Vichingo455/wufuc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
8a5ef20488d59971447264d435447a7c35621e1e
wufuc/wufuc/entrypoint.c
zeffy 8a5ef20488 clean up
2017-06-07 05:34:00 -07:00

39 lines
1.3 KiB
C
Raw Blame History

#include <Windows.h>
#include <TlHelp32.h>
#include <tchar.h>
#include "service.h"
#include "process.h"
#include "util.h"
void CALLBACK Rundll32Entry(HWND hwnd, HINSTANCE hinst, LPSTR lpszCmdLine, int nCmdShow) {
HANDLE hEvent = OpenEvent(SYNCHRONIZE, FALSE, _T("Global\\wufuc_UnloadEvent"));
if (hEvent) {
CloseHandle(hEvent);
return;
}
SC_HANDLE hSCManager = OpenSCManager(NULL, SERVICES_ACTIVE_DATABASE, SC_MANAGER_CONNECT);
TCHAR lpGroupName[256];
DWORD dwProcessId;
BOOL result = get_svcpid(hSCManager, _T("wuauserv"), &dwProcessId);
if (!result && get_svcgname(hSCManager, _T("wuauserv"), lpGroupName, _countof(lpGroupName))) {
result = get_svcgpid(hSCManager, lpGroupName, &dwProcessId);
}
CloseServiceHandle(hSCManager);
if (!result) {
return;
}
TCHAR lpLibFileName[MAX_PATH + 1];
GetModuleFileName(HINST_THISCOMPONENT, lpLibFileName, _countof(lpLibFileName));
InjectLibrary(dwProcessId, lpLibFileName, _countof(lpLibFileName));
}
void CALLBACK Rundll32Unload(HWND hwnd, HINSTANCE hinst, LPSTR lpszCmdLine, int nCmdShow) {
HANDLE hEvent = OpenEvent(EVENT_MODIFY_STATE, FALSE, _T("Global\\wufuc_UnloadEvent"));
if (hEvent) {
_tdbgprintf(_T("Setting wufuc_UnloadEvent..."));
SetEvent(hEvent);
CloseHandle(hEvent);
}
}
Reference in New Issue View Git Blame Copy Permalink