Update core.c
This commit is contained in:
zeffy
23
wufuc/core.c
23
wufuc/core.c
@@ -13,9 +13,9 @@ DWORD WINAPI NewThreadProc(LPVOID lpParam) {
|
|||||||
|
|
||||||
TCHAR lpBinaryPathName[0x8000];
|
TCHAR lpBinaryPathName[0x8000];
|
||||||
get_svcpath(hSCManager, _T("wuauserv"), lpBinaryPathName, _countof(lpBinaryPathName));
|
get_svcpath(hSCManager, _T("wuauserv"), lpBinaryPathName, _countof(lpBinaryPathName));
|
||||||
|
CloseServiceHandle(hSCManager);
|
||||||
|
|
||||||
BOOL result = _tcsicmp(GetCommandLine(), lpBinaryPathName);
|
BOOL result = _tcsicmp(GetCommandLine(), lpBinaryPathName);
|
||||||
CloseServiceHandle(hSCManager);
|
|
||||||
|
|
||||||
if (result) {
|
if (result) {
|
||||||
return 0;
|
return 0;
|
||||||
@@ -44,11 +44,8 @@ DWORD WINAPI NewThreadProc(LPVOID lpParam) {
|
|||||||
DETOUR_IAT(hm, LoadLibraryExA);
|
DETOUR_IAT(hm, LoadLibraryExA);
|
||||||
DETOUR_IAT(hm, LoadLibraryExW);
|
DETOUR_IAT(hm, LoadLibraryExW);
|
||||||
|
|
||||||
TCHAR lpServiceDll[MAX_PATH];
|
HMODULE hwu = GetModuleHandle(get_wuauservdll());
|
||||||
get_svcdll(_T("wuauserv"), lpServiceDll, _countof(lpServiceDll));
|
if (hwu && PatchWU(hwu)) {
|
||||||
|
|
||||||
HMODULE hwu = GetModuleHandle(lpServiceDll);
|
|
||||||
if (hwu && PatchWUAgentHMODULE(hwu)) {
|
|
||||||
dwprintf(L"Patched previously loaded Windows Update module!");
|
dwprintf(L"Patched previously loaded Windows Update module!");
|
||||||
}
|
}
|
||||||
ResumeAndCloseThreads(lphThreads, cb);
|
ResumeAndCloseThreads(lphThreads, cb);
|
||||||
@@ -68,7 +65,7 @@ DWORD WINAPI NewThreadProc(LPVOID lpParam) {
|
|||||||
FreeLibraryAndExitThread(HINST_THISCOMPONENT, 0);
|
FreeLibraryAndExitThread(HINST_THISCOMPONENT, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
BOOL PatchWUAgentHMODULE(HMODULE hModule) {
|
BOOL PatchWU(HMODULE hModule) {
|
||||||
LPSTR pattern;
|
LPSTR pattern;
|
||||||
SIZE_T offset00, offset01;
|
SIZE_T offset00, offset01;
|
||||||
#ifdef _AMD64_
|
#ifdef _AMD64_
|
||||||
@@ -131,11 +128,7 @@ HMODULE WINAPI _LoadLibraryExA(
|
|||||||
HMODULE result = LoadLibraryExA(lpFileName, hFile, dwFlags);
|
HMODULE result = LoadLibraryExA(lpFileName, hFile, dwFlags);
|
||||||
if (result) {
|
if (result) {
|
||||||
dwprintf(L"Loaded library: %S", lpFileName);
|
dwprintf(L"Loaded library: %S", lpFileName);
|
||||||
CHAR path[MAX_PATH];
|
if (!_stricmp(lpFileName, get_wuauservdllA()) && PatchWU(result)) {
|
||||||
if (!get_svcdllA("wuauserv", path, _countof(path))) {
|
|
||||||
return result;
|
|
||||||
}
|
|
||||||
if (!_stricmp(lpFileName, path) && PatchWUAgentHMODULE(result)) {
|
|
||||||
dwprintf(L"Patched Windows Update module!");
|
dwprintf(L"Patched Windows Update module!");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -150,11 +143,7 @@ HMODULE WINAPI _LoadLibraryExW(
|
|||||||
HMODULE result = LoadLibraryExW(lpFileName, hFile, dwFlags);
|
HMODULE result = LoadLibraryExW(lpFileName, hFile, dwFlags);
|
||||||
if (result) {
|
if (result) {
|
||||||
dwprintf(L"Loaded library: %s", lpFileName);
|
dwprintf(L"Loaded library: %s", lpFileName);
|
||||||
WCHAR path[MAX_PATH];
|
if (!_wcsicmp(lpFileName, get_wuauservdllW()) && PatchWU(result)) {
|
||||||
if (!get_svcdllW(L"wuauserv", path, _countof(path))) {
|
|
||||||
return result;
|
|
||||||
}
|
|
||||||
if (!_wcsicmp(lpFileName, path) && PatchWUAgentHMODULE(result)) {
|
|
||||||
dwprintf(L"Patched Windows Update module!");
|
dwprintf(L"Patched Windows Update module!");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user