From 3d412a4b30a9f7c7f51ea6562e694315948bd3da Mon Sep 17 00:00:00 2001 From: boris Date: Wed, 28 Nov 2018 16:00:02 +1300 Subject: cleaned up in short, the cheat and loader are now separate solutions. unused stuff was moved into the legacy solution in case anyone wants to compile it or whatever. i can change this back if you want to. also, i configured the loader to compile in x64, and have separate build types for linux and win64 --- injector/pe.h | 309 ---------------------------------------------------------- 1 file changed, 309 deletions(-) delete mode 100644 injector/pe.h (limited to 'injector/pe.h') diff --git a/injector/pe.h b/injector/pe.h deleted file mode 100644 index f67e46d..0000000 --- a/injector/pe.h +++ /dev/null @@ -1,309 +0,0 @@ -#pragma once -#include - -namespace nt { - using WORD = short; - using BYTE = unsigned char; - using DWORD = unsigned long; - - typedef struct _IMAGE_DATA_DIRECTORY { - DWORD VirtualAddress; - DWORD Size; - } IMAGE_DATA_DIRECTORY, *PIMAGE_DATA_DIRECTORY; - - typedef struct _IMAGE_OPTIONAL_HEADER { - WORD Magic; - BYTE MajorLinkerVersion; - BYTE MinorLinkerVersion; - DWORD SizeOfCode; - DWORD SizeOfInitializedData; - DWORD SizeOfUninitializedData; - DWORD AddressOfEntryPoint; - DWORD BaseOfCode; - DWORD BaseOfData; - DWORD ImageBase; - DWORD SectionAlignment; - DWORD FileAlignment; - WORD MajorOperatingSystemVersion; - WORD MinorOperatingSystemVersion; - WORD MajorImageVersion; - WORD MinorImageVersion; - WORD MajorSubsystemVersion; - WORD MinorSubsystemVersion; - DWORD Win32VersionValue; - DWORD SizeOfImage; - DWORD SizeOfHeaders; - DWORD CheckSum; - WORD Subsystem; - WORD DllCharacteristics; - DWORD SizeOfStackReserve; - DWORD SizeOfStackCommit; - DWORD SizeOfHeapReserve; - DWORD SizeOfHeapCommit; - DWORD LoaderFlags; - DWORD NumberOfRvaAndSizes; - IMAGE_DATA_DIRECTORY DataDirectory[ 16 ]; - } IMAGE_OPTIONAL_HEADER, *PIMAGE_OPTIONAL_HEADER; - - typedef struct _IMAGE_FILE_HEADER { - WORD Machine; - WORD NumberOfSections; - DWORD TimeDateStamp; - DWORD PointerToSymbolTable; - DWORD NumberOfSymbols; - WORD SizeOfOptionalHeader; - WORD Characteristics; - } IMAGE_FILE_HEADER, *PIMAGE_FILE_HEADER; - - typedef struct _IMAGE_NT_HEADERS { - DWORD Signature; - IMAGE_FILE_HEADER FileHeader; - IMAGE_OPTIONAL_HEADER OptionalHeader; - } IMAGE_NT_HEADERS, *PIMAGE_NT_HEADERS; - - typedef struct _IMAGE_EXPORT_DIRECTORY { - uint32_t Characteristics; - uint32_t TimeDateStamp; - uint16_t MajorVersion; - uint16_t MinorVersion; - uint32_t Name; - uint32_t Base; - uint32_t NumberOfFunctions; - uint32_t NumberOfNames; - uint32_t AddressOfFunctions; // RVA from base of image - uint32_t AddressOfNames; // RVA from base of image - uint32_t AddressOfNameOrdinals; // RVA from base of image - } IMAGE_EXPORT_DIRECTORY, *PIMAGE_EXPORT_DIRECTORY; - - typedef struct _IMAGE_DOS_HEADER { - WORD e_magic; - WORD e_cblp; - WORD e_cp; - WORD e_crlc; - WORD e_cparhdr; - WORD e_minalloc; - WORD e_maxalloc; - WORD e_ss; - WORD e_sp; - WORD e_csum; - WORD e_ip; - WORD e_cs; - WORD e_lfarlc; - WORD e_ovno; - WORD e_res[ 4 ]; - WORD e_oemid; - WORD e_oeminfo; - WORD e_res2[ 10 ]; - long e_lfanew; - } IMAGE_DOS_HEADER, *PIMAGE_DOS_HEADER; - - typedef struct _LIST_ENTRY { - struct _LIST_ENTRY *Flink; - struct _LIST_ENTRY *Blink; - } LIST_ENTRY, *PLIST_ENTRY; - - struct PEB_LDR_DATA { - uint32_t Length; - uint8_t Initialized; - uintptr_t SsHandle; - LIST_ENTRY InLoadOrderModuleList; - LIST_ENTRY InMemoryOrderModuleList; - LIST_ENTRY InInitializationOrderModuleList; - uintptr_t EntryInProgress; - uint8_t ShutdownInProgress; - uintptr_t ShutdownThreadId; - }; - - struct UNICODE_STRING { - uint16_t Length; - uint16_t MaximumLength; - wchar_t *Buffer; - }; - - struct STRING { - uint16_t Length; - uint16_t MaximumLength; - char *Buffer; - }; - - struct CURDIR { - UNICODE_STRING DosPath; - uintptr_t Handle; - }; - - struct RTL_DRIVE_LETTER_CURDIR { - uint16_t Flags; - uint16_t Length; - uint32_t TimeStamp; - STRING DosPath; - }; - - struct RTL_USER_PROCESS_PARAMETERS { - uint32_t MaximumLength; - uint32_t Length; - uint32_t Flags; - uint32_t DebugFlags; - uintptr_t ConsoleHandle; - uint32_t ConsoleFlags; - uintptr_t StandardInput; - uintptr_t StandardOutput; - uintptr_t StandardError; - CURDIR CurrentDirectory; - UNICODE_STRING DllPath; - UNICODE_STRING ImagePathName; - UNICODE_STRING CommandLine; - uintptr_t Environment; - uint32_t StartingX; - uint32_t StartingY; - uint32_t CountX; - uint32_t CountY; - uint32_t CountCharsX; - uint32_t CountCharsY; - uint32_t FillAttribute; - uint32_t WindowFlags; - uint32_t ShowWindowFlags; - UNICODE_STRING WindowTitle; - UNICODE_STRING DesktopInfo; - UNICODE_STRING ShellInfo; - UNICODE_STRING RuntimeData; - RTL_DRIVE_LETTER_CURDIR CurrentDirectores[ 32 ]; - uintptr_t EnvironmentSize; - uintptr_t EnvironmentVersion; - uintptr_t PackageDependencyData; - uint32_t ProcessGroupId; - uint32_t LoaderThreads; - }; - - struct RTL_BALANCED_NODE { - RTL_BALANCED_NODE *Children[ 2 ]; - RTL_BALANCED_NODE *Left; - RTL_BALANCED_NODE *Right; - uintptr_t ParentValue; - }; - - struct _PEB { - uint8_t InheritedAddressSpace; - uint8_t ReadImageFileExecOptions; - uint8_t BeingDebugged; - uint8_t BitField; - //uchar Padding0[ 4 ]; - uintptr_t Mutant; - uintptr_t ImageBaseAddress; - PEB_LDR_DATA *Ldr; - RTL_USER_PROCESS_PARAMETERS *ProcessParameters; - uintptr_t SubSystemData; - uintptr_t ProcessHeap; - uintptr_t *FastPebLock; - uintptr_t AtlThunkSListPtr; - uintptr_t IFEOKey; - uint32_t CrossProcessFlags; - uint8_t Padding1[ 4 ]; - uintptr_t KernelCallbackTable; - uintptr_t UserSharedInfoPtr; - uint32_t SystemReserved[ 1 ]; - uint32_t AtlThunkSListPtr32; - uintptr_t ApiSetMap; - uint32_t TlsExpansionCounter; - uint8_t Padding2[ 4 ]; - uintptr_t TlsBitmap; - uint32_t TlsBitmapBits[ 2 ]; - uintptr_t ReadOnlySharedMemoryBase; - uintptr_t SparePvoid0; - uintptr_t ReadOnlyStaticServerData; - uintptr_t AnsiCodePageData; - uintptr_t OemCodePageData; - uintptr_t UnicodeCaseTableData; - uint32_t NumberOfProcessors; - uint32_t NtGlobalFlag; - uint64_t CriticalSectionTimeout; - uintptr_t HeapSegmentReserve; - uintptr_t HeapSegmentCommit; - uintptr_t HeapDeCommitTotalFreeThreshold; - uintptr_t HeapDeCommitFreeBlockThreshold; - uint32_t NumberOfHeaps; - uint32_t MaximumNumberOfHeaps; - uintptr_t ProcessHeaps; - uintptr_t GdiSharedHandleTable; - uintptr_t ProcessStarterHelper; - uint32_t GdiDCAttributeList; - uint8_t Padding3[ 4 ]; - uintptr_t *LoaderLock; - uint32_t OSMajorVersion; - uint32_t OSMinorVersion; - uint16_t OSBuildNumber; - uint16_t OSCSDVersion; - uint32_t OSPlatformId; - uint32_t ImageSubsystem; - uint32_t ImageSubsystemMajorVersion; - uint32_t ImageSubsystemMinorVersion; - uint8_t Padding4[ 4 ]; - uintptr_t ActiveProcessAffinityMask; -#ifdef _WIN32 - uint32_t GdiHandleBuffer[ 34 ]; -#else - uint32_t GdiHandleBuffer[ 60 ]; -#endif - uintptr_t PostProcessInitRoutine; - uintptr_t TlsExpansionBitmap; - uint32_t TlsExpansionBitmapBits[ 32 ]; - uint32_t SessionId; - uint8_t Padding5[ 4 ]; - uint64_t AppCompatFlags; - uint64_t AppCompatFlagsUser; - uintptr_t pShimData; - uintptr_t AppCompatInfo; - UNICODE_STRING CSDVersion; - uintptr_t ActivationContextData; - uintptr_t ProcessAssemblyStorageMap; - uintptr_t SystemDefaultActivationContextData; - uintptr_t SystemAssemblyStorageMap; - uintptr_t MinimumStackCommit; - uintptr_t FlsCallback; - LIST_ENTRY FlsListHead; - uintptr_t FlsBitmap; - uint32_t FlsBitmapBits[ 4 ]; - uint32_t FlsHighIndex; - uintptr_t WerRegistrationData; - uintptr_t WerShipAssertPtr; - uintptr_t pUnused; - uintptr_t pImageHeaderHash; - uint32_t TracingFlags; - uint8_t Padding6[ 4 ]; - uint64_t CsrServerReadOnlySharedMemoryBase; - uintptr_t TppWorkerpListLock; - LIST_ENTRY TppWorkerpList; - uintptr_t WaitOnAddressHashTable[ 128 ]; - }; - - struct LDR_DATA_TABLE_ENTRY { - LIST_ENTRY InLoadOrderLinks; - LIST_ENTRY InMemoryOrderLinks; - LIST_ENTRY InInitializationOrderLinks; - uintptr_t DllBase; - uintptr_t EntryPoint; - uint32_t SizeOfImage; - UNICODE_STRING FullDllName; - UNICODE_STRING BaseDllName; - uint8_t FlagGroup[ 4 ]; - uint32_t Flags; - uint16_t ObsoleteLoadCount; - uint16_t TlsIndex; - LIST_ENTRY HashLinks; - uint32_t TimeDateStamp; - uintptr_t EntryPointActivationContext; - uintptr_t Lock; - uintptr_t DdagNode; - LIST_ENTRY NodeModuleLink; - uintptr_t LoadContext; - uintptr_t ParentDllBase; - uintptr_t SwitchBackContext; - RTL_BALANCED_NODE BaseAddressIndexNode; - RTL_BALANCED_NODE MappingInfoIndexNode; - uintptr_t OriginalBase; - int64_t LoadTime; - uint32_t BaseNameHashValue; - uint32_t LoadReason; - uint32_t ImplicitPathOptions; - uint32_t ReferenceCount; - }; -}; \ No newline at end of file -- cgit v1.2.3