rename debug print method and split to ansi/unicode
This commit is contained in:
zeffy
12
wufuc/core.c
12
wufuc/core.c
@@ -41,7 +41,7 @@ DWORD WINAPI NewThreadProc(LPVOID lpParam) {
|
||||
DETOUR_IAT(hm, LoadLibraryExA);
|
||||
DETOUR_IAT(hm, LoadLibraryExW);
|
||||
|
||||
DbgPrint("Applied LoadLibraryEx hooks.");
|
||||
_tdbgprintf(_T("Applied LoadLibraryEx hooks."));
|
||||
|
||||
HMODULE hwu = GetModuleHandle(_T("wuaueng.dll"));
|
||||
if (hwu) {
|
||||
@@ -52,14 +52,14 @@ DWORD WINAPI NewThreadProc(LPVOID lpParam) {
|
||||
WaitForSingleObject(hEvent, INFINITE);
|
||||
CloseHandle(hEvent);
|
||||
|
||||
DbgPrint("Received wufuc_UnloadEvent, removing hooks.");
|
||||
_tdbgprintf(_T("Received wufuc_UnloadEvent, removing hooks."));
|
||||
|
||||
SuspendProcess(lphThreads, _countof(lphThreads), &cb);
|
||||
RESTORE_IAT(hm, LoadLibraryExA);
|
||||
RESTORE_IAT(hm, LoadLibraryExW);
|
||||
ResumeAndCloseThreads(lphThreads, cb);
|
||||
|
||||
DbgPrint("Unloading library. Cya!");
|
||||
_tdbgprintf(_T("Unloading library. Cya!"));
|
||||
FreeLibraryAndExitThread(HINST_THISCOMPONENT, 0);
|
||||
return 0;
|
||||
}
|
||||
@@ -118,20 +118,20 @@ BOOL PatchWUModule(HMODULE hModule) {
|
||||
if (!FindPattern(modinfo.lpBaseOfDll, modinfo.SizeOfImage, lpszPattern, 0, &offset)) {
|
||||
return FALSE;
|
||||
}
|
||||
DbgPrint("IsDeviceServiceable(void) matched at %p", (UINT_PTR)modinfo.lpBaseOfDll + offset);
|
||||
_tdbgprintf(_T("IsDeviceServiceable(void) matched at %p"), (UINT_PTR)modinfo.lpBaseOfDll + offset);
|
||||
|
||||
DWORD *lpdwResultIsNotCachedOffset = (DWORD *)((UINT_PTR)modinfo.lpBaseOfDll + offset + n1);
|
||||
BOOL *lpbResultIsNotCached = (BOOL *)((UINT_PTR)modinfo.lpBaseOfDll + offset + n1 + sizeof(DWORD) + *lpdwResultIsNotCachedOffset);
|
||||
if (*lpbResultIsNotCached) {
|
||||
*lpbResultIsNotCached = FALSE;
|
||||
DbgPrint("Patched %p=%d", lpbResultIsNotCached, *lpbResultIsNotCached);
|
||||
_tdbgprintf(_T("Patched %p=%d"), lpbResultIsNotCached, *lpbResultIsNotCached);
|
||||
}
|
||||
|
||||
DWORD *lpdwCachedResultOffset = (DWORD *)((UINT_PTR)modinfo.lpBaseOfDll + offset + n2);
|
||||
BOOL *lpbCachedResult = (BOOL *)((UINT_PTR)modinfo.lpBaseOfDll + offset + n2 + sizeof(DWORD) + *lpdwCachedResultOffset);
|
||||
if (!*lpbCachedResult) {
|
||||
*lpbCachedResult = TRUE;
|
||||
DbgPrint("Patched %p=%d", lpbCachedResult, *lpbCachedResult);
|
||||
_tdbgprintf(_T("Patched %p=%d"), lpbCachedResult, *lpbCachedResult);
|
||||
}
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
@@ -34,7 +34,7 @@ void CALLBACK Rundll32Entry(HWND hwnd, HINSTANCE hinst, LPSTR lpszCmdLine, int n
|
||||
void CALLBACK Rundll32Unload(HWND hwnd, HINSTANCE hinst, LPSTR lpszCmdLine, int nCmdShow) {
|
||||
HANDLE hEvent = OpenEvent(EVENT_MODIFY_STATE, FALSE, _T("Global\\wufuc_UnloadEvent"));
|
||||
if (hEvent) {
|
||||
DbgPrint("Setting wufuc_UnloadEvent...");
|
||||
_tdbgprintf(_T("Setting wufuc_UnloadEvent..."));
|
||||
SetEvent(hEvent);
|
||||
CloseHandle(hEvent);
|
||||
}
|
||||
|
||||
@@ -17,7 +17,7 @@ VOID DetourIAT(HMODULE hModule, LPSTR lpFuncName, LPVOID *lpOldAddress, LPVOID l
|
||||
if (lpOldAddress) {
|
||||
*lpOldAddress = *lpAddress;
|
||||
}
|
||||
DbgPrint("%S %p => %p", lpFuncName, *lpAddress, lpNewAddress);
|
||||
_tdbgprintf(_T("%S %p => %p"), lpFuncName, *lpAddress, lpNewAddress);
|
||||
*lpAddress = lpNewAddress;
|
||||
VirtualProtect(lpAddress, sizeof(LPVOID), flOldProtect, &flNewProtect);
|
||||
}
|
||||
@@ -99,7 +99,7 @@ BOOL InjectLibrary(HANDLE hProcess, LPCTSTR lpLibFileName, DWORD cb) {
|
||||
}
|
||||
} while (Module32Next(hSnap, &me));
|
||||
CloseHandle(hSnap);
|
||||
DbgPrint("Injecting %s into process %d", lpLibFileName, dwProcessId);
|
||||
_tdbgprintf(_T("Injecting %s into process %d"), lpLibFileName, dwProcessId);
|
||||
HANDLE hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)GetProcAddress(me.hModule, _CRT_STRINGIZE(LoadLibrary)), lpBaseAddress, 0, NULL);
|
||||
CloseHandle(hThread);
|
||||
return TRUE;
|
||||
@@ -127,7 +127,7 @@ VOID SuspendProcess(HANDLE *lphThreads, SIZE_T dwSize, SIZE_T *lpcb) {
|
||||
CloseHandle(hSnap);
|
||||
|
||||
*lpcb = count;
|
||||
DbgPrint("Suspended other threads.");
|
||||
_tdbgprintf(_T("Suspended other threads."));
|
||||
}
|
||||
|
||||
VOID ResumeAndCloseThreads(HANDLE *lphThreads, SIZE_T cb) {
|
||||
@@ -135,5 +135,5 @@ VOID ResumeAndCloseThreads(HANDLE *lphThreads, SIZE_T cb) {
|
||||
ResumeThread(lphThreads[i]);
|
||||
CloseHandle(lphThreads[i]);
|
||||
}
|
||||
DbgPrint("Resumed threads.");
|
||||
_tdbgprintf(_T("Resumed threads."));
|
||||
}
|
||||
|
||||
@@ -34,7 +34,7 @@ BOOL QueryServiceProcessId(SC_HANDLE hSCManager, LPCTSTR lpServiceName, DWORD *l
|
||||
if (QueryServiceStatusEx(hService, SC_STATUS_PROCESS_INFO, (LPBYTE)&lpBuffer, sizeof(lpBuffer), &cbBytesNeeded) && lpBuffer.dwProcessId) {
|
||||
*lpdwProcessId = lpBuffer.dwProcessId;
|
||||
result = TRUE;
|
||||
DbgPrint("Found %s pid %d", lpServiceName, *lpdwProcessId);
|
||||
_tdbgprintf(_T("Found %s pid %d"), lpServiceName, *lpdwProcessId);
|
||||
}
|
||||
CloseServiceHandle(hService);
|
||||
return result;
|
||||
@@ -61,7 +61,7 @@ BOOL GetServiceGroupName(SC_HANDLE hSCManager, LPCTSTR lpServiceName, LPTSTR lpG
|
||||
if (!_tcsicmp(*(p++), _T("-k"))) {
|
||||
_tcscpy_s(lpGroupName, dwSize, *p);
|
||||
result = TRUE;
|
||||
DbgPrint("Found %s svc group: %s", lpServiceName, lpGroupName);
|
||||
_tdbgprintf(_T("Found %s svc group: %s"), lpServiceName, lpGroupName);
|
||||
break;
|
||||
}
|
||||
}
|
||||
@@ -86,7 +86,7 @@ BOOL FindServiceGroupProcessId(SC_HANDLE hSCManager, LPTSTR lpServiceGroupName,
|
||||
result = !_tcsicmp(group, lpServiceGroupName);
|
||||
}
|
||||
if (result) {
|
||||
DbgPrint("Found %s pid %d", lpServiceGroupName, dwProcessId);
|
||||
_tdbgprintf(_T("Found %s pid %d"), lpServiceGroupName, dwProcessId);
|
||||
*lpdwProcessId = dwProcessId;
|
||||
break;
|
||||
}
|
||||
|
||||
20
wufuc/util.c
20
wufuc/util.c
@@ -1,4 +1,5 @@
|
||||
#include <Windows.h>
|
||||
#include <stdio.h>
|
||||
#include <VersionHelpers.h>
|
||||
#include <tchar.h>
|
||||
#include "util.h"
|
||||
@@ -15,13 +16,20 @@ BOOL IsWindows8Point1(void) {
|
||||
return IsWindows8Point1OrGreater() && !IsWindows10OrGreater();
|
||||
}
|
||||
|
||||
//#ifdef _DEBUG
|
||||
VOID _DbgPrint(LPCTSTR format, ...) {
|
||||
TCHAR buffer[0x1000];
|
||||
VOID _wdbgprintf(LPCWSTR format, ...) {
|
||||
WCHAR buffer[0x1000];
|
||||
va_list argptr;
|
||||
va_start(argptr, format);
|
||||
_vstprintf_s(buffer, _countof(buffer), format, argptr);
|
||||
vswprintf_s(buffer, _countof(buffer), format, argptr);
|
||||
va_end(argptr);
|
||||
OutputDebugString(buffer);
|
||||
OutputDebugStringW(buffer);
|
||||
}
|
||||
|
||||
VOID _dbgprintf(LPCSTR format, ...) {
|
||||
CHAR buffer[0x1000];
|
||||
va_list argptr;
|
||||
va_start(argptr, format);
|
||||
vsprintf_s(buffer, _countof(buffer), format, argptr);
|
||||
va_end(argptr);
|
||||
OutputDebugStringA(buffer);
|
||||
}
|
||||
//#endif
|
||||
|
||||
14
wufuc/util.h
14
wufuc/util.h
@@ -9,13 +9,17 @@ BOOL IsWindows7(void);
|
||||
|
||||
BOOL IsWindows8Point1(void);
|
||||
|
||||
VOID _wdbgprintf(LPCWSTR format, ...);
|
||||
VOID _dbgprintf(LPCSTR format, ...);
|
||||
//#ifdef _DEBUG
|
||||
VOID _DbgPrint(LPCTSTR format, ...);
|
||||
#define DbgPrint(format, ...) \
|
||||
_DbgPrint(_T(__FUNCTION__) _T(": ") _T(format), ##__VA_ARGS__)
|
||||
#ifdef UNICODE
|
||||
#define _tdbgprintf _wdbgprintf
|
||||
#else
|
||||
#define _tdbgprintf _dbgprintf
|
||||
#endif // !UNICODE
|
||||
//#else
|
||||
//#define DbgPrint(format, ...)
|
||||
//#endif
|
||||
//#define _tdbgprintf(format, ...)
|
||||
//#endif // !_DEBUG
|
||||
|
||||
#ifdef UNICODE
|
||||
#define CommandLineToArgv CommandLineToArgvW
|
||||
|
||||
Reference in New Issue
Block a user