mirror of
https://github.com/valinet/ExplorerPatcher.git
synced 2024-11-30 18:24:36 +01:00
Hardcoded symbols are based on MD5 sum
This commit is contained in:
parent
1608abf6c6
commit
6f8d0efe97
@ -539,7 +539,16 @@ BOOL LoadSymbols(symbols_addr* symbols_PTRS, HMODULE hModule)
|
||||
ubr
|
||||
);
|
||||
|
||||
if (IsBuild(rovi, ubr, 22000, 282) || IsBuild(rovi, ubr, 22000, 318))
|
||||
BOOL bIsStartHardcoded = FALSE;
|
||||
BOOL bIsTwinuiPcshellHardcoded = FALSE;
|
||||
WCHAR hash[100];
|
||||
ZeroMemory(hash, 100 * sizeof(WCHAR));
|
||||
TCHAR wszPath[MAX_PATH];
|
||||
|
||||
GetSystemDirectoryW(wszPath, MAX_PATH);
|
||||
wcscat_s(wszPath, MAX_PATH, L"\\" TEXT(TWINUI_PCSHELL_SB_NAME) L".dll");
|
||||
ComputeFileHash(wszPath, hash, 100);
|
||||
if (!_wcsicmp(hash, L"8b23b02962856e89b8d8a3956de1d76c")) // 282, 318
|
||||
{
|
||||
symbols_PTRS->twinui_pcshell_PTRS[0] = 0x217CE6;
|
||||
symbols_PTRS->twinui_pcshell_PTRS[1] = 0x5CC570;
|
||||
@ -549,14 +558,108 @@ BOOL LoadSymbols(symbols_addr* symbols_PTRS, HMODULE hModule)
|
||||
symbols_PTRS->twinui_pcshell_PTRS[5] = 0x5DA8C4;
|
||||
symbols_PTRS->twinui_pcshell_PTRS[6] = 0x5CD9C0;
|
||||
symbols_PTRS->twinui_pcshell_PTRS[7] = 0x52980;
|
||||
bIsTwinuiPcshellHardcoded = TRUE;
|
||||
}
|
||||
else if (!_wcsicmp(hash, L"03487ccd5bc5a194fad61b616b0a2b28")) // 346
|
||||
{
|
||||
symbols_PTRS->twinui_pcshell_PTRS[0] = 0x21B036;
|
||||
symbols_PTRS->twinui_pcshell_PTRS[1] = 0x5CD740;
|
||||
symbols_PTRS->twinui_pcshell_PTRS[2] = 0x5F7058;
|
||||
symbols_PTRS->twinui_pcshell_PTRS[3] = 0x5F7860;
|
||||
symbols_PTRS->twinui_pcshell_PTRS[4] = 0x5DBDD8;
|
||||
symbols_PTRS->twinui_pcshell_PTRS[5] = 0x5DBA94;
|
||||
symbols_PTRS->twinui_pcshell_PTRS[6] = 0x5CEB90;
|
||||
symbols_PTRS->twinui_pcshell_PTRS[7] = 0x4D780;
|
||||
bIsTwinuiPcshellHardcoded = TRUE;
|
||||
}
|
||||
if (bIsTwinuiPcshellHardcoded)
|
||||
{
|
||||
wprintf(L"[Symbols] Identified known \"" TEXT(TWINUI_PCSHELL_SB_NAME) L".dll\" with hash %s.\n", hash);
|
||||
}
|
||||
|
||||
GetWindowsDirectoryW(wszPath, MAX_PATH);
|
||||
wcscat_s(wszPath, MAX_PATH, L"\\SystemApps\\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\\" TEXT(STARTDOCKED_SB_NAME) L".dll");
|
||||
ComputeFileHash(wszPath, hash, 100);
|
||||
if (!_wcsicmp(hash, L"b57bb94a48d2422de9a78c5fcba28f98")) // 282, 318
|
||||
{
|
||||
symbols_PTRS->startdocked_PTRS[0] = 0x188EBC;
|
||||
symbols_PTRS->startdocked_PTRS[1] = 0x188EBC;
|
||||
symbols_PTRS->startdocked_PTRS[2] = 0x187120;
|
||||
symbols_PTRS->startdocked_PTRS[3] = 0x3C10;
|
||||
symbols_PTRS->startdocked_PTRS[4] = 0x160AEC;
|
||||
bIsStartHardcoded = TRUE;
|
||||
}
|
||||
else
|
||||
else if (!_wcsicmp(hash, L"e9c1c45a659dafabf671cb0ae195f8d9")) // 346
|
||||
{
|
||||
symbols_PTRS->startdocked_PTRS[0] = 0x18969C;
|
||||
symbols_PTRS->startdocked_PTRS[1] = 0x18969C;
|
||||
symbols_PTRS->startdocked_PTRS[2] = 0x187900;
|
||||
symbols_PTRS->startdocked_PTRS[3] = 0x3C00;
|
||||
symbols_PTRS->startdocked_PTRS[4] = 0x1612CC;
|
||||
bIsStartHardcoded = TRUE;
|
||||
}
|
||||
if (bIsStartHardcoded)
|
||||
{
|
||||
wprintf(L"[Symbols] Identified known \"" TEXT(STARTDOCKED_SB_NAME) L".dll\" with hash %s.\n", hash);
|
||||
|
||||
RegCreateKeyExW(
|
||||
HKEY_CURRENT_USER,
|
||||
TEXT(REGPATH) L"\\" TEXT(STARTDOCKED_SB_NAME),
|
||||
0,
|
||||
NULL,
|
||||
REG_OPTION_NON_VOLATILE,
|
||||
KEY_WRITE,
|
||||
NULL,
|
||||
&hKey,
|
||||
&dwDisposition
|
||||
);
|
||||
if (hKey)
|
||||
{
|
||||
RegSetValueExW(
|
||||
hKey,
|
||||
TEXT(STARTDOCKED_SB_0),
|
||||
0,
|
||||
REG_DWORD,
|
||||
&(symbols_PTRS->startdocked_PTRS[0]),
|
||||
sizeof(DWORD)
|
||||
);
|
||||
RegSetValueExW(
|
||||
hKey,
|
||||
TEXT(STARTDOCKED_SB_1),
|
||||
0,
|
||||
REG_DWORD,
|
||||
&(symbols_PTRS->startdocked_PTRS[1]),
|
||||
sizeof(DWORD)
|
||||
);
|
||||
RegSetValueExW(
|
||||
hKey,
|
||||
TEXT(STARTDOCKED_SB_2),
|
||||
0,
|
||||
REG_DWORD,
|
||||
&(symbols_PTRS->startdocked_PTRS[2]),
|
||||
sizeof(DWORD)
|
||||
);
|
||||
RegSetValueExW(
|
||||
hKey,
|
||||
TEXT(STARTDOCKED_SB_3),
|
||||
0,
|
||||
REG_DWORD,
|
||||
&(symbols_PTRS->startdocked_PTRS[3]),
|
||||
sizeof(DWORD)
|
||||
);
|
||||
RegSetValueExW(
|
||||
hKey,
|
||||
TEXT(STARTDOCKED_SB_4),
|
||||
0,
|
||||
REG_DWORD,
|
||||
&(symbols_PTRS->startdocked_PTRS[4]),
|
||||
sizeof(DWORD)
|
||||
);
|
||||
RegCloseKey(hKey);
|
||||
}
|
||||
}
|
||||
|
||||
if (!bIsTwinuiPcshellHardcoded || !bIsStartHardcoded)
|
||||
{
|
||||
RegCreateKeyExW(
|
||||
HKEY_CURRENT_USER,
|
||||
@ -728,10 +831,7 @@ BOOL LoadSymbols(symbols_addr* symbols_PTRS, HMODULE hModule)
|
||||
&dwSize
|
||||
);
|
||||
RegCloseKey(hKey);
|
||||
if (!bNeedToDownload &&
|
||||
!IsBuild(rovi, ubr, 22000, 282) &&
|
||||
!IsBuild(rovi, ubr, 22000, 318)
|
||||
)
|
||||
if (!bNeedToDownload && (!bIsTwinuiPcshellHardcoded || !bIsStartHardcoded))
|
||||
{
|
||||
bNeedToDownload = wcscmp(szReportedVersion, szStoredVersion);
|
||||
}
|
||||
|
@ -413,3 +413,115 @@ void* ReadFromFile(wchar_t* wszFileName, DWORD* dwSize)
|
||||
}
|
||||
return ok;
|
||||
}
|
||||
|
||||
int ComputeFileHash(LPCWSTR filename, LPCWSTR hash, DWORD dwHash)
|
||||
{
|
||||
DWORD dwStatus = 0;
|
||||
BOOL bResult = FALSE;
|
||||
HCRYPTPROV hProv = 0;
|
||||
HCRYPTHASH hHash = 0;
|
||||
HANDLE hFile = NULL;
|
||||
BYTE* rgbFile;
|
||||
DWORD cbRead = 0;
|
||||
BYTE rgbHash[16];
|
||||
DWORD cbHash = 0;
|
||||
WCHAR rgbDigits[] = L"0123456789abcdef";
|
||||
// Logic to check usage goes here.
|
||||
|
||||
hFile = CreateFile(filename,
|
||||
GENERIC_READ,
|
||||
FILE_SHARE_READ,
|
||||
NULL,
|
||||
OPEN_EXISTING,
|
||||
FILE_FLAG_SEQUENTIAL_SCAN,
|
||||
NULL);
|
||||
|
||||
if (INVALID_HANDLE_VALUE == hFile)
|
||||
{
|
||||
dwStatus = GetLastError();
|
||||
return dwStatus;
|
||||
}
|
||||
|
||||
LARGE_INTEGER dwFileSize;
|
||||
GetFileSizeEx(hFile, &dwFileSize);
|
||||
if (!dwFileSize.LowPart)
|
||||
{
|
||||
dwStatus = GetLastError();
|
||||
CloseHandle(hFile);
|
||||
return dwStatus;
|
||||
}
|
||||
|
||||
rgbFile = malloc(dwFileSize.LowPart);
|
||||
if (!rgbFile)
|
||||
{
|
||||
dwStatus = E_OUTOFMEMORY;
|
||||
CloseHandle(hFile);
|
||||
return dwStatus;
|
||||
}
|
||||
|
||||
// Get handle to the crypto provider
|
||||
if (!CryptAcquireContext(&hProv,
|
||||
NULL,
|
||||
NULL,
|
||||
PROV_RSA_FULL,
|
||||
CRYPT_VERIFYCONTEXT))
|
||||
{
|
||||
dwStatus = GetLastError();
|
||||
CloseHandle(hFile);
|
||||
return dwStatus;
|
||||
}
|
||||
|
||||
if (!CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash))
|
||||
{
|
||||
dwStatus = GetLastError();
|
||||
CloseHandle(hFile);
|
||||
CryptReleaseContext(hProv, 0);
|
||||
return dwStatus;
|
||||
}
|
||||
|
||||
while (bResult = ReadFile(hFile, rgbFile, dwFileSize.LowPart, &cbRead, NULL))
|
||||
{
|
||||
if (0 == cbRead)
|
||||
{
|
||||
break;
|
||||
}
|
||||
|
||||
if (!CryptHashData(hHash, rgbFile, cbRead, 0))
|
||||
{
|
||||
dwStatus = GetLastError();
|
||||
CryptReleaseContext(hProv, 0);
|
||||
CryptDestroyHash(hHash);
|
||||
CloseHandle(hFile);
|
||||
return dwStatus;
|
||||
}
|
||||
}
|
||||
|
||||
if (!bResult)
|
||||
{
|
||||
dwStatus = GetLastError();
|
||||
CryptReleaseContext(hProv, 0);
|
||||
CryptDestroyHash(hHash);
|
||||
CloseHandle(hFile);
|
||||
return dwStatus;
|
||||
}
|
||||
|
||||
cbHash = 16;
|
||||
if (CryptGetHashParam(hHash, HP_HASHVAL, rgbHash, &cbHash, 0))
|
||||
{
|
||||
for (DWORD i = 0; i < cbHash; i++)
|
||||
{
|
||||
swprintf_s(hash + (i * 2), dwHash, L"%c%c", rgbDigits[rgbHash[i] >> 4], rgbDigits[rgbHash[i] & 0xf]);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
dwStatus = GetLastError();
|
||||
}
|
||||
|
||||
CryptDestroyHash(hHash);
|
||||
CryptReleaseContext(hProv, 0);
|
||||
CloseHandle(hFile);
|
||||
free(rgbFile);
|
||||
|
||||
return dwStatus;
|
||||
}
|
@ -4,6 +4,7 @@
|
||||
//#define USE_PRIVATE_INTERFACES
|
||||
#endif
|
||||
#include <Windows.h>
|
||||
#include <stdio.h>
|
||||
#include <tchar.h>
|
||||
#include <windows.data.xml.dom.h>
|
||||
#include <accctrl.h>
|
||||
@ -212,6 +213,8 @@ static BOOL AppsShouldUseDarkMode() { return TRUE; }
|
||||
|
||||
void* ReadFromFile(wchar_t* wszFileName, DWORD* dwSize);
|
||||
|
||||
int ComputeFileHash(LPCWSTR filename, LPCWSTR hash, DWORD dwHash);
|
||||
|
||||
inline long long milliseconds_now() {
|
||||
LARGE_INTEGER s_frequency;
|
||||
BOOL s_use_qpc = QueryPerformanceFrequency(&s_frequency);
|
||||
|
Loading…
Reference in New Issue
Block a user