0xea, 278 | 0xdb, 0xd0, 0xcd, 0xc6, 0xaf, 0xa4, 0xb9, 0xb2, 0x83, 0x88, 0x95, 0x9e, 279 | 0x47, 0x4c, 0x51, 0x5a, 0x6b, 0x60, 0x7d, 0x76, 0x1f, 0x14, 0x09, 0x02, 280 | 0x33, 0x38, 0x25, 0x2e, 0x8c, 0x87, 0x9a, 0x91, 0xa0, 0xab, 0xb6, 0xbd, 281 | 0xd4, 0xdf, 0xc2, 0xc9, 0xf8, 0xf3, 0xee, 0xe5, 0x3c, 0x37, 0x2a, 0x21, 282 | 0x10, 0x1b, 0x06, 0x0d, 0x64, 0x6f, 0x72, 0x79, 0x48, 0x43, 0x5e, 0x55, 283 | 0x01, 0x0a, 0x17, 0x1c, 0x2d, 0x26, 0x3b, 0x30, 0x59, 0x52, 0x4f, 0x44, 284 | 0x75, 0x7e, 0x63, 0x68, 0xb1, 0xba, 0xa7, 0xac, 0x9d, 0x96, 0x8b, 0x80, 285 | 0xe9, 0xe2, 0xff, 0xf4, 0xc5, 0xce, 0xd3, 0xd8, 0x7a, 0x71, 0x6c, 0x67, 286 | 0x56, 0x5d, 0x40, 0x4b, 0x22, 0x29, 0x34, 0x3f, 0x0e, 0x05, 0x18, 0x13, 287 | 0xca, 0xc1, 0xdc, 0xd7, 0xe6, 0xed, 0xf0, 0xfb, 0x92, 0x99, 0x84, 0x8f, 288 | 0xbe, 0xb5, 0xa8, 0xa3}, 289 | 290 | {}, 291 | 292 | // mul 13 293 | {0x00, 0x0d, 0x1a, 0x17, 0x34, 0x39, 0x2e, 0x23, 0x68, 0x65, 0x72, 0x7f, 294 | 0x5c, 0x51, 0x46, 0x4b, 0xd0, 0xdd, 0xca, 0xc7, 0xe4, 0xe9, 0xfe, 0xf3, 295 | 0xb8, 0xb5, 0xa2, 0xaf, 0x8c, 0x81, 0x96, 0x9b, 0xbb, 0xb6, 0xa1, 0xac, 296 | 0x8f, 0x82, 0x95, 0x98, 0xd3, 0xde, 0xc9, 0xc4, 0xe7, 0xea, 0xfd, 0xf0, 297 | 0x6b, 0x66, 0x71, 0x7c, 0x5f, 0x52, 0x45, 0x48, 0x03, 0x0e, 0x19, 0x14, 298 | 0x37, 0x3a, 0x2d, 0x20, 0x6d, 0x60, 0x77, 0x7a, 0x59, 0x54, 0x43, 0x4e, 299 | 0x05, 0x08, 0x1f, 0x12, 0x31, 0x3c, 0x2b, 0x26, 0xbd, 0xb0, 0xa7, 0xaa, 300 | 0x89, 0x84, 0x93, 0x9e, 0xd5, 0xd8, 0xcf, 0xc2, 0xe1, 0xec, 0xfb, 0xf6, 301 | 0xd6, 0xdb, 0xcc, 0xc1, 0xe2, 0xef, 0xf8, 0xf5, 0xbe, 0xb3, 0xa4, 0xa9, 302 | 0x8a, 0x87, 0x90, 0x9d, 0x06, 0x0b, 0x1c, 0x11, 0x32, 0x3f, 0x28, 0x25, 303 | 0x6e, 0x63, 0x74, 0x79, 0x5a, 0x57, 0x40, 0x4d, 0xda, 0xd7, 0xc0, 0xcd, 304 | 0xee, 0xe3, 0xf4, 0xf9, 0xb2, 0xbf, 0xa8, 0xa5, 0x86, 0x8b, 0x9c, 0x91, 305 | 0x0a, 0x07, 0x10, 0x1d, 0x3e, 0x33, 0x24, 0x29, 0x62, 0x6f, 0x78, 0x75, 306 | 0x56, 0x5b, 0x4c, 0x41, 0x61, 0x6c, 0x7b, 0x76, 0x55, 0x58, 0x4f, 0x42, 307 | 0x09, 0x04, 0x13, 0x1e, 0x3d, 0x30, 0x27, 0x2a, 0xb1, 0xbc, 0xab, 0xa6, 308 | 0x85, 0x88, 0x9f, 0x92, 0xd9, 0xd4, 0xc3, 0xce, 0xed, 0xe0, 0xf7, 0xfa, 309 | 0xb7, 0xba, 0xad, 0xa0, 0x83, 0x8e, 0x99, 0x94, 0xdf, 0xd2, 0xc5, 0xc8, 310 | 0xeb, 0xe6, 0xf1, 0xfc, 0x67, 0x6a, 0x7d, 0x70, 0x53, 0x5e, 0x49, 0x44, 311 | 0x0f, 0x02, 0x15, 0x18, 0x3b, 0x36, 0x21, 0x2c, 0x0c, 0x01, 0x16, 0x1b, 312 | 0x38, 0x35, 0x22, 0x2f, 0x64, 0x69, 0x7e, 0x73, 0x50, 0x5d, 0x4a, 0x47, 313 | 0xdc, 0xd1, 0xc6, 0xcb, 0xe8, 0xe5, 0xf2, 0xff, 0xb4, 0xb9, 0xae, 0xa3, 314 | 0x80, 0x8d, 0x9a, 0x97}, 315 | 316 | // mul 14 317 | {0x00, 0x0e, 0x1c, 0x12, 0x38, 0x36, 0x24, 0x2a, 0x70, 0x7e, 0x6c, 0x62, 318 | 0x48, 0x46, 0x54, 0x5a, 0xe0, 0xee, 0xfc, 0xf2, 0xd8, 0xd6, 0xc4, 0xca, 319 | 0x90, 0x9e, 0x8c, 0x82, 0xa8, 0xa6, 0xb4, 0xba, 0xdb, 0xd5, 0xc7, 0xc9, 320 | 0xe3, 0xed, 0xff, 0xf1, 0xab, 0xa5, 0xb7, 0xb9, 0x93, 0x9d, 0x8f, 0x81, 321 | 0x3b, 0x35, 0x27, 0x29, 0x03, 0x0d, 0x1f, 0x11, 0x4b, 0x45, 0x57, 0x59, 322 | 0x73, 0x7d, 0x6f, 0x61, 0xad, 0xa3, 0xb1, 0xbf, 0x95, 0x9b, 0x89, 0x87, 323 | 0xdd, 0xd3, 0xc1, 0xcf, 0xe5, 0xeb, 0xf9, 0xf7, 0x4d, 0x43, 0x51, 0x5f, 324 | 0x75, 0x7b, 0x69, 0x67, 0x3d, 0x33, 0x21, 0x2f, 0x05, 0x0b, 0x19, 0x17, 325 | 0x76, 0x78, 0x6a, 0x64, 0x4e, 0x40, 0x52, 0x5c, 0x06, 0x08, 0x1a, 0x14, 326 | 0x3e, 0x30, 0x22, 0x2c, 0x96, 0x98, 0x8a, 0x84, 0xae, 0xa0, 0xb2, 0xbc, 327 | 0xe6, 0xe8, 0xfa, 0xf4, 0xde, 0xd0, 0xc2, 0xcc, 0x41, 0x4f, 0x5d, 0x53, 328 | 0x79, 0x77, 0x65, 0x6b, 0x31, 0x3f, 0x2d, 0x23, 0x09, 0x07, 0x15, 0x1b, 329 | 0xa1, 0xaf, 0xbd, 0xb3, 0x99, 0x97, 0x85, 0x8b, 0xd1, 0xdf, 0xcd, 0xc3, 330 | 0xe9, 0xe7, 0xf5, 0xfb, 0x9a, 0x94, 0x86, 0x88, 0xa2, 0xac, 0xbe, 0xb0, 331 | 0xea, 0xe4, 0xf6, 0xf8, 0xd2, 0xdc, 0xce, 0xc0, 0x7a, 0x74, 0x66, 0x68, 332 | 0x42, 0x4c, 0x5e, 0x50, 0x0a, 0x04, 0x16, 0x18, 0x32, 0x3c, 0x2e, 0x20, 333 | 0xec, 0xe2, 0xf0, 0xfe, 0xd4, 0xda, 0xc8, 0xc6, 0x9c, 0x92, 0x80, 0x8e, 334 | 0xa4, 0xaa, 0xb8, 0xb6, 0x0c, 0x02, 0x10, 0x1e, 0x34, 0x3a, 0x28, 0x26, 335 | 0x7c, 0x72, 0x60, 0x6e, 0x44, 0x4a, 0x58, 0x56, 0x37, 0x39, 0x2b, 0x25, 336 | 0x0f, 0x01, 0x13, 0x1d, 0x47, 0x49, 0x5b, 0x55, 0x7f, 0x71, 0x63, 0x6d, 337 | 0xd7, 0xd9, 0xcb, 0xc5, 0xef, 0xe1, 0xf3, 0xfd, 0xa7, 0xa9, 0xbb, 0xb5, 338 | 0x9f, 0x91, 0x83, 0x8d} }; 339 | 340 | /// circulant MDS matrix 341 | static const unsigned char CMDS[4][4] = { 342 | {2, 3, 1, 1}, {1, 2, 3, 1}, {1, 1, 2, 3}, {3, 1, 1, 2} }; 343 | 344 | /// Inverse circulant MDS matrix 345 | static const unsigned char INV_CMDS[4][4] = { 346 | {14, 11, 13, 9}, {9, 14, 11, 13}, {13, 9, 14, 11}, {11, 13, 9, 14} }; 347 | 348 | #endif -------------------------------------------------------------------------------- /AESloader/AESEncoder.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AESloader/AESEncoder.cpp -------------------------------------------------------------------------------- /AESloader/AESloader.vcxproj: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Debug 6 | Win32 7 | 8 | 9 | Release 10 | Win32 11 | 12 | 13 | Debug 14 | x64 15 | 16 | 17 | Release 18 | x64 19 | 20 | 21 | 22 | 16.0 23 | Win32Proj 24 | {a2e59253-662a-4f4f-8983-2790e2d988e0} 25 | AESloader 26 | 10.0 27 | AESEncoder 28 | 29 | 30 | 31 | Application 32 | true 33 | v143 34 | Unicode 35 | 36 | 37 | Application 38 | false 39 | v143 40 | true 41 | Unicode 42 | 43 | 44 | Application 45 | true 46 | v143 47 | Unicode 48 | 49 | 50 | Application 51 | false 52 | v143 53 | true 54 | Unicode 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | Level3 77 | true 78 | WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) 79 | true 80 | 81 | 82 | Console 83 | true 84 | 85 | 86 | 87 | 88 | Level3 89 | true 90 | true 91 | true 92 | WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) 93 | true 94 | 95 | 96 | Console 97 | true 98 | true 99 | true 100 | 101 | 102 | 103 | 104 | Level3 105 | true 106 | _DEBUG;_CONSOLE;%(PreprocessorDefinitions) 107 | true 108 | 109 | 110 | Console 111 | true 112 | 113 | 114 | 115 | 116 | Level3 117 | true 118 | true 119 | true 120 | NDEBUG;_CONSOLE;%(PreprocessorDefinitions) 121 | true 122 | 123 | 124 | Console 125 | true 126 | true 127 | true 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | -------------------------------------------------------------------------------- /AESloader/AESloader.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | 18 | 19 | 头文件 20 | 21 | 22 | 源文件 23 | 24 | 25 | 26 | 27 | 头文件 28 | 29 | 30 | -------------------------------------------------------------------------------- /AESloader/AESloader.vcxproj.user: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | -------------------------------------------------------------------------------- /AESloader/x64/Release/AESEncoder.Build.CppClean.log: -------------------------------------------------------------------------------- 1 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\aesloader\x64\release\vc143.pdb 2 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\aesloader\x64\release\aesencoder.obj 3 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\aesloader\x64\release\aes.obj 4 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\x64\release\aesencoder.exe 5 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\aesloader\x64\release\aesencoder.ipdb 6 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\x64\release\aesencoder.pdb 7 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\aesloader\x64\release\aesencoder.iobj 8 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\aesloader\x64\release\aesencoder.tlog\cl.command.1.tlog 9 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\aesloader\x64\release\aesencoder.tlog\cl.read.1.tlog 10 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\aesloader\x64\release\aesencoder.tlog\cl.write.1.tlog 11 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\aesloader\x64\release\aesencoder.tlog\link.command.1.tlog 12 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\aesloader\x64\release\aesencoder.tlog\link.read.1.tlog 13 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\aesloader\x64\release\aesencoder.tlog\link.write.1.tlog 14 | -------------------------------------------------------------------------------- /AESloader/x64/Release/AESEncoder.exe.recipe: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | C:\Users\ga0weI03\VisualStudioProject\AvoidRandomKill\x64\Release\AESEncoder.exe 6 | 7 | 8 | 9 | 10 | 11 | -------------------------------------------------------------------------------- /AESloader/x64/Release/AESloader.log: -------------------------------------------------------------------------------- 1 |  -------------------------------------------------------------------------------- /AESloader/x64/Release/AESloader.vcxproj.FileListAbsolute.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AESloader/x64/Release/AESloader.vcxproj.FileListAbsolute.txt -------------------------------------------------------------------------------- /AvoidRandomKill.sln: -------------------------------------------------------------------------------- 1 |  2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio Version 17 4 | VisualStudioVersion = 17.2.32630.192 5 | MinimumVisualStudioVersion = 10.0.40219.1 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "My_RandomEncrypt_Bypass", "AvoidRandomKill\AvoidRandomKill.vcxproj", "{2BFAF78A-0318-492C-8B92-328130A90CA7}" 7 | EndProject 8 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "AESEncoder", "AESloader\AESloader.vcxproj", "{A2E59253-662A-4F4F-8983-2790E2D988E0}" 9 | EndProject 10 | Global 11 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 12 | Debug|x64 = Debug|x64 13 | Debug|x86 = Debug|x86 14 | Release|x64 = Release|x64 15 | Release|x86 = Release|x86 16 | EndGlobalSection 17 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 18 | {2BFAF78A-0318-492C-8B92-328130A90CA7}.Debug|x64.ActiveCfg = Debug|x64 19 | {2BFAF78A-0318-492C-8B92-328130A90CA7}.Debug|x64.Build.0 = Debug|x64 20 | {2BFAF78A-0318-492C-8B92-328130A90CA7}.Debug|x86.ActiveCfg = Debug|Win32 21 | {2BFAF78A-0318-492C-8B92-328130A90CA7}.Debug|x86.Build.0 = Debug|Win32 22 | {2BFAF78A-0318-492C-8B92-328130A90CA7}.Release|x64.ActiveCfg = Release|x64 23 | {2BFAF78A-0318-492C-8B92-328130A90CA7}.Release|x64.Build.0 = Release|x64 24 | {2BFAF78A-0318-492C-8B92-328130A90CA7}.Release|x86.ActiveCfg = Release|Win32 25 | {2BFAF78A-0318-492C-8B92-328130A90CA7}.Release|x86.Build.0 = Release|Win32 26 | {A2E59253-662A-4F4F-8983-2790E2D988E0}.Debug|x64.ActiveCfg = Debug|x64 27 | {A2E59253-662A-4F4F-8983-2790E2D988E0}.Debug|x64.Build.0 = Debug|x64 28 | {A2E59253-662A-4F4F-8983-2790E2D988E0}.Debug|x86.ActiveCfg = Debug|Win32 29 | {A2E59253-662A-4F4F-8983-2790E2D988E0}.Debug|x86.Build.0 = Debug|Win32 30 | {A2E59253-662A-4F4F-8983-2790E2D988E0}.Release|x64.ActiveCfg = Release|x64 31 | {A2E59253-662A-4F4F-8983-2790E2D988E0}.Release|x64.Build.0 = Release|x64 32 | {A2E59253-662A-4F4F-8983-2790E2D988E0}.Release|x86.ActiveCfg = Release|Win32 33 | {A2E59253-662A-4F4F-8983-2790E2D988E0}.Release|x86.Build.0 = Release|Win32 34 | EndGlobalSection 35 | GlobalSection(SolutionProperties) = preSolution 36 | HideSolutionNode = FALSE 37 | EndGlobalSection 38 | GlobalSection(ExtensibilityGlobals) = postSolution 39 | SolutionGuid = {F9BAF874-1E82-4000-B8B7-35CE99FF6667} 40 | EndGlobalSection 41 | EndGlobal 42 | -------------------------------------------------------------------------------- /AvoidRandomKill/AES.cpp: -------------------------------------------------------------------------------- 1 | #include "AES.h" 2 | 3 | AES::AES(const AESKeyLength keyLength) { 4 | switch (keyLength) { 5 | case AESKeyLength::AES_128: 6 | this->Nk = 4; 7 | this->Nr = 10; 8 | break; 9 | case AESKeyLength::AES_192: 10 | this->Nk = 6; 11 | this->Nr = 12; 12 | break; 13 | case AESKeyLength::AES_256: 14 | this->Nk = 8; 15 | this->Nr = 14; 16 | break; 17 | } 18 | } 19 | 20 | unsigned char* AES::EncryptECB(const unsigned char in[], unsigned int inLen, 21 | const unsigned char key[]) { 22 | CheckLength(inLen); 23 | unsigned char* out = new unsigned char[inLen]; 24 | unsigned char* roundKeys = new unsigned char[4 * Nb * (Nr + 1)]; 25 | KeyExpansion(key, roundKeys); 26 | for (unsigned int i = 0; i < inLen; i += blockBytesLen) { 27 | EncryptBlock(in + i, out + i, roundKeys); 28 | } 29 | 30 | delete[] roundKeys; 31 | 32 | return out; 33 | } 34 | 35 | unsigned char* AES::DecryptECB(const unsigned char in[], unsigned int inLen, 36 | const unsigned char key[]) { 37 | CheckLength(inLen); 38 | unsigned char* out = new unsigned char[inLen]; 39 | unsigned char* roundKeys = new unsigned char[4 * Nb * (Nr + 1)]; 40 | KeyExpansion(key, roundKeys); 41 | for (unsigned int i = 0; i < inLen; i += blockBytesLen) { 42 | DecryptBlock(in + i, out + i, roundKeys); 43 | } 44 | 45 | delete[] roundKeys; 46 | 47 | return out; 48 | } 49 | 50 | unsigned char* AES::EncryptCBC(const unsigned char in[], unsigned int inLen, 51 | const unsigned char key[], 52 | const unsigned char* iv) { 53 | CheckLength(inLen); 54 | unsigned char* out = new unsigned char[inLen]; 55 | unsigned char block[blockBytesLen]; 56 | unsigned char* roundKeys = new unsigned char[4 * Nb * (Nr + 1)]; 57 | KeyExpansion(key, roundKeys); 58 | memcpy(block, iv, blockBytesLen); 59 | for (unsigned int i = 0; i < inLen; i += blockBytesLen) { 60 | XorBlocks(block, in + i, block, blockBytesLen); 61 | EncryptBlock(block, out + i, roundKeys); 62 | memcpy(block, out + i, blockBytesLen); 63 | } 64 | 65 | delete[] roundKeys; 66 | 67 | return out; 68 | } 69 | 70 | unsigned char* AES::DecryptCBC(const unsigned char in[], unsigned int inLen, 71 | const unsigned char key[], 72 | const unsigned char* iv) { 73 | CheckLength(inLen); 74 | unsigned char* out = new unsigned char[inLen]; 75 | unsigned char block[blockBytesLen]; 76 | unsigned char* roundKeys = new unsigned char[4 * Nb * (Nr + 1)]; 77 | KeyExpansion(key, roundKeys); 78 | memcpy(block, iv, blockBytesLen); 79 | for (unsigned int i = 0; i < inLen; i += blockBytesLen) { 80 | DecryptBlock(in + i, out + i, roundKeys); 81 | XorBlocks(block, out + i, out + i, blockBytesLen); 82 | memcpy(block, in + i, blockBytesLen); 83 | } 84 | 85 | delete[] roundKeys; 86 | 87 | return out; 88 | } 89 | 90 | unsigned char* AES::EncryptCFB(const unsigned char in[], unsigned int inLen, 91 | const unsigned char key[], 92 | const unsigned char* iv) { 93 | CheckLength(inLen); 94 | unsigned char* out = new unsigned char[inLen]; 95 | unsigned char block[blockBytesLen]; 96 | unsigned char encryptedBlock[blockBytesLen]; 97 | unsigned char* roundKeys = new unsigned char[4 * Nb * (Nr + 1)]; 98 | KeyExpansion(key, roundKeys); 99 | memcpy(block, iv, blockBytesLen); 100 | for (unsigned int i = 0; i < inLen; i += blockBytesLen) { 101 | EncryptBlock(block, encryptedBlock, roundKeys); 102 | XorBlocks(in + i, encryptedBlock, out + i, blockBytesLen); 103 | memcpy(block, out + i, blockBytesLen); 104 | } 105 | 106 | delete[] roundKeys; 107 | 108 | return out; 109 | } 110 | 111 | unsigned char* AES::DecryptCFB(const unsigned char in[], unsigned int inLen, 112 | const unsigned char key[], 113 | const unsigned char* iv) { 114 | CheckLength(inLen); 115 | unsigned char* out = new unsigned char[inLen]; 116 | unsigned char block[blockBytesLen]; 117 | unsigned char encryptedBlock[blockBytesLen]; 118 | unsigned char* roundKeys = new unsigned char[4 * Nb * (Nr + 1)]; 119 | KeyExpansion(key, roundKeys); 120 | memcpy(block, iv, blockBytesLen); 121 | for (unsigned int i = 0; i < inLen; i += blockBytesLen) { 122 | EncryptBlock(block, encryptedBlock, roundKeys); 123 | XorBlocks(in + i, encryptedBlock, out + i, blockBytesLen); 124 | memcpy(block, in + i, blockBytesLen); 125 | } 126 | 127 | delete[] roundKeys; 128 | 129 | return out; 130 | } 131 | 132 | void AES::CheckLength(unsigned int len) { 133 | if (len % blockBytesLen != 0) { 134 | throw std::length_error("Plaintext length must be divisible by " + 135 | std::to_string(blockBytesLen)); 136 | } 137 | } 138 | 139 | void AES::EncryptBlock(const unsigned char in[], unsigned char out[], 140 | unsigned char* roundKeys) { 141 | unsigned char state[4][Nb]; 142 | unsigned int i, j, round; 143 | 144 | for (i = 0; i < 4; i++) { 145 | for (j = 0; j < Nb; j++) { 146 | state[i][j] = in[i + 4 * j]; 147 | } 148 | } 149 | 150 | AddRoundKey(state, roundKeys); 151 | 152 | for (round = 1; round <= Nr - 1; round++) { 153 | SubBytes(state); 154 | ShiftRows(state); 155 | MixColumns(state); 156 | AddRoundKey(state, roundKeys + round * 4 * Nb); 157 | } 158 | 159 | SubBytes(state); 160 | ShiftRows(state); 161 | AddRoundKey(state, roundKeys + Nr * 4 * Nb); 162 | 163 | for (i = 0; i < 4; i++) { 164 | for (j = 0; j < Nb; j++) { 165 | out[i + 4 * j] = state[i][j]; 166 | } 167 | } 168 | } 169 | 170 | void AES::DecryptBlock(const unsigned char in[], unsigned char out[], 171 | unsigned char* roundKeys) { 172 | unsigned char state[4][Nb]; 173 | unsigned int i, j, round; 174 | 175 | for (i = 0; i < 4; i++) { 176 | for (j = 0; j < Nb; j++) { 177 | state[i][j] = in[i + 4 * j]; 178 | } 179 | } 180 | 181 | AddRoundKey(state, roundKeys + Nr * 4 * Nb); 182 | 183 | for (round = Nr - 1; round >= 1; round--) { 184 | InvSubBytes(state); 185 | InvShiftRows(state); 186 | AddRoundKey(state, roundKeys + round * 4 * Nb); 187 | InvMixColumns(state); 188 | } 189 | 190 | InvSubBytes(state); 191 | InvShiftRows(state); 192 | AddRoundKey(state, roundKeys); 193 | 194 | for (i = 0; i < 4; i++) { 195 | for (j = 0; j < Nb; j++) { 196 | out[i + 4 * j] = state[i][j]; 197 | } 198 | } 199 | } 200 | 201 | void AES::SubBytes(unsigned char state[4][Nb]) { 202 | unsigned int i, j; 203 | unsigned char t; 204 | for (i = 0; i < 4; i++) { 205 | for (j = 0; j < Nb; j++) { 206 | t = state[i][j]; 207 | state[i][j] = sbox[t / 16][t % 16]; 208 | } 209 | } 210 | } 211 | 212 | void AES::ShiftRow(unsigned char state[4][Nb], unsigned int i, 213 | unsigned int n) // shift row i on n positions 214 | { 215 | unsigned char tmp[Nb]; 216 | for (unsigned int j = 0; j < Nb; j++) { 217 | tmp[j] = state[i][(j + n) % Nb]; 218 | } 219 | memcpy(state[i], tmp, Nb * sizeof(unsigned char)); 220 | } 221 | 222 | void AES::ShiftRows(unsigned char state[4][Nb]) { 223 | ShiftRow(state, 1, 1); 224 | ShiftRow(state, 2, 2); 225 | ShiftRow(state, 3, 3); 226 | } 227 | 228 | unsigned char AES::xtime(unsigned char b) // multiply on x 229 | { 230 | return (b << 1) ^ (((b >> 7) & 1) * 0x1b); 231 | } 232 | 233 | void AES::MixColumns(unsigned char state[4][Nb]) { 234 | unsigned char temp_state[4][Nb]; 235 | 236 | for (size_t i = 0; i < 4; ++i) { 237 | memset(temp_state[i], 0, 4); 238 | } 239 | 240 | for (size_t i = 0; i < 4; ++i) { 241 | for (size_t k = 0; k < 4; ++k) { 242 | for (size_t j = 0; j < 4; ++j) { 243 | if (CMDS[i][k] == 1) 244 | temp_state[i][j] ^= state[k][j]; 245 | else 246 | temp_state[i][j] ^= GF_MUL_TABLE[CMDS[i][k]][state[k][j]]; 247 | } 248 | } 249 | } 250 | 251 | for (size_t i = 0; i < 4; ++i) { 252 | memcpy(state[i], temp_state[i], 4); 253 | } 254 | } 255 | 256 | void AES::AddRoundKey(unsigned char state[4][Nb], unsigned char* key) { 257 | unsigned int i, j; 258 | for (i = 0; i < 4; i++) { 259 | for (j = 0; j < Nb; j++) { 260 | state[i][j] = state[i][j] ^ key[i + 4 * j]; 261 | } 262 | } 263 | } 264 | 265 | void AES::SubWord(unsigned char* a) { 266 | int i; 267 | for (i = 0; i < 4; i++) { 268 | a[i] = sbox[a[i] / 16][a[i] % 16]; 269 | } 270 | } 271 | 272 | void AES::RotWord(unsigned char* a) { 273 | unsigned char c = a[0]; 274 | a[0] = a[1]; 275 | a[1] = a[2]; 276 | a[2] = a[3]; 277 | a[3] = c; 278 | } 279 | 280 | void AES::XorWords(unsigned char* a, unsigned char* b, unsigned char* c) { 281 | int i; 282 | for (i = 0; i < 4; i++) { 283 | c[i] = a[i] ^ b[i]; 284 | } 285 | } 286 | 287 | void AES::Rcon(unsigned char* a, unsigned int n) { 288 | unsigned int i; 289 | unsigned char c = 1; 290 | for (i = 0; i < n - 1; i++) { 291 | c = xtime(c); 292 | } 293 | 294 | a[0] = c; 295 | a[1] = a[2] = a[3] = 0; 296 | } 297 | 298 | void AES::KeyExpansion(const unsigned char key[], unsigned char w[]) { 299 | unsigned char temp[4]; 300 | unsigned char rcon[4]; 301 | 302 | unsigned int i = 0; 303 | while (i < 4 * Nk) { 304 | w[i] = key[i]; 305 | i++; 306 | } 307 | 308 | i = 4 * Nk; 309 | while (i < 4 * Nb * (Nr + 1)) { 310 | temp[0] = w[i - 4 + 0]; 311 | temp[1] = w[i - 4 + 1]; 312 | temp[2] = w[i - 4 + 2]; 313 | temp[3] = w[i - 4 + 3]; 314 | 315 | if (i / 4 % Nk == 0) { 316 | RotWord(temp); 317 | SubWord(temp); 318 | Rcon(rcon, i / (Nk * 4)); 319 | XorWords(temp, rcon, temp); 320 | } 321 | else if (Nk > 6 && i / 4 % Nk == 4) { 322 | SubWord(temp); 323 | } 324 | 325 | w[i + 0] = w[i - 4 * Nk] ^ temp[0]; 326 | w[i + 1] = w[i + 1 - 4 * Nk] ^ temp[1]; 327 | w[i + 2] = w[i + 2 - 4 * Nk] ^ temp[2]; 328 | w[i + 3] = w[i + 3 - 4 * Nk] ^ temp[3]; 329 | i += 4; 330 | } 331 | } 332 | 333 | void AES::InvSubBytes(unsigned char state[4][Nb]) { 334 | unsigned int i, j; 335 | unsigned char t; 336 | for (i = 0; i < 4; i++) { 337 | for (j = 0; j < Nb; j++) { 338 | t = state[i][j]; 339 | state[i][j] = inv_sbox[t / 16][t % 16]; 340 | } 341 | } 342 | } 343 | 344 | void AES::InvMixColumns(unsigned char state[4][Nb]) { 345 | unsigned char temp_state[4][Nb]; 346 | 347 | for (size_t i = 0; i < 4; ++i) { 348 | memset(temp_state[i], 0, 4); 349 | } 350 | 351 | for (size_t i = 0; i < 4; ++i) { 352 | for (size_t k = 0; k < 4; ++k) { 353 | for (size_t j = 0; j < 4; ++j) { 354 | temp_state[i][j] ^= GF_MUL_TABLE[INV_CMDS[i][k]][state[k][j]]; 355 | } 356 | } 357 | } 358 | 359 | for (size_t i = 0; i < 4; ++i) { 360 | memcpy(state[i], temp_state[i], 4); 361 | } 362 | } 363 | 364 | void AES::InvShiftRows(unsigned char state[4][Nb]) { 365 | ShiftRow(state, 1, Nb - 1); 366 | ShiftRow(state, 2, Nb - 2); 367 | ShiftRow(state, 3, Nb - 3); 368 | } 369 | 370 | void AES::XorBlocks(const unsigned char* a, const unsigned char* b, 371 | unsigned char* c, unsigned int len) { 372 | for (unsigned int i = 0; i < len; i++) { 373 | c[i] = a[i] ^ b[i]; 374 | } 375 | } 376 | 377 | void AES::printHexArray(unsigned char a[], unsigned int n) { 378 | for (unsigned int i = 0; i < n; i++) { 379 | printf("%02x ", a[i]); 380 | } 381 | } 382 | 383 | void AES::printHexVector(std::vector a) { 384 | for (unsigned int i = 0; i < a.size(); i++) { 385 | printf("%02x ", a[i]); 386 | } 387 | } 388 | 389 | std::vector AES::ArrayToVector(unsigned char* a, 390 | unsigned int len) { 391 | std::vector v(a, a + len * sizeof(unsigned char)); 392 | return v; 393 | } 394 | 395 | unsigned char* AES::VectorToArray(std::vector& a) { 396 | return a.data(); 397 | } 398 | 399 | std::vector AES::EncryptECB(std::vector in, 400 | std::vector key) { 401 | unsigned char* out = EncryptECB(VectorToArray(in), (unsigned int)in.size(), 402 | VectorToArray(key)); 403 | std::vector v = ArrayToVector(out, in.size()); 404 | delete[] out; 405 | return v; 406 | } 407 | 408 | std::vector AES::DecryptECB(std::vector in, 409 | std::vector key) { 410 | unsigned char* out = DecryptECB(VectorToArray(in), (unsigned int)in.size(), 411 | VectorToArray(key)); 412 | std::vector v = ArrayToVector(out, (unsigned int)in.size()); 413 | delete[] out; 414 | return v; 415 | } 416 | 417 | std::vector AES::EncryptCBC(std::vector in, 418 | std::vector key, 419 | std::vector iv) { 420 | unsigned char* out = EncryptCBC(VectorToArray(in), (unsigned int)in.size(), 421 | VectorToArray(key), VectorToArray(iv)); 422 | std::vector v = ArrayToVector(out, in.size()); 423 | delete[] out; 424 | return v; 425 | } 426 | 427 | std::vector AES::DecryptCBC(std::vector in, 428 | std::vector key, 429 | std::vector iv) { 430 | unsigned char* out = DecryptCBC(VectorToArray(in), (unsigned int)in.size(), 431 | VectorToArray(key), VectorToArray(iv)); 432 | std::vector v = ArrayToVector(out, (unsigned int)in.size()); 433 | delete[] out; 434 | return v; 435 | } 436 | 437 | std::vector AES::EncryptCFB(std::vector in, 438 | std::vector key, 439 | std::vector iv) { 440 | unsigned char* out = EncryptCFB(VectorToArray(in), (unsigned int)in.size(), 441 | VectorToArray(key), VectorToArray(iv)); 442 | std::vector v = ArrayToVector(out, in.size()); 443 | delete[] out; 444 | return v; 445 | } 446 | 447 | std::vector AES::DecryptCFB(std::vector in, 448 | std::vector key, 449 | std::vector iv) { 450 | unsigned char* out = DecryptCFB(VectorToArray(in), (unsigned int)in.size(), 451 | VectorToArray(key), VectorToArray(iv)); 452 | std::vector v = ArrayToVector(out, (unsigned int)in.size()); 453 | delete[] out; 454 | return v; 455 | } -------------------------------------------------------------------------------- /AvoidRandomKill/AES.h: -------------------------------------------------------------------------------- 1 | #ifndef _AES_H_ 2 | #define _AES_H_ 3 | 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | 11 | enum class AESKeyLength { AES_128, AES_192, AES_256 }; 12 | 13 | class AES { 14 | private: 15 | static constexpr unsigned int Nb = 4; 16 | static constexpr unsigned int blockBytesLen = 4 * Nb * sizeof(unsigned char); 17 | 18 | unsigned int Nk; 19 | unsigned int Nr; 20 | 21 | void SubBytes(unsigned char state[4][Nb]); 22 | 23 | void ShiftRow(unsigned char state[4][Nb], unsigned int i, 24 | unsigned int n); // shift row i on n positions 25 | 26 | void ShiftRows(unsigned char state[4][Nb]); 27 | 28 | unsigned char xtime(unsigned char b); // multiply on x 29 | 30 | void MixColumns(unsigned char state[4][Nb]); 31 | 32 | void AddRoundKey(unsigned char state[4][Nb], unsigned char* key); 33 | 34 | void SubWord(unsigned char* a); 35 | 36 | void RotWord(unsigned char* a); 37 | 38 | void XorWords(unsigned char* a, unsigned char* b, unsigned char* c); 39 | 40 | void Rcon(unsigned char* a, unsigned int n); 41 | 42 | void InvSubBytes(unsigned char state[4][Nb]); 43 | 44 | void InvMixColumns(unsigned char state[4][Nb]); 45 | 46 | void InvShiftRows(unsigned char state[4][Nb]); 47 | 48 | void CheckLength(unsigned int len); 49 | 50 | void KeyExpansion(const unsigned char key[], unsigned char w[]); 51 | 52 | void EncryptBlock(const unsigned char in[], unsigned char out[], 53 | unsigned char key[]); 54 | 55 | void DecryptBlock(const unsigned char in[], unsigned char out[], 56 | unsigned char key[]); 57 | 58 | void XorBlocks(const unsigned char* a, const unsigned char* b, 59 | unsigned char* c, unsigned int len); 60 | 61 | std::vector ArrayToVector(unsigned char* a, unsigned int len); 62 | 63 | unsigned char* VectorToArray(std::vector& a); 64 | 65 | public: 66 | explicit AES(const AESKeyLength keyLength = AESKeyLength::AES_256); 67 | 68 | unsigned char* EncryptECB(const unsigned char in[], unsigned int inLen, 69 | const unsigned char key[]); 70 | 71 | unsigned char* DecryptECB(const unsigned char in[], unsigned int inLen, 72 | const unsigned char key[]); 73 | 74 | unsigned char* EncryptCBC(const unsigned char in[], unsigned int inLen, 75 | const unsigned char key[], const unsigned char* iv); 76 | 77 | unsigned char* DecryptCBC(const unsigned char in[], unsigned int inLen, 78 | const unsigned char key[], const unsigned char* iv); 79 | 80 | unsigned char* EncryptCFB(const unsigned char in[], unsigned int inLen, 81 | const unsigned char key[], const unsigned char* iv); 82 | 83 | unsigned char* DecryptCFB(const unsigned char in[], unsigned int inLen, 84 | const unsigned char key[], const unsigned char* iv); 85 | 86 | std::vector EncryptECB(std::vector in, 87 | std::vector key); 88 | 89 | std::vector DecryptECB(std::vector in, 90 | std::vector key); 91 | 92 | std::vector EncryptCBC(std::vector in, 93 | std::vector key, 94 | std::vector iv); 95 | 96 | std::vector DecryptCBC(std::vector in, 97 | std::vector key, 98 | std::vector iv); 99 | 100 | std::vector EncryptCFB(std::vector in, 101 | std::vector key, 102 | std::vector iv); 103 | 104 | std::vector DecryptCFB(std::vector in, 105 | std::vector key, 106 | std::vector iv); 107 | 108 | void printHexArray(unsigned char a[], unsigned int n); 109 | 110 | void printHexVector(std::vector a); 111 | }; 112 | 113 | const unsigned char sbox[16][16] = { 114 | {0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 115 | 0xfe, 0xd7, 0xab, 0x76}, 116 | {0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 117 | 0x9c, 0xa4, 0x72, 0xc0}, 118 | {0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 119 | 0x71, 0xd8, 0x31, 0x15}, 120 | {0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 121 | 0xeb, 0x27, 0xb2, 0x75}, 122 | {0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 123 | 0x29, 0xe3, 0x2f, 0x84}, 124 | {0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 125 | 0x4a, 0x4c, 0x58, 0xcf}, 126 | {0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 127 | 0x50, 0x3c, 0x9f, 0xa8}, 128 | {0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 129 | 0x10, 0xff, 0xf3, 0xd2}, 130 | {0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 131 | 0x64, 0x5d, 0x19, 0x73}, 132 | {0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 133 | 0xde, 0x5e, 0x0b, 0xdb}, 134 | {0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 135 | 0x91, 0x95, 0xe4, 0x79}, 136 | {0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 137 | 0x65, 0x7a, 0xae, 0x08}, 138 | {0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 139 | 0x4b, 0xbd, 0x8b, 0x8a}, 140 | {0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 141 | 0x86, 0xc1, 0x1d, 0x9e}, 142 | {0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 143 | 0xce, 0x55, 0x28, 0xdf}, 144 | {0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 145 | 0xb0, 0x54, 0xbb, 0x16} }; 146 | 147 | const unsigned char inv_sbox[16][16] = { 148 | {0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 149 | 0x81, 0xf3, 0xd7, 0xfb}, 150 | {0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 151 | 0xc4, 0xde, 0xe9, 0xcb}, 152 | {0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 153 | 0x42, 0xfa, 0xc3, 0x4e}, 154 | {0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 155 | 0x6d, 0x8b, 0xd1, 0x25}, 156 | {0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 157 | 0x5d, 0x65, 0xb6, 0x92}, 158 | {0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 159 | 0xa7, 0x8d, 0x9d, 0x84}, 160 | {0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 161 | 0xb8, 0xb3, 0x45, 0x06}, 162 | {0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 163 | 0x01, 0x13, 0x8a, 0x6b}, 164 | {0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 165 | 0xf0, 0xb4, 0xe6, 0x73}, 166 | {0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 167 | 0x1c, 0x75, 0xdf, 0x6e}, 168 | {0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 169 | 0xaa, 0x18, 0xbe, 0x1b}, 170 | {0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 171 | 0x78, 0xcd, 0x5a, 0xf4}, 172 | {0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 173 | 0x27, 0x80, 0xec, 0x5f}, 174 | {0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 175 | 0x93, 0xc9, 0x9c, 0xef}, 176 | {0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 177 | 0x83, 0x53, 0x99, 0x61}, 178 | {0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 179 | 0x55, 0x21, 0x0c, 0x7d} }; 180 | 181 | /// Galois Multiplication lookup tables 182 | static const unsigned char GF_MUL_TABLE[15][256] = { 183 | {}, 184 | {}, 185 | 186 | // mul 2 187 | {0x00, 0x02, 0x04, 0x06, 0x08, 0x0a, 0x0c, 0x0e, 0x10, 0x12, 0x14, 0x16, 188 | 0x18, 0x1a, 0x1c, 0x1e, 0x20, 0x22, 0x24, 0x26, 0x28, 0x2a, 0x2c, 0x2e, 189 | 0x30, 0x32, 0x34, 0x36, 0x38, 0x3a, 0x3c, 0x3e, 0x40, 0x42, 0x44, 0x46, 190 | 0x48, 0x4a, 0x4c, 0x4e, 0x50, 0x52, 0x54, 0x56, 0x58, 0x5a, 0x5c, 0x5e, 191 | 0x60, 0x62, 0x64, 0x66, 0x68, 0x6a, 0x6c, 0x6e, 0x70, 0x72, 0x74, 0x76, 192 | 0x78, 0x7a, 0x7c, 0x7e, 0x80, 0x82, 0x84, 0x86, 0x88, 0x8a, 0x8c, 0x8e, 193 | 0x90, 0x92, 0x94, 0x96, 0x98, 0x9a, 0x9c, 0x9e, 0xa0, 0xa2, 0xa4, 0xa6, 194 | 0xa8, 0xaa, 0xac, 0xae, 0xb0, 0xb2, 0xb4, 0xb6, 0xb8, 0xba, 0xbc, 0xbe, 195 | 0xc0, 0xc2, 0xc4, 0xc6, 0xc8, 0xca, 0xcc, 0xce, 0xd0, 0xd2, 0xd4, 0xd6, 196 | 0xd8, 0xda, 0xdc, 0xde, 0xe0, 0xe2, 0xe4, 0xe6, 0xe8, 0xea, 0xec, 0xee, 197 | 0xf0, 0xf2, 0xf4, 0xf6, 0xf8, 0xfa, 0xfc, 0xfe, 0x1b, 0x19, 0x1f, 0x1d, 198 | 0x13, 0x11, 0x17, 0x15, 0x0b, 0x09, 0x0f, 0x0d, 0x03, 0x01, 0x07, 0x05, 199 | 0x3b, 0x39, 0x3f, 0x3d, 0x33, 0x31, 0x37, 0x35, 0x2b, 0x29, 0x2f, 0x2d, 200 | 0x23, 0x21, 0x27, 0x25, 0x5b, 0x59, 0x5f, 0x5d, 0x53, 0x51, 0x57, 0x55, 201 | 0x4b, 0x49, 0x4f, 0x4d, 0x43, 0x41, 0x47, 0x45, 0x7b, 0x79, 0x7f, 0x7d, 202 | 0x73, 0x71, 0x77, 0x75, 0x6b, 0x69, 0x6f, 0x6d, 0x63, 0x61, 0x67, 0x65, 203 | 0x9b, 0x99, 0x9f, 0x9d, 0x93, 0x91, 0x97, 0x95, 0x8b, 0x89, 0x8f, 0x8d, 204 | 0x83, 0x81, 0x87, 0x85, 0xbb, 0xb9, 0xbf, 0xbd, 0xb3, 0xb1, 0xb7, 0xb5, 205 | 0xab, 0xa9, 0xaf, 0xad, 0xa3, 0xa1, 0xa7, 0xa5, 0xdb, 0xd9, 0xdf, 0xdd, 206 | 0xd3, 0xd1, 0xd7, 0xd5, 0xcb, 0xc9, 0xcf, 0xcd, 0xc3, 0xc1, 0xc7, 0xc5, 207 | 0xfb, 0xf9, 0xff, 0xfd, 0xf3, 0xf1, 0xf7, 0xf5, 0xeb, 0xe9, 0xef, 0xed, 208 | 0xe3, 0xe1, 0xe7, 0xe5}, 209 | 210 | // mul 3 211 | {0x00, 0x03, 0x06, 0x05, 0x0c, 0x0f, 0x0a, 0x09, 0x18, 0x1b, 0x1e, 0x1d, 212 | 0x14, 0x17, 0x12, 0x11, 0x30, 0x33, 0x36, 0x35, 0x3c, 0x3f, 0x3a, 0x39, 213 | 0x28, 0x2b, 0x2e, 0x2d, 0x24, 0x27, 0x22, 0x21, 0x60, 0x63, 0x66, 0x65, 214 | 0x6c, 0x6f, 0x6a, 0x69, 0x78, 0x7b, 0x7e, 0x7d, 0x74, 0x77, 0x72, 0x71, 215 | 0x50, 0x53, 0x56, 0x55, 0x5c, 0x5f, 0x5a, 0x59, 0x48, 0x4b, 0x4e, 0x4d, 216 | 0x44, 0x47, 0x42, 0x41, 0xc0, 0xc3, 0xc6, 0xc5, 0xcc, 0xcf, 0xca, 0xc9, 217 | 0xd8, 0xdb, 0xde, 0xdd, 0xd4, 0xd7, 0xd2, 0xd1, 0xf0, 0xf3, 0xf6, 0xf5, 218 | 0xfc, 0xff, 0xfa, 0xf9, 0xe8, 0xeb, 0xee, 0xed, 0xe4, 0xe7, 0xe2, 0xe1, 219 | 0xa0, 0xa3, 0xa6, 0xa5, 0xac, 0xaf, 0xaa, 0xa9, 0xb8, 0xbb, 0xbe, 0xbd, 220 | 0xb4, 0xb7, 0xb2, 0xb1, 0x90, 0x93, 0x96, 0x95, 0x9c, 0x9f, 0x9a, 0x99, 221 | 0x88, 0x8b, 0x8e, 0x8d, 0x84, 0x87, 0x82, 0x81, 0x9b, 0x98, 0x9d, 0x9e, 222 | 0x97, 0x94, 0x91, 0x92, 0x83, 0x80, 0x85, 0x86, 0x8f, 0x8c, 0x89, 0x8a, 223 | 0xab, 0xa8, 0xad, 0xae, 0xa7, 0xa4, 0xa1, 0xa2, 0xb3, 0xb0, 0xb5, 0xb6, 224 | 0xbf, 0xbc, 0xb9, 0xba, 0xfb, 0xf8, 0xfd, 0xfe, 0xf7, 0xf4, 0xf1, 0xf2, 225 | 0xe3, 0xe0, 0xe5, 0xe6, 0xef, 0xec, 0xe9, 0xea, 0xcb, 0xc8, 0xcd, 0xce, 226 | 0xc7, 0xc4, 0xc1, 0xc2, 0xd3, 0xd0, 0xd5, 0xd6, 0xdf, 0xdc, 0xd9, 0xda, 227 | 0x5b, 0x58, 0x5d, 0x5e, 0x57, 0x54, 0x51, 0x52, 0x43, 0x40, 0x45, 0x46, 228 | 0x4f, 0x4c, 0x49, 0x4a, 0x6b, 0x68, 0x6d, 0x6e, 0x67, 0x64, 0x61, 0x62, 229 | 0x73, 0x70, 0x75, 0x76, 0x7f, 0x7c, 0x79, 0x7a, 0x3b, 0x38, 0x3d, 0x3e, 230 | 0x37, 0x34, 0x31, 0x32, 0x23, 0x20, 0x25, 0x26, 0x2f, 0x2c, 0x29, 0x2a, 231 | 0x0b, 0x08, 0x0d, 0x0e, 0x07, 0x04, 0x01, 0x02, 0x13, 0x10, 0x15, 0x16, 232 | 0x1f, 0x1c, 0x19, 0x1a}, 233 | 234 | {}, 235 | {}, 236 | {}, 237 | {}, 238 | {}, 239 | 240 | // mul 9 241 | {0x00, 0x09, 0x12, 0x1b, 0x24, 0x2d, 0x36, 0x3f, 0x48, 0x41, 0x5a, 0x53, 242 | 0x6c, 0x65, 0x7e, 0x77, 0x90, 0x99, 0x82, 0x8b, 0xb4, 0xbd, 0xa6, 0xaf, 243 | 0xd8, 0xd1, 0xca, 0xc3, 0xfc, 0xf5, 0xee, 0xe7, 0x3b, 0x32, 0x29, 0x20, 244 | 0x1f, 0x16, 0x0d, 0x04, 0x73, 0x7a, 0x61, 0x68, 0x57, 0x5e, 0x45, 0x4c, 245 | 0xab, 0xa2, 0xb9, 0xb0, 0x8f, 0x86, 0x9d, 0x94, 0xe3, 0xea, 0xf1, 0xf8, 246 | 0xc7, 0xce, 0xd5, 0xdc, 0x76, 0x7f, 0x64, 0x6d, 0x52, 0x5b, 0x40, 0x49, 247 | 0x3e, 0x37, 0x2c, 0x25, 0x1a, 0x13, 0x08, 0x01, 0xe6, 0xef, 0xf4, 0xfd, 248 | 0xc2, 0xcb, 0xd0, 0xd9, 0xae, 0xa7, 0xbc, 0xb5, 0x8a, 0x83, 0x98, 0x91, 249 | 0x4d, 0x44, 0x5f, 0x56, 0x69, 0x60, 0x7b, 0x72, 0x05, 0x0c, 0x17, 0x1e, 250 | 0x21, 0x28, 0x33, 0x3a, 0xdd, 0xd4, 0xcf, 0xc6, 0xf9, 0xf0, 0xeb, 0xe2, 251 | 0x95, 0x9c, 0x87, 0x8e, 0xb1, 0xb8, 0xa3, 0xaa, 0xec, 0xe5, 0xfe, 0xf7, 252 | 0xc8, 0xc1, 0xda, 0xd3, 0xa4, 0xad, 0xb6, 0xbf, 0x80, 0x89, 0x92, 0x9b, 253 | 0x7c, 0x75, 0x6e, 0x67, 0x58, 0x51, 0x4a, 0x43, 0x34, 0x3d, 0x26, 0x2f, 254 | 0x10, 0x19, 0x02, 0x0b, 0xd7, 0xde, 0xc5, 0xcc, 0xf3, 0xfa, 0xe1, 0xe8, 255 | 0x9f, 0x96, 0x8d, 0x84, 0xbb, 0xb2, 0xa9, 0xa0, 0x47, 0x4e, 0x55, 0x5c, 256 | 0x63, 0x6a, 0x71, 0x78, 0x0f, 0x06, 0x1d, 0x14, 0x2b, 0x22, 0x39, 0x30, 257 | 0x9a, 0x93, 0x88, 0x81, 0xbe, 0xb7, 0xac, 0xa5, 0xd2, 0xdb, 0xc0, 0xc9, 258 | 0xf6, 0xff, 0xe4, 0xed, 0x0a, 0x03, 0x18, 0x11, 0x2e, 0x27, 0x3c, 0x35, 259 | 0x42, 0x4b, 0x50, 0x59, 0x66, 0x6f, 0x74, 0x7d, 0xa1, 0xa8, 0xb3, 0xba, 260 | 0x85, 0x8c, 0x97, 0x9e, 0xe9, 0xe0, 0xfb, 0xf2, 0xcd, 0xc4, 0xdf, 0xd6, 261 | 0x31, 0x38, 0x23, 0x2a, 0x15, 0x1c, 0x07, 0x0e, 0x79, 0x70, 0x6b, 0x62, 262 | 0x5d, 0x54, 0x4f, 0x46}, 263 | 264 | {}, 265 | 266 | // mul 11 267 | {0x00, 0x0b, 0x16, 0x1d, 0x2c, 0x27, 0x3a, 0x31, 0x58, 0x53, 0x4e, 0x45, 268 | 0x74, 0x7f, 0x62, 0x69, 0xb0, 0xbb, 0xa6, 0xad, 0x9c, 0x97, 0x8a, 0x81, 269 | 0xe8, 0xe3, 0xfe, 0xf5, 0xc4, 0xcf, 0xd2, 0xd9, 0x7b, 0x70, 0x6d, 0x66, 270 | 0x57, 0x5c, 0x41, 0x4a, 0x23, 0x28, 0x35, 0x3e, 0x0f, 0x04, 0x19, 0x12, 271 | 0xcb, 0xc0, 0xdd, 0xd6, 0xe7, 0xec, 0xf1, 0xfa, 0x93, 0x98, 0x85, 0x8e, 272 | 0xbf, 0xb4, 0xa9, 0xa2, 0xf6, 0xfd, 0xe0, 0xeb, 0xda, 0xd1, 0xcc, 0xc7, 273 | 0xae, 0xa5, 0xb8, 0xb3, 0x82, 0x89, 0x94, 0x9f, 0x46, 0x4d, 0x50, 0x5b, 274 | 0x6a, 0x61, 0x7c, 0x77, 0x1e, 0x15, 0x08, 0x03, 0x32, 0x39, 0x24, 0x2f, 275 | 0x8d, 0x86, 0x9b, 0x90, 0xa1, 0xaa, 0xb7, 0xbc, 0xd5, 0xde, 0xc3, 0xc8, 276 | 0xf9, 0xf2, 0xef, 0xe4, 0x3d, 0x36, 0x2b, 0x20, 0x11, 0x1a, 0x07, 0x0c, 277 | 0x65, 0x6e, 0x73, 0x78, 0x49, 0x42, 0x5f, 0x54, 0xf7, 0xfc, 0xe1, 0xea, 278 | 0xdb, 0xd0, 0xcd, 0xc6, 0xaf, 0xa4, 0xb9, 0xb2, 0x83, 0x88, 0x95, 0x9e, 279 | 0x47, 0x4c, 0x51, 0x5a, 0x6b, 0x60, 0x7d, 0x76, 0x1f, 0x14, 0x09, 0x02, 280 | 0x33, 0x38, 0x25, 0x2e, 0x8c, 0x87, 0x9a, 0x91, 0xa0, 0xab, 0xb6, 0xbd, 281 | 0xd4, 0xdf, 0xc2, 0xc9, 0xf8, 0xf3, 0xee, 0xe5, 0x3c, 0x37, 0x2a, 0x21, 282 | 0x10, 0x1b, 0x06, 0x0d, 0x64, 0x6f, 0x72, 0x79, 0x48, 0x43, 0x5e, 0x55, 283 | 0x01, 0x0a, 0x17, 0x1c, 0x2d, 0x26, 0x3b, 0x30, 0x59, 0x52, 0x4f, 0x44, 284 | 0x75, 0x7e, 0x63, 0x68, 0xb1, 0xba, 0xa7, 0xac, 0x9d, 0x96, 0x8b, 0x80, 285 | 0xe9, 0xe2, 0xff, 0xf4, 0xc5, 0xce, 0xd3, 0xd8, 0x7a, 0x71, 0x6c, 0x67, 286 | 0x56, 0x5d, 0x40, 0x4b, 0x22, 0x29, 0x34, 0x3f, 0x0e, 0x05, 0x18, 0x13, 287 | 0xca, 0xc1, 0xdc, 0xd7, 0xe6, 0xed, 0xf0, 0xfb, 0x92, 0x99, 0x84, 0x8f, 288 | 0xbe, 0xb5, 0xa8, 0xa3}, 289 | 290 | {}, 291 | 292 | // mul 13 293 | {0x00, 0x0d, 0x1a, 0x17, 0x34, 0x39, 0x2e, 0x23, 0x68, 0x65, 0x72, 0x7f, 294 | 0x5c, 0x51, 0x46, 0x4b, 0xd0, 0xdd, 0xca, 0xc7, 0xe4, 0xe9, 0xfe, 0xf3, 295 | 0xb8, 0xb5, 0xa2, 0xaf, 0x8c, 0x81, 0x96, 0x9b, 0xbb, 0xb6, 0xa1, 0xac, 296 | 0x8f, 0x82, 0x95, 0x98, 0xd3, 0xde, 0xc9, 0xc4, 0xe7, 0xea, 0xfd, 0xf0, 297 | 0x6b, 0x66, 0x71, 0x7c, 0x5f, 0x52, 0x45, 0x48, 0x03, 0x0e, 0x19, 0x14, 298 | 0x37, 0x3a, 0x2d, 0x20, 0x6d, 0x60, 0x77, 0x7a, 0x59, 0x54, 0x43, 0x4e, 299 | 0x05, 0x08, 0x1f, 0x12, 0x31, 0x3c, 0x2b, 0x26, 0xbd, 0xb0, 0xa7, 0xaa, 300 | 0x89, 0x84, 0x93, 0x9e, 0xd5, 0xd8, 0xcf, 0xc2, 0xe1, 0xec, 0xfb, 0xf6, 301 | 0xd6, 0xdb, 0xcc, 0xc1, 0xe2, 0xef, 0xf8, 0xf5, 0xbe, 0xb3, 0xa4, 0xa9, 302 | 0x8a, 0x87, 0x90, 0x9d, 0x06, 0x0b, 0x1c, 0x11, 0x32, 0x3f, 0x28, 0x25, 303 | 0x6e, 0x63, 0x74, 0x79, 0x5a, 0x57, 0x40, 0x4d, 0xda, 0xd7, 0xc0, 0xcd, 304 | 0xee, 0xe3, 0xf4, 0xf9, 0xb2, 0xbf, 0xa8, 0xa5, 0x86, 0x8b, 0x9c, 0x91, 305 | 0x0a, 0x07, 0x10, 0x1d, 0x3e, 0x33, 0x24, 0x29, 0x62, 0x6f, 0x78, 0x75, 306 | 0x56, 0x5b, 0x4c, 0x41, 0x61, 0x6c, 0x7b, 0x76, 0x55, 0x58, 0x4f, 0x42, 307 | 0x09, 0x04, 0x13, 0x1e, 0x3d, 0x30, 0x27, 0x2a, 0xb1, 0xbc, 0xab, 0xa6, 308 | 0x85, 0x88, 0x9f, 0x92, 0xd9, 0xd4, 0xc3, 0xce, 0xed, 0xe0, 0xf7, 0xfa, 309 | 0xb7, 0xba, 0xad, 0xa0, 0x83, 0x8e, 0x99, 0x94, 0xdf, 0xd2, 0xc5, 0xc8, 310 | 0xeb, 0xe6, 0xf1, 0xfc, 0x67, 0x6a, 0x7d, 0x70, 0x53, 0x5e, 0x49, 0x44, 311 | 0x0f, 0x02, 0x15, 0x18, 0x3b, 0x36, 0x21, 0x2c, 0x0c, 0x01, 0x16, 0x1b, 312 | 0x38, 0x35, 0x22, 0x2f, 0x64, 0x69, 0x7e, 0x73, 0x50, 0x5d, 0x4a, 0x47, 313 | 0xdc, 0xd1, 0xc6, 0xcb, 0xe8, 0xe5, 0xf2, 0xff, 0xb4, 0xb9, 0xae, 0xa3, 314 | 0x80, 0x8d, 0x9a, 0x97}, 315 | 316 | // mul 14 317 | {0x00, 0x0e, 0x1c, 0x12, 0x38, 0x36, 0x24, 0x2a, 0x70, 0x7e, 0x6c, 0x62, 318 | 0x48, 0x46, 0x54, 0x5a, 0xe0, 0xee, 0xfc, 0xf2, 0xd8, 0xd6, 0xc4, 0xca, 319 | 0x90, 0x9e, 0x8c, 0x82, 0xa8, 0xa6, 0xb4, 0xba, 0xdb, 0xd5, 0xc7, 0xc9, 320 | 0xe3, 0xed, 0xff, 0xf1, 0xab, 0xa5, 0xb7, 0xb9, 0x93, 0x9d, 0x8f, 0x81, 321 | 0x3b, 0x35, 0x27, 0x29, 0x03, 0x0d, 0x1f, 0x11, 0x4b, 0x45, 0x57, 0x59, 322 | 0x73, 0x7d, 0x6f, 0x61, 0xad, 0xa3, 0xb1, 0xbf, 0x95, 0x9b, 0x89, 0x87, 323 | 0xdd, 0xd3, 0xc1, 0xcf, 0xe5, 0xeb, 0xf9, 0xf7, 0x4d, 0x43, 0x51, 0x5f, 324 | 0x75, 0x7b, 0x69, 0x67, 0x3d, 0x33, 0x21, 0x2f, 0x05, 0x0b, 0x19, 0x17, 325 | 0x76, 0x78, 0x6a, 0x64, 0x4e, 0x40, 0x52, 0x5c, 0x06, 0x08, 0x1a, 0x14, 326 | 0x3e, 0x30, 0x22, 0x2c, 0x96, 0x98, 0x8a, 0x84, 0xae, 0xa0, 0xb2, 0xbc, 327 | 0xe6, 0xe8, 0xfa, 0xf4, 0xde, 0xd0, 0xc2, 0xcc, 0x41, 0x4f, 0x5d, 0x53, 328 | 0x79, 0x77, 0x65, 0x6b, 0x31, 0x3f, 0x2d, 0x23, 0x09, 0x07, 0x15, 0x1b, 329 | 0xa1, 0xaf, 0xbd, 0xb3, 0x99, 0x97, 0x85, 0x8b, 0xd1, 0xdf, 0xcd, 0xc3, 330 | 0xe9, 0xe7, 0xf5, 0xfb, 0x9a, 0x94, 0x86, 0x88, 0xa2, 0xac, 0xbe, 0xb0, 331 | 0xea, 0xe4, 0xf6, 0xf8, 0xd2, 0xdc, 0xce, 0xc0, 0x7a, 0x74, 0x66, 0x68, 332 | 0x42, 0x4c, 0x5e, 0x50, 0x0a, 0x04, 0x16, 0x18, 0x32, 0x3c, 0x2e, 0x20, 333 | 0xec, 0xe2, 0xf0, 0xfe, 0xd4, 0xda, 0xc8, 0xc6, 0x9c, 0x92, 0x80, 0x8e, 334 | 0xa4, 0xaa, 0xb8, 0xb6, 0x0c, 0x02, 0x10, 0x1e, 0x34, 0x3a, 0x28, 0x26, 335 | 0x7c, 0x72, 0x60, 0x6e, 0x44, 0x4a, 0x58, 0x56, 0x37, 0x39, 0x2b, 0x25, 336 | 0x0f, 0x01, 0x13, 0x1d, 0x47, 0x49, 0x5b, 0x55, 0x7f, 0x71, 0x63, 0x6d, 337 | 0xd7, 0xd9, 0xcb, 0xc5, 0xef, 0xe1, 0xf3, 0xfd, 0xa7, 0xa9, 0xbb, 0xb5, 338 | 0x9f, 0x91, 0x83, 0x8d} }; 339 | 340 | /// circulant MDS matrix 341 | static const unsigned char CMDS[4][4] = { 342 | {2, 3, 1, 1}, {1, 2, 3, 1}, {1, 1, 2, 3}, {3, 1, 1, 2} }; 343 | 344 | /// Inverse circulant MDS matrix 345 | static const unsigned char INV_CMDS[4][4] = { 346 | {14, 11, 13, 9}, {9, 14, 11, 13}, {13, 9, 14, 11}, {11, 13, 9, 14} }; 347 | 348 | #endif -------------------------------------------------------------------------------- /AvoidRandomKill/AvoidRandomKill.vcxproj: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Debug 6 | Win32 7 | 8 | 9 | Release 10 | Win32 11 | 12 | 13 | Debug 14 | x64 15 | 16 | 17 | Release 18 | x64 19 | 20 | 21 | 22 | 16.0 23 | Win32Proj 24 | {2bfaf78a-0318-492c-8b92-328130a90ca7} 25 | AvoidRandomKill 26 | 10.0 27 | My_RandomEncrypt 28 | 29 | 30 | 31 | Application 32 | true 33 | v143 34 | MultiByte 35 | 36 | 37 | Application 38 | false 39 | v143 40 | true 41 | MultiByte 42 | 43 | 44 | Application 45 | true 46 | v143 47 | MultiByte 48 | 49 | 50 | Application 51 | false 52 | v143 53 | true 54 | MultiByte 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | ..\Detours\include;$(IncludePath) 76 | ..\Detours\lib.all;$(LibraryPath) 77 | false 78 | false 79 | 80 | 81 | ..\Detours\include;$(IncludePath) 82 | ..\Detours\lib.all;$(LibraryPath) 83 | false 84 | false 85 | 86 | 87 | ..\Detours\include;$(IncludePath) 88 | ..\Detours\lib.all;$(LibraryPath) 89 | false 90 | false 91 | 92 | 93 | ..\Detours\include;$(IncludePath) 94 | ..\Detours\lib.all;$(LibraryPath) 95 | false 96 | false 97 | 98 | 99 | 100 | Level3 101 | true 102 | WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) 103 | false 104 | MultiThreaded 105 | 106 | 107 | Console 108 | false 109 | false 110 | 111 | 112 | 113 | 114 | Level3 115 | true 116 | true 117 | true 118 | WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) 119 | false 120 | MultiThreaded 121 | 122 | 123 | Console 124 | true 125 | true 126 | false 127 | false 128 | 129 | 130 | 131 | 132 | Level3 133 | true 134 | _DEBUG;_CONSOLE;%(PreprocessorDefinitions) 135 | false 136 | MultiThreaded 137 | 138 | 139 | Console 140 | false 141 | false 142 | 143 | 144 | 145 | 146 | Level3 147 | true 148 | true 149 | true 150 | NDEBUG;_CONSOLE;%(PreprocessorDefinitions) 151 | false 152 | MultiThreaded 153 | 154 | 155 | Console 156 | true 157 | true 158 | false 159 | false 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | -------------------------------------------------------------------------------- /AvoidRandomKill/AvoidRandomKill.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | 18 | 19 | 源文件 20 | 21 | 22 | 头文件 23 | 24 | 25 | 26 | 27 | 头文件 28 | 29 | 30 | -------------------------------------------------------------------------------- /AvoidRandomKill/AvoidRandomKill.vcxproj.user: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | -------------------------------------------------------------------------------- /AvoidRandomKill/My_RandomEncrypt.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/My_RandomEncrypt.cpp -------------------------------------------------------------------------------- /AvoidRandomKill/Release/AES.obj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/Release/AES.obj -------------------------------------------------------------------------------- /AvoidRandomKill/Release/AvoidRandomKill.Build.CppClean.log: -------------------------------------------------------------------------------- 1 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\release\vc143.pdb 2 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\release\test.obj 3 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\release\aes.obj 4 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\release\avoidrandomkill.exe 5 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\release\avoidrandomkill.ipdb 6 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\release\avoidrandomkill.iobj 7 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\release\avoidrandomkill.tlog\cl.command.1.tlog 8 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\release\avoidrandomkill.tlog\cl.read.1.tlog 9 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\release\avoidrandomkill.tlog\cl.write.1.tlog 10 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\release\avoidrandomkill.tlog\link.command.1.tlog 11 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\release\avoidrandomkill.tlog\link.read.1.tlog 12 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\release\avoidrandomkill.tlog\link.write.1.tlog 13 | -------------------------------------------------------------------------------- /AvoidRandomKill/Release/AvoidRandomKill.exe.recipe: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | C:\Users\ga0weI03\VisualStudioProject\AvoidRandomKill\Release\AvoidRandomKill.exe 6 | 7 | 8 | 9 | 10 | 11 | -------------------------------------------------------------------------------- /AvoidRandomKill/Release/AvoidRandomKill.iobj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/Release/AvoidRandomKill.iobj -------------------------------------------------------------------------------- /AvoidRandomKill/Release/AvoidRandomKill.ipdb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/Release/AvoidRandomKill.ipdb -------------------------------------------------------------------------------- /AvoidRandomKill/Release/AvoidRandomKill.log: -------------------------------------------------------------------------------- 1 |  AES.cpp 2 | test.cpp 3 | C:\Users\ga0weI03\VisualStudioProject\AvoidRandomKill\AvoidRandomKill\test.cpp(56,9): warning C4477: “printf”: 格式字符串“%x”需要类型“unsigned int”的参数,但可变参数 1 拥有了类型“LPVOID” 4 | 正在生成代码 5 | Previous IPDB not found, fall back to full compilation. 6 | All 142 functions were compiled because no usable IPDB/IOBJ from previous compilation was found. 7 | 已完成代码的生成 8 | AvoidRandomKill.vcxproj -> C:\Users\ga0weI03\VisualStudioProject\AvoidRandomKill\Release\AvoidRandomKill.exe 9 | -------------------------------------------------------------------------------- /AvoidRandomKill/Release/AvoidRandomKill.tlog/AvoidRandomKill.lastbuildstate: -------------------------------------------------------------------------------- 1 | PlatformToolSet=v143:VCToolArchitecture=Native32Bit:VCToolsVersion=14.32.31326:TargetPlatformVersion=10.0.19041.0: 2 | Release|Win32|C:\Users\ga0weI03\VisualStudioProject\AvoidRandomKill\| 3 | -------------------------------------------------------------------------------- /AvoidRandomKill/Release/AvoidRandomKill.tlog/CL.command.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/Release/AvoidRandomKill.tlog/CL.command.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/Release/AvoidRandomKill.tlog/CL.read.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/Release/AvoidRandomKill.tlog/CL.read.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/Release/AvoidRandomKill.tlog/CL.write.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/Release/AvoidRandomKill.tlog/CL.write.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/Release/AvoidRandomKill.tlog/link.command.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/Release/AvoidRandomKill.tlog/link.command.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/Release/AvoidRandomKill.tlog/link.read.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/Release/AvoidRandomKill.tlog/link.read.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/Release/AvoidRandomKill.tlog/link.write.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/Release/AvoidRandomKill.tlog/link.write.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/Release/AvoidRandomKill.vcxproj.FileListAbsolute.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/Release/AvoidRandomKill.vcxproj.FileListAbsolute.txt -------------------------------------------------------------------------------- /AvoidRandomKill/Release/test.obj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/Release/test.obj -------------------------------------------------------------------------------- /AvoidRandomKill/Release/vc143.pdb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/Release/vc143.pdb -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/AvoidRandomKill.Build.CppClean.log: -------------------------------------------------------------------------------- 1 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\vc143.pdb 2 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\test.obj 3 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\aes.obj 4 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\x64\release\avoidrandomkill.exe 5 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\avoidrandomkill.ipdb 6 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\avoidrandomkill.iobj 7 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\avoidrandomkill.tlog\cl.command.1.tlog 8 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\avoidrandomkill.tlog\cl.read.1.tlog 9 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\avoidrandomkill.tlog\cl.write.1.tlog 10 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\avoidrandomkill.tlog\link.command.1.tlog 11 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\avoidrandomkill.tlog\link.read.1.tlog 12 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\avoidrandomkill.tlog\link.write.1.tlog 13 | -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/AvoidRandomKill.exe.recipe: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | C:\Users\ga0weI03\VisualStudioProject\AvoidRandomKill\x64\Release\AvoidRandomKill.exe 6 | 7 | 8 | 9 | 10 | 11 | -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/AvoidRandomKill.log: -------------------------------------------------------------------------------- 1 |  -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/AvoidRandomKill.tlog/AvoidRandomKill.lastbuildstate: -------------------------------------------------------------------------------- 1 | PlatformToolSet=v143:VCToolArchitecture=Native64Bit:VCToolsVersion=14.32.31326:TargetPlatformVersion=10.0.19041.0: 2 | Release|x64|C:\Users\ga0weI03\VisualStudioProject\AvoidRandomKill\| 3 | -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/AvoidRandomKill.tlog/CL.command.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/x64/Release/AvoidRandomKill.tlog/CL.command.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/AvoidRandomKill.tlog/CL.read.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/x64/Release/AvoidRandomKill.tlog/CL.read.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/AvoidRandomKill.tlog/CL.write.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/x64/Release/AvoidRandomKill.tlog/CL.write.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/AvoidRandomKill.tlog/link.command.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/x64/Release/AvoidRandomKill.tlog/link.command.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/AvoidRandomKill.tlog/link.read.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/x64/Release/AvoidRandomKill.tlog/link.read.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/AvoidRandomKill.tlog/link.write.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/x64/Release/AvoidRandomKill.tlog/link.write.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/AvoidRandomKill.vcxproj.FileListAbsolute.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/x64/Release/AvoidRandomKill.vcxproj.FileListAbsolute.txt -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/My_Rando.2bfaf78a.tlog/CL.command.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/x64/Release/My_Rando.2bfaf78a.tlog/CL.command.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/My_Rando.2bfaf78a.tlog/CL.read.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/x64/Release/My_Rando.2bfaf78a.tlog/CL.read.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/My_Rando.2bfaf78a.tlog/CL.write.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/x64/Release/My_Rando.2bfaf78a.tlog/CL.write.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/My_Rando.2bfaf78a.tlog/My_RandomEncrypt_Bypass.lastbuildstate: -------------------------------------------------------------------------------- 1 | PlatformToolSet=v143:VCToolArchitecture=Native64Bit:VCToolsVersion=14.32.31326:TargetPlatformVersion=10.0.19041.0: 2 | Release|x64|C:\Users\ga0weI03\VisualStudioProject\AvoidRandomKill\| 3 | -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/My_Rando.2bfaf78a.tlog/link.command.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/x64/Release/My_Rando.2bfaf78a.tlog/link.command.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/My_Rando.2bfaf78a.tlog/link.read.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/x64/Release/My_Rando.2bfaf78a.tlog/link.read.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/My_Rando.2bfaf78a.tlog/link.write.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/AvoidRandomKill/x64/Release/My_Rando.2bfaf78a.tlog/link.write.1.tlog -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/My_RandomEncrypt.Build.CppClean.log: -------------------------------------------------------------------------------- 1 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\vc143.pdb 2 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_randomencrypt.obj 3 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\aes.obj 4 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\x64\release\my_randomencrypt.exe 5 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_randomencrypt.ipdb 6 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_randomencrypt.iobj 7 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_randomencrypt.tlog\cl.command.1.tlog 8 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_randomencrypt.tlog\cl.read.1.tlog 9 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_randomencrypt.tlog\cl.write.1.tlog 10 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_randomencrypt.tlog\link.command.1.tlog 11 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_randomencrypt.tlog\link.read.1.tlog 12 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_randomencrypt.tlog\link.write.1.tlog 13 | -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/My_RandomEncrypt.exe.recipe: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | C:\Users\ga0weI03\VisualStudioProject\AvoidRandomKill\x64\Release\My_RandomEncrypt.exe 6 | 7 | 8 | 9 | 10 | 11 | -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/My_RandomEncrypt_Bypass.Build.CppClean.log: -------------------------------------------------------------------------------- 1 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\vc143.pdb 2 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_randomencrypt_bypass.obj 3 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\aes.obj 4 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\x64\release\my_randomencrypt_bypass.exe 5 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_randomencrypt_bypass.ipdb 6 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_randomencrypt_bypass.iobj 7 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_rando.2bfaf78a.tlog\cl.command.1.tlog 8 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_rando.2bfaf78a.tlog\cl.read.1.tlog 9 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_rando.2bfaf78a.tlog\cl.write.1.tlog 10 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_rando.2bfaf78a.tlog\link.command.1.tlog 11 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_rando.2bfaf78a.tlog\link.read.1.tlog 12 | c:\users\ga0wei03\visualstudioproject\avoidrandomkill\avoidrandomkill\x64\release\my_rando.2bfaf78a.tlog\link.write.1.tlog 13 | -------------------------------------------------------------------------------- /AvoidRandomKill/x64/Release/My_RandomEncrypt_Bypass.exe.recipe: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | C:\Users\ga0weI03\VisualStudioProject\AvoidRandomKill\x64\Release\My_RandomEncrypt_Bypass.exe 6 | 7 | 8 | 9 | 10 | 11 | -------------------------------------------------------------------------------- /Detours/include/detours.h: -------------------------------------------------------------------------------- 1 | ///////////////////////////////////////////////////////////////////////////// 2 | // 3 | // Core Detours Functionality (detours.h of detours.lib) 4 | // 5 | // Microsoft Research Detours Package, Version 4.0.1 6 | // 7 | // Copyright (c) Microsoft Corporation. All rights reserved. 8 | // 9 | 10 | #pragma once 11 | #ifndef _DETOURS_H_ 12 | #define _DETOURS_H_ 13 | 14 | #define DETOURS_VERSION 0x4c0c1 // 0xMAJORcMINORcPATCH 15 | 16 | ////////////////////////////////////////////////////////////////////////////// 17 | // 18 | 19 | #ifdef DETOURS_INTERNAL 20 | 21 | #define _CRT_STDIO_ARBITRARY_WIDE_SPECIFIERS 1 22 | #define _ARM_WINAPI_PARTITION_DESKTOP_SDK_AVAILABLE 1 23 | 24 | #pragma warning(disable:4068) // unknown pragma (suppress) 25 | 26 | #if _MSC_VER >= 1900 27 | #pragma warning(push) 28 | #pragma warning(disable:4091) // empty typedef 29 | #endif 30 | 31 | // Suppress declspec(dllimport) for the sake of Detours 32 | // users that provide kernel32 functionality themselves. 33 | // This is ok in the mainstream case, it will just cost 34 | // an extra instruction calling some functions, which 35 | // LTCG optimizes away. 36 | // 37 | #define _KERNEL32_ 1 38 | #define _USER32_ 1 39 | 40 | #include 41 | #if (_MSC_VER < 1310) 42 | #else 43 | #pragma warning(push) 44 | #if _MSC_VER > 1400 45 | #pragma warning(disable:6102 6103) // /analyze warnings 46 | #endif 47 | #include 48 | #include 49 | #pragma warning(pop) 50 | #endif 51 | #include 52 | 53 | // Allow Detours to cleanly compile with the MingW toolchain. 54 | // 55 | #ifdef __GNUC__ 56 | #define __try 57 | #define __except(x) if (0) 58 | #include 59 | #include 60 | #endif 61 | 62 | // From winerror.h, as this error isn't found in some SDKs: 63 | // 64 | // MessageId: ERROR_DYNAMIC_CODE_BLOCKED 65 | // 66 | // MessageText: 67 | // 68 | // The operation was blocked as the process prohibits dynamic code generation. 69 | // 70 | #define ERROR_DYNAMIC_CODE_BLOCKED 1655L 71 | 72 | #endif // DETOURS_INTERNAL 73 | 74 | ////////////////////////////////////////////////////////////////////////////// 75 | // 76 | 77 | #undef DETOURS_X64 78 | #undef DETOURS_X86 79 | #undef DETOURS_IA64 80 | #undef DETOURS_ARM 81 | #undef DETOURS_ARM64 82 | #undef DETOURS_BITS 83 | #undef DETOURS_32BIT 84 | #undef DETOURS_64BIT 85 | 86 | #if defined(_X86_) 87 | #define DETOURS_X86 88 | #define DETOURS_OPTION_BITS 64 89 | 90 | #elif defined(_AMD64_) 91 | #define DETOURS_X64 92 | #define DETOURS_OPTION_BITS 32 93 | 94 | #elif defined(_IA64_) 95 | #define DETOURS_IA64 96 | #define DETOURS_OPTION_BITS 32 97 | 98 | #elif defined(_ARM_) 99 | #define DETOURS_ARM 100 | 101 | #elif defined(_ARM64_) 102 | #define DETOURS_ARM64 103 | 104 | #else 105 | #error Unknown architecture (x86, amd64, ia64, arm, arm64) 106 | #endif 107 | 108 | #ifdef _WIN64 109 | #undef DETOURS_32BIT 110 | #define DETOURS_64BIT 1 111 | #define DETOURS_BITS 64 112 | // If all 64bit kernels can run one and only one 32bit architecture. 113 | //#define DETOURS_OPTION_BITS 32 114 | #else 115 | #define DETOURS_32BIT 1 116 | #undef DETOURS_64BIT 117 | #define DETOURS_BITS 32 118 | // If all 64bit kernels can run one and only one 32bit architecture. 119 | //#define DETOURS_OPTION_BITS 32 120 | #endif 121 | 122 | /////////////////////////////////////////////////////////////// Helper Macros. 123 | // 124 | #define DETOURS_STRINGIFY_(x) #x 125 | #define DETOURS_STRINGIFY(x) DETOURS_STRINGIFY_(x) 126 | 127 | #define VER_DETOURS_BITS DETOURS_STRINGIFY(DETOURS_BITS) 128 | 129 | ////////////////////////////////////////////////////////////////////////////// 130 | // 131 | 132 | #if (_MSC_VER < 1299) && !defined(__MINGW32__) 133 | typedef LONG LONG_PTR; 134 | typedef ULONG ULONG_PTR; 135 | #endif 136 | 137 | ///////////////////////////////////////////////// SAL 2.0 Annotations w/o SAL. 138 | // 139 | // These definitions are include so that Detours will build even if the 140 | // compiler doesn't have full SAL 2.0 support. 141 | // 142 | #ifndef DETOURS_DONT_REMOVE_SAL_20 143 | 144 | #ifdef DETOURS_TEST_REMOVE_SAL_20 145 | #undef _Analysis_assume_ 146 | #undef _Benign_race_begin_ 147 | #undef _Benign_race_end_ 148 | #undef _Field_range_ 149 | #undef _Field_size_ 150 | #undef _In_ 151 | #undef _In_bytecount_ 152 | #undef _In_count_ 153 | #undef __in_ecount 154 | #undef _In_opt_ 155 | #undef _In_opt_bytecount_ 156 | #undef _In_opt_count_ 157 | #undef _In_opt_z_ 158 | #undef _In_range_ 159 | #undef _In_reads_ 160 | #undef _In_reads_bytes_ 161 | #undef _In_reads_opt_ 162 | #undef _In_reads_opt_bytes_ 163 | #undef _In_reads_or_z_ 164 | #undef _In_z_ 165 | #undef _Inout_ 166 | #undef _Inout_opt_ 167 | #undef _Inout_z_count_ 168 | #undef _Out_ 169 | #undef _Out_opt_ 170 | #undef _Out_writes_ 171 | #undef _Outptr_result_maybenull_ 172 | #undef _Readable_bytes_ 173 | #undef _Success_ 174 | #undef _Writable_bytes_ 175 | #undef _Pre_notnull_ 176 | #endif 177 | 178 | #if defined(_Deref_out_opt_z_) && !defined(_Outptr_result_maybenull_) 179 | #define _Outptr_result_maybenull_ _Deref_out_opt_z_ 180 | #endif 181 | 182 | #if defined(_In_count_) && !defined(_In_reads_) 183 | #define _In_reads_(x) _In_count_(x) 184 | #endif 185 | 186 | #if defined(_In_opt_count_) && !defined(_In_reads_opt_) 187 | #define _In_reads_opt_(x) _In_opt_count_(x) 188 | #endif 189 | 190 | #if defined(_In_opt_bytecount_) && !defined(_In_reads_opt_bytes_) 191 | #define _In_reads_opt_bytes_(x) _In_opt_bytecount_(x) 192 | #endif 193 | 194 | #if defined(_In_bytecount_) && !defined(_In_reads_bytes_) 195 | #define _In_reads_bytes_(x) _In_bytecount_(x) 196 | #endif 197 | 198 | #ifndef _In_ 199 | #define _In_ 200 | #endif 201 | 202 | #ifndef _In_bytecount_ 203 | #define _In_bytecount_(x) 204 | #endif 205 | 206 | #ifndef _In_count_ 207 | #define _In_count_(x) 208 | #endif 209 | 210 | #ifndef __in_ecount 211 | #define __in_ecount(x) 212 | #endif 213 | 214 | #ifndef _In_opt_ 215 | #define _In_opt_ 216 | #endif 217 | 218 | #ifndef _In_opt_bytecount_ 219 | #define _In_opt_bytecount_(x) 220 | #endif 221 | 222 | #ifndef _In_opt_count_ 223 | #define _In_opt_count_(x) 224 | #endif 225 | 226 | #ifndef _In_opt_z_ 227 | #define _In_opt_z_ 228 | #endif 229 | 230 | #ifndef _In_range_ 231 | #define _In_range_(x,y) 232 | #endif 233 | 234 | #ifndef _In_reads_ 235 | #define _In_reads_(x) 236 | #endif 237 | 238 | #ifndef _In_reads_bytes_ 239 | #define _In_reads_bytes_(x) 240 | #endif 241 | 242 | #ifndef _In_reads_opt_ 243 | #define _In_reads_opt_(x) 244 | #endif 245 | 246 | #ifndef _In_reads_opt_bytes_ 247 | #define _In_reads_opt_bytes_(x) 248 | #endif 249 | 250 | #ifndef _In_reads_or_z_ 251 | #define _In_reads_or_z_ 252 | #endif 253 | 254 | #ifndef _In_z_ 255 | #define _In_z_ 256 | #endif 257 | 258 | #ifndef _Inout_ 259 | #define _Inout_ 260 | #endif 261 | 262 | #ifndef _Inout_opt_ 263 | #define _Inout_opt_ 264 | #endif 265 | 266 | #ifndef _Inout_z_count_ 267 | #define _Inout_z_count_(x) 268 | #endif 269 | 270 | #ifndef _Out_ 271 | #define _Out_ 272 | #endif 273 | 274 | #ifndef _Out_opt_ 275 | #define _Out_opt_ 276 | #endif 277 | 278 | #ifndef _Out_writes_ 279 | #define _Out_writes_(x) 280 | #endif 281 | 282 | #ifndef _Outptr_result_maybenull_ 283 | #define _Outptr_result_maybenull_ 284 | #endif 285 | 286 | #ifndef _Writable_bytes_ 287 | #define _Writable_bytes_(x) 288 | #endif 289 | 290 | #ifndef _Readable_bytes_ 291 | #define _Readable_bytes_(x) 292 | #endif 293 | 294 | #ifndef _Success_ 295 | #define _Success_(x) 296 | #endif 297 | 298 | #ifndef _Pre_notnull_ 299 | #define _Pre_notnull_ 300 | #endif 301 | 302 | #ifdef DETOURS_INTERNAL 303 | 304 | #pragma warning(disable:4615) // unknown warning type (suppress with older compilers) 305 | 306 | #ifndef _Benign_race_begin_ 307 | #define _Benign_race_begin_ 308 | #endif 309 | 310 | #ifndef _Benign_race_end_ 311 | #define _Benign_race_end_ 312 | #endif 313 | 314 | #ifndef _Field_size_ 315 | #define _Field_size_(x) 316 | #endif 317 | 318 | #ifndef _Field_range_ 319 | #define _Field_range_(x,y) 320 | #endif 321 | 322 | #ifndef _Analysis_assume_ 323 | #define _Analysis_assume_(x) 324 | #endif 325 | 326 | #endif // DETOURS_INTERNAL 327 | #endif // DETOURS_DONT_REMOVE_SAL_20 328 | 329 | ////////////////////////////////////////////////////////////////////////////// 330 | // 331 | #ifndef GUID_DEFINED 332 | #define GUID_DEFINED 333 | typedef struct _GUID 334 | { 335 | DWORD Data1; 336 | WORD Data2; 337 | WORD Data3; 338 | BYTE Data4[ 8 ]; 339 | } GUID; 340 | 341 | #ifdef INITGUID 342 | #define DEFINE_GUID(name, l, w1, w2, b1, b2, b3, b4, b5, b6, b7, b8) \ 343 | const GUID name \ 344 | = { l, w1, w2, { b1, b2, b3, b4, b5, b6, b7, b8 } } 345 | #else 346 | #define DEFINE_GUID(name, l, w1, w2, b1, b2, b3, b4, b5, b6, b7, b8) \ 347 | const GUID name 348 | #endif // INITGUID 349 | #endif // !GUID_DEFINED 350 | 351 | #if defined(__cplusplus) 352 | #ifndef _REFGUID_DEFINED 353 | #define _REFGUID_DEFINED 354 | #define REFGUID const GUID & 355 | #endif // !_REFGUID_DEFINED 356 | #else // !__cplusplus 357 | #ifndef _REFGUID_DEFINED 358 | #define _REFGUID_DEFINED 359 | #define REFGUID const GUID * const 360 | #endif // !_REFGUID_DEFINED 361 | #endif // !__cplusplus 362 | 363 | #ifndef ARRAYSIZE 364 | #define ARRAYSIZE(x) (sizeof(x)/sizeof(x[0])) 365 | #endif 366 | 367 | // 368 | ////////////////////////////////////////////////////////////////////////////// 369 | 370 | #ifdef __cplusplus 371 | extern "C" { 372 | #endif // __cplusplus 373 | 374 | /////////////////////////////////////////////////// Instruction Target Macros. 375 | // 376 | #define DETOUR_INSTRUCTION_TARGET_NONE ((PVOID)0) 377 | #define DETOUR_INSTRUCTION_TARGET_DYNAMIC ((PVOID)(LONG_PTR)-1) 378 | #define DETOUR_SECTION_HEADER_SIGNATURE 0x00727444 // "Dtr\0" 379 | 380 | extern const GUID DETOUR_EXE_RESTORE_GUID; 381 | extern const GUID DETOUR_EXE_HELPER_GUID; 382 | 383 | #define DETOUR_TRAMPOLINE_SIGNATURE 0x21727444 // Dtr! 384 | typedef struct _DETOUR_TRAMPOLINE DETOUR_TRAMPOLINE, *PDETOUR_TRAMPOLINE; 385 | 386 | #ifndef DETOUR_MAX_SUPPORTED_IMAGE_SECTION_HEADERS 387 | #define DETOUR_MAX_SUPPORTED_IMAGE_SECTION_HEADERS 32 388 | #endif // !DETOUR_MAX_SUPPORTED_IMAGE_SECTION_HEADERS 389 | 390 | /////////////////////////////////////////////////////////// Binary Structures. 391 | // 392 | #pragma pack(push, 8) 393 | typedef struct _DETOUR_SECTION_HEADER 394 | { 395 | DWORD cbHeaderSize; 396 | DWORD nSignature; 397 | DWORD nDataOffset; 398 | DWORD cbDataSize; 399 | 400 | DWORD nOriginalImportVirtualAddress; 401 | DWORD nOriginalImportSize; 402 | DWORD nOriginalBoundImportVirtualAddress; 403 | DWORD nOriginalBoundImportSize; 404 | 405 | DWORD nOriginalIatVirtualAddress; 406 | DWORD nOriginalIatSize; 407 | DWORD nOriginalSizeOfImage; 408 | DWORD cbPrePE; 409 | 410 | DWORD nOriginalClrFlags; 411 | DWORD reserved1; 412 | DWORD reserved2; 413 | DWORD reserved3; 414 | 415 | // Followed by cbPrePE bytes of data. 416 | } DETOUR_SECTION_HEADER, *PDETOUR_SECTION_HEADER; 417 | 418 | typedef struct _DETOUR_SECTION_RECORD 419 | { 420 | DWORD cbBytes; 421 | DWORD nReserved; 422 | GUID guid; 423 | } DETOUR_SECTION_RECORD, *PDETOUR_SECTION_RECORD; 424 | 425 | typedef struct _DETOUR_CLR_HEADER 426 | { 427 | // Header versioning 428 | ULONG cb; 429 | USHORT MajorRuntimeVersion; 430 | USHORT MinorRuntimeVersion; 431 | 432 | // Symbol table and startup information 433 | IMAGE_DATA_DIRECTORY MetaData; 434 | ULONG Flags; 435 | 436 | // Followed by the rest of the IMAGE_COR20_HEADER 437 | } DETOUR_CLR_HEADER, *PDETOUR_CLR_HEADER; 438 | 439 | typedef struct _DETOUR_EXE_RESTORE 440 | { 441 | DWORD cb; 442 | DWORD cbidh; 443 | DWORD cbinh; 444 | DWORD cbclr; 445 | 446 | PBYTE pidh; 447 | PBYTE pinh; 448 | PBYTE pclr; 449 | 450 | IMAGE_DOS_HEADER idh; 451 | union { 452 | IMAGE_NT_HEADERS inh; // all environments have this 453 | #ifdef IMAGE_NT_OPTIONAL_HDR32_MAGIC // some environments do not have this 454 | IMAGE_NT_HEADERS32 inh32; 455 | #endif 456 | #ifdef IMAGE_NT_OPTIONAL_HDR64_MAGIC // some environments do not have this 457 | IMAGE_NT_HEADERS64 inh64; 458 | #endif 459 | #ifdef IMAGE_NT_OPTIONAL_HDR64_MAGIC // some environments do not have this 460 | BYTE raw[sizeof(IMAGE_NT_HEADERS64) + 461 | sizeof(IMAGE_SECTION_HEADER) * DETOUR_MAX_SUPPORTED_IMAGE_SECTION_HEADERS]; 462 | #else 463 | BYTE raw[0x108 + sizeof(IMAGE_SECTION_HEADER) * DETOUR_MAX_SUPPORTED_IMAGE_SECTION_HEADERS]; 464 | #endif 465 | }; 466 | DETOUR_CLR_HEADER clr; 467 | 468 | } DETOUR_EXE_RESTORE, *PDETOUR_EXE_RESTORE; 469 | 470 | #ifdef IMAGE_NT_OPTIONAL_HDR64_MAGIC 471 | C_ASSERT(sizeof(IMAGE_NT_HEADERS64) == 0x108); 472 | #endif 473 | 474 | // The size can change, but assert for clarity due to the muddying #ifdefs. 475 | #ifdef _WIN64 476 | C_ASSERT(sizeof(DETOUR_EXE_RESTORE) == 0x688); 477 | #else 478 | C_ASSERT(sizeof(DETOUR_EXE_RESTORE) == 0x678); 479 | #endif 480 | 481 | typedef struct _DETOUR_EXE_HELPER 482 | { 483 | DWORD cb; 484 | DWORD pid; 485 | DWORD nDlls; 486 | CHAR rDlls[4]; 487 | } DETOUR_EXE_HELPER, *PDETOUR_EXE_HELPER; 488 | 489 | #pragma pack(pop) 490 | 491 | #define DETOUR_SECTION_HEADER_DECLARE(cbSectionSize) \ 492 | { \ 493 | sizeof(DETOUR_SECTION_HEADER),\ 494 | DETOUR_SECTION_HEADER_SIGNATURE,\ 495 | sizeof(DETOUR_SECTION_HEADER),\ 496 | (cbSectionSize),\ 497 | \ 498 | 0,\ 499 | 0,\ 500 | 0,\ 501 | 0,\ 502 | \ 503 | 0,\ 504 | 0,\ 505 | 0,\ 506 | 0,\ 507 | } 508 | 509 | ///////////////////////////////////////////////////////////// Binary Typedefs. 510 | // 511 | typedef BOOL (CALLBACK *PF_DETOUR_BINARY_BYWAY_CALLBACK)( 512 | _In_opt_ PVOID pContext, 513 | _In_opt_ LPCSTR pszFile, 514 | _Outptr_result_maybenull_ LPCSTR *ppszOutFile); 515 | 516 | typedef BOOL (CALLBACK *PF_DETOUR_BINARY_FILE_CALLBACK)( 517 | _In_opt_ PVOID pContext, 518 | _In_ LPCSTR pszOrigFile, 519 | _In_ LPCSTR pszFile, 520 | _Outptr_result_maybenull_ LPCSTR *ppszOutFile); 521 | 522 | typedef BOOL (CALLBACK *PF_DETOUR_BINARY_SYMBOL_CALLBACK)( 523 | _In_opt_ PVOID pContext, 524 | _In_ ULONG nOrigOrdinal, 525 | _In_ ULONG nOrdinal, 526 | _Out_ ULONG *pnOutOrdinal, 527 | _In_opt_ LPCSTR pszOrigSymbol, 528 | _In_opt_ LPCSTR pszSymbol, 529 | _Outptr_result_maybenull_ LPCSTR *ppszOutSymbol); 530 | 531 | typedef BOOL (CALLBACK *PF_DETOUR_BINARY_COMMIT_CALLBACK)( 532 | _In_opt_ PVOID pContext); 533 | 534 | typedef BOOL (CALLBACK *PF_DETOUR_ENUMERATE_EXPORT_CALLBACK)(_In_opt_ PVOID pContext, 535 | _In_ ULONG nOrdinal, 536 | _In_opt_ LPCSTR pszName, 537 | _In_opt_ PVOID pCode); 538 | 539 | typedef BOOL (CALLBACK *PF_DETOUR_IMPORT_FILE_CALLBACK)(_In_opt_ PVOID pContext, 540 | _In_opt_ HMODULE hModule, 541 | _In_opt_ LPCSTR pszFile); 542 | 543 | typedef BOOL (CALLBACK *PF_DETOUR_IMPORT_FUNC_CALLBACK)(_In_opt_ PVOID pContext, 544 | _In_ DWORD nOrdinal, 545 | _In_opt_ LPCSTR pszFunc, 546 | _In_opt_ PVOID pvFunc); 547 | 548 | // Same as PF_DETOUR_IMPORT_FUNC_CALLBACK but extra indirection on last parameter. 549 | typedef BOOL (CALLBACK *PF_DETOUR_IMPORT_FUNC_CALLBACK_EX)(_In_opt_ PVOID pContext, 550 | _In_ DWORD nOrdinal, 551 | _In_opt_ LPCSTR pszFunc, 552 | _In_opt_ PVOID* ppvFunc); 553 | 554 | typedef VOID * PDETOUR_BINARY; 555 | typedef VOID * PDETOUR_LOADED_BINARY; 556 | 557 | //////////////////////////////////////////////////////////// Transaction APIs. 558 | // 559 | LONG WINAPI DetourTransactionBegin(VOID); 560 | LONG WINAPI DetourTransactionAbort(VOID); 561 | LONG WINAPI DetourTransactionCommit(VOID); 562 | LONG WINAPI DetourTransactionCommitEx(_Out_opt_ PVOID **pppFailedPointer); 563 | 564 | LONG WINAPI DetourUpdateThread(_In_ HANDLE hThread); 565 | 566 | LONG WINAPI DetourAttach(_Inout_ PVOID *ppPointer, 567 | _In_ PVOID pDetour); 568 | 569 | LONG WINAPI DetourAttachEx(_Inout_ PVOID *ppPointer, 570 | _In_ PVOID pDetour, 571 | _Out_opt_ PDETOUR_TRAMPOLINE *ppRealTrampoline, 572 | _Out_opt_ PVOID *ppRealTarget, 573 | _Out_opt_ PVOID *ppRealDetour); 574 | 575 | LONG WINAPI DetourDetach(_Inout_ PVOID *ppPointer, 576 | _In_ PVOID pDetour); 577 | 578 | BOOL WINAPI DetourSetIgnoreTooSmall(_In_ BOOL fIgnore); 579 | BOOL WINAPI DetourSetRetainRegions(_In_ BOOL fRetain); 580 | PVOID WINAPI DetourSetSystemRegionLowerBound(_In_ PVOID pSystemRegionLowerBound); 581 | PVOID WINAPI DetourSetSystemRegionUpperBound(_In_ PVOID pSystemRegionUpperBound); 582 | 583 | ////////////////////////////////////////////////////////////// Code Functions. 584 | // 585 | PVOID WINAPI DetourFindFunction(_In_ LPCSTR pszModule, 586 | _In_ LPCSTR pszFunction); 587 | PVOID WINAPI DetourCodeFromPointer(_In_ PVOID pPointer, 588 | _Out_opt_ PVOID *ppGlobals); 589 | PVOID WINAPI DetourCopyInstruction(_In_opt_ PVOID pDst, 590 | _Inout_opt_ PVOID *ppDstPool, 591 | _In_ PVOID pSrc, 592 | _Out_opt_ PVOID *ppTarget, 593 | _Out_opt_ LONG *plExtra); 594 | BOOL WINAPI DetourSetCodeModule(_In_ HMODULE hModule, 595 | _In_ BOOL fLimitReferencesToModule); 596 | PVOID WINAPI DetourAllocateRegionWithinJumpBounds(_In_ LPCVOID pbTarget, 597 | _Out_ PDWORD pcbAllocatedSize); 598 | BOOL WINAPI DetourIsFunctionImported(_In_ PBYTE pbCode, 599 | _In_ PBYTE pbAddress); 600 | 601 | ///////////////////////////////////////////////////// Loaded Binary Functions. 602 | // 603 | HMODULE WINAPI DetourGetContainingModule(_In_ PVOID pvAddr); 604 | HMODULE WINAPI DetourEnumerateModules(_In_opt_ HMODULE hModuleLast); 605 | PVOID WINAPI DetourGetEntryPoint(_In_opt_ HMODULE hModule); 606 | ULONG WINAPI DetourGetModuleSize(_In_opt_ HMODULE hModule); 607 | BOOL WINAPI DetourEnumerateExports(_In_ HMODULE hModule, 608 | _In_opt_ PVOID pContext, 609 | _In_ PF_DETOUR_ENUMERATE_EXPORT_CALLBACK pfExport); 610 | BOOL WINAPI DetourEnumerateImports(_In_opt_ HMODULE hModule, 611 | _In_opt_ PVOID pContext, 612 | _In_opt_ PF_DETOUR_IMPORT_FILE_CALLBACK pfImportFile, 613 | _In_opt_ PF_DETOUR_IMPORT_FUNC_CALLBACK pfImportFunc); 614 | 615 | BOOL WINAPI DetourEnumerateImportsEx(_In_opt_ HMODULE hModule, 616 | _In_opt_ PVOID pContext, 617 | _In_opt_ PF_DETOUR_IMPORT_FILE_CALLBACK pfImportFile, 618 | _In_opt_ PF_DETOUR_IMPORT_FUNC_CALLBACK_EX pfImportFuncEx); 619 | 620 | _Writable_bytes_(*pcbData) 621 | _Readable_bytes_(*pcbData) 622 | _Success_(return != NULL) 623 | PVOID WINAPI DetourFindPayload(_In_opt_ HMODULE hModule, 624 | _In_ REFGUID rguid, 625 | _Out_opt_ DWORD *pcbData); 626 | 627 | _Writable_bytes_(*pcbData) 628 | _Readable_bytes_(*pcbData) 629 | _Success_(return != NULL) 630 | PVOID WINAPI DetourFindPayloadEx(_In_ REFGUID rguid, 631 | _Out_opt_ DWORD *pcbData); 632 | 633 | DWORD WINAPI DetourGetSizeOfPayloads(_In_opt_ HMODULE hModule); 634 | 635 | BOOL WINAPI DetourFreePayload(_In_ PVOID pvData); 636 | ///////////////////////////////////////////////// Persistent Binary Functions. 637 | // 638 | 639 | PDETOUR_BINARY WINAPI DetourBinaryOpen(_In_ HANDLE hFile); 640 | 641 | _Writable_bytes_(*pcbData) 642 | _Readable_bytes_(*pcbData) 643 | _Success_(return != NULL) 644 | PVOID WINAPI DetourBinaryEnumeratePayloads(_In_ PDETOUR_BINARY pBinary, 645 | _Out_opt_ GUID *pGuid, 646 | _Out_ DWORD *pcbData, 647 | _Inout_ DWORD *pnIterator); 648 | 649 | _Writable_bytes_(*pcbData) 650 | _Readable_bytes_(*pcbData) 651 | _Success_(return != NULL) 652 | PVOID WINAPI DetourBinaryFindPayload(_In_ PDETOUR_BINARY pBinary, 653 | _In_ REFGUID rguid, 654 | _Out_ DWORD *pcbData); 655 | 656 | PVOID WINAPI DetourBinarySetPayload(_In_ PDETOUR_BINARY pBinary, 657 | _In_ REFGUID rguid, 658 | _In_reads_opt_(cbData) PVOID pData, 659 | _In_ DWORD cbData); 660 | BOOL WINAPI DetourBinaryDeletePayload(_In_ PDETOUR_BINARY pBinary, _In_ REFGUID rguid); 661 | BOOL WINAPI DetourBinaryPurgePayloads(_In_ PDETOUR_BINARY pBinary); 662 | BOOL WINAPI DetourBinaryResetImports(_In_ PDETOUR_BINARY pBinary); 663 | BOOL WINAPI DetourBinaryEditImports(_In_ PDETOUR_BINARY pBinary, 664 | _In_opt_ PVOID pContext, 665 | _In_opt_ PF_DETOUR_BINARY_BYWAY_CALLBACK pfByway, 666 | _In_opt_ PF_DETOUR_BINARY_FILE_CALLBACK pfFile, 667 | _In_opt_ PF_DETOUR_BINARY_SYMBOL_CALLBACK pfSymbol, 668 | _In_opt_ PF_DETOUR_BINARY_COMMIT_CALLBACK pfCommit); 669 | BOOL WINAPI DetourBinaryWrite(_In_ PDETOUR_BINARY pBinary, _In_ HANDLE hFile); 670 | BOOL WINAPI DetourBinaryClose(_In_ PDETOUR_BINARY pBinary); 671 | 672 | /////////////////////////////////////////////////// Create Process & Load Dll. 673 | // 674 | _Success_(return != NULL) 675 | PVOID WINAPI DetourFindRemotePayload(_In_ HANDLE hProcess, 676 | _In_ REFGUID rguid, 677 | _Out_opt_ DWORD *pcbData); 678 | 679 | typedef BOOL (WINAPI *PDETOUR_CREATE_PROCESS_ROUTINEA)( 680 | _In_opt_ LPCSTR lpApplicationName, 681 | _Inout_opt_ LPSTR lpCommandLine, 682 | _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, 683 | _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, 684 | _In_ BOOL bInheritHandles, 685 | _In_ DWORD dwCreationFlags, 686 | _In_opt_ LPVOID lpEnvironment, 687 | _In_opt_ LPCSTR lpCurrentDirectory, 688 | _In_ LPSTARTUPINFOA lpStartupInfo, 689 | _Out_ LPPROCESS_INFORMATION lpProcessInformation); 690 | 691 | typedef BOOL (WINAPI *PDETOUR_CREATE_PROCESS_ROUTINEW)( 692 | _In_opt_ LPCWSTR lpApplicationName, 693 | _Inout_opt_ LPWSTR lpCommandLine, 694 | _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, 695 | _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, 696 | _In_ BOOL bInheritHandles, 697 | _In_ DWORD dwCreationFlags, 698 | _In_opt_ LPVOID lpEnvironment, 699 | _In_opt_ LPCWSTR lpCurrentDirectory, 700 | _In_ LPSTARTUPINFOW lpStartupInfo, 701 | _Out_ LPPROCESS_INFORMATION lpProcessInformation); 702 | 703 | BOOL WINAPI DetourCreateProcessWithDllA(_In_opt_ LPCSTR lpApplicationName, 704 | _Inout_opt_ LPSTR lpCommandLine, 705 | _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, 706 | _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, 707 | _In_ BOOL bInheritHandles, 708 | _In_ DWORD dwCreationFlags, 709 | _In_opt_ LPVOID lpEnvironment, 710 | _In_opt_ LPCSTR lpCurrentDirectory, 711 | _In_ LPSTARTUPINFOA lpStartupInfo, 712 | _Out_ LPPROCESS_INFORMATION lpProcessInformation, 713 | _In_ LPCSTR lpDllName, 714 | _In_opt_ PDETOUR_CREATE_PROCESS_ROUTINEA pfCreateProcessA); 715 | 716 | BOOL WINAPI DetourCreateProcessWithDllW(_In_opt_ LPCWSTR lpApplicationName, 717 | _Inout_opt_ LPWSTR lpCommandLine, 718 | _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, 719 | _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, 720 | _In_ BOOL bInheritHandles, 721 | _In_ DWORD dwCreationFlags, 722 | _In_opt_ LPVOID lpEnvironment, 723 | _In_opt_ LPCWSTR lpCurrentDirectory, 724 | _In_ LPSTARTUPINFOW lpStartupInfo, 725 | _Out_ LPPROCESS_INFORMATION lpProcessInformation, 726 | _In_ LPCSTR lpDllName, 727 | _In_opt_ PDETOUR_CREATE_PROCESS_ROUTINEW pfCreateProcessW); 728 | 729 | #ifdef UNICODE 730 | #define DetourCreateProcessWithDll DetourCreateProcessWithDllW 731 | #define PDETOUR_CREATE_PROCESS_ROUTINE PDETOUR_CREATE_PROCESS_ROUTINEW 732 | #else 733 | #define DetourCreateProcessWithDll DetourCreateProcessWithDllA 734 | #define PDETOUR_CREATE_PROCESS_ROUTINE PDETOUR_CREATE_PROCESS_ROUTINEA 735 | #endif // !UNICODE 736 | 737 | BOOL WINAPI DetourCreateProcessWithDllExA(_In_opt_ LPCSTR lpApplicationName, 738 | _Inout_opt_ LPSTR lpCommandLine, 739 | _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, 740 | _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, 741 | _In_ BOOL bInheritHandles, 742 | _In_ DWORD dwCreationFlags, 743 | _In_opt_ LPVOID lpEnvironment, 744 | _In_opt_ LPCSTR lpCurrentDirectory, 745 | _In_ LPSTARTUPINFOA lpStartupInfo, 746 | _Out_ LPPROCESS_INFORMATION lpProcessInformation, 747 | _In_ LPCSTR lpDllName, 748 | _In_opt_ PDETOUR_CREATE_PROCESS_ROUTINEA pfCreateProcessA); 749 | 750 | BOOL WINAPI DetourCreateProcessWithDllExW(_In_opt_ LPCWSTR lpApplicationName, 751 | _Inout_opt_ LPWSTR lpCommandLine, 752 | _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, 753 | _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, 754 | _In_ BOOL bInheritHandles, 755 | _In_ DWORD dwCreationFlags, 756 | _In_opt_ LPVOID lpEnvironment, 757 | _In_opt_ LPCWSTR lpCurrentDirectory, 758 | _In_ LPSTARTUPINFOW lpStartupInfo, 759 | _Out_ LPPROCESS_INFORMATION lpProcessInformation, 760 | _In_ LPCSTR lpDllName, 761 | _In_opt_ PDETOUR_CREATE_PROCESS_ROUTINEW pfCreateProcessW); 762 | 763 | #ifdef UNICODE 764 | #define DetourCreateProcessWithDllEx DetourCreateProcessWithDllExW 765 | #else 766 | #define DetourCreateProcessWithDllEx DetourCreateProcessWithDllExA 767 | #endif // !UNICODE 768 | 769 | BOOL WINAPI DetourCreateProcessWithDllsA(_In_opt_ LPCSTR lpApplicationName, 770 | _Inout_opt_ LPSTR lpCommandLine, 771 | _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, 772 | _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, 773 | _In_ BOOL bInheritHandles, 774 | _In_ DWORD dwCreationFlags, 775 | _In_opt_ LPVOID lpEnvironment, 776 | _In_opt_ LPCSTR lpCurrentDirectory, 777 | _In_ LPSTARTUPINFOA lpStartupInfo, 778 | _Out_ LPPROCESS_INFORMATION lpProcessInformation, 779 | _In_ DWORD nDlls, 780 | _In_reads_(nDlls) LPCSTR *rlpDlls, 781 | _In_opt_ PDETOUR_CREATE_PROCESS_ROUTINEA pfCreateProcessA); 782 | 783 | BOOL WINAPI DetourCreateProcessWithDllsW(_In_opt_ LPCWSTR lpApplicationName, 784 | _Inout_opt_ LPWSTR lpCommandLine, 785 | _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, 786 | _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, 787 | _In_ BOOL bInheritHandles, 788 | _In_ DWORD dwCreationFlags, 789 | _In_opt_ LPVOID lpEnvironment, 790 | _In_opt_ LPCWSTR lpCurrentDirectory, 791 | _In_ LPSTARTUPINFOW lpStartupInfo, 792 | _Out_ LPPROCESS_INFORMATION lpProcessInformation, 793 | _In_ DWORD nDlls, 794 | _In_reads_(nDlls) LPCSTR *rlpDlls, 795 | _In_opt_ PDETOUR_CREATE_PROCESS_ROUTINEW pfCreateProcessW); 796 | 797 | #ifdef UNICODE 798 | #define DetourCreateProcessWithDlls DetourCreateProcessWithDllsW 799 | #else 800 | #define DetourCreateProcessWithDlls DetourCreateProcessWithDllsA 801 | #endif // !UNICODE 802 | 803 | BOOL WINAPI DetourProcessViaHelperA(_In_ DWORD dwTargetPid, 804 | _In_ LPCSTR lpDllName, 805 | _In_ PDETOUR_CREATE_PROCESS_ROUTINEA pfCreateProcessA); 806 | 807 | BOOL WINAPI DetourProcessViaHelperW(_In_ DWORD dwTargetPid, 808 | _In_ LPCSTR lpDllName, 809 | _In_ PDETOUR_CREATE_PROCESS_ROUTINEW pfCreateProcessW); 810 | 811 | #ifdef UNICODE 812 | #define DetourProcessViaHelper DetourProcessViaHelperW 813 | #else 814 | #define DetourProcessViaHelper DetourProcessViaHelperA 815 | #endif // !UNICODE 816 | 817 | BOOL WINAPI DetourProcessViaHelperDllsA(_In_ DWORD dwTargetPid, 818 | _In_ DWORD nDlls, 819 | _In_reads_(nDlls) LPCSTR *rlpDlls, 820 | _In_ PDETOUR_CREATE_PROCESS_ROUTINEA pfCreateProcessA); 821 | 822 | BOOL WINAPI DetourProcessViaHelperDllsW(_In_ DWORD dwTargetPid, 823 | _In_ DWORD nDlls, 824 | _In_reads_(nDlls) LPCSTR *rlpDlls, 825 | _In_ PDETOUR_CREATE_PROCESS_ROUTINEW pfCreateProcessW); 826 | 827 | #ifdef UNICODE 828 | #define DetourProcessViaHelperDlls DetourProcessViaHelperDllsW 829 | #else 830 | #define DetourProcessViaHelperDlls DetourProcessViaHelperDllsA 831 | #endif // !UNICODE 832 | 833 | BOOL WINAPI DetourUpdateProcessWithDll(_In_ HANDLE hProcess, 834 | _In_reads_(nDlls) LPCSTR *rlpDlls, 835 | _In_ DWORD nDlls); 836 | 837 | BOOL WINAPI DetourUpdateProcessWithDllEx(_In_ HANDLE hProcess, 838 | _In_ HMODULE hImage, 839 | _In_ BOOL bIs32Bit, 840 | _In_reads_(nDlls) LPCSTR *rlpDlls, 841 | _In_ DWORD nDlls); 842 | 843 | BOOL WINAPI DetourCopyPayloadToProcess(_In_ HANDLE hProcess, 844 | _In_ REFGUID rguid, 845 | _In_reads_bytes_(cbData) LPCVOID pvData, 846 | _In_ DWORD cbData); 847 | _Success_(return != NULL) 848 | PVOID WINAPI DetourCopyPayloadToProcessEx(_In_ HANDLE hProcess, 849 | _In_ REFGUID rguid, 850 | _In_reads_bytes_(cbData) LPCVOID pvData, 851 | _In_ DWORD cbData); 852 | 853 | BOOL WINAPI DetourRestoreAfterWith(VOID); 854 | BOOL WINAPI DetourRestoreAfterWithEx(_In_reads_bytes_(cbData) PVOID pvData, 855 | _In_ DWORD cbData); 856 | BOOL WINAPI DetourIsHelperProcess(VOID); 857 | VOID CALLBACK DetourFinishHelperProcess(_In_ HWND, 858 | _In_ HINSTANCE, 859 | _In_ LPSTR, 860 | _In_ INT); 861 | 862 | // 863 | ////////////////////////////////////////////////////////////////////////////// 864 | #ifdef __cplusplus 865 | } 866 | #endif // __cplusplus 867 | 868 | /////////////////////////////////////////////////// Type-safe overloads for C++ 869 | // 870 | #if __cplusplus >= 201103L || _MSVC_LANG >= 201103L 871 | #include 872 | 873 | template 874 | struct DetoursIsFunctionPointer : std::false_type {}; 875 | 876 | template 877 | struct DetoursIsFunctionPointer : std::is_function::type> {}; 878 | 879 | template< 880 | typename T, 881 | typename std::enable_if::value, int>::type = 0> 882 | LONG DetourAttach(_Inout_ T *ppPointer, 883 | _In_ T pDetour) noexcept 884 | { 885 | return DetourAttach( 886 | reinterpret_cast(ppPointer), 887 | reinterpret_cast(pDetour)); 888 | } 889 | 890 | template< 891 | typename T, 892 | typename std::enable_if::value, int>::type = 0> 893 | LONG DetourAttachEx(_Inout_ T *ppPointer, 894 | _In_ T pDetour, 895 | _Out_opt_ PDETOUR_TRAMPOLINE *ppRealTrampoline, 896 | _Out_opt_ T *ppRealTarget, 897 | _Out_opt_ T *ppRealDetour) noexcept 898 | { 899 | return DetourAttachEx( 900 | reinterpret_cast(ppPointer), 901 | reinterpret_cast(pDetour), 902 | ppRealTrampoline, 903 | reinterpret_cast(ppRealTarget), 904 | reinterpret_cast(ppRealDetour)); 905 | } 906 | 907 | template< 908 | typename T, 909 | typename std::enable_if::value, int>::type = 0> 910 | LONG DetourDetach(_Inout_ T *ppPointer, 911 | _In_ T pDetour) noexcept 912 | { 913 | return DetourDetach( 914 | reinterpret_cast(ppPointer), 915 | reinterpret_cast(pDetour)); 916 | } 917 | 918 | #endif // __cplusplus >= 201103L || _MSVC_LANG >= 201103L 919 | // 920 | ////////////////////////////////////////////////////////////////////////////// 921 | 922 | //////////////////////////////////////////////// Detours Internal Definitions. 923 | // 924 | #ifdef __cplusplus 925 | #ifdef DETOURS_INTERNAL 926 | 927 | #define NOTHROW 928 | // #define NOTHROW (nothrow) 929 | 930 | ////////////////////////////////////////////////////////////////////////////// 931 | // 932 | #if (_MSC_VER < 1299) && !defined(__GNUC__) 933 | #include 934 | typedef IMAGEHLP_MODULE IMAGEHLP_MODULE64; 935 | typedef PIMAGEHLP_MODULE PIMAGEHLP_MODULE64; 936 | typedef IMAGEHLP_SYMBOL SYMBOL_INFO; 937 | typedef PIMAGEHLP_SYMBOL PSYMBOL_INFO; 938 | 939 | static inline 940 | LONG InterlockedCompareExchange(_Inout_ LONG *ptr, _In_ LONG nval, _In_ LONG oval) 941 | { 942 | return (LONG)::InterlockedCompareExchange((PVOID*)ptr, (PVOID)nval, (PVOID)oval); 943 | } 944 | #else 945 | #pragma warning(push) 946 | #pragma warning(disable:4091) // empty typedef 947 | #include 948 | #pragma warning(pop) 949 | #endif 950 | 951 | #ifdef IMAGEAPI // defined by DBGHELP.H 952 | typedef LPAPI_VERSION (NTAPI *PF_ImagehlpApiVersionEx)(_In_ LPAPI_VERSION AppVersion); 953 | 954 | typedef BOOL (NTAPI *PF_SymInitialize)(_In_ HANDLE hProcess, 955 | _In_opt_ LPCSTR UserSearchPath, 956 | _In_ BOOL fInvadeProcess); 957 | typedef DWORD (NTAPI *PF_SymSetOptions)(_In_ DWORD SymOptions); 958 | typedef DWORD (NTAPI *PF_SymGetOptions)(VOID); 959 | typedef DWORD64 (NTAPI *PF_SymLoadModule64)(_In_ HANDLE hProcess, 960 | _In_opt_ HANDLE hFile, 961 | _In_opt_ LPSTR ImageName, 962 | _In_opt_ LPSTR ModuleName, 963 | _In_ DWORD64 BaseOfDll, 964 | _In_ DWORD SizeOfDll); 965 | typedef BOOL (NTAPI *PF_SymGetModuleInfo64)(_In_ HANDLE hProcess, 966 | _In_ DWORD64 qwAddr, 967 | _Out_ PIMAGEHLP_MODULE64 ModuleInfo); 968 | typedef BOOL (NTAPI *PF_SymFromName)(_In_ HANDLE hProcess, 969 | _In_ LPSTR Name, 970 | _Out_ PSYMBOL_INFO Symbol); 971 | 972 | typedef struct _DETOUR_SYM_INFO 973 | { 974 | HANDLE hProcess; 975 | HMODULE hDbgHelp; 976 | PF_ImagehlpApiVersionEx pfImagehlpApiVersionEx; 977 | PF_SymInitialize pfSymInitialize; 978 | PF_SymSetOptions pfSymSetOptions; 979 | PF_SymGetOptions pfSymGetOptions; 980 | PF_SymLoadModule64 pfSymLoadModule64; 981 | PF_SymGetModuleInfo64 pfSymGetModuleInfo64; 982 | PF_SymFromName pfSymFromName; 983 | } DETOUR_SYM_INFO, *PDETOUR_SYM_INFO; 984 | 985 | PDETOUR_SYM_INFO DetourLoadImageHlp(VOID); 986 | 987 | #endif // IMAGEAPI 988 | 989 | #if defined(_INC_STDIO) && !defined(_CRT_STDIO_ARBITRARY_WIDE_SPECIFIERS) 990 | #error detours.h must be included before stdio.h (or at least define _CRT_STDIO_ARBITRARY_WIDE_SPECIFIERS earlier) 991 | #endif 992 | #define _CRT_STDIO_ARBITRARY_WIDE_SPECIFIERS 1 993 | 994 | #ifdef _DEBUG 995 | 996 | int Detour_AssertExprWithFunctionName(int reportType, const char* filename, int linenumber, const char* FunctionName, const char* msg); 997 | 998 | #define DETOUR_ASSERT_EXPR_WITH_FUNCTION(expr, msg) \ 999 | (void) ((expr) || \ 1000 | (1 != Detour_AssertExprWithFunctionName(_CRT_ASSERT, __FILE__, __LINE__,__FUNCTION__, msg)) || \ 1001 | (_CrtDbgBreak(), 0)) 1002 | 1003 | #define DETOUR_ASSERT(expr) DETOUR_ASSERT_EXPR_WITH_FUNCTION((expr), #expr) 1004 | 1005 | #else// _DEBUG 1006 | #define DETOUR_ASSERT(expr) 1007 | #endif// _DEBUG 1008 | 1009 | #ifndef DETOUR_TRACE 1010 | #if DETOUR_DEBUG 1011 | #define DETOUR_TRACE(x) printf x 1012 | #define DETOUR_BREAK() __debugbreak() 1013 | #include 1014 | #include 1015 | #else 1016 | #define DETOUR_TRACE(x) 1017 | #define DETOUR_BREAK() 1018 | #endif 1019 | #endif 1020 | 1021 | #if 1 || defined(DETOURS_IA64) 1022 | 1023 | // 1024 | // IA64 instructions are 41 bits, 3 per bundle, plus 5 bit bundle template => 128 bits per bundle. 1025 | // 1026 | 1027 | #define DETOUR_IA64_INSTRUCTIONS_PER_BUNDLE (3) 1028 | 1029 | #define DETOUR_IA64_TEMPLATE_OFFSET (0) 1030 | #define DETOUR_IA64_TEMPLATE_SIZE (5) 1031 | 1032 | #define DETOUR_IA64_INSTRUCTION_SIZE (41) 1033 | #define DETOUR_IA64_INSTRUCTION0_OFFSET (DETOUR_IA64_TEMPLATE_SIZE) 1034 | #define DETOUR_IA64_INSTRUCTION1_OFFSET (DETOUR_IA64_TEMPLATE_SIZE + DETOUR_IA64_INSTRUCTION_SIZE) 1035 | #define DETOUR_IA64_INSTRUCTION2_OFFSET (DETOUR_IA64_TEMPLATE_SIZE + DETOUR_IA64_INSTRUCTION_SIZE + DETOUR_IA64_INSTRUCTION_SIZE) 1036 | 1037 | C_ASSERT(DETOUR_IA64_TEMPLATE_SIZE + DETOUR_IA64_INSTRUCTIONS_PER_BUNDLE * DETOUR_IA64_INSTRUCTION_SIZE == 128); 1038 | 1039 | __declspec(align(16)) struct DETOUR_IA64_BUNDLE 1040 | { 1041 | public: 1042 | union 1043 | { 1044 | BYTE data[16]; 1045 | UINT64 wide[2]; 1046 | }; 1047 | 1048 | enum { 1049 | A_UNIT = 1u, 1050 | I_UNIT = 2u, 1051 | M_UNIT = 3u, 1052 | B_UNIT = 4u, 1053 | F_UNIT = 5u, 1054 | L_UNIT = 6u, 1055 | X_UNIT = 7u, 1056 | }; 1057 | struct DETOUR_IA64_METADATA 1058 | { 1059 | ULONG nTemplate : 8; // Instruction template. 1060 | ULONG nUnit0 : 4; // Unit for slot 0 1061 | ULONG nUnit1 : 4; // Unit for slot 1 1062 | ULONG nUnit2 : 4; // Unit for slot 2 1063 | }; 1064 | 1065 | protected: 1066 | static const DETOUR_IA64_METADATA s_rceCopyTable[33]; 1067 | 1068 | UINT RelocateBundle(_Inout_ DETOUR_IA64_BUNDLE* pDst, _Inout_opt_ DETOUR_IA64_BUNDLE* pBundleExtra) const; 1069 | 1070 | bool RelocateInstruction(_Inout_ DETOUR_IA64_BUNDLE* pDst, 1071 | _In_ BYTE slot, 1072 | _Inout_opt_ DETOUR_IA64_BUNDLE* pBundleExtra) const; 1073 | 1074 | // 120 112 104 96 88 80 72 64 56 48 40 32 24 16 8 0 1075 | // f. e. d. c. b. a. 9. 8. 7. 6. 5. 4. 3. 2. 1. 0. 1076 | 1077 | // 00 1078 | // f.e. d.c. b.a. 9.8. 7.6. 5.4. 3.2. 1.0. 1079 | // 0000 0000 0000 0000 0000 0000 0000 001f : Template [4..0] 1080 | // 0000 0000 0000 0000 0000 03ff ffff ffe0 : Zero [ 41.. 5] 1081 | // 0000 0000 0000 0000 0000 3c00 0000 0000 : Zero [ 45.. 42] 1082 | // 0000 0000 0007 ffff ffff c000 0000 0000 : One [ 82.. 46] 1083 | // 0000 0000 0078 0000 0000 0000 0000 0000 : One [ 86.. 83] 1084 | // 0fff ffff ff80 0000 0000 0000 0000 0000 : Two [123.. 87] 1085 | // f000 0000 0000 0000 0000 0000 0000 0000 : Two [127..124] 1086 | BYTE GetTemplate() const; 1087 | // Get 4 bit opcodes. 1088 | BYTE GetInst0() const; 1089 | BYTE GetInst1() const; 1090 | BYTE GetInst2() const; 1091 | BYTE GetUnit(BYTE slot) const; 1092 | BYTE GetUnit0() const; 1093 | BYTE GetUnit1() const; 1094 | BYTE GetUnit2() const; 1095 | // Get 37 bit data. 1096 | UINT64 GetData0() const; 1097 | UINT64 GetData1() const; 1098 | UINT64 GetData2() const; 1099 | 1100 | // Get/set the full 41 bit instructions. 1101 | UINT64 GetInstruction(BYTE slot) const; 1102 | UINT64 GetInstruction0() const; 1103 | UINT64 GetInstruction1() const; 1104 | UINT64 GetInstruction2() const; 1105 | void SetInstruction(BYTE slot, UINT64 instruction); 1106 | void SetInstruction0(UINT64 instruction); 1107 | void SetInstruction1(UINT64 instruction); 1108 | void SetInstruction2(UINT64 instruction); 1109 | 1110 | // Get/set bitfields. 1111 | static UINT64 GetBits(UINT64 Value, UINT64 Offset, UINT64 Count); 1112 | static UINT64 SetBits(UINT64 Value, UINT64 Offset, UINT64 Count, UINT64 Field); 1113 | 1114 | // Get specific read-only fields. 1115 | static UINT64 GetOpcode(UINT64 instruction); // 4bit opcode 1116 | static UINT64 GetX(UINT64 instruction); // 1bit opcode extension 1117 | static UINT64 GetX3(UINT64 instruction); // 3bit opcode extension 1118 | static UINT64 GetX6(UINT64 instruction); // 6bit opcode extension 1119 | 1120 | // Get/set specific fields. 1121 | static UINT64 GetImm7a(UINT64 instruction); 1122 | static UINT64 SetImm7a(UINT64 instruction, UINT64 imm7a); 1123 | static UINT64 GetImm13c(UINT64 instruction); 1124 | static UINT64 SetImm13c(UINT64 instruction, UINT64 imm13c); 1125 | static UINT64 GetSignBit(UINT64 instruction); 1126 | static UINT64 SetSignBit(UINT64 instruction, UINT64 signBit); 1127 | static UINT64 GetImm20a(UINT64 instruction); 1128 | static UINT64 SetImm20a(UINT64 instruction, UINT64 imm20a); 1129 | static UINT64 GetImm20b(UINT64 instruction); 1130 | static UINT64 SetImm20b(UINT64 instruction, UINT64 imm20b); 1131 | 1132 | static UINT64 SignExtend(UINT64 Value, UINT64 Offset); 1133 | 1134 | BOOL IsMovlGp() const; 1135 | 1136 | VOID SetInst(BYTE Slot, BYTE nInst); 1137 | VOID SetInst0(BYTE nInst); 1138 | VOID SetInst1(BYTE nInst); 1139 | VOID SetInst2(BYTE nInst); 1140 | VOID SetData(BYTE Slot, UINT64 nData); 1141 | VOID SetData0(UINT64 nData); 1142 | VOID SetData1(UINT64 nData); 1143 | VOID SetData2(UINT64 nData); 1144 | BOOL SetNop(BYTE Slot); 1145 | BOOL SetNop0(); 1146 | BOOL SetNop1(); 1147 | BOOL SetNop2(); 1148 | 1149 | public: 1150 | BOOL IsBrl() const; 1151 | VOID SetBrl(); 1152 | VOID SetBrl(UINT64 target); 1153 | UINT64 GetBrlTarget() const; 1154 | VOID SetBrlTarget(UINT64 target); 1155 | VOID SetBrlImm(UINT64 imm); 1156 | UINT64 GetBrlImm() const; 1157 | 1158 | UINT64 GetMovlGp() const; 1159 | VOID SetMovlGp(UINT64 gp); 1160 | 1161 | VOID SetStop(); 1162 | 1163 | UINT Copy(_Out_ DETOUR_IA64_BUNDLE *pDst, _Inout_opt_ DETOUR_IA64_BUNDLE* pBundleExtra = NULL) const; 1164 | }; 1165 | #endif // DETOURS_IA64 1166 | 1167 | #ifdef DETOURS_ARM 1168 | 1169 | #define DETOURS_PFUNC_TO_PBYTE(p) ((PBYTE)(((ULONG_PTR)(p)) & ~(ULONG_PTR)1)) 1170 | #define DETOURS_PBYTE_TO_PFUNC(p) ((PBYTE)(((ULONG_PTR)(p)) | (ULONG_PTR)1)) 1171 | 1172 | #endif // DETOURS_ARM 1173 | 1174 | ////////////////////////////////////////////////////////////////////////////// 1175 | 1176 | #ifdef __cplusplus 1177 | extern "C" { 1178 | #endif // __cplusplus 1179 | 1180 | #define DETOUR_OFFLINE_LIBRARY(x) \ 1181 | PVOID WINAPI DetourCopyInstruction##x(_In_opt_ PVOID pDst, \ 1182 | _Inout_opt_ PVOID *ppDstPool, \ 1183 | _In_ PVOID pSrc, \ 1184 | _Out_opt_ PVOID *ppTarget, \ 1185 | _Out_opt_ LONG *plExtra); \ 1186 | \ 1187 | BOOL WINAPI DetourSetCodeModule##x(_In_ HMODULE hModule, \ 1188 | _In_ BOOL fLimitReferencesToModule); \ 1189 | 1190 | DETOUR_OFFLINE_LIBRARY(X86) 1191 | DETOUR_OFFLINE_LIBRARY(X64) 1192 | DETOUR_OFFLINE_LIBRARY(ARM) 1193 | DETOUR_OFFLINE_LIBRARY(ARM64) 1194 | DETOUR_OFFLINE_LIBRARY(IA64) 1195 | 1196 | #undef DETOUR_OFFLINE_LIBRARY 1197 | 1198 | ////////////////////////////////////////////////////////////////////////////// 1199 | // 1200 | // Helpers for manipulating page protection. 1201 | // 1202 | 1203 | _Success_(return != FALSE) 1204 | BOOL WINAPI DetourVirtualProtectSameExecuteEx(_In_ HANDLE hProcess, 1205 | _In_ PVOID pAddress, 1206 | _In_ SIZE_T nSize, 1207 | _In_ DWORD dwNewProtect, 1208 | _Out_ PDWORD pdwOldProtect); 1209 | 1210 | _Success_(return != FALSE) 1211 | BOOL WINAPI DetourVirtualProtectSameExecute(_In_ PVOID pAddress, 1212 | _In_ SIZE_T nSize, 1213 | _In_ DWORD dwNewProtect, 1214 | _Out_ PDWORD pdwOldProtect); 1215 | 1216 | // Detours must depend only on kernel32.lib, so we cannot use IsEqualGUID 1217 | BOOL WINAPI DetourAreSameGuid(_In_ REFGUID left, _In_ REFGUID right); 1218 | #ifdef __cplusplus 1219 | } 1220 | #endif // __cplusplus 1221 | 1222 | ////////////////////////////////////////////////////////////////////////////// 1223 | 1224 | #define MM_ALLOCATION_GRANULARITY 0x10000 1225 | 1226 | ////////////////////////////////////////////////////////////////////////////// 1227 | 1228 | #endif // DETOURS_INTERNAL 1229 | #endif // __cplusplus 1230 | 1231 | #endif // _DETOURS_H_ 1232 | // 1233 | //////////////////////////////////////////////////////////////// End of File. 1234 | -------------------------------------------------------------------------------- /Detours/include/detver.h: -------------------------------------------------------------------------------- 1 | ////////////////////////////////////////////////////////////////////////////// 2 | // 3 | // Common version parameters. 4 | // 5 | // Microsoft Research Detours Package, Version 4.0.1 6 | // 7 | // Copyright (c) Microsoft Corporation. All rights reserved. 8 | // 9 | 10 | #define _USING_V110_SDK71_ 1 11 | #include "winver.h" 12 | #if 0 13 | #include 14 | #include 15 | #else 16 | #ifndef DETOURS_STRINGIFY 17 | #define DETOURS_STRINGIFY_(x) #x 18 | #define DETOURS_STRINGIFY(x) DETOURS_STRINGIFY_(x) 19 | #endif 20 | 21 | #define VER_FILEFLAGSMASK 0x3fL 22 | #define VER_FILEFLAGS 0x0L 23 | #define VER_FILEOS 0x00040004L 24 | #define VER_FILETYPE 0x00000002L 25 | #define VER_FILESUBTYPE 0x00000000L 26 | #endif 27 | #define VER_DETOURS_BITS DETOURS_STRINGIFY(DETOURS_BITS) 28 | -------------------------------------------------------------------------------- /Detours/include/syelog.h: -------------------------------------------------------------------------------- 1 | ////////////////////////////////////////////////////////////////////////////// 2 | // 3 | // Detours Test Program (syelog.h of syelog.lib) 4 | // 5 | // Microsoft Research Detours Package 6 | // 7 | // Copyright (c) Microsoft Corporation. All rights reserved. 8 | // 9 | #pragma once 10 | #ifndef _SYELOGD_H_ 11 | #define _SYELOGD_H_ 12 | #include 13 | 14 | #pragma pack(push, 1) 15 | #pragma warning(push) 16 | #pragma warning(disable: 4200) 17 | 18 | ////////////////////////////////////////////////////////////////////////////// 19 | // 20 | // 21 | #define SYELOG_PIPE_NAMEA "\\\\.\\pipe\\syelog" 22 | #define SYELOG_PIPE_NAMEW L"\\\\.\\pipe\\syelog" 23 | #ifdef UNICODE 24 | #define SYELOG_PIPE_NAME SYELOG_PIPE_NAMEW 25 | #else 26 | #define SYELOG_PIPE_NAME SYELOG_PIPE_NAMEA 27 | #endif 28 | 29 | ////////////////////////////////////////////////////////////////////////////// 30 | // 31 | #define SYELOG_MAXIMUM_MESSAGE 4086 // 4096 - sizeof(header stuff) 32 | 33 | typedef struct _SYELOG_MESSAGE 34 | { 35 | USHORT nBytes; 36 | BYTE nFacility; 37 | BYTE nSeverity; 38 | DWORD nProcessId; 39 | FILETIME ftOccurance; 40 | BOOL fTerminate; 41 | CHAR szMessage[SYELOG_MAXIMUM_MESSAGE]; 42 | } SYELOG_MESSAGE, *PSYELOG_MESSAGE; 43 | 44 | 45 | // Facility Codes. 46 | // 47 | #define SYELOG_FACILITY_KERNEL 0x10 // OS Kernel 48 | #define SYELOG_FACILITY_SECURITY 0x20 // OS Security 49 | #define SYELOG_FACILITY_LOGGING 0x30 // OS Logging-internal 50 | #define SYELOG_FACILITY_SERVICE 0x40 // User-mode system daemon 51 | #define SYELOG_FACILITY_APPLICATION 0x50 // User-mode application 52 | #define SYELOG_FACILITY_USER 0x60 // User self-generated. 53 | #define SYELOG_FACILITY_LOCAL0 0x70 // Locally defined. 54 | #define SYELOG_FACILITY_LOCAL1 0x71 // Locally defined. 55 | #define SYELOG_FACILITY_LOCAL2 0x72 // Locally defined. 56 | #define SYELOG_FACILITY_LOCAL3 0x73 // Locally defined. 57 | #define SYELOG_FACILITY_LOCAL4 0x74 // Locally defined. 58 | #define SYELOG_FACILITY_LOCAL5 0x75 // Locally defined. 59 | #define SYELOG_FACILITY_LOCAL6 0x76 // Locally defined. 60 | #define SYELOG_FACILITY_LOCAL7 0x77 // Locally defined. 61 | #define SYELOG_FACILITY_LOCAL8 0x78 // Locally defined. 62 | #define SYELOG_FACILITY_LOCAL9 0x79 // Locally defined. 63 | 64 | // Severity Codes. 65 | // 66 | #define SYELOG_SEVERITY_FATAL 0x00 // System is dead. 67 | #define SYELOG_SEVERITY_ALERT 0x10 // Take action immediately. 68 | #define SYELOG_SEVERITY_CRITICAL 0x20 // Critical condition. 69 | #define SYELOG_SEVERITY_ERROR 0x30 // Error 70 | #define SYELOG_SEVERITY_WARNING 0x40 // Warning 71 | #define SYELOG_SEVERITY_NOTICE 0x50 // Significant condition. 72 | #define SYELOG_SEVERITY_INFORMATION 0x60 // Informational 73 | #define SYELOG_SEVERITY_AUDIT_FAIL 0x66 // Audit Failed 74 | #define SYELOG_SEVERITY_AUDIT_PASS 0x67 // Audit Succeeeded 75 | #define SYELOG_SEVERITY_DEBUG 0x70 // Debugging 76 | 77 | // Logging Functions. 78 | // 79 | VOID SyelogOpen(PCSTR pszIdentifier, BYTE nFacility); 80 | VOID Syelog(BYTE nSeverity, PCSTR pszMsgf, ...); 81 | VOID SyelogV(BYTE nSeverity, PCSTR pszMsgf, va_list args); 82 | VOID SyelogClose(BOOL fTerminate); 83 | 84 | #pragma warning(pop) 85 | #pragma pack(pop) 86 | 87 | #endif // _SYELOGD_H_ 88 | // 89 | ///////////////////////////////////////////////////////////////// End of File. 90 | -------------------------------------------------------------------------------- /Detours/lib.all/detours_x64.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/Detours/lib.all/detours_x64.lib -------------------------------------------------------------------------------- /Detours/lib.all/detours_x86.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/minhangxiaohui/AvoidRandomKill/8845f0dcc0142465beb70282410a8d852d61d550/Detours/lib.all/detours_x86.lib -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # AvoidRandomKill 2 | 一次免杀实践(bypass 360、huorong、windows defender、kaspersky、) 3 | 4 | 技术思路见:https://forum.butian.net/share/2620 5 | --------------------------------------------------------------------------------