From c1be7e4e7a9af8ead9c6a624a661a938d621d9ec Mon Sep 17 00:00:00 2001
From: Jason Hood <jadoxa@yahoo.com.au>
Date: Fri, 17 Dec 2010 15:39:25 +1000
Subject: [PATCH] -i implies -p; more x64/gui mucking about.

---
 ANSI.c      |  6 +++---
 ansicon.c   | 36 ++++++++++++++++++++++++++++++------
 debugstr.c  |  2 +-
 makefile    |  4 ++--
 makefile.vc |  2 +-
 proctype.c  |  1 +
 6 files changed, 38 insertions(+), 13 deletions(-)

diff --git a/ANSI.c b/ANSI.c
index 338b739..bb64c99 100644
--- a/ANSI.c
+++ b/ANSI.c
@@ -908,7 +908,7 @@ void Inject( LPPROCESS_INFORMATION pinfo, LPPROCESS_INFORMATION lpi,
 #ifdef _WIN64
     DWORD len = GetModuleFileName( GetModuleHandleA( "ANSI64.dll" ),
 				   dll, lenof(dll) );
-    if (type == 32)
+    if (type == 32 || type == -32)
     {
       dll[len-6] = '3';
       dll[len-5] = '2';
@@ -1077,7 +1077,7 @@ WINAPI MyWriteConsoleA( HANDLE hCon, LPCVOID lpBuffer,
   if (GetConsoleMode( hCon, &Mode ) && (Mode & ENABLE_PROCESSED_OUTPUT))
   {
     UINT cp = GetConsoleOutputCP();
-    DEBUGSTR( L"\\WriteConsoleA: %lu \"%.*S\"",
+    DEBUGSTR( L"\33WriteConsoleA: %lu \"%.*S\"",
 	      nNumberOfCharsToWrite, nNumberOfCharsToWrite, lpBuffer );
     len = MultiByteToWideChar( cp, 0, lpBuffer, nNumberOfCharsToWrite, NULL, 0 );
     buf = malloc( len * sizeof(WCHAR) );
@@ -1150,7 +1150,7 @@ WINAPI MyWriteConsoleW( HANDLE hCon, LPCVOID lpBuffer,
   DWORD Mode;
   if (GetConsoleMode( hCon, &Mode ) && (Mode & ENABLE_PROCESSED_OUTPUT))
   {
-    DEBUGSTR( L"\\WriteConsoleW: %lu \"%.*s\"",
+    DEBUGSTR( L"\33WriteConsoleW: %lu \"%.*s\"",
 	      nNumberOfCharsToWrite, nNumberOfCharsToWrite, lpBuffer );
     return ParseAndPrintString( hCon, lpBuffer,
 				nNumberOfCharsToWrite,
diff --git a/ansicon.c b/ansicon.c
index 1fe37e4..7d4ac1e 100644
--- a/ansicon.c
+++ b/ansicon.c
@@ -45,18 +45,20 @@
 
   v1.32, 4, 12 & 16 December, 2010:
     make -p more robust;
-    inject into GUI processes again;
-    don't block when directly running a GUI process.
+    inject into GUI processes;
+    -i implies -p.
 */
 
 #define PVERS L"1.32"
-#define PDATE L"16 December, 2010"
+#define PDATE L"17 December, 2010"
 
 #include "ansicon.h"
 #include <shellapi.h>
 #include <tlhelp32.h>
 #include <ctype.h>
 #include <io.h>
+#include <objbase.h>
+#include <psapi.h>
 
 #ifdef __MINGW32__
 int _CRT_glob = 0;
@@ -101,6 +103,7 @@ BOOL Inject( LPPROCESS_INFORMATION ppi )
   while (dll[len-1] != '\\')
     --len;
 #ifdef _WIN64
+  type = abs( type );
   wsprintf( dll + len, L"ANSI%d.dll", type );
   if (type == 32)
     InjectDLL32( ppi, dll );
@@ -179,7 +182,7 @@ int main( void )
 		 towlower( argv[1][1] ) == 'u'))
   {
     process_autorun( argv[1][1] );
-    return rc;
+    argv[1][1] = 'p';
   }
 
   get_original_attr();
@@ -294,7 +297,28 @@ int main( void )
 	si.cb = sizeof(si);
 	if (CreateProcess( NULL, cmd, NULL,NULL, TRUE, 0, NULL,NULL, &si, &pi ))
 	{
-	  if (ProcessType( &pi ) > 0)
+	  BOOL	console = FALSE;
+	  TCHAR name[MAX_PATH];
+	  DWORD rc;
+	  CoInitialize( NULL );
+	  do
+	  {
+	    Sleep( 10 );
+	    if (GetModuleFileNameEx( pi.hProcess, NULL, name, lenof(name) ))
+	    {
+	      DWORD_PTR info;
+	      info = SHGetFileInfo( name, 0, NULL, 0, SHGFI_EXETYPE );
+	      if (info == 0x00004550) // console PE
+		console = TRUE;
+	      DEBUGSTR( L"%s", name );
+	      DEBUGSTR( L"  %s (%p)", (console) ? L"Console" : L"Not console",
+				      info );
+	      break;
+	    }
+	  } while (GetExitCodeProcess( pi.hProcess, &rc ) &&
+		   rc == STILL_ACTIVE);
+	  CoUninitialize();
+	  if (console)
 	  {
 	    SetConsoleCtrlHandler( (PHANDLER_ROUTINE)CtrlHandler, TRUE );
 	    WaitForSingleObject( pi.hProcess, INFINITE );
@@ -557,7 +581,7 @@ L"\n"
 L"ansicon -i|I | -u|U\n"
 L"ansicon [-m[<attr>]] [-p | -e|E string | -t|T [file(s)] | program [args]]\n"
 L"\n"
-L"  -i\t\tinstall - add ANSICON to the AutoRun entry\n"
+L"  -i\t\tinstall - add ANSICON to the AutoRun entry (implies -p)\n"
 L"  -u\t\tuninstall - remove ANSICON from the AutoRun entry\n"
 L"  -I -U\t\tuse local machine instead of current user\n"
 L"  -m\t\tuse grey on black (\"monochrome\") or <attr> as default color\n"
diff --git a/debugstr.c b/debugstr.c
index 3eff9a8..d79d743 100644
--- a/debugstr.c
+++ b/debugstr.c
@@ -29,7 +29,7 @@ void DEBUGSTR( LPTSTR szFormat, ... ) // sort of OutputDebugStringf
   va_end( pArgList );
 
   szFormat = szBuffer;
-  if (*szFormat == '\\')
+  if (*szFormat == '\33')
   {
     BOOL first = TRUE;
     LPTSTR pos = szEscape;
diff --git a/makefile b/makefile
index b0999da..fdd6721 100644
--- a/makefile
+++ b/makefile
@@ -36,7 +36,7 @@ x86:
 	mkdir x86
 
 x86/ansicon.exe: x86/ansicon.o $(X86OBJS) x86/ansiconv.o
-	$(CC) -m32 $+ -s -o $@
+	$(CC) -m32 $+ -s -o $@ -lpsapi -lole32
 
 x86/ANSI32.dll: x86/ANSI.o $(X86OBJS) x86/ansiv.o
 	$(CC) -m32 $+ -s -o $@ -mdll -Wl,-shared
@@ -45,7 +45,7 @@ x64:
 	mkdir x64
 
 x64/ansicon.exe: x64/ansicon.o $(X64OBJS) x64/ansiconv.o
-	$(CC) -m64 $+ -s -o $@
+	$(CC) -m64 $+ -s -o $@ -lpsapi -lole32
 
 x64/ANSI64.dll: x64/ANSI.o $(X64OBJS) x64/ansiv.o
 	$(CC) -m64 $+ -s -o $@ -mdll -Wl,-shared
diff --git a/makefile.vc b/makefile.vc
index 72a1706..5ae87e9 100644
--- a/makefile.vc
+++ b/makefile.vc
@@ -26,7 +26,7 @@ DIR = x64
 
 CC = cl
 CFLAGS = /nologo /W3 /Ox /GF /D_CRT_SECURE_NO_WARNINGS
-LIBS = advapi32.lib shell32.lib user32.lib
+LIBS = advapi32.lib shell32.lib user32.lib psapi.lib ole32.lib
 
 X86OBJS = x86\proctype.obj x86\injdll32.obj x86\debugstr.obj
 X64OBJS = x64\proctype.obj x64\injdll64.obj x64\injdll32.obj x64\debugstr.obj
diff --git a/proctype.c b/proctype.c
index 133d3f4..7ffd653 100644
--- a/proctype.c
+++ b/proctype.c
@@ -17,6 +17,7 @@ int ProcessType( LPPROCESS_INFORMATION pinfo )
     if (ReadProcessMemory( pinfo->hProcess, minfo.AllocationBase,
 			   &dos_header, sizeof(dos_header), &read ))
     {
+      DEBUGSTR( L"  Base = %p", minfo.AllocationBase );
       if (dos_header.e_magic == IMAGE_DOS_SIGNATURE)
       {
 	IMAGE_NT_HEADERS nt_header;