taynpg/ansicon
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Fixes for Issues 5/7/8.

Browse Source 
Conflicts:
	ansicon.c
This commit is contained in:
Jason Hood 2010-12-04 15:23:02 +10:00
commit 626095d127
9 changed files with 135 additions and 97 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
ANSI.c
View File

@ -56,6 +56,9 @@
v1.31, 13 & 19 November, 2010: v1.31, 13 & 19 November, 2010:
fix multibyte conversion problems. fix multibyte conversion problems.
v1.32, 4 December, 2010:
test for lpNumberOfCharsWritten/lpNumberOfBytesWritten being NULL.
*/ */
#ifndef UNICODE #ifndef UNICODE
@ -135,7 +138,7 @@ void DEBUGSTR( LPTSTR szFormat, ... ) // sort of OutputDebugStringf
} }
#if (MYDEBUG > 1) #if (MYDEBUG > 1)
{ {
FILE* file = fopen( tempfile, "a" ); FILE* file = fopen( tempfile, "at" ); // _fmode might be binary
if (file != NULL) if (file != NULL)
{ {
fwprintf( file, L"%s\n", szFormat ); fwprintf( file, L"%s\n", szFormat );
@ -877,6 +880,7 @@ ParseAndPrintString( HANDLE hDev,
} }
} }
FlushBuffer(); FlushBuffer();
if (lpNumberOfBytesWritten != NULL)
*lpNumberOfBytesWritten = nNumberOfBytesToWrite - i; *lpNumberOfBytesWritten = nNumberOfBytesToWrite - i;
return( i == 0 ); return( i == 0 );
} }
@ -888,69 +892,14 @@ ParseAndPrintString( HANDLE hDev,
void Inject( LPPROCESS_INFORMATION pinfo, LPPROCESS_INFORMATION lpi, void Inject( LPPROCESS_INFORMATION pinfo, LPPROCESS_INFORMATION lpi,
DWORD dwCreationFlags ) DWORD dwCreationFlags )
{ {
char* ptr = 0; int type = ProcessType( pinfo );
MEMORY_BASIC_INFORMATION minfo; if (type != 0)
BOOL con = FALSE;
#ifdef _WIN64
BOOL x86 = FALSE;
#endif
while (VirtualQueryEx( pinfo->hProcess, ptr, &minfo, sizeof(minfo) ))
{
IMAGE_DOS_HEADER dos_header;
SIZE_T read;
if (ReadProcessMemory( pinfo->hProcess, minfo.AllocationBase,
&dos_header, sizeof(dos_header), &read ))
{
if (dos_header.e_magic == IMAGE_DOS_SIGNATURE)
{
IMAGE_NT_HEADERS nt_header;
if (ReadProcessMemory( pinfo->hProcess, (char*)minfo.AllocationBase +
dos_header.e_lfanew, &nt_header,
sizeof(nt_header), &read ))
{
if (nt_header.Signature == IMAGE_NT_SIGNATURE)
{
if (nt_header.OptionalHeader.Subsystem ==
IMAGE_SUBSYSTEM_WINDOWS_CUI)
{
if (nt_header.FileHeader.Machine == IMAGE_FILE_MACHINE_I386)
{
con = TRUE;
#ifdef _WIN64
x86 = TRUE;
}
else if (nt_header.FileHeader.Machine == IMAGE_FILE_MACHINE_AMD64)
{
con = TRUE;
#endif
}
else
{
DEBUGSTR( L" Ignoring unsupported machine (%x)",
nt_header.FileHeader.Machine );
}
}
else
{
DEBUGSTR( L" Ignoring non-console subsystem (%u)",
nt_header.OptionalHeader.Subsystem );
}
break;
}
}
}
}
ptr += minfo.RegionSize;
}
if (con)
{ {
WCHAR dll[MAX_PATH]; WCHAR dll[MAX_PATH];
#ifdef _WIN64 #ifdef _WIN64
DWORD len = GetModuleFileName( GetModuleHandleA( "ANSI64.dll" ), DWORD len = GetModuleFileName( GetModuleHandleA( "ANSI64.dll" ),
dll, lenof(dll) ); dll, lenof(dll) );
if (x86) if (type == 32)
{ {
dll[len-6] = '3'; dll[len-6] = '3';
dll[len-5] = '2'; dll[len-5] = '2';
@ -965,6 +914,11 @@ void Inject( LPPROCESS_INFORMATION pinfo, LPPROCESS_INFORMATION lpi,
InjectDLL32( pinfo, dll ); InjectDLL32( pinfo, dll );
#endif #endif
} }
else
{
DEBUGSTR( L" Unsupported process type" );
}
if (lpi) if (lpi)
memcpy( lpi, pinfo, sizeof(PROCESS_INFORMATION) ); memcpy( lpi, pinfo, sizeof(PROCESS_INFORMATION) );
@ -1117,6 +1071,7 @@ WINAPI MyWriteConsoleA( HANDLE hCon, LPCVOID lpBuffer,
buf = malloc( len * sizeof(WCHAR) ); buf = malloc( len * sizeof(WCHAR) );
if (buf == NULL) if (buf == NULL)
{ {
if (lpNumberOfCharsWritten != NULL)
*lpNumberOfCharsWritten = 0; *lpNumberOfCharsWritten = 0;
return (nNumberOfCharsToWrite == 0); return (nNumberOfCharsToWrite == 0);
} }
@ -1203,7 +1158,7 @@ WINAPI MyWriteFile( HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite,
DWORD Mode; DWORD Mode;
if (GetConsoleMode( hFile, &Mode ) && (Mode & ENABLE_PROCESSED_OUTPUT)) if (GetConsoleMode( hFile, &Mode ) && (Mode & ENABLE_PROCESSED_OUTPUT))
{ {
DEBUGSTR( L"\\WriteFile: %lu \"%.*S\"", nNumberOfBytesToWrite, nNumberOfBytesToWrite, lpBuffer ); DEBUGSTR( L"WriteFile->" );
return MyWriteConsoleA( hFile, lpBuffer, return MyWriteConsoleA( hFile, lpBuffer,
nNumberOfBytesToWrite, nNumberOfBytesToWrite,
lpNumberOfBytesWritten, lpNumberOfBytesWritten,

8
ansi.rc
View File

@ -13,8 +13,8 @@
#endif #endif
1 VERSIONINFO 1 VERSIONINFO
FILEVERSION 1,3,1,0 FILEVERSION 1,3,2,0
PRODUCTVERSION 1,3,1,0 PRODUCTVERSION 1,3,2,0
FILEOS VOS_NT FILEOS VOS_NT
FILETYPE VFT_DLL FILETYPE VFT_DLL
{ {
@ -25,12 +25,12 @@ FILETYPE VFT_DLL
VALUE "Comments", "http://ansicon.adoxa.cjb.net/" VALUE "Comments", "http://ansicon.adoxa.cjb.net/"
VALUE "CompanyName", "Jason Hood" VALUE "CompanyName", "Jason Hood"
VALUE "FileDescription", "ANSI Console" VALUE "FileDescription", "ANSI Console"
VALUE "FileVersion", "1.31" VALUE "FileVersion", "1.32"
VALUE "InternalName", "ANSI" BITS VALUE "InternalName", "ANSI" BITS
VALUE "LegalCopyright", "Freeware" VALUE "LegalCopyright", "Freeware"
VALUE "OriginalFilename", "ANSI" BITS ".dll" VALUE "OriginalFilename", "ANSI" BITS ".dll"
VALUE "ProductName", "ANSICON" VALUE "ProductName", "ANSICON"
VALUE "ProductVersion", "1.31" VALUE "ProductVersion", "1.32"
} }
} }

38
ansicon.c
View File

@ -42,10 +42,13 @@
use LLW to fix potential Unicode path problems; use LLW to fix potential Unicode path problems;
VC compatibility (2008 Express for 32-bit, PSDK 2003 R2 for 64-bit); VC compatibility (2008 Express for 32-bit, PSDK 2003 R2 for 64-bit);
explicitly use wide characters (stick with TCHAR, but not <tchar.h>). explicitly use wide characters (stick with TCHAR, but not <tchar.h>).
v1.32, 4 December, 2010:
make -p more robust.
*/ */
#define PVERS L"1.31" #define PVERS L"1.32"
#define PDATE L"19 November, 2010" #define PDATE L"4 December, 2010"
#ifndef UNICODE #ifndef UNICODE
# define UNICODE # define UNICODE
@ -70,10 +73,8 @@ int _CRT_glob = 0;
#ifdef _WIN64 #ifdef _WIN64
# define InjectDLL InjectDLL64
# define BITS L"64" # define BITS L"64"
#else #else
# define InjectDLL InjectDLL32
# define BITS L"32" # define BITS L"32"
#endif #endif
@ -95,17 +96,30 @@ BOOL GetParentProcessInfo( LPPROCESS_INFORMATION ppi );
// Find the name of the DLL and inject it. // Find the name of the DLL and inject it.
void Inject( LPPROCESS_INFORMATION ppi ) BOOL Inject( LPPROCESS_INFORMATION ppi )
{ {
DWORD len; DWORD len;
TCHAR dll[MAX_PATH]; WCHAR dll[MAX_PATH];
int type;
type = ProcessType( ppi );
if (type == 0)
return FALSE;
len = GetModuleFileName( NULL, dll, lenof(dll) ); len = GetModuleFileName( NULL, dll, lenof(dll) );
while (dll[len-1] != '\\') while (dll[len-1] != '\\')
--len; --len;
lstrcpy( dll + len, L"ANSI" BITS L".dll" ); #ifdef _WIN64
swprintf( dll + len, L"ANSI%d.dll", type );
InjectDLL( ppi, dll ); if (type == 32)
InjectDLL32( ppi, dll );
else
InjectDLL64( ppi, dll );
#else
wcscpy( dll + len, L"ANSI32.dll" );
InjectDLL32( ppi, dll );
#endif
return TRUE;
} }
@ -210,7 +224,11 @@ int main( void )
pi.hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, pi.dwProcessId ); pi.hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, pi.dwProcessId );
pi.hThread = OpenThread( THREAD_ALL_ACCESS, FALSE, pi.dwThreadId ); pi.hThread = OpenThread( THREAD_ALL_ACCESS, FALSE, pi.dwThreadId );
SuspendThread( pi.hThread ); SuspendThread( pi.hThread );
Inject( &pi ); if (!Inject( &pi ))
{
_putws( L"ANSICON: parent process type is not supported." );
rc = 1;
}
ResumeThread( pi.hThread ); ResumeThread( pi.hThread );
CloseHandle( pi.hThread ); CloseHandle( pi.hThread );
CloseHandle( pi.hProcess ); CloseHandle( pi.hProcess );

8
ansicon.rc
View File

@ -7,8 +7,8 @@
#include <winver.h> #include <winver.h>
1 VERSIONINFO 1 VERSIONINFO
FILEVERSION 1,3,1,0 FILEVERSION 1,3,2,0
PRODUCTVERSION 1,3,1,0 PRODUCTVERSION 1,3,2,0
FILEOS VOS_NT FILEOS VOS_NT
FILETYPE VFT_APP FILETYPE VFT_APP
{ {
@ -19,12 +19,12 @@ FILETYPE VFT_APP
VALUE "Comments", "http://ansicon.adoxa.cjb.net/" VALUE "Comments", "http://ansicon.adoxa.cjb.net/"
VALUE "CompanyName", "Jason Hood" VALUE "CompanyName", "Jason Hood"
VALUE "FileDescription", "ANSI Console" VALUE "FileDescription", "ANSI Console"
VALUE "FileVersion", "1.31" VALUE "FileVersion", "1.32"
VALUE "InternalName", "ansicon" VALUE "InternalName", "ansicon"
VALUE "LegalCopyright", "Freeware" VALUE "LegalCopyright", "Freeware"
VALUE "OriginalFilename", "ansicon.exe" VALUE "OriginalFilename", "ansicon.exe"
VALUE "ProductName", "ANSICON" VALUE "ProductName", "ANSICON"
VALUE "ProductVersion", "1.31" VALUE "ProductVersion", "1.32"
} }
} }

1
injdll.h
View File

@ -14,6 +14,7 @@
#define WIN32_LEAN_AND_MEAN #define WIN32_LEAN_AND_MEAN
#include <windows.h> #include <windows.h>
BOOL ProcessType( LPPROCESS_INFORMATION );
void InjectDLL32( LPPROCESS_INFORMATION, LPCTSTR ); void InjectDLL32( LPPROCESS_INFORMATION, LPCTSTR );
void InjectDLL64( LPPROCESS_INFORMATION, LPCTSTR ); void InjectDLL64( LPPROCESS_INFORMATION, LPCTSTR );

2
injdll32.c
View File

@ -59,7 +59,7 @@ void InjectDLL32( LPPROCESS_INFORMATION ppi, LPCTSTR dll )
{ {
#ifdef _WIN64 #ifdef _WIN64
#ifdef __MINGW64__ #ifdef __MINGW64__
extern HMODULE hKernel; HMODULE hKernel = GetModuleHandleA( "kernel32.dll" );
#define GETPROC( proc ) proc = (T##proc)GetProcAddress( hKernel, #proc ) #define GETPROC( proc ) proc = (T##proc)GetProcAddress( hKernel, #proc )
GETPROC( Wow64GetThreadContext ); GETPROC( Wow64GetThreadContext );
GETPROC( Wow64SetThreadContext ); GETPROC( Wow64SetThreadContext );

12
makefile
View File

@ -32,20 +32,20 @@ ansicon64: x64 x64/ansicon.exe x64/ANSI64.dll x64/ANSI32.dll x64/ANSI-LLW.exe
x86: x86:
mkdir x86 mkdir x86
x86/ansicon.exe: x86/ansicon.o x86/injdll32.o x86/ansiconv.o x86/ansicon.exe: x86/ansicon.o x86/proctype.o x86/injdll32.o x86/ansiconv.o
$(CC) -m32 $+ -s -o $@ $(CC) -m32 $+ -s -o $@
x86/ANSI32.dll: x86/ANSI.o x86/injdll32.o x86/ansiv.o x86/ANSI32.dll: x86/ANSI.o x86/proctype.o x86/injdll32.o x86/ansiv.o
$(CC) -m32 $+ -s -o $@ -mdll -Wl,-shared $(CC) -m32 $+ -s -o $@ -mdll -Wl,-shared
x64: x64:
mkdir x64 mkdir x64
x64/ansicon.exe: x64/ansicon.o x64/injdll64.o x64/ansiconv.o x64/ansicon.exe: x64/ansicon.o x64/proctype.o x64/injdll64.o x64/injdll32.o x64/ansiconv.o
$(CC) $+ -s -o $@ $(CC) -m64 $+ -s -o $@
x64/ANSI64.dll: x64/ANSI.o x64/injdll64.o x64/injdll32.o x64/ansiv.o x64/ANSI64.dll: x64/ANSI.o x64/proctype.o x64/injdll64.o x64/injdll32.o x64/ansiv.o
$(CC) $+ -s -o $@ -mdll -Wl,-shared $(CC) -m64 $+ -s -o $@ -mdll -Wl,-shared
x64/ANSI32.dll: x86/ANSI32.dll x64/ANSI32.dll: x86/ANSI32.dll
cp -p x86/ANSI32.dll x64/ANSI32.dll cp -p x86/ANSI32.dll x64/ANSI32.dll

8
makefile.vc
View File

@ -43,10 +43,10 @@ ansicon64: x64 x64\ansicon.exe x64\ANSI64.dll x64\ANSI32.dll x64\ANSI-LLW.exe
x86: x86:
mkdir x86 mkdir x86
x86\ansicon.exe: x86\ansicon.obj x86\injdll32.obj x86\ansicon.res x86\ansicon.exe: x86\ansicon.obj x86\proctype.obj x86\injdll32.obj x86\ansicon.res
$(CC) /nologo /Fe$@ $** $(LIBS) $(CC) /nologo /Fe$@ $** $(LIBS)
x86\ANSI32.dll: x86\ANSI.obj x86\injdll32.obj x86\ansi.res x86\ANSI32.dll: x86\ANSI.obj x86\proctype.obj x86\injdll32.obj x86\ansi.res
!IF $(BITS) == 32 !IF $(BITS) == 32
$(CC) /nologo /LD /Fe$@ $** $(LIBS) $(CC) /nologo /LD /Fe$@ $** $(LIBS)
!ENDIF !ENDIF
@ -54,10 +54,10 @@ x86\ANSI32.dll: x86\ANSI.obj x86\injdll32.obj x86\ansi.res
x64: x64:
mkdir x64 mkdir x64
x64\ansicon.exe: x64\ansicon.obj x64\injdll64.obj x64\ansicon.res x64\ansicon.exe: x64\ansicon.obj x64\proctype.obj x64\injdll64.obj x64\injdll32.obj x64\ansicon.res
$(CC) /nologo /Fe$@ $** $(LIBS) bufferoverflowu.lib $(CC) /nologo /Fe$@ $** $(LIBS) bufferoverflowu.lib
x64\ANSI64.dll: x64\ANSI.obj x64\injdll64.obj x64\injdll32.obj x64\ansi.res x64\ANSI64.dll: x64\ANSI.obj x64\proctype.obj x64\injdll64.obj x64\injdll32.obj x64\ansi.res
$(CC) /nologo /LD /Fe$@ $** $(LIBS) bufferoverflowu.lib $(CC) /nologo /LD /Fe$@ $** $(LIBS) bufferoverflowu.lib
x64\ANSI32.dll: x86\ANSI32.dll x64\ANSI32.dll: x86\ANSI32.dll

64
proctype.c Normal file
View File

@ -0,0 +1,64 @@
/*
Test for a valid process.
*/
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
int ProcessType( LPPROCESS_INFORMATION pinfo )
{
MEMORY_BASIC_INFORMATION minfo;
char* ptr = 0;
int type = 0;
while (VirtualQueryEx( pinfo->hProcess, ptr, &minfo, sizeof(minfo) ))
{
IMAGE_DOS_HEADER dos_header;
SIZE_T read;
if (ReadProcessMemory( pinfo->hProcess, minfo.AllocationBase,
&dos_header, sizeof(dos_header), &read ))
{
if (dos_header.e_magic == IMAGE_DOS_SIGNATURE)
{
IMAGE_NT_HEADERS nt_header;
if (ReadProcessMemory( pinfo->hProcess, (char*)minfo.AllocationBase +
dos_header.e_lfanew, &nt_header,
sizeof(nt_header), &read ))
{
if (nt_header.Signature == IMAGE_NT_SIGNATURE)
{
if (nt_header.OptionalHeader.Subsystem ==
IMAGE_SUBSYSTEM_WINDOWS_CUI)
{
if (nt_header.FileHeader.Machine == IMAGE_FILE_MACHINE_I386)
{
type = 32;
#ifdef _WIN64
}
else if (nt_header.FileHeader.Machine == IMAGE_FILE_MACHINE_AMD64)
{
type = 64;
#endif
}
else
{
//DEBUGSTR( L" Ignoring unsupported machine (%x)",
// nt_header.FileHeader.Machine );
}
}
else
{
//DEBUGSTR( L" Ignoring non-console subsystem (%u)",
// nt_header.OptionalHeader.Subsystem );
}
break;
}
}
}
}
ptr += minfo.RegionSize;
}
return type;
}