uzix/KernelEx
1
0
Fork 0
mirror of https://github.com/UzixLS/KernelEx.git synced 2025-07-19 07:21:20 +03:00
Code Issues Projects Releases Wiki Activity

import KernelEx-4.5.1

Browse Source
This commit is contained in:
UzixLS
2018-11-03 16:23:39 +03:00
parent 7571e3c60d
commit 2948e23961
77 changed files with 2603 additions and 883 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
auxiliary/psapi/makefile
View File

@ -6,10 +6,10 @@ RCC = windres
OBJ = psapi.o
RES =
DEF = psapi.def
LIBS = -nostdlib -lkernel32
LIBS = -nostdlib -lkernel32 -L../../common -lkernelex
LDFLAGS = -s -shared -Wl,--enable-stdcall-fixup -e _DllMain@12
BIN = ..\psapi.dll
CFLAGS = -Os -Wall
CFLAGS = -Os -Wall -I../../common
CXXFLAGS = $(CFLAGS)
.SUFFIXES: .rc

7
auxiliary/psapi/makefile.msv
View File

@ -4,9 +4,10 @@ OBJ = psapi.obj
RES =
DEF = /DEF:psapi.def
BIN = ..\psapi.dll
LIBS = -nodefaultlib kernel32.lib
LDFLAGS = /DLL /OPT:NOWIN98 /ENTRY:DllMain@12
CFLAGS = /W3 /O2 /Oi /FD
COMMON_DIR = ../../common
LIBS = -nodefaultlib kernel32.lib $(COMMON_DIR)/kernelex.lib
LDFLAGS = /DLL /OPT:NOWIN98 /ENTRY:DllMain@12 /LIBPATH:$(COMMON_DIR) KernelEx.lib
CFLAGS = /W3 /O2 /Oi /FD /I$(COMMON_DIR)
CXXFLAGS = $(CFLAGS)
all : $(BIN)

5
auxiliary/psapi/psapi.c
View File

@ -21,6 +21,7 @@
#include <windows.h>
#include <tlhelp32.h>
#include "kexcoresdk.h"
BOOL WINAPI DllMain (HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{
@ -37,7 +38,7 @@ DWORD WINAPI GetProcessFlags(
typedef DWORD (WINAPI *GPF) (HANDLE ProcessID);
static GPF g_GetProcessFlags = 0;
if ( !g_GetProcessFlags ) g_GetProcessFlags = (GPF) GetProcAddress(GetModuleHandle("kernel32.dll"),"GetProcessFlags");
if ( !g_GetProcessFlags ) g_GetProcessFlags = (GPF) kexGetProcAddress(GetModuleHandle("kernel32.dll"),"GetProcessFlags");
return g_GetProcessFlags(ProcessID);
}
@ -58,7 +59,7 @@ DWORD WINAPI GetProcessId(
DWORD *faddr;
DWORD addr;
faddr = (DWORD *) ( (DWORD)GetProcAddress(GetModuleHandle("kernel32.dll"),"SetFilePointer") + 0x1D ); //there is jmp _SetFilePointer
faddr = (DWORD *) ( (DWORD)kexGetProcAddress(GetModuleHandle("kernel32.dll"),"SetFilePointer") + 0x1D ); //there is jmp _SetFilePointer
addr = (DWORD) faddr + *faddr + 4 - 0x16; //0x16 bytes before _SetFilePointer there is MapProcessHandle, just what we need
faddr = (DWORD *) addr;
if (*faddr != 0x206A006A) return FALSE; //push 0; push 0x20