From 8b016e4409d4408c74799beb87b5ae428ed130f9 Mon Sep 17 00:00:00 2001
From: boris <wzn@moneybot.cc>
Date: Sun, 2 Dec 2018 17:36:33 +1300
Subject: homo shit

still need to do client injection and finish reloc/import shit on server before i can call my job done
---
 loader/server/manual_map.cpp | 74 ++++++++++++++++++++++++++++++++++++++------
 1 file changed, 65 insertions(+), 9 deletions(-)

(limited to 'loader/server/manual_map.cpp')

diff --git a/loader/server/manual_map.cpp b/loader/server/manual_map.cpp
index d8cf57d..1c6fa12 100644
--- a/loader/server/manual_map.cpp
+++ b/loader/server/manual_map.cpp
@@ -68,6 +68,7 @@ namespace remote_code {
 		std::memset(&code[offset], value, sizeof uint32_t);
 	}
 
+	// turbo chad shellcode maker (c) bowis
 	std::vector<uint8_t> make_code(shellcode_args_t *arg) {
 		std::vector<uint8_t> code;
 		code.insert(code.begin(), shellcode_code, shellcode_code + shellcode_size);
@@ -81,10 +82,6 @@ namespace remote_code {
 		// nave i hope ur happy
 		for(int n = 0; n < 3; ++n)
 			patch_code(code, find_byte_pattern(code, { 0x69, 0x69, 0x69, 0x69 }), arg->m_endscene);
-		
-		//for (auto &c : code) {
-		//	printf("%02x ", c);
-		//}
 
 		return code;
 	}
@@ -107,9 +104,8 @@ namespace inject {
 
 		pe_file.seekg(0, pe_file.beg);
 		
-		// HOMOSEXUAL CAST FUCKERY PLEASE SKIP THIS LINE
 		// AAAAAAAAAAAA BAD
-		pe_file.read((char*)&m_file[0], pe_size);
+		pe_file.read((char*)m_file.data(), pe_size);
 
 		pe_file.close();
 
@@ -119,8 +115,8 @@ namespace inject {
 	}
 
 	bool c_pe_file::valid() {
-		nt::dos_header_t *dos_header;
-		nt::nt_headers_t *nt_headers;
+		IMAGE_DOS_HEADER *dos_header;
+		IMAGE_NT_HEADERS *nt_headers;
 
 		// check dos header
 		dos_header = reinterpret_cast<decltype(dos_header)>(data());
@@ -131,7 +127,7 @@ namespace inject {
 		// check nt header
 		nt_headers = reinterpret_cast<decltype(nt_headers)>(data() + dos_header->e_lfanew);
 
-		if (nt_headers->signature != 0x50450000)
+		if (nt_headers->Signature != 0x50450000)
 			return false; 
 
 		return true;
@@ -145,4 +141,64 @@ namespace inject {
 	size_t c_pe_file::size() const {
 		return m_file.size();
 	}
+
+	// implementation of mapper
+	c_mapper::c_mapper(c_pe_file &pe_file) {
+		if (!pe_file.valid()) {
+			printf("pe file error, check nt/dos headers\n");
+		}
+
+		m_pe = std::move(pe_file);
+	}
+
+	// returns size of module to allocate on client
+	size_t c_mapper::initialise(std::vector<process_export_t> &exports) {
+		if (exports.empty()) {
+			printf("no process exports received, invalid input\n");
+			return 0;
+		}
+
+		m_exports = std::move(exports);
+
+		return m_pe.size();
+	}
+
+	bool c_mapper::process_imports(uint32_t /*remote_address*/) {
+		return true;
+	}
+
+	bool c_mapper::process_reloc(uint32_t /*remote_address*/) {
+		IMAGE_DOS_HEADER *dos_header;
+		IMAGE_NT_HEADERS *nt_headers;
+
+		dos_header = reinterpret_cast<decltype(dos_header)>(m_pe.data());
+		nt_headers = reinterpret_cast<decltype(nt_headers)>(m_pe.data() + dos_header->e_lfanew);
+
+		if (nt_headers->FileHeader.Characteristics & IMAGE_FILE_RELOCS_STRIPPED) {
+			printf("no reloc necessary\n");
+			return true;
+		}
+
+		return true;
+	}
+
+	// handles reloc and fixing imports
+	bool c_mapper::process_pe_file(uint32_t remote_address) {
+		if (remote_address < 0x10000000 || remote_address > 0x7FF00000) {
+			printf("invalid base address received, fail\n");
+			return false;
+		}
+
+		if (!process_reloc(remote_address))
+			return false;
+
+		if (!process_imports(remote_address))
+			return false;
+
+		return true;
+	}
+
+	std::vector<memory_section_t> c_mapper::get_pe_sections() {
+		return m_sections;
+	}
 }
\ No newline at end of file
-- 
cgit v1.2.3