zabpehely
/
rdpwrap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 5 Wiki Activity

Code updates 

C++ code still needs to be processed
This commit is contained in:
binarymaster 2014-11-21 16:38:07 +03:00
parent 1d35b31d6e
commit 2c7e0279e0
3 changed files with 2736 additions and 1950 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
src-x86-binarymaster/src/rdpwrap.dpr
View File

@ -641,70 +641,50 @@ begin
if GetModuleAddress('termsrv.dll', GetCurrentProcessId, TermSrvBase, TermSrvSize) then begin if GetModuleAddress('termsrv.dll', GetCurrentProcessId, TermSrvBase, TermSrvSize) then begin
if INIReadBool(INI, Sect, 'LocalOnlyPatch.x86', False) then begin if INIReadBool(INI, Sect, 'LocalOnlyPatch.x86', False) then begin
WriteLog('Patch CEnforcementCore::GetInstanceOfTSLicense'); WriteLog('Patch CEnforcementCore::GetInstanceOfTSLicense');
try
SignPtr := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'LocalOnlyOffset.x86', 0)); SignPtr := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'LocalOnlyOffset.x86', 0));
I := SListFind(PatchList, INIReadString(INI, Sect, 'LocalOnlyCode.x86', '')); I := SListFind(PatchList, INIReadString(INI, Sect, 'LocalOnlyCode.x86', ''));
if I >= 0 then if I >= 0 then
WriteProcessMemory(GetCurrentProcess, SignPtr, @Patch[I][0], Length(Patch[I]), bw); WriteProcessMemory(GetCurrentProcess, SignPtr, @Patch[I][0], Length(Patch[I]), bw);
except
end;
end; end;
if INIReadBool(INI, Sect, 'SingleUserPatch.x86', False) then begin if INIReadBool(INI, Sect, 'SingleUserPatch.x86', False) then begin
WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled'); WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
try
SignPtr := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'SingleUserOffset.x86', 0)); SignPtr := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'SingleUserOffset.x86', 0));
I := SListFind(PatchList, INIReadString(INI, Sect, 'SingleUserCode.x86', '')); I := SListFind(PatchList, INIReadString(INI, Sect, 'SingleUserCode.x86', ''));
if I >= 0 then if I >= 0 then
WriteProcessMemory(GetCurrentProcess, SignPtr, @Patch[I][0], Length(Patch[I]), bw); WriteProcessMemory(GetCurrentProcess, SignPtr, @Patch[I][0], Length(Patch[I]), bw);
except
end;
end; end;
if INIReadBool(INI, Sect, 'DefPolicyPatch.x86', False) then begin if INIReadBool(INI, Sect, 'DefPolicyPatch.x86', False) then begin
WriteLog('Patch CDefPolicy::Query'); WriteLog('Patch CDefPolicy::Query');
try
SignPtr := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'DefPolicyOffset.x86', 0)); SignPtr := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'DefPolicyOffset.x86', 0));
I := SListFind(PatchList, INIReadString(INI, Sect, 'DefPolicyCode.x86', '')); I := SListFind(PatchList, INIReadString(INI, Sect, 'DefPolicyCode.x86', ''));
if I >= 0 then if I >= 0 then
WriteProcessMemory(GetCurrentProcess, SignPtr, @Patch[I][0], Length(Patch[I]), bw); WriteProcessMemory(GetCurrentProcess, SignPtr, @Patch[I][0], Length(Patch[I]), bw);
except
end;
end; end;
if INIReadBool(INI, Sect, 'SLPolicyInternal.x86', False) then begin if INIReadBool(INI, Sect, 'SLPolicyInternal.x86', False) then begin
WriteLog('Hook SLGetWindowsInformationDWORDWrapper'); WriteLog('Hook SLGetWindowsInformationDWORDWrapper');
try
SignPtr := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'SLPolicyOffset.x86', 0)); SignPtr := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'SLPolicyOffset.x86', 0));
except
SignPtr := nil;
end;
MovJump.MovOp := $89; // mov eax, ecx MovJump.MovOp := $89; // mov eax, ecx
MovJump.MovArg := $C8; // __msfastcall compatibility MovJump.MovArg := $C8; // __msfastcall compatibility
MovJump.PushOp := $68; MovJump.PushOp := $68;
MovJump.PushArg := nil; MovJump.PushArg := @New_Win8SL;
MovJump.RetOp := $C3;
FuncName := INIReadString(INI, Sect, 'SLPolicyFunc.x86', 'New_Win8SL'); FuncName := INIReadString(INI, Sect, 'SLPolicyFunc.x86', 'New_Win8SL');
if FuncName = 'New_Win8SL' then if FuncName = 'New_Win8SL' then
MovJump.PushArg := @New_Win8SL; MovJump.PushArg := @New_Win8SL;
if FuncName = 'New_Win8SL_CP' then if FuncName = 'New_Win8SL_CP' then
MovJump.PushArg := @New_Win8SL_CP; MovJump.PushArg := @New_Win8SL_CP;
MovJump.RetOp := $C3;
WriteProcessMemory(GetCurrentProcess, SignPtr, WriteProcessMemory(GetCurrentProcess, SignPtr,
@MovJump, SizeOf(mov_far_jmp), bw); @MovJump, SizeOf(mov_far_jmp), bw);
end; end;
if INIReadBool(INI, Sect, 'SLInitHook.x86', False) then begin if INIReadBool(INI, Sect, 'SLInitHook.x86', False) then begin
WriteLog('Hook CSLQuery::Initialize'); WriteLog('Hook CSLQuery::Initialize');
try
SignPtr := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'SLInitOffset.x86', 0)); SignPtr := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'SLInitOffset.x86', 0));
except
SignPtr := nil;
end;
Jump.PushOp := $68; Jump.PushOp := $68;
Jump.PushArg := nil; Jump.PushArg := @New_CSLQuery_Initialize;
Jump.RetOp := $C3;
FuncName := INIReadString(INI, Sect, 'SLInitFunc.x86', 'New_CSLQuery_Initialize'); FuncName := INIReadString(INI, Sect, 'SLInitFunc.x86', 'New_CSLQuery_Initialize');
if FuncName = 'New_CSLQuery_Initialize' then if FuncName = 'New_CSLQuery_Initialize' then
Jump.PushArg := @New_CSLQuery_Initialize; Jump.PushArg := @New_CSLQuery_Initialize;
Jump.RetOp := $C3;
WriteProcessMemory(GetCurrentProcess, SignPtr, WriteProcessMemory(GetCurrentProcess, SignPtr,
@Jump, SizeOf(far_jmp), bw); @Jump, SizeOf(far_jmp), bw);
end; end;

2523
src-x86-x64-Fusix/src/RDPWrap-old.cpp Normal file
View File

File diff suppressed because it is too large Load Diff

2119
src-x86-x64-Fusix/src/RDPWrap.cpp
View File

File diff suppressed because it is too large Load Diff