From f1dc539aba45d1332d374606cdd2051fea09be07 Mon Sep 17 00:00:00 2001 From: zeffy Date: Mon, 5 Feb 2018 13:50:11 -0800 Subject: [PATCH] move source files to src folder, some code updates.. --- README.md | 26 -- appveyor.yml | 4 +- .../AdvancedInstallerHelper.vcxproj | 2 +- .../AdvancedInstallerHelper.vcxproj.filters | 6 +- .../AdvancedInstallerHelper/customactions.c | Bin .../AdvancedInstallerHelper}/dllmain.c | Bin .../AdvancedInstallerHelper}/exports.def | 0 .../AdvancedInstallerHelper}/stdafx.c | Bin .../AdvancedInstallerHelper}/stdafx.h | Bin .../AdvancedInstallerHelper}/targetver.h | Bin wufuc.sln => src/wufuc.sln | 19 +- {wufuc => src/wufuc}/callbacks.c | 17 +- {wufuc => src/wufuc}/callbacks.h | 0 {wufuc => src/wufuc}/dllmain.c | 1 + {wufuc => src/wufuc}/exports.def | 0 wufuc/helpers.c => src/wufuc/hlpmem.c | 242 +----------------- src/wufuc/hlpmem.h | 22 ++ src/wufuc/hlpmisc.c | 70 +++++ src/wufuc/hlpmisc.h | 16 ++ src/wufuc/hlpsvc.c | 118 +++++++++ src/wufuc/hlpsvc.h | 13 + src/wufuc/hlpver.c | 107 ++++++++ src/wufuc/hlpver.h | 6 + {wufuc => src/wufuc}/hooks.c | 4 +- {wufuc => src/wufuc}/hooks.h | 0 {wufuc => src/wufuc}/patternfind.CHANGES.txt | 0 {wufuc => src/wufuc}/patternfind.LICENSE | 0 {wufuc => src/wufuc}/patternfind.c | 0 {wufuc => src/wufuc}/patternfind.h | 0 {wufuc => src/wufuc}/rundll32.c | 3 +- {wufuc => src/wufuc}/rundll32.h | 0 {wufuc => src/wufuc}/stdafx.c | 0 {wufuc => src/wufuc}/stdafx.h | 0 {wufuc => src/wufuc}/targetver.h | 0 {wufuc => src/wufuc}/tracing.c | 0 {wufuc => src/wufuc}/tracing.h | 0 {wufuc => src/wufuc}/wufuc.rc | Bin {wufuc => src/wufuc}/wufuc.rch | 0 {wufuc => src/wufuc}/wufuc.vcxproj | 26 +- {wufuc => src/wufuc}/wufuc.vcxproj.filters | 26 +- {wufuc_setup => src/wufuc_setup}/.gitignore | 0 {wufuc_setup => src/wufuc_setup}/LICENSE.rtf | 0 .../wufuc_setup}/wufuc_setup.aip | 0 .../wufuc_setup_bat}/.gitignore | 0 .../wufuc_setup_bat}/COPYING.txt | 0 .../wufuc_setup_bat}/Restore_wuauserv.reg | Bin .../wufuc_setup_bat}/install_wufuc.bat | 0 .../wufuc_setup_bat}/uninstall_wufuc.bat | 0 .../wufuc_setup_bat}/wufuc_ScheduledTask.xml | Bin wufuc/helpers.h | 49 ---- 50 files changed, 413 insertions(+), 364 deletions(-) rename {AdvancedInstallerHelper => src/AdvancedInstallerHelper}/AdvancedInstallerHelper.vcxproj (99%) rename {AdvancedInstallerHelper => src/AdvancedInstallerHelper}/AdvancedInstallerHelper.vcxproj.filters (96%) rename AdvancedInstallerHelper/helper.c => src/AdvancedInstallerHelper/customactions.c (100%) rename {AdvancedInstallerHelper => src/AdvancedInstallerHelper}/dllmain.c (100%) rename {AdvancedInstallerHelper => src/AdvancedInstallerHelper}/exports.def (100%) rename {AdvancedInstallerHelper => src/AdvancedInstallerHelper}/stdafx.c (100%) rename {AdvancedInstallerHelper => src/AdvancedInstallerHelper}/stdafx.h (100%) rename {AdvancedInstallerHelper => src/AdvancedInstallerHelper}/targetver.h (100%) rename wufuc.sln => src/wufuc.sln (75%) rename {wufuc => src/wufuc}/callbacks.c (95%) rename {wufuc => src/wufuc}/callbacks.h (100%) rename {wufuc => src/wufuc}/dllmain.c (93%) rename {wufuc => src/wufuc}/exports.def (100%) rename wufuc/helpers.c => src/wufuc/hlpmem.c (55%) create mode 100644 src/wufuc/hlpmem.h create mode 100644 src/wufuc/hlpmisc.c create mode 100644 src/wufuc/hlpmisc.h create mode 100644 src/wufuc/hlpsvc.c create mode 100644 src/wufuc/hlpsvc.h create mode 100644 src/wufuc/hlpver.c create mode 100644 src/wufuc/hlpver.h rename {wufuc => src/wufuc}/hooks.c (94%) rename {wufuc => src/wufuc}/hooks.h (100%) rename {wufuc => src/wufuc}/patternfind.CHANGES.txt (100%) rename {wufuc => src/wufuc}/patternfind.LICENSE (100%) rename {wufuc => src/wufuc}/patternfind.c (100%) rename {wufuc => src/wufuc}/patternfind.h (100%) rename {wufuc => src/wufuc}/rundll32.c (99%) rename {wufuc => src/wufuc}/rundll32.h (100%) rename {wufuc => src/wufuc}/stdafx.c (100%) rename {wufuc => src/wufuc}/stdafx.h (100%) rename {wufuc => src/wufuc}/targetver.h (100%) rename {wufuc => src/wufuc}/tracing.c (100%) rename {wufuc => src/wufuc}/tracing.h (100%) rename {wufuc => src/wufuc}/wufuc.rc (100%) rename {wufuc => src/wufuc}/wufuc.rch (100%) rename {wufuc => src/wufuc}/wufuc.vcxproj (92%) rename {wufuc => src/wufuc}/wufuc.vcxproj.filters (80%) rename {wufuc_setup => src/wufuc_setup}/.gitignore (100%) rename {wufuc_setup => src/wufuc_setup}/LICENSE.rtf (100%) rename {wufuc_setup => src/wufuc_setup}/wufuc_setup.aip (100%) rename {wufuc_setup_bat => src/wufuc_setup_bat}/.gitignore (100%) rename {wufuc_setup_bat => src/wufuc_setup_bat}/COPYING.txt (100%) rename {wufuc_setup_bat => src/wufuc_setup_bat}/Restore_wuauserv.reg (100%) rename {wufuc_setup_bat => src/wufuc_setup_bat}/install_wufuc.bat (100%) rename {wufuc_setup_bat => src/wufuc_setup_bat}/uninstall_wufuc.bat (100%) rename {wufuc_setup_bat => src/wufuc_setup_bat}/wufuc_ScheduledTask.xml (100%) delete mode 100644 wufuc/helpers.h diff --git a/README.md b/README.md index c5b10ba..b17b120 100644 --- a/README.md +++ b/README.md @@ -65,32 +65,6 @@ My patch takes advantage of this behavior by patching a couple of boolean values ## FAQ -### If you get BSODs after installing certain updates on specific AMD CPUs (Updated 01/11/2018) - -> Microsoft has resumed updating the majority of AMD devices with the Windows operating system security update to help protect against the chipset vulnerabilities known as Spectre and Meltdown. -> -> A small subset of older AMD processors remain blocked to avoid users getting into an unbootable state after installation of recent Windows operating system security updates. Microsoft is working with AMD to resolve this issue and should resume Windows OS security updates to this subset of AMD processors via Windows Update and WSUS by next week. For AMD device-specific information please refer to AMD’s Security Advisory. -> -> Microsoft has temporarily paused sending the following Windows operating system updates to this subset of older AMD processors: -> -> - January 3, 2018—KB4056897 (Security-only update) -> - January 9, 2018—KB4056894 (Monthly Rollup) -> - January 3, 2018—KB4056888 (OS Build 10586.1356) -> - January 3, 2018—KB4056892 (OS Build 16299.192) -> - January 3, 2018—KB4056891 (OS Build 15063.850) -> - January 3, 2018—KB4056890 (OS Build 14393.2007) -> - January 3, 2018—KB4056898 (Security-only update) -> - January 3, 2018—KB4056893 (OS Build 10240.17735) -> - January 9, 2018—KB4056895 (Monthly Rollup) - -For more information, you can read the Microsoft Support article [here](https://support.microsoft.com/en-us/help/4073707/windows-os-security-update-block-for-some-amd-based-devices), -but basically Microsoft put out some updates recently that cause problems on older AMD processors, and blocked them on those CPUs, but apparently -wufuc bypasses the block and lets you uninstall these buggy updates which can cause problems. - -Unfortunately as far as I know, there is no comprehensive list of the processors that should be blocked, but if you experience BSODs -after installing any of these updates, you can try the solution posted in this [comment](https://github.com/zeffy/wufuc/issues/132#issuecomment-356921433) to uninstall the updates and fix the crashes. -According to the Microsoft Support article, this issue should be resolved within the next week. - ### How to deploy wufuc using Group Policy [There is a tutorial on the Advanced Installer website that explains how to do this](http://www.advancedinstaller.com/user-guide/tutorial-gpo.html). diff --git a/appveyor.yml b/appveyor.yml index 60dc72a..93ad1bd 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -22,9 +22,9 @@ before_build: set "BUILD_ZIPFILE=%APPVEYOR_BUILD_FOLDER%\%APPVEYOR_PROJECT_NAME%_v%BUILD_COMMIT_VERSION%-%PLATFORM%.zip" after_build: - cmd: >- - copy /Y "COPYING" "wufuc_setup_bat\COPYING.txt" + copy /Y "COPYING" "src\wufuc_setup_bat\COPYING.txt" - cd "%APPVEYOR_BUILD_FOLDER%\wufuc_setup_bat" + cd "%APPVEYOR_BUILD_FOLDER%\src\wufuc_setup_bat" echo v%BUILD_COMMIT_VERSION%>version.txt diff --git a/AdvancedInstallerHelper/AdvancedInstallerHelper.vcxproj b/src/AdvancedInstallerHelper/AdvancedInstallerHelper.vcxproj similarity index 99% rename from AdvancedInstallerHelper/AdvancedInstallerHelper.vcxproj rename to src/AdvancedInstallerHelper/AdvancedInstallerHelper.vcxproj index 5c51ee2..b49d9e0 100644 --- a/AdvancedInstallerHelper/AdvancedInstallerHelper.vcxproj +++ b/src/AdvancedInstallerHelper/AdvancedInstallerHelper.vcxproj @@ -107,7 +107,7 @@ Create Create - + diff --git a/AdvancedInstallerHelper/AdvancedInstallerHelper.vcxproj.filters b/src/AdvancedInstallerHelper/AdvancedInstallerHelper.vcxproj.filters similarity index 96% rename from AdvancedInstallerHelper/AdvancedInstallerHelper.vcxproj.filters rename to src/AdvancedInstallerHelper/AdvancedInstallerHelper.vcxproj.filters index 61ab094..3780bcf 100644 --- a/AdvancedInstallerHelper/AdvancedInstallerHelper.vcxproj.filters +++ b/src/AdvancedInstallerHelper/AdvancedInstallerHelper.vcxproj.filters @@ -23,15 +23,15 @@ - - Source Files - Source Files Source Files + + Source Files + diff --git a/AdvancedInstallerHelper/helper.c b/src/AdvancedInstallerHelper/customactions.c similarity index 100% rename from AdvancedInstallerHelper/helper.c rename to src/AdvancedInstallerHelper/customactions.c diff --git a/AdvancedInstallerHelper/dllmain.c b/src/AdvancedInstallerHelper/dllmain.c similarity index 100% rename from AdvancedInstallerHelper/dllmain.c rename to src/AdvancedInstallerHelper/dllmain.c diff --git a/AdvancedInstallerHelper/exports.def b/src/AdvancedInstallerHelper/exports.def similarity index 100% rename from AdvancedInstallerHelper/exports.def rename to src/AdvancedInstallerHelper/exports.def diff --git a/AdvancedInstallerHelper/stdafx.c b/src/AdvancedInstallerHelper/stdafx.c similarity index 100% rename from AdvancedInstallerHelper/stdafx.c rename to src/AdvancedInstallerHelper/stdafx.c diff --git a/AdvancedInstallerHelper/stdafx.h b/src/AdvancedInstallerHelper/stdafx.h similarity index 100% rename from AdvancedInstallerHelper/stdafx.h rename to src/AdvancedInstallerHelper/stdafx.h diff --git a/AdvancedInstallerHelper/targetver.h b/src/AdvancedInstallerHelper/targetver.h similarity index 100% rename from AdvancedInstallerHelper/targetver.h rename to src/AdvancedInstallerHelper/targetver.h diff --git a/wufuc.sln b/src/wufuc.sln similarity index 75% rename from wufuc.sln rename to src/wufuc.sln index 2a414cc..9105052 100644 --- a/wufuc.sln +++ b/src/wufuc.sln @@ -1,30 +1,16 @@  Microsoft Visual Studio Solution File, Format Version 12.00 # Visual Studio 15 -VisualStudioVersion = 15.0.27130.2010 +VisualStudioVersion = 15.0.27130.2024 MinimumVisualStudioVersion = 10.0.40219.1 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "wufuc", "wufuc\wufuc.vcxproj", "{00F96695-CE41-4C2F-A344-6219DFB4F887}" EndProject -Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{8C2147FF-2B83-479B-813E-5ACB86F43042}" - ProjectSection(SolutionItems) = preProject - .gitignore = .gitignore - appveyor.yml = appveyor.yml - EndProjectSection -EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "wufuc_setup_bat", "wufuc_setup_bat", "{97E33D3C-9AA1-4B84-803A-1A6AE2C6F361}" ProjectSection(SolutionItems) = preProject wufuc_setup_bat\install_wufuc.bat = wufuc_setup_bat\install_wufuc.bat wufuc_setup_bat\uninstall_wufuc.bat = wufuc_setup_bat\uninstall_wufuc.bat EndProjectSection EndProject -Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Documentation", "Documentation", "{65210B26-9B74-4B7E-B777-7A2EE4162595}" - ProjectSection(SolutionItems) = preProject - CONTRIBUTING.md = CONTRIBUTING.md - COPYING = COPYING - DONATE.md = DONATE.md - README.md = README.md - EndProjectSection -EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "AdvancedInstallerHelper", "AdvancedInstallerHelper\AdvancedInstallerHelper.vcxproj", "{12498D61-02AF-4C13-925D-E130EEDE2543}" EndProject Global @@ -53,9 +39,6 @@ Global GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE EndGlobalSection - GlobalSection(NestedProjects) = preSolution - {65210B26-9B74-4B7E-B777-7A2EE4162595} = {8C2147FF-2B83-479B-813E-5ACB86F43042} - EndGlobalSection GlobalSection(ExtensibilityGlobals) = postSolution SolutionGuid = {5070ABC4-3344-4D6E-B744-E3508B10A327} EndGlobalSection diff --git a/wufuc/callbacks.c b/src/wufuc/callbacks.c similarity index 95% rename from wufuc/callbacks.c rename to src/wufuc/callbacks.c index 5dedf0f..6fae5c2 100644 --- a/wufuc/callbacks.c +++ b/src/wufuc/callbacks.c @@ -1,22 +1,19 @@ #include "stdafx.h" #include "callbacks.h" #include "hooks.h" -#include "helpers.h" +#include "hlpmisc.h" +#include "hlpmem.h" +#include "hlpsvc.h" bool DuplicateContextHandles(HANDLE hSrcProcess, ContextHandles *pSrcContext, HANDLE hAuxiliaryMutex, HANDLE hTargetProcess, ContextHandles *pTargetContext) { - if ( DuplicateHandle(hSrcProcess, pSrcContext->hMainMutex, - hTargetProcess, &pTargetContext->hMainMutex, SYNCHRONIZE, FALSE, 0) - + return + DuplicateHandle(hSrcProcess, pSrcContext->hMainMutex, + hTargetProcess, &pTargetContext->hMainMutex, SYNCHRONIZE, FALSE, 0) && DuplicateHandle(hSrcProcess, pSrcContext->hUnloadEvent, hTargetProcess, &pTargetContext->hUnloadEvent, SYNCHRONIZE, FALSE, 0) - && DuplicateHandle(hSrcProcess, hAuxiliaryMutex, - hTargetProcess, &pTargetContext->hAuxiliaryMutex, 0, FALSE, DUPLICATE_SAME_ACCESS) ) { - - return true; - } - return false; + hTargetProcess, &pTargetContext->hAuxiliaryMutex, 0, FALSE, DUPLICATE_SAME_ACCESS); } VOID CALLBACK ServiceNotifyCallback(PSERVICE_NOTIFYW pNotifyBuffer) diff --git a/wufuc/callbacks.h b/src/wufuc/callbacks.h similarity index 100% rename from wufuc/callbacks.h rename to src/wufuc/callbacks.h diff --git a/wufuc/dllmain.c b/src/wufuc/dllmain.c similarity index 93% rename from wufuc/dllmain.c rename to src/wufuc/dllmain.c index 805ba47..6c2f5d5 100644 --- a/wufuc/dllmain.c +++ b/src/wufuc/dllmain.c @@ -6,6 +6,7 @@ BOOL APIENTRY DllMain(HMODULE hModule, { switch ( ul_reason_for_call ) { case DLL_PROCESS_ATTACH: + break; case DLL_THREAD_ATTACH: case DLL_THREAD_DETACH: case DLL_PROCESS_DETACH: diff --git a/wufuc/exports.def b/src/wufuc/exports.def similarity index 100% rename from wufuc/exports.def rename to src/wufuc/exports.def diff --git a/wufuc/helpers.c b/src/wufuc/hlpmem.c similarity index 55% rename from wufuc/helpers.c rename to src/wufuc/hlpmem.c index fc6928a..2967d82 100644 --- a/wufuc/helpers.c +++ b/src/wufuc/hlpmem.c @@ -1,136 +1,9 @@ #include "stdafx.h" -#include "helpers.h" +#include "hlpmem.h" +#include "hlpver.h" #include "hooks.h" #include -bool InitializeMutex(bool InitialOwner, const wchar_t *pMutexName, HANDLE *phMutex) -{ - HANDLE hMutex; - - hMutex = CreateMutexW(NULL, InitialOwner, pMutexName); - if ( hMutex ) { - if ( GetLastError() == ERROR_ALREADY_EXISTS ) { - CloseHandle(hMutex); - return false; - } - *phMutex = hMutex; - return true; - } - return false; -} - -bool CreateEventWithStringSecurityDescriptor( - const wchar_t *pStringSecurityDescriptor, - bool ManualReset, - bool InitialState, - const wchar_t *pName, - HANDLE *phEvent) -{ - SECURITY_ATTRIBUTES sa = { sizeof sa }; - HANDLE event; - - if ( ConvertStringSecurityDescriptorToSecurityDescriptorW( - pStringSecurityDescriptor, - SDDL_REVISION_1, - &sa.lpSecurityDescriptor, - NULL) ) { - - event = CreateEventW(&sa, ManualReset, InitialState, pName); - if ( event ) { - *phEvent = event; - return true; - } - } - return false; -} - -int FileInfoVerCompare(VS_FIXEDFILEINFO *pffi, WORD wMajor, WORD wMinor, WORD wBuild, WORD wRev) -{ - if ( HIWORD(pffi->dwProductVersionMS) < wMajor ) return -1; - if ( HIWORD(pffi->dwProductVersionMS) > wMajor ) return 1; - if ( LOWORD(pffi->dwProductVersionMS) < wMinor ) return -1; - if ( LOWORD(pffi->dwProductVersionMS) > wMinor ) return 1; - if ( HIWORD(pffi->dwProductVersionLS) < wBuild ) return -1; - if ( HIWORD(pffi->dwProductVersionLS) > wBuild ) return 1; - if ( LOWORD(pffi->dwProductVersionLS) < wRev ) return -1; - if ( LOWORD(pffi->dwProductVersionLS) > wRev ) return 1; - return 0; -} - -bool GetVersionInfoFromHModule(HMODULE hModule, LPCWSTR pszSubBlock, LPVOID pData, PUINT pcbData) -{ - bool result = false; - UINT cbData; - HRSRC hResInfo; - DWORD dwSize; - HGLOBAL hResData; - LPVOID pRes; - LPVOID pCopy; - LPVOID pBuffer; - UINT uLen; - - if ( !pcbData ) return result; - cbData = *pcbData; - - hResInfo = FindResourceW(hModule, - MAKEINTRESOURCEW(VS_VERSION_INFO), - RT_VERSION); - if ( !hResInfo ) return result; - - dwSize = SizeofResource(hModule, hResInfo); - if ( !dwSize ) return result; - - hResData = LoadResource(hModule, hResInfo); - if ( !hResData ) return result; - - pRes = LockResource(hResData); - if ( !pRes ) return result; - - pCopy = malloc(dwSize); - if ( !pCopy - || memcpy_s(pCopy, dwSize, pRes, dwSize) - || !VerQueryValueW(pCopy, pszSubBlock, &pBuffer, &uLen) ) - goto cleanup; - - if ( !_wcsnicmp(pszSubBlock, L"\\StringFileInfo\\", 16) ) - *pcbData = uLen * sizeof(wchar_t); - else - *pcbData = uLen; - - if ( !pData ) { - result = true; - goto cleanup; - } - if ( cbData < *pcbData - || memcpy_s(pData, cbData, pBuffer, *pcbData) ) - goto cleanup; - - result = true; -cleanup: - free(pCopy); - return result; -} - -LPVOID GetVersionInfoFromHModuleAlloc(HMODULE hModule, LPCWSTR pszSubBlock, PUINT pcbData) -{ - UINT cbData = 0; - LPVOID result = NULL; - - if ( !GetVersionInfoFromHModule(hModule, pszSubBlock, NULL, &cbData) ) - return result; - - result = malloc(cbData); - if ( !result ) return result; - - if ( GetVersionInfoFromHModule(hModule, pszSubBlock, result, &cbData) ) { - *pcbData = cbData; - } else { - free(result); - result = NULL; - } - return result; -} - bool FindIsDeviceServiceablePtr(HMODULE hModule, PVOID *ppfnIsDeviceServiceable) { bool result = false; @@ -152,9 +25,7 @@ bool FindIsDeviceServiceablePtr(HMODULE hModule, PVOID *ppfnIsDeviceServiceable) if ( !is_win7 ) { is_win81 = IsWindowsVersion(6, 3, 0); if ( !is_win81 ) { - trace(L"Unsupported operating system. is_win7=%ls is_win81=%ls", - is_win7 ? L"true" : L"false", - is_win81 ? L"true" : L"false"); + trace(L"Unsupported operating system."); return result; } } @@ -382,6 +253,7 @@ bool InjectLibraryByFilename( pLibFilename); CloseHandle(hSnapshot); + result = !!*phRemoteModule; } } else { result = !!GetExitCodeThread(hThread, (LPDWORD)phRemoteModule); @@ -391,109 +263,3 @@ vfree: VirtualFreeEx(hProcess, pBaseAddress, 0, MEM_RELEASE); resume: NtResumeProcess(hProcess); return result; } - -bool IsWindowsVersion(WORD wMajorVersion, WORD wMinorVersion, WORD wServicePackMajor) -{ - OSVERSIONINFOEXW osvi = { sizeof osvi }; - - DWORDLONG dwlConditionMask = 0; - VER_SET_CONDITION(dwlConditionMask, VER_MAJORVERSION, VER_EQUAL); - VER_SET_CONDITION(dwlConditionMask, VER_MINORVERSION, VER_EQUAL); - VER_SET_CONDITION(dwlConditionMask, VER_SERVICEPACKMAJOR, VER_GREATER_EQUAL); - - osvi.dwMajorVersion = wMajorVersion; - osvi.dwMinorVersion = wMinorVersion; - osvi.wServicePackMajor = wServicePackMajor; - - return VerifyVersionInfoW(&osvi, - VER_MAJORVERSION | VER_MINORVERSION | VER_SERVICEPACKMAJOR, - dwlConditionMask) != FALSE; -} - -PVOID RegGetValueAlloc( - HKEY hkey, - const wchar_t *pSubKey, - const wchar_t *pValue, - DWORD dwFlags, - LPDWORD pdwType, - LPDWORD pcbData) -{ - DWORD cbData = 0; - PVOID result = NULL; - - if ( RegGetValueW(hkey, pSubKey, pValue, dwFlags, pdwType, NULL, &cbData) != ERROR_SUCCESS ) - return result; - - result = malloc(cbData); - if ( !result ) return result; - - if ( RegGetValueW(hkey, pSubKey, pValue, dwFlags, pdwType, result, &cbData) == ERROR_SUCCESS ) { - *pcbData = cbData; - } else { - free(result); - result = NULL; - } - return result; -} - -LPQUERY_SERVICE_CONFIGW QueryServiceConfigByNameAlloc( - SC_HANDLE hSCM, - const wchar_t *pServiceName, - LPDWORD pcbBufSize) -{ - SC_HANDLE hService; - DWORD cbBytesNeeded; - LPQUERY_SERVICE_CONFIGW result = NULL; - - hService = OpenServiceW(hSCM, pServiceName, SERVICE_QUERY_CONFIG); - if ( !hService ) return result; - - if ( !QueryServiceConfigW(hService, NULL, 0, &cbBytesNeeded) - && GetLastError() == ERROR_INSUFFICIENT_BUFFER ) { - - result = malloc(cbBytesNeeded); - if ( result ) { - if ( QueryServiceConfigW(hService, result, cbBytesNeeded, &cbBytesNeeded) ) { - *pcbBufSize = cbBytesNeeded; - } else { - free(result); - result = NULL; - } - } - } - CloseServiceHandle(hService); - return result; -} - -bool QueryServiceStatusProcessInfoByName( - SC_HANDLE hSCM, - const wchar_t *pServiceName, - LPSERVICE_STATUS_PROCESS pServiceStatus) -{ - bool result = false; - SC_HANDLE hService; - DWORD cbBytesNeeded; - - hService = OpenServiceW(hSCM, pServiceName, SERVICE_QUERY_STATUS); - if ( !hService ) { - trace(L"Failed to open service %ls! (GetLastError=%ul)", pServiceName, GetLastError()); - return result; - } - - result = !!QueryServiceStatusEx(hService, - SC_STATUS_PROCESS_INFO, - (LPBYTE)pServiceStatus, - sizeof *pServiceStatus, - &cbBytesNeeded); - CloseServiceHandle(hService); - return result; -} - -DWORD QueryServiceProcessId(SC_HANDLE hSCM, const wchar_t *pServiceName) -{ - SERVICE_STATUS_PROCESS ServiceStatusProcess; - - if ( QueryServiceStatusProcessInfoByName(hSCM, pServiceName, &ServiceStatusProcess) ) - return ServiceStatusProcess.dwProcessId; - return 0; -} diff --git a/src/wufuc/hlpmem.h b/src/wufuc/hlpmem.h new file mode 100644 index 0000000..ed53bc9 --- /dev/null +++ b/src/wufuc/hlpmem.h @@ -0,0 +1,22 @@ +#pragma once + +typedef struct +{ + WORD wLanguage; + WORD wCodePage; +} LANGANDCODEPAGE, *PLANGANDCODEPAGE; + +bool FindIsDeviceServiceablePtr(HMODULE hModule, PVOID *ppfnIsDeviceServiceable); +HANDLE GetRemoteHModuleFromTh32ModuleSnapshot(HANDLE hSnapshot, const wchar_t *pLibFileName); +bool InjectLibraryAndCreateRemoteThread( + HANDLE hProcess, + HMODULE hModule, + LPTHREAD_START_ROUTINE pStartAddress, + const void *pParam, + size_t cbParam); +bool InjectLibrary(HANDLE hProcess, HMODULE hModule, HMODULE *phRemoteModule); +bool InjectLibraryByFilename( + HANDLE hProcess, + const wchar_t *pLibFilename, + size_t cchLibFilename, + HMODULE *phRemoteModule); diff --git a/src/wufuc/hlpmisc.c b/src/wufuc/hlpmisc.c new file mode 100644 index 0000000..8e72371 --- /dev/null +++ b/src/wufuc/hlpmisc.c @@ -0,0 +1,70 @@ +#include "stdafx.h" +#include "hlpmisc.h" +#include + +bool InitializeMutex(bool InitialOwner, const wchar_t *pMutexName, HANDLE *phMutex) +{ + HANDLE hMutex; + + hMutex = CreateMutexW(NULL, InitialOwner, pMutexName); + if ( hMutex ) { + if ( GetLastError() == ERROR_ALREADY_EXISTS ) { + CloseHandle(hMutex); + return false; + } + *phMutex = hMutex; + return true; + } + return false; +} + +bool CreateEventWithStringSecurityDescriptor( + const wchar_t *pStringSecurityDescriptor, + bool ManualReset, + bool InitialState, + const wchar_t *pName, + HANDLE *phEvent) +{ + SECURITY_ATTRIBUTES sa = { sizeof sa }; + HANDLE event; + + if ( ConvertStringSecurityDescriptorToSecurityDescriptorW( + pStringSecurityDescriptor, + SDDL_REVISION_1, + &sa.lpSecurityDescriptor, + NULL) ) { + + event = CreateEventW(&sa, ManualReset, InitialState, pName); + if ( event ) { + *phEvent = event; + return true; + } + } + return false; +} + +PVOID RegGetValueAlloc( + HKEY hkey, + const wchar_t *pSubKey, + const wchar_t *pValue, + DWORD dwFlags, + LPDWORD pdwType, + LPDWORD pcbData) +{ + DWORD cbData = 0; + PVOID result = NULL; + + if ( RegGetValueW(hkey, pSubKey, pValue, dwFlags, pdwType, NULL, &cbData) != ERROR_SUCCESS ) + return result; + + result = malloc(cbData); + if ( !result ) return result; + + if ( RegGetValueW(hkey, pSubKey, pValue, dwFlags, pdwType, result, &cbData) == ERROR_SUCCESS ) { + *pcbData = cbData; + } else { + free(result); + result = NULL; + } + return result; +} diff --git a/src/wufuc/hlpmisc.h b/src/wufuc/hlpmisc.h new file mode 100644 index 0000000..4d6e27c --- /dev/null +++ b/src/wufuc/hlpmisc.h @@ -0,0 +1,16 @@ +#pragma once + +bool InitializeMutex(bool InitialOwner, const wchar_t *pMutexName, HANDLE *phMutex); +bool CreateEventWithStringSecurityDescriptor( + const wchar_t *pStringSecurityDescriptor, + bool ManualReset, + bool InitialState, + const wchar_t *pName, + HANDLE *phEvent); +PVOID RegGetValueAlloc( + HKEY hkey, + const wchar_t *pSubKey, + const wchar_t *pValue, + DWORD dwFlags, + LPDWORD pdwType, + LPDWORD pcbData); diff --git a/src/wufuc/hlpsvc.c b/src/wufuc/hlpsvc.c new file mode 100644 index 0000000..4007132 --- /dev/null +++ b/src/wufuc/hlpsvc.c @@ -0,0 +1,118 @@ +#include "stdafx.h" +#include "hlpmisc.h" +#include "hlpsvc.h" + +LPQUERY_SERVICE_CONFIGW QueryServiceConfigByNameAlloc( + SC_HANDLE hSCM, + const wchar_t *pServiceName, + LPDWORD pcbBufSize) +{ + SC_HANDLE hService; + DWORD cbBytesNeeded; + LPQUERY_SERVICE_CONFIGW result = NULL; + + hService = OpenServiceW(hSCM, pServiceName, SERVICE_QUERY_CONFIG); + if ( !hService ) return result; + + if ( !QueryServiceConfigW(hService, NULL, 0, &cbBytesNeeded) + && GetLastError() == ERROR_INSUFFICIENT_BUFFER ) { + + result = malloc(cbBytesNeeded); + if ( result ) { + if ( QueryServiceConfigW(hService, result, cbBytesNeeded, &cbBytesNeeded) ) { + *pcbBufSize = cbBytesNeeded; + } else { + free(result); + result = NULL; + } + } + } + CloseServiceHandle(hService); + return result; +} + +bool QueryServiceStatusProcessInfoByName( + SC_HANDLE hSCM, + const wchar_t *pServiceName, + LPSERVICE_STATUS_PROCESS pServiceStatus) +{ + bool result = false; + SC_HANDLE hService; + DWORD cbBytesNeeded; + + hService = OpenServiceW(hSCM, pServiceName, SERVICE_QUERY_STATUS); + if ( !hService ) { + trace(L"Failed to open service %ls! (GetLastError=%ul)", pServiceName, GetLastError()); + return result; + } + + result = !!QueryServiceStatusEx(hService, + SC_STATUS_PROCESS_INFO, + (LPBYTE)pServiceStatus, + sizeof *pServiceStatus, + &cbBytesNeeded); + CloseServiceHandle(hService); + return result; +} + +bool QueryServiceGroupName(const LPQUERY_SERVICE_CONFIGW pServiceConfig, wchar_t *pGroupName, size_t nSize) +{ + bool result = false; + int NumArgs; + LPWSTR *argv; + + argv = CommandLineToArgvW(pServiceConfig->lpBinaryPathName, &NumArgs); + if ( argv ) { + if ( !_wcsicmp(PathFindFileNameW(argv[0]), L"svchost.exe") ) { + + for ( int i = 1; (i + 1) < NumArgs; i++ ) { + if ( !_wcsicmp(argv[i], L"-k") ) + return !wcscpy_s(pGroupName, nSize, argv[++i]); + } + } + LocalFree((HLOCAL)argv); + } + return result; +} + +DWORD QueryServiceProcessId(SC_HANDLE hSCM, const wchar_t *pServiceName) +{ + SERVICE_STATUS_PROCESS ServiceStatusProcess; + + if ( QueryServiceStatusProcessInfoByName(hSCM, pServiceName, &ServiceStatusProcess) ) + return ServiceStatusProcess.dwProcessId; + return 0; +} + +DWORD InferSvchostGroupProcessId(SC_HANDLE hSCM, const wchar_t *pGroupName) +{ + DWORD result = 0; + DWORD cbData; + wchar_t *pData; + DWORD dwProcessId; + DWORD cbBufSize; + LPQUERY_SERVICE_CONFIGW pServiceConfig; + bool success; + WCHAR GroupName[256]; + + pData = RegGetValueAlloc(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Svchost", pGroupName, RRF_RT_REG_MULTI_SZ, NULL, &cbData); + if ( !pData ) return result; + + for ( wchar_t *pName = pData; *pName; pName += wcslen(pName) + 1 ) { + dwProcessId = QueryServiceProcessId(hSCM, pName); + trace(L"pName=%ls dwProcessId=%lu", pName, dwProcessId); + if ( !dwProcessId ) continue; + + pServiceConfig = QueryServiceConfigByNameAlloc(hSCM, pName, &cbBufSize); + if ( !pServiceConfig ) continue; + success = QueryServiceGroupName(pServiceConfig, GroupName, _countof(GroupName)); + free(pServiceConfig); + if ( success && !_wcsicmp(pGroupName, GroupName) ) { + trace(L"found PID for group %ls: %lu", pGroupName, dwProcessId); + result = dwProcessId; + break; + } + } + free(pData); + return result; +} diff --git a/src/wufuc/hlpsvc.h b/src/wufuc/hlpsvc.h new file mode 100644 index 0000000..2245e96 --- /dev/null +++ b/src/wufuc/hlpsvc.h @@ -0,0 +1,13 @@ +#pragma once + +LPQUERY_SERVICE_CONFIGW QueryServiceConfigByNameAlloc( + SC_HANDLE hSCM, + const wchar_t *pServiceName, + LPDWORD pcbBufSize); +bool QueryServiceStatusProcessInfoByName( + SC_HANDLE hSCM, + const wchar_t *pServiceName, + LPSERVICE_STATUS_PROCESS pServiceStatus); +bool QueryServiceGroupName(const LPQUERY_SERVICE_CONFIGW pServiceConfig, wchar_t *pGroupName, size_t nSize); +DWORD QueryServiceProcessId(SC_HANDLE hSCM, const wchar_t *pServiceName); +DWORD InferSvchostGroupProcessId(SC_HANDLE hSCM, const wchar_t *pGroupName); diff --git a/src/wufuc/hlpver.c b/src/wufuc/hlpver.c new file mode 100644 index 0000000..04010bf --- /dev/null +++ b/src/wufuc/hlpver.c @@ -0,0 +1,107 @@ +#include "stdafx.h" +#include "hlpver.h" + +int FileInfoVerCompare(VS_FIXEDFILEINFO *pffi, WORD wMajor, WORD wMinor, WORD wBuild, WORD wRev) +{ + if ( HIWORD(pffi->dwProductVersionMS) < wMajor ) return -1; + if ( HIWORD(pffi->dwProductVersionMS) > wMajor ) return 1; + if ( LOWORD(pffi->dwProductVersionMS) < wMinor ) return -1; + if ( LOWORD(pffi->dwProductVersionMS) > wMinor ) return 1; + if ( HIWORD(pffi->dwProductVersionLS) < wBuild ) return -1; + if ( HIWORD(pffi->dwProductVersionLS) > wBuild ) return 1; + if ( LOWORD(pffi->dwProductVersionLS) < wRev ) return -1; + if ( LOWORD(pffi->dwProductVersionLS) > wRev ) return 1; + return 0; +} + +bool GetVersionInfoFromHModule(HMODULE hModule, LPCWSTR pszSubBlock, LPVOID pData, PUINT pcbData) +{ + bool result = false; + UINT cbData; + HRSRC hResInfo; + DWORD dwSize; + HGLOBAL hResData; + LPVOID pRes; + LPVOID pCopy; + LPVOID pBuffer; + UINT uLen; + + if ( !pcbData ) return result; + cbData = *pcbData; + + hResInfo = FindResourceW(hModule, + MAKEINTRESOURCEW(VS_VERSION_INFO), + RT_VERSION); + if ( !hResInfo ) return result; + + dwSize = SizeofResource(hModule, hResInfo); + if ( !dwSize ) return result; + + hResData = LoadResource(hModule, hResInfo); + if ( !hResData ) return result; + + pRes = LockResource(hResData); + if ( !pRes ) return result; + + pCopy = malloc(dwSize); + if ( !pCopy + || memcpy_s(pCopy, dwSize, pRes, dwSize) + || !VerQueryValueW(pCopy, pszSubBlock, &pBuffer, &uLen) ) + goto cleanup; + + if ( !_wcsnicmp(pszSubBlock, L"\\StringFileInfo\\", 16) ) + *pcbData = uLen * sizeof(wchar_t); + else + *pcbData = uLen; + + if ( !pData ) { + result = true; + goto cleanup; + } + if ( cbData < *pcbData + || memcpy_s(pData, cbData, pBuffer, *pcbData) ) + goto cleanup; + + result = true; +cleanup: + free(pCopy); + return result; +} + +LPVOID GetVersionInfoFromHModuleAlloc(HMODULE hModule, LPCWSTR pszSubBlock, PUINT pcbData) +{ + UINT cbData = 0; + LPVOID result = NULL; + + if ( !GetVersionInfoFromHModule(hModule, pszSubBlock, NULL, &cbData) ) + return result; + + result = malloc(cbData); + if ( !result ) return result; + + if ( GetVersionInfoFromHModule(hModule, pszSubBlock, result, &cbData) ) { + *pcbData = cbData; + } else { + free(result); + result = NULL; + } + return result; +} + +bool IsWindowsVersion(WORD wMajorVersion, WORD wMinorVersion, WORD wServicePackMajor) +{ + OSVERSIONINFOEXW osvi = { sizeof osvi }; + + DWORDLONG dwlConditionMask = 0; + VER_SET_CONDITION(dwlConditionMask, VER_MAJORVERSION, VER_EQUAL); + VER_SET_CONDITION(dwlConditionMask, VER_MINORVERSION, VER_EQUAL); + VER_SET_CONDITION(dwlConditionMask, VER_SERVICEPACKMAJOR, VER_GREATER_EQUAL); + + osvi.dwMajorVersion = wMajorVersion; + osvi.dwMinorVersion = wMinorVersion; + osvi.wServicePackMajor = wServicePackMajor; + + return VerifyVersionInfoW(&osvi, + VER_MAJORVERSION | VER_MINORVERSION | VER_SERVICEPACKMAJOR, + dwlConditionMask) != FALSE; +} diff --git a/src/wufuc/hlpver.h b/src/wufuc/hlpver.h new file mode 100644 index 0000000..6c45376 --- /dev/null +++ b/src/wufuc/hlpver.h @@ -0,0 +1,6 @@ +#pragma once + +int FileInfoVerCompare(VS_FIXEDFILEINFO *pffi, WORD wMajor, WORD wMinor, WORD wBuild, WORD wRev); +bool GetVersionInfoFromHModule(HMODULE hModule, LPCWSTR pszSubBlock, LPVOID pData, PUINT pcbData); +LPVOID GetVersionInfoFromHModuleAlloc(HMODULE hModule, LPCWSTR pszSubBlock, PUINT pcbData); +bool IsWindowsVersion(WORD wMajorVersion, WORD wMinorVersion, WORD wServicePackMajor); diff --git a/wufuc/hooks.c b/src/wufuc/hooks.c similarity index 94% rename from wufuc/hooks.c rename to src/wufuc/hooks.c index c9cc23f..59e4ecc 100644 --- a/wufuc/hooks.c +++ b/src/wufuc/hooks.c @@ -1,6 +1,8 @@ #include "stdafx.h" #include "hooks.h" -#include "helpers.h" +#include "hlpmem.h" +#include "hlpmisc.h" +#include "hlpsvc.h" LPWSTR g_pszWUServiceDll; diff --git a/wufuc/hooks.h b/src/wufuc/hooks.h similarity index 100% rename from wufuc/hooks.h rename to src/wufuc/hooks.h diff --git a/wufuc/patternfind.CHANGES.txt b/src/wufuc/patternfind.CHANGES.txt similarity index 100% rename from wufuc/patternfind.CHANGES.txt rename to src/wufuc/patternfind.CHANGES.txt diff --git a/wufuc/patternfind.LICENSE b/src/wufuc/patternfind.LICENSE similarity index 100% rename from wufuc/patternfind.LICENSE rename to src/wufuc/patternfind.LICENSE diff --git a/wufuc/patternfind.c b/src/wufuc/patternfind.c similarity index 100% rename from wufuc/patternfind.c rename to src/wufuc/patternfind.c diff --git a/wufuc/patternfind.h b/src/wufuc/patternfind.h similarity index 100% rename from wufuc/patternfind.h rename to src/wufuc/patternfind.h diff --git a/wufuc/rundll32.c b/src/wufuc/rundll32.c similarity index 99% rename from wufuc/rundll32.c rename to src/wufuc/rundll32.c index d33b178..feff0d4 100644 --- a/wufuc/rundll32.c +++ b/src/wufuc/rundll32.c @@ -1,7 +1,6 @@ #include "stdafx.h" #include "callbacks.h" -#include "helpers.h" - +#include "hlpmisc.h" void CALLBACK RUNDLL32_StartW(HWND hwnd, HINSTANCE hinst, LPWSTR lpszCmdLine, int nCmdShow) diff --git a/wufuc/rundll32.h b/src/wufuc/rundll32.h similarity index 100% rename from wufuc/rundll32.h rename to src/wufuc/rundll32.h diff --git a/wufuc/stdafx.c b/src/wufuc/stdafx.c similarity index 100% rename from wufuc/stdafx.c rename to src/wufuc/stdafx.c diff --git a/wufuc/stdafx.h b/src/wufuc/stdafx.h similarity index 100% rename from wufuc/stdafx.h rename to src/wufuc/stdafx.h diff --git a/wufuc/targetver.h b/src/wufuc/targetver.h similarity index 100% rename from wufuc/targetver.h rename to src/wufuc/targetver.h diff --git a/wufuc/tracing.c b/src/wufuc/tracing.c similarity index 100% rename from wufuc/tracing.c rename to src/wufuc/tracing.c diff --git a/wufuc/tracing.h b/src/wufuc/tracing.h similarity index 100% rename from wufuc/tracing.h rename to src/wufuc/tracing.h diff --git a/wufuc/wufuc.rc b/src/wufuc/wufuc.rc similarity index 100% rename from wufuc/wufuc.rc rename to src/wufuc/wufuc.rc diff --git a/wufuc/wufuc.rch b/src/wufuc/wufuc.rch similarity index 100% rename from wufuc/wufuc.rch rename to src/wufuc/wufuc.rch diff --git a/wufuc/wufuc.vcxproj b/src/wufuc/wufuc.vcxproj similarity index 92% rename from wufuc/wufuc.vcxproj rename to src/wufuc/wufuc.vcxproj index e984493..f078f25 100644 --- a/wufuc/wufuc.vcxproj +++ b/src/wufuc/wufuc.vcxproj @@ -20,16 +20,23 @@ + + + + - + + + + @@ -38,7 +45,6 @@ Create Create - @@ -109,8 +115,8 @@ $(ProjectDir)$(BaseIntermediateOutputPath)$(Configuration)\$(PlatformShortName)\ $(ProjectName)$(PlatformArchitecture) false - $(SolutionDir)inc\phnt;$(SolutionDir)inc\detours;$(IncludePath) - $(SolutionDir)lib\detours;$(LibraryPath) + $(SolutionDir)..\inc\phnt;$(SolutionDir)..\inc\detours;$(IncludePath) + $(SolutionDir)..\lib\detours;$(LibraryPath) true @@ -118,8 +124,8 @@ $(ProjectDir)$(BaseIntermediateOutputPath)$(Configuration)\$(PlatformShortName)\ $(ProjectName)$(PlatformArchitecture) false - $(SolutionDir)inc\phnt;$(SolutionDir)inc\detours;$(IncludePath) - $(SolutionDir)lib\detours;$(LibraryPath) + $(SolutionDir)..\inc\phnt;$(SolutionDir)..\inc\detours;$(IncludePath) + $(SolutionDir)..\lib\detours;$(LibraryPath) false @@ -127,8 +133,8 @@ $(ProjectDir)$(BaseIntermediateOutputPath)$(Configuration)\$(PlatformShortName)\ $(ProjectName)$(PlatformArchitecture) false - $(SolutionDir)inc\phnt;$(SolutionDir)inc\detours;$(IncludePath) - $(SolutionDir)lib\detours;$(LibraryPath) + $(SolutionDir)..\inc\phnt;$(SolutionDir)..\inc\detours;$(IncludePath) + $(SolutionDir)..\lib\detours;$(LibraryPath) false @@ -136,8 +142,8 @@ $(ProjectDir)$(BaseIntermediateOutputPath)$(Configuration)\$(PlatformShortName)\ $(ProjectName)$(PlatformArchitecture) false - $(SolutionDir)inc\phnt;$(SolutionDir)inc\detours;$(IncludePath) - $(SolutionDir)lib\detours;$(LibraryPath) + $(SolutionDir)..\inc\phnt;$(SolutionDir)..\inc\detours;$(IncludePath) + $(SolutionDir)..\lib\detours;$(LibraryPath) diff --git a/wufuc/wufuc.vcxproj.filters b/src/wufuc/wufuc.vcxproj.filters similarity index 80% rename from wufuc/wufuc.vcxproj.filters rename to src/wufuc/wufuc.vcxproj.filters index ac2a207..5b1276a 100644 --- a/wufuc/wufuc.vcxproj.filters +++ b/src/wufuc/wufuc.vcxproj.filters @@ -30,10 +30,19 @@ Header Files - + Header Files - + + Header Files + + + Header Files + + + Header Files + + Header Files @@ -56,10 +65,19 @@ Source Files - + Source Files - + + Source Files + + + Source Files + + + Source Files + + Source Files diff --git a/wufuc_setup/.gitignore b/src/wufuc_setup/.gitignore similarity index 100% rename from wufuc_setup/.gitignore rename to src/wufuc_setup/.gitignore diff --git a/wufuc_setup/LICENSE.rtf b/src/wufuc_setup/LICENSE.rtf similarity index 100% rename from wufuc_setup/LICENSE.rtf rename to src/wufuc_setup/LICENSE.rtf diff --git a/wufuc_setup/wufuc_setup.aip b/src/wufuc_setup/wufuc_setup.aip similarity index 100% rename from wufuc_setup/wufuc_setup.aip rename to src/wufuc_setup/wufuc_setup.aip diff --git a/wufuc_setup_bat/.gitignore b/src/wufuc_setup_bat/.gitignore similarity index 100% rename from wufuc_setup_bat/.gitignore rename to src/wufuc_setup_bat/.gitignore diff --git a/wufuc_setup_bat/COPYING.txt b/src/wufuc_setup_bat/COPYING.txt similarity index 100% rename from wufuc_setup_bat/COPYING.txt rename to src/wufuc_setup_bat/COPYING.txt diff --git a/wufuc_setup_bat/Restore_wuauserv.reg b/src/wufuc_setup_bat/Restore_wuauserv.reg similarity index 100% rename from wufuc_setup_bat/Restore_wuauserv.reg rename to src/wufuc_setup_bat/Restore_wuauserv.reg diff --git a/wufuc_setup_bat/install_wufuc.bat b/src/wufuc_setup_bat/install_wufuc.bat similarity index 100% rename from wufuc_setup_bat/install_wufuc.bat rename to src/wufuc_setup_bat/install_wufuc.bat diff --git a/wufuc_setup_bat/uninstall_wufuc.bat b/src/wufuc_setup_bat/uninstall_wufuc.bat similarity index 100% rename from wufuc_setup_bat/uninstall_wufuc.bat rename to src/wufuc_setup_bat/uninstall_wufuc.bat diff --git a/wufuc_setup_bat/wufuc_ScheduledTask.xml b/src/wufuc_setup_bat/wufuc_ScheduledTask.xml similarity index 100% rename from wufuc_setup_bat/wufuc_ScheduledTask.xml rename to src/wufuc_setup_bat/wufuc_ScheduledTask.xml diff --git a/wufuc/helpers.h b/wufuc/helpers.h deleted file mode 100644 index ac68049..0000000 --- a/wufuc/helpers.h +++ /dev/null @@ -1,49 +0,0 @@ -#pragma once - -typedef struct -{ - WORD wLanguage; - WORD wCodePage; -} LANGANDCODEPAGE, *PLANGANDCODEPAGE; - -bool InitializeMutex(bool InitialOwner, const wchar_t *pMutexName, HANDLE *phMutex); -bool CreateEventWithStringSecurityDescriptor( - const wchar_t *pStringSecurityDescriptor, - bool ManualReset, - bool InitialState, - const wchar_t *pName, - HANDLE *phEvent); -int FileInfoVerCompare(VS_FIXEDFILEINFO *pffi, WORD wMajor, WORD wMinor, WORD wBuild, WORD wRev); -bool GetVersionInfoFromHModule(HMODULE hModule, LPCWSTR pszSubBlock, LPVOID pData, PUINT pcbData); -LPVOID GetVersionInfoFromHModuleAlloc(HMODULE hModule, LPCWSTR pszSubBlock, PUINT pcbData); -bool FindIsDeviceServiceablePtr(HMODULE hModule, PVOID *ppfnIsDeviceServiceable); -HANDLE GetRemoteHModuleFromTh32ModuleSnapshot(HANDLE hSnapshot, const wchar_t *pLibFileName); -bool InjectLibraryAndCreateRemoteThread( - HANDLE hProcess, - HMODULE hModule, - LPTHREAD_START_ROUTINE pStartAddress, - const void *pParam, - size_t cbParam); -bool InjectLibrary(HANDLE hProcess, HMODULE hModule, HMODULE *phRemoteModule); -bool InjectLibraryByFilename( - HANDLE hProcess, - const wchar_t *pLibFilename, - size_t cchLibFilename, - HMODULE *phRemoteModule); -bool IsWindowsVersion(WORD wMajorVersion, WORD wMinorVersion, WORD wServicePackMajor); -PVOID RegGetValueAlloc( - HKEY hkey, - const wchar_t *pSubKey, - const wchar_t *pValue, - DWORD dwFlags, - LPDWORD pdwType, - LPDWORD pcbData); -LPQUERY_SERVICE_CONFIGW QueryServiceConfigByNameAlloc( - SC_HANDLE hSCM, - const wchar_t *pServiceName, - LPDWORD pcbBufSize); -bool QueryServiceStatusProcessInfoByName( - SC_HANDLE hSCM, - const wchar_t *pServiceName, - LPSERVICE_STATUS_PROCESS pServiceStatus); -DWORD QueryServiceProcessId(SC_HANDLE hSCM, const wchar_t *pServiceName);