mirror of
https://github.com/UzixLS/KernelEx.git
synced 2025-07-19 07:21:20 +03:00
141 lines
3.1 KiB
C++
Executable File
141 lines
3.1 KiB
C++
Executable File
/*
|
|
* KernelEx
|
|
* Copyright (C) 2009, Xeno86
|
|
*
|
|
* This file is part of KernelEx source code.
|
|
*
|
|
* KernelEx is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published
|
|
* by the Free Software Foundation; version 2 of the License.
|
|
*
|
|
* KernelEx is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with GNU Make; see the file COPYING. If not, write to
|
|
* the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
*
|
|
*/
|
|
|
|
#include <windows.h>
|
|
#include <stdio.h>
|
|
#include "pemanip.h"
|
|
|
|
DWORD find_unique_pattern(void* loc, int size, const short* pattern, int pat_len, const char* pat_name)
|
|
{
|
|
unsigned char* pos = (unsigned char*) loc;
|
|
unsigned char* end_pos = pos + size - pat_len;
|
|
unsigned char* found_loc = NULL;
|
|
int found = 0;
|
|
|
|
while (pos <= end_pos)
|
|
{
|
|
if (pattern[0] < 0 || *pos == pattern[0])
|
|
{
|
|
int j;
|
|
for (j = 1 ; j < pat_len ; j++)
|
|
{
|
|
if (pattern[j] >= 0 && pos[j] != pattern[j])
|
|
break;
|
|
}
|
|
if (j == pat_len) //pattern found
|
|
{
|
|
found++;
|
|
if (!found_loc)
|
|
found_loc = pos;
|
|
}
|
|
}
|
|
pos++;
|
|
}
|
|
|
|
if (found != 1)
|
|
{
|
|
if (!found)
|
|
printf("%s: pattern not found\n", pat_name);
|
|
else
|
|
printf("%s: pattern not unique, found occurrences: %d\n", pat_name, found);
|
|
return 0;
|
|
}
|
|
|
|
for (int i = 0 ; i < pat_len ; i++)
|
|
if (pattern[i] == -2)
|
|
return *(DWORD*) &found_loc[i];
|
|
|
|
printf("%s: invalid pattern\n", pat_name);
|
|
return 0;
|
|
}
|
|
|
|
void eparse()
|
|
{
|
|
printf("error parsing string\n");
|
|
exit(1);
|
|
}
|
|
|
|
int main(int argc, char** argv)
|
|
{
|
|
char buf[512];
|
|
int debug = 0;
|
|
|
|
if (argc < 2 || argc > 3)
|
|
{
|
|
printf("invalid parameters\n");
|
|
return 1;
|
|
}
|
|
|
|
PEmanip pe(argv[1]);
|
|
if (argc == 3 && !strcmp(argv[2], "-d"))
|
|
debug = 1;
|
|
|
|
FILE* f = fopen("patterns.txt", "rt");
|
|
if (!f)
|
|
{
|
|
printf("failed to open pattern list\n");
|
|
return 1;
|
|
}
|
|
|
|
while (fgets(buf, sizeof(buf), f))
|
|
{
|
|
short pat[128];
|
|
int patlen = 0;
|
|
char* p, *p2;
|
|
char* pat_name;
|
|
char* sec_name;
|
|
|
|
pat_name = buf;
|
|
p = strchr(buf, ':');
|
|
if (!p) eparse();
|
|
*p++ = 0;
|
|
sec_name = p;
|
|
p = strchr(p, '{');
|
|
if (!p) eparse();
|
|
*p++ = 0;
|
|
p2 = strchr(p, '}');
|
|
if (!p2) eparse();
|
|
*p2 = 0;
|
|
|
|
while (p < p2)
|
|
{
|
|
char* p3;
|
|
short i;
|
|
i = strtol(p, &p3, 0);
|
|
if (p == p3) eparse();
|
|
pat[patlen++] = i;
|
|
p = p3 + 1;
|
|
}
|
|
//DWORD start = GetTickCount();
|
|
DWORD ret = find_unique_pattern(pe.GetSectionByName(sec_name), pe.GetSectionSize(sec_name), pat, patlen, pat_name);
|
|
//printf("algo completed in %dms\n", GetTickCount() - start);
|
|
if (debug)
|
|
{
|
|
printf("processing %s in %s: {", pat_name, sec_name);
|
|
for (int i = 0 ; i < patlen ; i++) if (pat[i] < 0) printf("%d,", pat[i]); else printf("0x%02x,", pat[i]);
|
|
printf("\b}=0x%08x\n", ret);
|
|
}
|
|
}
|
|
fclose(f);
|
|
|
|
return 0;
|
|
}
|