From 909d645f07784d61c4a5182bf945813d8d47ae1a Mon Sep 17 00:00:00 2001
From: zeffy <zeffy@users.noreply.github.com>
Date: Fri, 2 Mar 2018 17:00:36 -0800
Subject: [PATCH] Update modulehelper.c

---
 src/wufuc/modulehelper.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/wufuc/modulehelper.c b/src/wufuc/modulehelper.c
index 829b7bd..577e533 100644
--- a/src/wufuc/modulehelper.c
+++ b/src/wufuc/modulehelper.c
@@ -25,6 +25,7 @@ bool mod_inject_and_begin_thread(
         LPVOID pBaseAddress = NULL;
         SIZE_T cb;
         HMODULE hRemoteModule = NULL;
+        uintptr_t offset;
         HANDLE hThread;
 
         Status = NtSuspendProcess(hProcess);
@@ -43,10 +44,11 @@ bool mod_inject_and_begin_thread(
                         goto virt_free;
         }
         if ( mod_inject_by_hmodule(hProcess, hModule, &hRemoteModule) ) {
+                offset = (uintptr_t)pStartAddress - (uintptr_t)hModule;
                 hThread = CreateRemoteThread(hProcess,
                         NULL,
                         0,
-                        (LPTHREAD_START_ROUTINE)((uint8_t *)hRemoteModule + ((uint8_t *)pStartAddress - (uint8_t *)hModule)),
+                        (LPTHREAD_START_ROUTINE)RtlOffsetToPointer(hRemoteModule, offset),
                         pBaseAddress,
                         0,
                         NULL);