tretrauit/jadeite
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Replaced dummy variable references with NULL in inject.c

Browse Source 
Apparently the crashes were an artifact of a different thing, and don't actually happen under normal conditions
This commit is contained in:
mkrsym1 2023-12-29 14:14:05 +02:00
parent 6b5e303df6
commit f8c4c5ad82
1 changed files with 8 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
injector/src/inject.c
View File

@ -21,15 +21,12 @@ static inline void write_protected_process_memory(HANDLE process, void *address,
DWORD oldProtect; DWORD oldProtect;
VirtualProtectEx(process, address, size, PAGE_EXECUTE_READWRITE, &oldProtect); VirtualProtectEx(process, address, size, PAGE_EXECUTE_READWRITE, &oldProtect);
size_t bytesWritten; WriteProcessMemory(process, address, buf, size, NULL);
WriteProcessMemory(process, address, buf, size, &bytesWritten);
VirtualProtectEx(process, address, size, oldProtect, &oldProtect); VirtualProtectEx(process, address, size, oldProtect, &oldProtect);
} }
void inject(HANDLE process, const void *payload, size_t payloadSize, const wchar_t *dllPath) { void inject(HANDLE process, const void *payload, size_t payloadSize, const wchar_t *dllPath) {
size_t _; // Contrary to the docs, {Write,Read}ProcessMemory likes to crash if the last arg is NULL
// Find the EXE header in the process // Find the EXE header in the process
char exeHeader[1024]; char exeHeader[1024];
IMAGE_DOS_HEADER *dosHeader = NULL; IMAGE_DOS_HEADER *dosHeader = NULL;
@ -38,7 +35,7 @@ void inject(HANDLE process, const void *payload, size_t payloadSize, const wchar
MEMORY_BASIC_INFORMATION memoryInfo; MEMORY_BASIC_INFORMATION memoryInfo;
char *currentAddress = 0x0; char *currentAddress = 0x0;
while (VirtualQueryEx(process, currentAddress, &memoryInfo, sizeof(memoryInfo))) { while (VirtualQueryEx(process, currentAddress, &memoryInfo, sizeof(memoryInfo))) {
ReadProcessMemory(process, currentAddress, exeHeader, sizeof(exeHeader), &_); ReadProcessMemory(process, currentAddress, exeHeader, sizeof(exeHeader), NULL);
dosHeader = (IMAGE_DOS_HEADER*)exeHeader; dosHeader = (IMAGE_DOS_HEADER*)exeHeader;
@ -84,8 +81,8 @@ void inject(HANDLE process, const void *payload, size_t payloadSize, const wchar
char *remoteAlloc = VirtualAllocEx(process, NULL, allocSize, MEM_COMMIT, PAGE_EXECUTE_READWRITE); char *remoteAlloc = VirtualAllocEx(process, NULL, allocSize, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
// Write the assembly payload and dll path // Write the assembly payload and dll path
WriteProcessMemory(process, remoteAlloc, payload, payloadSize, &_); WriteProcessMemory(process, remoteAlloc, payload, payloadSize, NULL);
WriteProcessMemory(process, remoteAlloc + payloadSize, dllPath, dllPathSize, &_); WriteProcessMemory(process, remoteAlloc + payloadSize, dllPath, dllPathSize, NULL);
// Modify the executable to run the assembly payload // Modify the executable to run the assembly payload
@ -97,7 +94,7 @@ void inject(HANDLE process, const void *payload, size_t payloadSize, const wchar
// Save the original entry point address and bytes // Save the original entry point address and bytes
rd.entryPointAddress = entryPoint; rd.entryPointAddress = entryPoint;
ReadProcessMemory(process, rd.entryPointAddress, rd.entryPointData, sizeof(rd.entryPointData), &_); ReadProcessMemory(process, rd.entryPointAddress, rd.entryPointData, sizeof(rd.entryPointData), NULL);
// Replace the entry point with a jump to the assembly payload // Replace the entry point with a jump to the assembly payload
write_protected_process_memory(process, entryPoint, JUMP_INST, sizeof(JUMP_INST)); write_protected_process_memory(process, entryPoint, JUMP_INST, sizeof(JUMP_INST));
@ -110,7 +107,7 @@ void inject(HANDLE process, const void *payload, size_t payloadSize, const wchar
// Save the original descriptor address and bytes // Save the original descriptor address and bytes
rd.importDescriptorAddress = importDescriptors; rd.importDescriptorAddress = importDescriptors;
ReadProcessMemory(process, rd.importDescriptorAddress, &rd.importDescriptorData, sizeof(rd.importDescriptorData), &_); ReadProcessMemory(process, rd.importDescriptorAddress, &rd.importDescriptorData, sizeof(rd.importDescriptorData), NULL);
// Overwrite with zeroes // Overwrite with zeroes
IMAGE_IMPORT_DESCRIPTOR firstDescriptor; IMAGE_IMPORT_DESCRIPTOR firstDescriptor;
@ -122,12 +119,12 @@ void inject(HANDLE process, const void *payload, size_t payloadSize, const wchar
// Save the original value // Save the original value
rd.sizeFieldAddress = ddAddr; rd.sizeFieldAddress = ddAddr;
ReadProcessMemory(process, rd.sizeFieldAddress, &rd.sizeFieldData, sizeof(rd.sizeFieldData), &_); ReadProcessMemory(process, rd.sizeFieldAddress, &rd.sizeFieldData, sizeof(rd.sizeFieldData), NULL);
// Set to 0 // Set to 0
DWORD newSize = 0; DWORD newSize = 0;
write_protected_process_memory(process, ddAddr, &newSize, sizeof(newSize)); write_protected_process_memory(process, ddAddr, &newSize, sizeof(newSize));
// Write recovery data to the allocation // Write recovery data to the allocation
WriteProcessMemory(process, remoteAlloc + payloadSize + dllPathSize, &rd, sizeof(rd), &_); WriteProcessMemory(process, remoteAlloc + payloadSize + dllPathSize, &rd, sizeof(rd), NULL);
} }