libpwn/libpwn.cpp at main · yungcomputerchair/libpwn · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
#include "pch.h"
#include "libpwn.h"

#pragma region INTERNAL
FILE* logFile = stdout;

void ValidateExpected(size_t addr, const BYTE *expected, size_t sz) {
    if (memcmp((LPVOID)addr, expected, sz) != 0) {
        fprintf(logFile, "Mismatch with expected data, aborting!\n");
        fprintf(logFile, "Expected: ");
        PrintBytes((size_t)expected, sz);
        fprintf(logFile, "Found: ");
        PrintBytes(addr, sz);
        ExitProcess(1);
    }
}

void ValidateExpected(size_t addr, const BYTE expected) {
    ValidateExpected(addr, &expected, 1);
}

void ValidateExpected(size_t addr, const size_t expected) {
    ValidateExpected(addr, (LPBYTE)&expected, sizeof(expected));
}

void ValidateExpected(size_t addr, const char *expected) {
    ValidateExpected(addr, (LPBYTE)expected, strlen(expected));
}
#pragma endregion

void SetLogFile(FILE* file) {
    logFile = file;
}

void PrintBytes(size_t addr, size_t n, size_t bytesPerLine) {
    size_t i = 0;
    BYTE byte;
    BYTE* byteAddr;
    fprintf(logFile, "%p:\n", (LPVOID)addr);
    while (i < n) {
        byteAddr = (BYTE*)addr + i;
        byte = *byteAddr;
        fprintf(logFile, "%02x ", byte);
        i++;
        if (i % bytesPerLine == 0) {
            fprintf(logFile, "\n");
        }
    }
    fprintf(logFile, "\n");
}

size_t GetBaseAddress(const char *target) {
    size_t addr = (size_t)GetModuleHandleA(target);
    if (!addr) {
        fprintf(logFile, "Failed to find loaded module %s\n", target);
    }
    else {
        fprintf(logFile, "%s at %x\n", target, addr);
    }
    return addr;
}

size_t GetExportedFnAddress(size_t exeAddr, const char *fnName) {
    LPVOID fnPtr = GetProcAddress((HMODULE)exeAddr, fnName);
    if (!fnPtr) {
        fprintf(logFile, "Failed to find function %s\n", fnName);
    }
    return (size_t)fnPtr;
}

void WriteNops(size_t startAddr, size_t endAddr, const BYTE *expected) {
    const BYTE NOP = 0x90;
    size_t sz = endAddr - startAddr;
    if (expected) {
        ValidateExpected(startAddr, expected, sz);
    }
    RtlFillMemory((LPVOID)startAddr, sz, NOP);
    fprintf(logFile, "Replaced %d bytes at %p with NOP\n", sz, (LPVOID)startAddr);
}

void WriteByte(size_t addr, BYTE val, const BYTE *expected) {
    if (expected) {
        ValidateExpected(addr, *expected);
    }
    BYTE* byteAddr = (BYTE*)addr;
    BYTE oldByte = *byteAddr;
    *byteAddr = val;
    fprintf(logFile, "Replaced byte at %p (%02x -> %02x)\n", byteAddr, oldByte, val);
}

void WriteAddress(size_t atAddr, size_t addrVal, const size_t *expected) {
    if (expected) {
        ValidateExpected(atAddr, *expected);
    }
    size_t* destAddr = (size_t*)atAddr;
    *destAddr = addrVal;
    fprintf(logFile, "*%p = %p\n", destAddr, (LPVOID)addrVal);
}

void WriteString(size_t addr, const char *newStr, const char *expected) {
    if (expected) {
        ValidateExpected(addr, expected);
    }
    char* strAddr = (char*)addr;
    strcpy(strAddr, newStr);
}

void ReplaceString(size_t addr, const char *newStr, const char *expected) {
    char* strAddr = (char*)addr;
    fprintf(logFile, "Replacing %s with %s...\n", strAddr, newStr);
    size_t oldStrLen = strlen(strAddr);
    size_t newStrLen = strlen(newStr);
    if (newStrLen > oldStrLen) {
        fprintf(logFile, "Can't replace string; %d > %d\n", newStrLen, oldStrLen);
    } else {
        WriteString(addr, newStr, expected);
        fprintf(logFile, "String replaced!\n");
    }
}