commit
87887259b2
@ -56,7 +56,7 @@ FARJMP Old_SLGetWindowsInformationDWORD, Stub_SLGetWindowsInformationDWORD;
|
|||||||
SLGETWINDOWSINFORMATIONDWORD _SLGetWindowsInformationDWORD;
|
SLGETWINDOWSINFORMATIONDWORD _SLGetWindowsInformationDWORD;
|
||||||
|
|
||||||
INI_FILE *IniFile;
|
INI_FILE *IniFile;
|
||||||
LPCTSTR LogFile = L"\\rdpwrap.txt";
|
wchar_t LogFile[256] = {0x00};
|
||||||
HMODULE hTermSrv;
|
HMODULE hTermSrv;
|
||||||
HMODULE hSLC;
|
HMODULE hSLC;
|
||||||
PLATFORM_DWORD TermSrvBase;
|
PLATFORM_DWORD TermSrvBase;
|
||||||
@ -65,6 +65,39 @@ SERVICEMAIN _ServiceMain;
|
|||||||
SVCHOSTPUSHSERVICEGLOBALS _SvchostPushServiceGlobals;
|
SVCHOSTPUSHSERVICEGLOBALS _SvchostPushServiceGlobals;
|
||||||
bool AlreadyHooked = false;
|
bool AlreadyHooked = false;
|
||||||
|
|
||||||
|
DWORD INIReadDWordHex(INI_FILE *IniFile, char *Sect, char *VariableName, PLATFORM_DWORD Default)
|
||||||
|
{
|
||||||
|
INI_VAR_DWORD Variable;
|
||||||
|
|
||||||
|
if(IniFile->GetVariableInSection(Sect, VariableName, &Variable))
|
||||||
|
{
|
||||||
|
return Variable.ValueHex;
|
||||||
|
}
|
||||||
|
return Default;
|
||||||
|
}
|
||||||
|
|
||||||
|
void INIReadString(INI_FILE *IniFile, char *Sect, char *VariableName, char *Default, char *Ret, DWORD RetSize)
|
||||||
|
{
|
||||||
|
INI_VAR_STRING Variable;
|
||||||
|
|
||||||
|
memset(Ret, 0x00, RetSize);
|
||||||
|
if(!IniFile->GetVariableInSection(Sect, VariableName, &Variable))
|
||||||
|
{
|
||||||
|
strcpy_s(Ret, RetSize, Default);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
strcpy_s(Ret, RetSize, Variable.Value);
|
||||||
|
}
|
||||||
|
|
||||||
|
int SListFind(INI_SECTION_VARLIST List, char *Name)
|
||||||
|
{
|
||||||
|
for (DWORD i = 0; i < List.EntriesCount; i++)
|
||||||
|
{
|
||||||
|
if(strcmp(List.NamesEntries[i].String, Name) == 0) return i;
|
||||||
|
}
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
void WriteToLog(LPSTR Text)
|
void WriteToLog(LPSTR Text)
|
||||||
{
|
{
|
||||||
DWORD dwBytesOfWritten;
|
DWORD dwBytesOfWritten;
|
||||||
@ -87,11 +120,11 @@ HMODULE GetCurrentModule()
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Correct this
|
// Correct this
|
||||||
// TODO: Write ExtractFilePath function
|
LPCWSTR GetBinaryPath()
|
||||||
// see http://forum.sources.ru/index.php?showtopic=48042
|
|
||||||
DWORD GetBinaryPath(LPTSTR lpFileName, DWORD nSize)
|
|
||||||
{
|
{
|
||||||
return GetModuleFileName(GetCurrentModule(), lpFileName, nSize);
|
wchar_t Filename[256];
|
||||||
|
GetModuleFileName(GetCurrentModule(), &Filename[0], 256);
|
||||||
|
return &Filename[0];
|
||||||
}
|
}
|
||||||
|
|
||||||
/*PLATFORM_DWORD SearchAddressBySignature(char *StartPosition, PLATFORM_DWORD Size, char *Signature, int SignatureSize)
|
/*PLATFORM_DWORD SearchAddressBySignature(char *StartPosition, PLATFORM_DWORD Size, char *Signature, int SignatureSize)
|
||||||
@ -241,9 +274,9 @@ bool OverrideSL(LPWSTR ValueName, DWORD *Value)
|
|||||||
{
|
{
|
||||||
INI_VAR_DWORD Variable = {0};
|
INI_VAR_DWORD Variable = {0};
|
||||||
|
|
||||||
if (IniFile->VariableExists(INI, "SLPolicy", ValueName))
|
if (IniFile->VariableExists(L"SLPolicy", ValueName))
|
||||||
{
|
{
|
||||||
if (!(IniFile->GetVariableInSection("SLPolicy", ValueName, &Variable))) *Value = 0;
|
if (!(IniFile->GetVariableInSection(L"SLPolicy", ValueName, &Variable))) *Value = 0;
|
||||||
else *Value = Variable.ValueDec;
|
else *Value = Variable.ValueDec;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
@ -376,30 +409,30 @@ HRESULT WINAPI New_CSLQuery_Initialize()
|
|||||||
if (IniFile->SectionExists(Sect))
|
if (IniFile->SectionExists(Sect))
|
||||||
{
|
{
|
||||||
#ifdef _WIN64
|
#ifdef _WIN64
|
||||||
bServerSku = (DWORD*)(TermSrvBase + INIReadDWordHex(INI, Sect, "bServerSku.x64", 0));
|
bServerSku = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bServerSku.x64", 0));
|
||||||
bRemoteConnAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(INI, Sect, "bRemoteConnAllowed.x64", 0));
|
bRemoteConnAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bRemoteConnAllowed.x64", 0));
|
||||||
bFUSEnabled = (DWORD*)(TermSrvBase + INIReadDWordHex(INI, Sect, "bFUSEnabled.x64", 0));
|
bFUSEnabled = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bFUSEnabled.x64", 0));
|
||||||
bAppServerAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(INI, Sect, "bAppServerAllowed.x64", 0));
|
bAppServerAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bAppServerAllowed.x64", 0));
|
||||||
bMultimonAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(INI, Sect, "bMultimonAllowed.x64", 0));
|
bMultimonAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bMultimonAllowed.x64", 0));
|
||||||
lMaxUserSessions = (DWORD*)(TermSrvBase + INIReadDWordHex(INI, Sect, "lMaxUserSessions.x64", 0));
|
lMaxUserSessions = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "lMaxUserSessions.x64", 0));
|
||||||
ulMaxDebugSessions = (DWORD*)(TermSrvBase + INIReadDWordHex(INI, Sect, "ulMaxDebugSessions.x64", 0));
|
ulMaxDebugSessions = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "ulMaxDebugSessions.x64", 0));
|
||||||
bInitialized = (DWORD*)(TermSrvBase + INIReadDWordHex(INI, Sect, "bInitialized.x64", 0));
|
bInitialized = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bInitialized.x64", 0));
|
||||||
#else
|
#else
|
||||||
bServerSku = (DWORD*)(TermSrvBase + INIReadDWordHex(INI, Sect, "bServerSku.x86", 0));
|
bServerSku = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bServerSku.x86", 0));
|
||||||
bRemoteConnAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(INI, Sect, "bRemoteConnAllowed.x86", 0));
|
bRemoteConnAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bRemoteConnAllowed.x86", 0));
|
||||||
bFUSEnabled = (DWORD*)(TermSrvBase + INIReadDWordHex(INI, Sect, "bFUSEnabled.x86", 0));
|
bFUSEnabled = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bFUSEnabled.x86", 0));
|
||||||
bAppServerAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(INI, Sect, "bAppServerAllowed.x86", 0));
|
bAppServerAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bAppServerAllowed.x86", 0));
|
||||||
bMultimonAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(INI, Sect, "bMultimonAllowed.x86", 0));
|
bMultimonAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bMultimonAllowed.x86", 0));
|
||||||
lMaxUserSessions = (DWORD*)(TermSrvBase + INIReadDWordHex(INI, Sect, "lMaxUserSessions.x86", 0));
|
lMaxUserSessions = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "lMaxUserSessions.x86", 0));
|
||||||
ulMaxDebugSessions = (DWORD*)(TermSrvBase + INIReadDWordHex(INI, Sect, "ulMaxDebugSessions.x86", 0));
|
ulMaxDebugSessions = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "ulMaxDebugSessions.x86", 0));
|
||||||
bInitialized = (DWORD*)(TermSrvBase + INIReadDWordHex(INI, Sect, "bInitialized.x86", 0));
|
bInitialized = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bInitialized.x86", 0));
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
delete[] Sect;
|
delete[] Sect;
|
||||||
|
|
||||||
if (bServerSku)
|
if (bServerSku)
|
||||||
{
|
{
|
||||||
if (!(IniFile->GetVariableInSection("SLInit", "bServerSku", bServerSku))) *bServerSku = 1;
|
*bServerSku = INIReadDWordHex(IniFile, "SLInit", "bServerSku", 0);
|
||||||
|
|
||||||
Log = new char[1024];
|
Log = new char[1024];
|
||||||
wsprintfA(Log, "[0x%p] bServerSku = %d\r\n", bServerSku, *bServerSku);
|
wsprintfA(Log, "[0x%p] bServerSku = %d\r\n", bServerSku, *bServerSku);
|
||||||
@ -408,7 +441,7 @@ HRESULT WINAPI New_CSLQuery_Initialize()
|
|||||||
}
|
}
|
||||||
if (bRemoteConnAllowed)
|
if (bRemoteConnAllowed)
|
||||||
{
|
{
|
||||||
if (!(IniFile->GetVariableInSection("SLInit", "bRemoteConnAllowed", bRemoteConnAllowed))) *bRemoteConnAllowed = 1;
|
*bRemoteConnAllowed = INIReadDWordHex(IniFile, "SLInit", "bRemoteConnAllowed", 0);
|
||||||
|
|
||||||
Log = new char[1024];
|
Log = new char[1024];
|
||||||
wsprintfA(Log, "[0x%p] bRemoteConnAllowed = %d\r\n", bRemoteConnAllowed, *bRemoteConnAllowed);
|
wsprintfA(Log, "[0x%p] bRemoteConnAllowed = %d\r\n", bRemoteConnAllowed, *bRemoteConnAllowed);
|
||||||
@ -417,7 +450,7 @@ HRESULT WINAPI New_CSLQuery_Initialize()
|
|||||||
}
|
}
|
||||||
if (bFUSEnabled)
|
if (bFUSEnabled)
|
||||||
{
|
{
|
||||||
if (!(IniFile->GetVariableInSection("SLInit", "bFUSEnabled", bFUSEnabled))) *bFUSEnabled = 1;
|
*bFUSEnabled = INIReadDWordHex(IniFile, "SLInit", "bFUSEnabled", 0);
|
||||||
|
|
||||||
Log = new char[1024];
|
Log = new char[1024];
|
||||||
wsprintfA(Log, "[0x%p] bFUSEnabled = %d\r\n", bFUSEnabled, *bFUSEnabled);
|
wsprintfA(Log, "[0x%p] bFUSEnabled = %d\r\n", bFUSEnabled, *bFUSEnabled);
|
||||||
@ -426,7 +459,7 @@ HRESULT WINAPI New_CSLQuery_Initialize()
|
|||||||
}
|
}
|
||||||
if (bAppServerAllowed)
|
if (bAppServerAllowed)
|
||||||
{
|
{
|
||||||
if (!(IniFile->GetVariableInSection("SLInit", "bAppServerAllowed", bAppServerAllowed))) *bAppServerAllowed = 1;
|
*bAppServerAllowed = INIReadDWordHex(IniFile, "SLInit", "bAppServerAllowed", 0);
|
||||||
|
|
||||||
Log = new char[1024];
|
Log = new char[1024];
|
||||||
wsprintfA(Log, "[0x%p] bAppServerAllowed = %d\r\n", bAppServerAllowed, *bAppServerAllowed);
|
wsprintfA(Log, "[0x%p] bAppServerAllowed = %d\r\n", bAppServerAllowed, *bAppServerAllowed);
|
||||||
@ -435,7 +468,7 @@ HRESULT WINAPI New_CSLQuery_Initialize()
|
|||||||
}
|
}
|
||||||
if (bMultimonAllowed)
|
if (bMultimonAllowed)
|
||||||
{
|
{
|
||||||
if (!(IniFile->GetVariableInSection("SLInit", "bMultimonAllowed", bMultimonAllowed))) *bMultimonAllowed = 1;
|
*bMultimonAllowed = INIReadDWordHex(IniFile, "SLInit", "bMultimonAllowed", 0);
|
||||||
|
|
||||||
Log = new char[1024];
|
Log = new char[1024];
|
||||||
wsprintfA(Log, "[0x%p] bMultimonAllowed = %d\r\n", bMultimonAllowed, *bMultimonAllowed);
|
wsprintfA(Log, "[0x%p] bMultimonAllowed = %d\r\n", bMultimonAllowed, *bMultimonAllowed);
|
||||||
@ -444,7 +477,7 @@ HRESULT WINAPI New_CSLQuery_Initialize()
|
|||||||
}
|
}
|
||||||
if (lMaxUserSessions)
|
if (lMaxUserSessions)
|
||||||
{
|
{
|
||||||
if (!(IniFile->GetVariableInSection("SLInit", "lMaxUserSessions", lMaxUserSessions))) *lMaxUserSessions = 0;
|
*lMaxUserSessions = INIReadDWordHex(IniFile, "SLInit", "lMaxUserSessions", 0);
|
||||||
|
|
||||||
Log = new char[1024];
|
Log = new char[1024];
|
||||||
wsprintfA(Log, "[0x%p] lMaxUserSessions = %d\r\n", lMaxUserSessions, *lMaxUserSessions);
|
wsprintfA(Log, "[0x%p] lMaxUserSessions = %d\r\n", lMaxUserSessions, *lMaxUserSessions);
|
||||||
@ -453,7 +486,7 @@ HRESULT WINAPI New_CSLQuery_Initialize()
|
|||||||
}
|
}
|
||||||
if (ulMaxDebugSessions)
|
if (ulMaxDebugSessions)
|
||||||
{
|
{
|
||||||
if (!(IniFile->GetVariableInSection("SLInit", "ulMaxDebugSessions", ulMaxDebugSessions))) *ulMaxDebugSessions = 0;
|
*ulMaxDebugSessions = INIReadDWordHex(IniFile, "SLInit", "ulMaxDebugSessions", 0);
|
||||||
|
|
||||||
Log = new char[1024];
|
Log = new char[1024];
|
||||||
wsprintfA(Log, "[0x%p] ulMaxDebugSessions = %d\r\n", ulMaxDebugSessions, *ulMaxDebugSessions);
|
wsprintfA(Log, "[0x%p] ulMaxDebugSessions = %d\r\n", ulMaxDebugSessions, *ulMaxDebugSessions);
|
||||||
@ -462,7 +495,7 @@ HRESULT WINAPI New_CSLQuery_Initialize()
|
|||||||
}
|
}
|
||||||
if (bInitialized)
|
if (bInitialized)
|
||||||
{
|
{
|
||||||
if (!(IniFile->GetVariableInSection("SLInit", "bInitialized", bInitialized))) *bInitialized = 1;
|
*bInitialized = INIReadDWordHex(IniFile, "SLInit", "bInitialized", 0);
|
||||||
|
|
||||||
Log = new char[1024];
|
Log = new char[1024];
|
||||||
wsprintfA(Log, "[0x%p] bInitialized = %d\r\n", bInitialized, *bInitialized);
|
wsprintfA(Log, "[0x%p] bInitialized = %d\r\n", bInitialized, *bInitialized);
|
||||||
@ -480,30 +513,53 @@ void Hook()
|
|||||||
extern HMODULE hSLC;
|
extern HMODULE hSLC;
|
||||||
extern PLATFORM_DWORD TermSrvBase;
|
extern PLATFORM_DWORD TermSrvBase;
|
||||||
extern FILE_VERSION FV;
|
extern FILE_VERSION FV;
|
||||||
extern LPCTSTR LogFile;
|
extern wchar_t LogFile[256];
|
||||||
|
|
||||||
AlreadyHooked = true;
|
AlreadyHooked = true;
|
||||||
|
|
||||||
|
wchar_t ConfigFile[256] = {0x00};
|
||||||
WriteToLog("Loading configuration...\r\n");
|
WriteToLog("Loading configuration...\r\n");
|
||||||
IniFile = new INI_FILE(ExtractFilePath(GetBinaryPath()) + L"rdpwrap.ini");
|
|
||||||
|
// <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>. <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD>
|
||||||
|
GetModuleFileName(GetCurrentModule(), ConfigFile, 255);
|
||||||
|
for(DWORD i = wcslen(ConfigFile); i > 0; i--)
|
||||||
|
{
|
||||||
|
if(ConfigFile[i] == '\\')
|
||||||
|
{
|
||||||
|
memset(&ConfigFile[i+1], 0x00, ((256-(i+1)))*2);
|
||||||
|
memcpy(&ConfigFile[i+1], "rdpwrap.ini", strlen("rdpwrap.ini")*2);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
IniFile = new INI_FILE(ConfigFile);
|
||||||
|
|
||||||
if (IniFile == NULL)
|
if (IniFile == NULL)
|
||||||
{
|
{
|
||||||
WriteToLog("Error: Failed to load configuration\r\n");
|
WriteToLog("Error: Failed to load configuration\r\n");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!(IniFile->GetVariableInSection("Main", "LogFile", &LogFile)))
|
INI_VAR_STRING LogFileVar;
|
||||||
|
|
||||||
|
if(!(IniFile->GetVariableInSection("Main", "LogFile", &LogFileVar)))
|
||||||
{
|
{
|
||||||
LogFile = ExtractFilePath(GetBinaryPath()) + L"rdpwrap.txt";
|
memcpy((void*)LogFile, LogFileVar.Value, strlen(LogFileVar.Value));
|
||||||
|
|
||||||
|
for(DWORD i = wcslen(LogFile); i > 0; i--)
|
||||||
|
{
|
||||||
|
if(LogFile[i] == '\\')
|
||||||
|
{
|
||||||
|
memset(&LogFile[i+1], 0x00, ((256-(i+1)))*2);
|
||||||
|
memcpy(&LogFile[i+1], "rdpwrap.txt", strlen("rdpwrap.txt")*2);
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
bool Result;
|
|
||||||
char *Log;
|
char *Log;
|
||||||
SIZE_T bw;
|
SIZE_T bw;
|
||||||
WORD Ver = 0;
|
WORD Ver = 0;
|
||||||
PLATFORM_DWORD TermSrvSize, SignPtr;
|
PLATFORM_DWORD TermSrvSize, SignPtr;
|
||||||
FARJMP Jump;
|
FARJMP Jump;
|
||||||
BYTE b;
|
|
||||||
|
|
||||||
WriteToLog("init\r\n");
|
WriteToLog("init\r\n");
|
||||||
|
|
||||||
@ -566,18 +622,11 @@ void Hook()
|
|||||||
SetThreadsState(false);
|
SetThreadsState(false);
|
||||||
|
|
||||||
WriteToLog("Loading patch codes...\r\n");
|
WriteToLog("Loading patch codes...\r\n");
|
||||||
INI->ReadSection("PatchCodes", &PatchList);
|
|
||||||
|
|
||||||
INI_VAR_BYTEARRAY Patch[PatchList.length];
|
INI_SECTION_VARLIST PatchList;
|
||||||
for (int i = 0; i < Patch.length; i++)
|
|
||||||
{
|
IniFile->GetSectionVariablesList("PatchCodes", &PatchList);
|
||||||
if (IniFile->GetVariableInSection("PatchCodes", PatchList[i], &Patch[i]))
|
|
||||||
{
|
|
||||||
// for security reasons
|
|
||||||
// not more than 16 bytes
|
|
||||||
if (Patch[i].length > 16) SetLength(Patch[i], 16);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
bool bSLHook;
|
bool bSLHook;
|
||||||
if (!(IniFile->GetVariableInSection("Main", "SLPolicyHookNT60", &bSLHook))) bSLHook = true;
|
if (!(IniFile->GetVariableInSection("Main", "SLPolicyHookNT60", &bSLHook))) bSLHook = true;
|
||||||
@ -665,8 +714,10 @@ void Hook()
|
|||||||
}
|
}
|
||||||
|
|
||||||
char *Sect;
|
char *Sect;
|
||||||
|
INI_VAR_BYTEARRAY Patch;
|
||||||
Sect = new char[1024];
|
Sect = new char[1024];
|
||||||
wsprintfA(Sect, "%d.%d.%d.%d", FV.wVersion.Major, FV.wVersion.Minor, FV.Release, FV.Build);
|
wsprintfA(Sect, "%d.%d.%d.%d", FV.wVersion.Major, FV.wVersion.Minor, FV.Release, FV.Build);
|
||||||
|
|
||||||
if (IniFile->SectionExists(Sect))
|
if (IniFile->SectionExists(Sect))
|
||||||
{
|
{
|
||||||
if (GetModuleCodeSectionInfo(hTermSrv, &TermSrvBase, &TermSrvSize))
|
if (GetModuleCodeSectionInfo(hTermSrv, &TermSrvBase, &TermSrvSize))
|
||||||
@ -682,13 +733,14 @@ void Hook()
|
|||||||
WriteToLog("Patch CEnforcementCore::GetInstanceOfTSLicense\r\n");
|
WriteToLog("Patch CEnforcementCore::GetInstanceOfTSLicense\r\n");
|
||||||
int i = -1;
|
int i = -1;
|
||||||
#ifdef _WIN64
|
#ifdef _WIN64
|
||||||
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(INI, Sect, "LocalOnlyOffset.x64", 0));
|
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "LocalOnlyOffset.x64", 0));
|
||||||
i = SListFind(PatchList, INIReadString(INI, Sect, "LocalOnlyCode.x64", ""));
|
IniFile->GetVariableInSection(Sect, "LocalOnlyCode.x64", &Patch);
|
||||||
#else
|
#else
|
||||||
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(INI, Sect, "LocalOnlyOffset.x86", 0));
|
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "LocalOnlyOffset.x86", 0));
|
||||||
i = SListFind(PatchList, INIReadString(INI, Sect, "LocalOnlyCode.x86", ""));
|
IniFile->GetVariableInSection(Sect, "LocalOnlyCode.x86", &Patch);
|
||||||
#endif
|
#endif
|
||||||
if (i >= 0) WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Patch[i], sizeof(Patch[i]), &bw);
|
|
||||||
|
if (i >= 0) WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, Patch.Value, Patch.ArraySize, &bw);
|
||||||
}
|
}
|
||||||
#ifdef _WIN64
|
#ifdef _WIN64
|
||||||
if (!(IniFile->GetVariableInSection(Sect, "SingleUserPatch.x64", &Bool))) Bool = true;
|
if (!(IniFile->GetVariableInSection(Sect, "SingleUserPatch.x64", &Bool))) Bool = true;
|
||||||
@ -700,13 +752,14 @@ void Hook()
|
|||||||
WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
|
WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
|
||||||
int i = -1;
|
int i = -1;
|
||||||
#ifdef _WIN64
|
#ifdef _WIN64
|
||||||
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(INI, Sect, "SingleUserOffset.x64", 0));
|
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SingleUserOffset.x64", 0));
|
||||||
i = SListFind(PatchList, INIReadString(INI, Sect, "SingleUserCode.x64", ""));
|
IniFile->GetVariableInSection(Sect, "SingleUserCode.x64", &Patch);
|
||||||
#else
|
#else
|
||||||
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(INI, Sect, "SingleUserOffset.x86", 0));
|
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SingleUserOffset.x86", 0));
|
||||||
i = SListFind(PatchList, INIReadString(INI, Sect, "SingleUserCode.x86", ""));
|
IniFile->GetVariableInSection(Sect, "SingleUserCode.x86", &Patch);
|
||||||
#endif
|
#endif
|
||||||
if (i >= 0) WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Patch[i], sizeof(Patch[i]), &bw);
|
|
||||||
|
if (i >= 0) WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, Patch.Value, Patch.ArraySize, &bw);
|
||||||
}
|
}
|
||||||
#ifdef _WIN64
|
#ifdef _WIN64
|
||||||
if (!(IniFile->GetVariableInSection(Sect, "DefPolicyPatch.x64", &Bool))) Bool = true;
|
if (!(IniFile->GetVariableInSection(Sect, "DefPolicyPatch.x64", &Bool))) Bool = true;
|
||||||
@ -718,13 +771,14 @@ void Hook()
|
|||||||
WriteToLog("Patch CDefPolicy::Query\r\n");
|
WriteToLog("Patch CDefPolicy::Query\r\n");
|
||||||
int i = -1;
|
int i = -1;
|
||||||
#ifdef _WIN64
|
#ifdef _WIN64
|
||||||
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(INI, Sect, "DefPolicyOffset.x64", 0));
|
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "DefPolicyOffset.x64", 0));
|
||||||
i = SListFind(PatchList, INIReadString(INI, Sect, "DefPolicyCode.x64", ""));
|
IniFile->GetVariableInSection(Sect, "DefPolicyCode.x64", &Patch);
|
||||||
#else
|
#else
|
||||||
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(INI, Sect, "DefPolicyOffset.x86", 0));
|
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "DefPolicyOffset.x86", 0));
|
||||||
i = SListFind(PatchList, INIReadString(INI, Sect, "DefPolicyCode.x86", ""));
|
IniFile->GetVariableInSection(Sect, "DefPolicyCode.x86", &Patch);
|
||||||
#endif
|
#endif
|
||||||
if (i >= 0) WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Patch[i], sizeof(Patch[i]), &bw);
|
|
||||||
|
if (i >= 0) WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, Patch.Value, Patch.ArraySize, &bw);
|
||||||
}
|
}
|
||||||
#ifdef _WIN64
|
#ifdef _WIN64
|
||||||
if (!(IniFile->GetVariableInSection(Sect, "SLPolicyInternal.x64", &Bool))) Bool = true;
|
if (!(IniFile->GetVariableInSection(Sect, "SLPolicyInternal.x64", &Bool))) Bool = true;
|
||||||
@ -737,30 +791,34 @@ void Hook()
|
|||||||
char *FuncName;
|
char *FuncName;
|
||||||
FuncName = new char[1024];
|
FuncName = new char[1024];
|
||||||
#ifdef _WIN64
|
#ifdef _WIN64
|
||||||
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(INI, Sect, "SLPolicyOffset.x64", 0));
|
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SLPolicyOffset.x64", 0));
|
||||||
Jump.MovOp = 0x48;
|
Jump.MovOp = 0x48;
|
||||||
Jump.MovRegArg = 0xB8;
|
Jump.MovRegArg = 0xB8;
|
||||||
Jump.MovArg = (PLATFORM_DWORD)New_Win8SL;
|
Jump.MovArg = (PLATFORM_DWORD)New_Win8SL;
|
||||||
Jump.PushRaxOp = 0x50;
|
Jump.PushRaxOp = 0x50;
|
||||||
Jump.RetOp = 0xC3;
|
Jump.RetOp = 0xC3;
|
||||||
FuncName = INIReadString(INI, Sect, "SLPolicyFunc.x64", "New_Win8SL");
|
|
||||||
|
INIReadString(IniFile, Sect, "SLPolicyFunc.x64", "New_Win8SL", FuncName, 1024);
|
||||||
|
|
||||||
if (strcmp(FuncName, "New_Win8SL"))
|
if (strcmp(FuncName, "New_Win8SL"))
|
||||||
{
|
{
|
||||||
Jump.MovArg = (PLATFORM_DWORD)New_Win8SL;
|
Jump.MovArg = (PLATFORM_DWORD)New_Win8SL;
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(INI, Sect, "SLPolicyOffset.x86", 0));
|
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SLPolicyOffset.x86", 0));
|
||||||
Jump.PushOp = 0x68;
|
Jump.PushOp = 0x68;
|
||||||
Jump.MovArg = (PLATFORM_DWORD)New_Win8SL;
|
Jump.PushArg = (PLATFORM_DWORD)New_Win8SL;
|
||||||
Jump.RetOp = 0xC3;
|
Jump.RetOp = 0xC3;
|
||||||
FuncName = INIReadString(INI, Sect, "SLPolicyFunc.x86", "New_Win8SL");
|
|
||||||
|
INIReadString(IniFile, Sect, "SLPolicyFunc.x86", "New_Win8SL", FuncName, 1024);
|
||||||
|
|
||||||
if (strcmp(FuncName, "New_Win8SL"))
|
if (strcmp(FuncName, "New_Win8SL"))
|
||||||
{
|
{
|
||||||
Jump.MovArg = (PLATFORM_DWORD)New_Win8SL;
|
Jump.PushArg = (PLATFORM_DWORD)New_Win8SL;
|
||||||
}
|
}
|
||||||
if (strcmp(FuncName, "New_Win8SL_CP"))
|
if (strcmp(FuncName, "New_Win8SL_CP"))
|
||||||
{
|
{
|
||||||
Jump.MovArg = (PLATFORM_DWORD)New_Win8SL_CP;
|
Jump.PushArg = (PLATFORM_DWORD)New_Win8SL_CP;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
delete[] FuncName;
|
delete[] FuncName;
|
||||||
@ -777,26 +835,30 @@ void Hook()
|
|||||||
char *FuncName;
|
char *FuncName;
|
||||||
FuncName = new char[1024];
|
FuncName = new char[1024];
|
||||||
#ifdef _WIN64
|
#ifdef _WIN64
|
||||||
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(INI, Sect, "SLInitOffset.x64", 0));
|
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SLInitOffset.x64", 0));
|
||||||
Jump.MovOp = 0x48;
|
Jump.MovOp = 0x48;
|
||||||
Jump.MovRegArg = 0xB8;
|
Jump.MovRegArg = 0xB8;
|
||||||
Jump.MovArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
|
Jump.MovArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
|
||||||
Jump.PushRaxOp = 0x50;
|
Jump.PushRaxOp = 0x50;
|
||||||
Jump.RetOp = 0xC3;
|
Jump.RetOp = 0xC3;
|
||||||
FuncName = INIReadString(INI, Sect, "SLInitFunc.x64", "New_CSLQuery_Initialize");
|
|
||||||
|
INIReadString(IniFile, Sect, "SLInitFunc.x64", "New_CSLQuery_Initialize", FuncName, 1024);
|
||||||
|
|
||||||
if (strcmp(FuncName, "New_CSLQuery_Initialize"))
|
if (strcmp(FuncName, "New_CSLQuery_Initialize"))
|
||||||
{
|
{
|
||||||
Jump.MovArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
|
Jump.MovArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(INI, Sect, "SLInitOffset.x86", 0));
|
SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SLInitOffset.x86", 0));
|
||||||
Jump.PushOp = 0x68;
|
Jump.PushOp = 0x68;
|
||||||
Jump.MovArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
|
Jump.PushArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
|
||||||
Jump.RetOp = 0xC3;
|
Jump.RetOp = 0xC3;
|
||||||
FuncName = INIReadString(INI, Sect, "SLInitFunc.x86", "New_CSLQuery_Initialize");
|
|
||||||
|
INIReadString(IniFile, Sect, "SLInitFunc.x86", "New_CSLQuery_Initialize", FuncName, 1024);
|
||||||
|
|
||||||
if (strcmp(FuncName, "New_CSLQuery_Initialize"))
|
if (strcmp(FuncName, "New_CSLQuery_Initialize"))
|
||||||
{
|
{
|
||||||
Jump.MovArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
|
Jump.PushArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
delete[] FuncName;
|
delete[] FuncName;
|
||||||
|
Loading…
Reference in New Issue
Block a user