exe_packer/tools.cpp at master · andrew9382/exe_packer · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
#include "includes.hpp"

bool VerifyFile(const wchar_t* file_path, WORD desired_machine, WORD desired_characteristics)
{
	if (!file_path)
	{
		return false;
	}

	std::fstream file(file_path, std::ios::binary | std::ios::in);

	if (!file.good())
	{
		return false;
	}

	uintmax_t file_size = fs::file_size(file_path);

	if (!file_size || file_size < PAGE_SIZE)
	{
		file.close();

		return false;
	}

	std::shared_ptr<BYTE[]> file_raw;

	try
	{
		file_raw.reset(new BYTE[PAGE_SIZE]);
	}
	catch (const std::exception& ex)
	{
		std::cout << ex.what() << std::endl;

		file.close();

		return false;
	}

	BYTE* pfile_raw = file_raw.get();

	file.read((char*)pfile_raw, PAGE_SIZE);
	file.close();

	IMAGE_DOS_HEADER*	dos_header		= nullptr;
	IMAGE_NT_HEADERS*	nt_header		= nullptr;
	IMAGE_FILE_HEADER*	file_header		= nullptr;

	dos_header = (IMAGE_DOS_HEADER*)pfile_raw;

	if (dos_header->e_magic != IMAGE_DOS_SIGNATURE || dos_header->e_lfanew > PAGE_SIZE)
	{
		return false;
	}

	nt_header = (IMAGE_NT_HEADERS*)(pfile_raw + dos_header->e_lfanew);

	if (nt_header->Signature != IMAGE_NT_SIGNATURE)
	{
		return false;
	}

	file_header = &nt_header->FileHeader;

	if (!(file_header->Machine & desired_machine) || (file_header->Characteristics & desired_characteristics) != desired_characteristics)
	{
		return false;
	}

	return true;
}

DWORD GetOwnModuleFullPathW(fs::path& mod_name_path)
{
	wchar_t mod_name_buf[MAX_PATH] = { 0 };

	HMODULE h_current_module = GetModuleHandle(NULL);

	DWORD mod_name_len = GetModuleFileNameW(h_current_module, mod_name_buf, sizeof(mod_name_buf) / sizeof(mod_name_buf[0]));

	if (!mod_name_len || GetLastError() == ERROR_INSUFFICIENT_BUFFER)
	{
		return 0;
	}

	mod_name_path = mod_name_buf;

	return mod_name_len;
}

std::vector<BYTE>::iterator* SignatureScanForVector(std::vector<BYTE>::iterator& start, size_t len, std::vector<BYTE>& signature)
{
	if (signature.empty())
	{
		return nullptr;
	}

	bool found = false;

	for (DWORD i = 0; i < len; ++start, ++i)
	{
		found = true;

		for (DWORD j = 0; j < signature.size(); ++j)
		{
			if (start[j] != signature[j])
			{
				found = false;

				break;
			}
		}

		if (found)
		{
			return &start;
		}
	}

	return nullptr;
}