You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

loader.d 5.3KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212
  1. import std.string : empty, toStringz;
  2. import core.sys.windows.windows, core.sys.windows.dll, core.runtime;
  3. import hook.call, hook.jmp, hook.asm86, hook.mem;
  4. import vorbisfile;
  5. import config;
  6. import lib;
  7. import std.format : format;
  8. public __gshared static stConfig!"VorbisFile.ini" ini;
  9. void hook_mainloop()
  10. {
  11. auto asm86 = new Asm86Hook();
  12. asm86.pushad;
  13. asm86.pushfd;
  14. asm86.call(&mainloop);
  15. asm86.popfd;
  16. asm86.popad;
  17. asm86.insert(0x748DA3, 6);
  18. asm86.ret;
  19. call_hook(0x748DA3, 6, cast(void*)asm86.createFunc);
  20. asm86.destroy;
  21. }
  22. void hook_GetStartupInfoA()
  23. {
  24. auto asm86 = new Asm86Hook();
  25. asm86.pushad;
  26. asm86.pushfd;
  27. asm86.call(&GetStartupInfoA);
  28. asm86.popfd;
  29. asm86.popad;
  30. asm86.insert(0x8246BF, 6);
  31. asm86.ret;
  32. call_hook(0x8246BF, 6, cast(void*)asm86.createFunc);
  33. asm86.destroy;
  34. }
  35. void hook_crtMain()
  36. {
  37. auto asm86 = new Asm86Hook();
  38. asm86.pushad;
  39. asm86.pushfd;
  40. asm86.call(&crtMain);
  41. asm86.popfd;
  42. asm86.popad;
  43. asm86.insert(0x824570, 7);
  44. asm86.jmp(0x824570 + 7);
  45. jmp_hook(0x824570, 7, cast(void*)asm86.createFunc);
  46. asm86.destroy;
  47. }
  48. byte[5] backup_ExitProcess;
  49. void hook_ExitProcess()
  50. {
  51. auto kernel32 = GetModuleHandleA("kernel32.dll");
  52. uint kernel32_ExitProcess = cast(uint)GetProcAddress(kernel32, "ExitProcess");
  53. foreach(i; 0..5)
  54. backup_ExitProcess[i] = (kernel32_ExitProcess + i).read!byte;
  55. /* byte[] win = [cast(byte)0x55,
  56. cast(byte)0x8B,
  57. cast(byte)0xEC,
  58. cast(byte)0x6A,
  59. cast(byte)0xFF];
  60. byte[] win7 = [cast(byte)0x8B,
  61. cast(byte)0xC0,
  62. cast(byte)0x55,
  63. cast(byte)0x8B,
  64. cast(byte)0xEC];
  65. byte[] wine = [cast(byte)0x55,
  66. cast(byte)0x8B,
  67. cast(byte)0xEC,
  68. cast(byte)0x6A,
  69. cast(byte)0x00];
  70. byte[] wine_fake = [cast(byte)0x8B,
  71. cast(byte)0xFF,
  72. cast(byte)0x55,
  73. cast(byte)0x8B,
  74. cast(byte)0xEC];
  75. if (win.cmpWithMem(kernel32_ExitProcess) ||
  76. win7.cmpWithMem(kernel32_ExitProcess) ||
  77. wine.cmpWithMem(kernel32_ExitProcess) ||
  78. wine_fake.cmpWithMem(kernel32_ExitProcess) ||
  79. *cast(byte*)kernel32_ExitProcess == cast(byte)0xE9 ||
  80. *cast(byte*)kernel32_ExitProcess == cast(byte)0xE8){ */
  81. auto asm86 = new Asm86Hook();
  82. asm86.pushad;
  83. asm86.pushfd;
  84. asm86.call(&ExitProcess);
  85. asm86.popfd;
  86. asm86.popad;
  87. // asm86.insert(kernel32_ExitProcess, 5);
  88. asm86.jmp(kernel32_ExitProcess);
  89. jmp_hook(kernel32_ExitProcess, 5, cast(void*)asm86.createFunc);
  90. asm86.destroy;
  91. // MessageBoxA(null, format!"%08X"(kernel32_ExitProcess).toStringz, "kernel32", 0);
  92. /*}
  93. else {
  94. auto bytecode = format!"%08X:\n%02X %02X %02X %02X %02X"(kernel32_ExitProcess,
  95. (kernel32_ExitProcess + 0).read!byte,
  96. (kernel32_ExitProcess + 1).read!byte,
  97. (kernel32_ExitProcess + 2).read!byte,
  98. (kernel32_ExitProcess + 3).read!byte,
  99. (kernel32_ExitProcess + 4).read!byte);
  100. MessageBoxA(null, bytecode.toStringz, "kernel32", 0);
  101. }*/
  102. }
  103. void init(){
  104. hook_crtMain();
  105. hook_GetStartupInfoA();
  106. hook_mainloop();
  107. ini.load;
  108. if (!ini.proxy.empty)
  109. setVorbisFile(ini.proxy);
  110. }
  111. extern(Windows) {
  112. BOOL DllMain(HINSTANCE hInstance, ULONG ulReason, LPVOID pvReserved)
  113. {
  114. switch (ulReason)
  115. {
  116. case DLL_PROCESS_ATTACH:
  117. Runtime.initialize();
  118. init();
  119. dll_process_attach(hInstance, true);
  120. break;
  121. case DLL_PROCESS_DETACH:
  122. ini.save;
  123. Runtime.terminate();
  124. dll_process_detach(hInstance, true);
  125. break;
  126. case DLL_THREAD_ATTACH:
  127. dll_thread_attach(true, true);
  128. break;
  129. case DLL_THREAD_DETACH:
  130. dll_thread_detach(true, true);
  131. break;
  132. default:
  133. break;
  134. }
  135. return true;
  136. }
  137. void crtMain()
  138. {
  139. foreach(plugin; ini.preload)
  140. LoadLibraryA(plugin.toStringz);
  141. if (ini.asiLoader.enable && ini.asiLoader.loadState == eLoadState.crtMain)
  142. loadAsi();
  143. if (ini.dllLoader.enable && ini.dllLoader.loadState == eLoadState.crtMain){
  144. if (ini.devMode.enable)
  145. loadDll(eLoadType.devCrtMainLoad);
  146. else loadDll(eLoadType.crtMainLoad);
  147. }
  148. }
  149. void GetStartupInfoA(){
  150. __gshared static bool asiLoaded = false;
  151. __gshared static bool dllLoaded = false;
  152. if (!asiLoaded && ini.asiLoader.enable && ini.asiLoader.loadState == eLoadState.GetStartupInfoA){
  153. asiLoaded = true;
  154. loadAsi();
  155. }
  156. if (!dllLoaded && ini.dllLoader.enable && ini.dllLoader.loadState == eLoadState.GetStartupInfoA){
  157. dllLoaded = true;
  158. if (ini.devMode.enable)
  159. loadDll(eLoadType.devGetStartupInfoALoad);
  160. else loadDll(eLoadType.GetStartupInfoALoad);
  161. }
  162. }
  163. void mainloop()
  164. {
  165. __gshared static bool exitHook = false;
  166. __gshared static bool asiLoaded = false;
  167. __gshared static bool dllLoaded = false;
  168. if (!asiLoaded && ini.asiLoader.enable && ini.asiLoader.loadState == eLoadState.mainloop){
  169. asiLoaded = true;
  170. loadAsi();
  171. }
  172. if (!dllLoaded && ini.dllLoader.enable && ini.dllLoader.loadState == eLoadState.mainloop){
  173. dllLoaded = true;
  174. if (ini.devMode.enable)
  175. loadDll(eLoadType.devMainloopLoad);
  176. else loadDll(eLoadType.mainloopLoad);
  177. }
  178. if (!exitHook){
  179. exitHook = true;
  180. hook_ExitProcess();
  181. }
  182. if (ini.devMode.enable)
  183. updateLibraryes();
  184. }
  185. void ExitProcess()
  186. {
  187. unloadAll;
  188. auto kernel32 = GetModuleHandleA("kernel32.dll");
  189. uint kernel32_ExitProcess = cast(uint)GetProcAddress(kernel32, "ExitProcess");
  190. foreach(i;0..5)
  191. (kernel32_ExitProcess + i).write!byte(backup_ExitProcess[i]);
  192. }
  193. }