-i implies -p; more x64/gui mucking about.
This commit is contained in:
Jason Hood
parent
be7672b92e
commit
c1be7e4e7a
6
ANSI.c
6
ANSI.c
@ -908,7 +908,7 @@ void Inject( LPPROCESS_INFORMATION pinfo, LPPROCESS_INFORMATION lpi,
|
||||
#ifdef _WIN64
|
||||
DWORD len = GetModuleFileName( GetModuleHandleA( "ANSI64.dll" ),
|
||||
dll, lenof(dll) );
|
||||
if (type == 32)
|
||||
if (type == 32 || type == -32)
|
||||
{
|
||||
dll[len-6] = '3';
|
||||
dll[len-5] = '2';
|
||||
@ -1077,7 +1077,7 @@ WINAPI MyWriteConsoleA( HANDLE hCon, LPCVOID lpBuffer,
|
||||
if (GetConsoleMode( hCon, &Mode ) && (Mode & ENABLE_PROCESSED_OUTPUT))
|
||||
{
|
||||
UINT cp = GetConsoleOutputCP();
|
||||
DEBUGSTR( L"\\WriteConsoleA: %lu \"%.*S\"",
|
||||
DEBUGSTR( L"\33WriteConsoleA: %lu \"%.*S\"",
|
||||
nNumberOfCharsToWrite, nNumberOfCharsToWrite, lpBuffer );
|
||||
len = MultiByteToWideChar( cp, 0, lpBuffer, nNumberOfCharsToWrite, NULL, 0 );
|
||||
buf = malloc( len * sizeof(WCHAR) );
|
||||
@ -1150,7 +1150,7 @@ WINAPI MyWriteConsoleW( HANDLE hCon, LPCVOID lpBuffer,
|
||||
DWORD Mode;
|
||||
if (GetConsoleMode( hCon, &Mode ) && (Mode & ENABLE_PROCESSED_OUTPUT))
|
||||
{
|
||||
DEBUGSTR( L"\\WriteConsoleW: %lu \"%.*s\"",
|
||||
DEBUGSTR( L"\33WriteConsoleW: %lu \"%.*s\"",
|
||||
nNumberOfCharsToWrite, nNumberOfCharsToWrite, lpBuffer );
|
||||
return ParseAndPrintString( hCon, lpBuffer,
|
||||
nNumberOfCharsToWrite,
|
||||
|
||||
36
ansicon.c
36
ansicon.c
@ -45,18 +45,20 @@
|
||||
|
||||
v1.32, 4, 12 & 16 December, 2010:
|
||||
make -p more robust;
|
||||
inject into GUI processes again;
|
||||
don't block when directly running a GUI process.
|
||||
inject into GUI processes;
|
||||
-i implies -p.
|
||||
*/
|
||||
|
||||
#define PVERS L"1.32"
|
||||
#define PDATE L"16 December, 2010"
|
||||
#define PDATE L"17 December, 2010"
|
||||
|
||||
#include "ansicon.h"
|
||||
#include <shellapi.h>
|
||||
#include <tlhelp32.h>
|
||||
#include <ctype.h>
|
||||
#include <io.h>
|
||||
#include <objbase.h>
|
||||
#include <psapi.h>
|
||||
|
||||
#ifdef __MINGW32__
|
||||
int _CRT_glob = 0;
|
||||
@ -101,6 +103,7 @@ BOOL Inject( LPPROCESS_INFORMATION ppi )
|
||||
while (dll[len-1] != '\\')
|
||||
--len;
|
||||
#ifdef _WIN64
|
||||
type = abs( type );
|
||||
wsprintf( dll + len, L"ANSI%d.dll", type );
|
||||
if (type == 32)
|
||||
InjectDLL32( ppi, dll );
|
||||
@ -179,7 +182,7 @@ int main( void )
|
||||
towlower( argv[1][1] ) == 'u'))
|
||||
{
|
||||
process_autorun( argv[1][1] );
|
||||
return rc;
|
||||
argv[1][1] = 'p';
|
||||
}
|
||||
|
||||
get_original_attr();
|
||||
@ -294,7 +297,28 @@ int main( void )
|
||||
si.cb = sizeof(si);
|
||||
if (CreateProcess( NULL, cmd, NULL,NULL, TRUE, 0, NULL,NULL, &si, &pi ))
|
||||
{
|
||||
if (ProcessType( &pi ) > 0)
|
||||
BOOL console = FALSE;
|
||||
TCHAR name[MAX_PATH];
|
||||
DWORD rc;
|
||||
CoInitialize( NULL );
|
||||
do
|
||||
{
|
||||
Sleep( 10 );
|
||||
if (GetModuleFileNameEx( pi.hProcess, NULL, name, lenof(name) ))
|
||||
{
|
||||
DWORD_PTR info;
|
||||
info = SHGetFileInfo( name, 0, NULL, 0, SHGFI_EXETYPE );
|
||||
if (info == 0x00004550) // console PE
|
||||
console = TRUE;
|
||||
DEBUGSTR( L"%s", name );
|
||||
DEBUGSTR( L" %s (%p)", (console) ? L"Console" : L"Not console",
|
||||
info );
|
||||
break;
|
||||
}
|
||||
} while (GetExitCodeProcess( pi.hProcess, &rc ) &&
|
||||
rc == STILL_ACTIVE);
|
||||
CoUninitialize();
|
||||
if (console)
|
||||
{
|
||||
SetConsoleCtrlHandler( (PHANDLER_ROUTINE)CtrlHandler, TRUE );
|
||||
WaitForSingleObject( pi.hProcess, INFINITE );
|
||||
@ -557,7 +581,7 @@ L"\n"
|
||||
L"ansicon -i|I | -u|U\n"
|
||||
L"ansicon [-m[<attr>]] [-p | -e|E string | -t|T [file(s)] | program [args]]\n"
|
||||
L"\n"
|
||||
L" -i\t\tinstall - add ANSICON to the AutoRun entry\n"
|
||||
L" -i\t\tinstall - add ANSICON to the AutoRun entry (implies -p)\n"
|
||||
L" -u\t\tuninstall - remove ANSICON from the AutoRun entry\n"
|
||||
L" -I -U\t\tuse local machine instead of current user\n"
|
||||
L" -m\t\tuse grey on black (\"monochrome\") or <attr> as default color\n"
|
||||
|
||||
@ -29,7 +29,7 @@ void DEBUGSTR( LPTSTR szFormat, ... ) // sort of OutputDebugStringf
|
||||
va_end( pArgList );
|
||||
|
||||
szFormat = szBuffer;
|
||||
if (*szFormat == '\\')
|
||||
if (*szFormat == '\33')
|
||||
{
|
||||
BOOL first = TRUE;
|
||||
LPTSTR pos = szEscape;
|
||||
|
||||
4
makefile
4
makefile
@ -36,7 +36,7 @@ x86:
|
||||
mkdir x86
|
||||
|
||||
x86/ansicon.exe: x86/ansicon.o $(X86OBJS) x86/ansiconv.o
|
||||
$(CC) -m32 $+ -s -o $@
|
||||
$(CC) -m32 $+ -s -o $@ -lpsapi -lole32
|
||||
|
||||
x86/ANSI32.dll: x86/ANSI.o $(X86OBJS) x86/ansiv.o
|
||||
$(CC) -m32 $+ -s -o $@ -mdll -Wl,-shared
|
||||
@ -45,7 +45,7 @@ x64:
|
||||
mkdir x64
|
||||
|
||||
x64/ansicon.exe: x64/ansicon.o $(X64OBJS) x64/ansiconv.o
|
||||
$(CC) -m64 $+ -s -o $@
|
||||
$(CC) -m64 $+ -s -o $@ -lpsapi -lole32
|
||||
|
||||
x64/ANSI64.dll: x64/ANSI.o $(X64OBJS) x64/ansiv.o
|
||||
$(CC) -m64 $+ -s -o $@ -mdll -Wl,-shared
|
||||
|
||||
@ -26,7 +26,7 @@ DIR = x64
|
||||
|
||||
CC = cl
|
||||
CFLAGS = /nologo /W3 /Ox /GF /D_CRT_SECURE_NO_WARNINGS
|
||||
LIBS = advapi32.lib shell32.lib user32.lib
|
||||
LIBS = advapi32.lib shell32.lib user32.lib psapi.lib ole32.lib
|
||||
|
||||
X86OBJS = x86\proctype.obj x86\injdll32.obj x86\debugstr.obj
|
||||
X64OBJS = x64\proctype.obj x64\injdll64.obj x64\injdll32.obj x64\debugstr.obj
|
||||
|
||||
@ -17,6 +17,7 @@ int ProcessType( LPPROCESS_INFORMATION pinfo )
|
||||
if (ReadProcessMemory( pinfo->hProcess, minfo.AllocationBase,
|
||||
&dos_header, sizeof(dos_header), &read ))
|
||||
{
|
||||
DEBUGSTR( L" Base = %p", minfo.AllocationBase );
|
||||
if (dos_header.e_magic == IMAGE_DOS_SIGNATURE)
|
||||
{
|
||||
IMAGE_NT_HEADERS nt_header;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user