Hardcoded symbols are based on MD5 sum

2024-11-30 18:24:36 +01:00 · 2021-11-13 07:59:14 +02:00 · 2021-11-13 07:59:14 +02:00 · 6f8d0efe97
commit 6f8d0efe97
parent 1608abf6c6
3 changed files with 221 additions and 6 deletions
--- a/ExplorerPatcher/symbols.c
+++ b/ExplorerPatcher/symbols.c
@ -539,7 +539,16 @@ BOOL LoadSymbols(symbols_addr* symbols_PTRS, HMODULE hModule)
        ubr
    );

-    if (IsBuild(rovi, ubr, 22000, 282) || IsBuild(rovi, ubr, 22000, 318))
+    BOOL bIsStartHardcoded = FALSE;
+    BOOL bIsTwinuiPcshellHardcoded = FALSE;
+    WCHAR hash[100];
+    ZeroMemory(hash, 100 * sizeof(WCHAR));
+    TCHAR wszPath[MAX_PATH];
+
+    GetSystemDirectoryW(wszPath, MAX_PATH);
+    wcscat_s(wszPath, MAX_PATH, L"\\" TEXT(TWINUI_PCSHELL_SB_NAME) L".dll");
+    ComputeFileHash(wszPath, hash, 100);
+    if (!_wcsicmp(hash, L"8b23b02962856e89b8d8a3956de1d76c")) // 282, 318
    {
        symbols_PTRS->twinui_pcshell_PTRS[0] = 0x217CE6;
        symbols_PTRS->twinui_pcshell_PTRS[1] = 0x5CC570;
@ -549,14 +558,108 @@ BOOL LoadSymbols(symbols_addr* symbols_PTRS, HMODULE hModule)
        symbols_PTRS->twinui_pcshell_PTRS[5] = 0x5DA8C4;
        symbols_PTRS->twinui_pcshell_PTRS[6] = 0x5CD9C0;
        symbols_PTRS->twinui_pcshell_PTRS[7] = 0x52980;
+        bIsTwinuiPcshellHardcoded = TRUE;
+    }
+    else if (!_wcsicmp(hash, L"03487ccd5bc5a194fad61b616b0a2b28")) // 346
+    {
+        symbols_PTRS->twinui_pcshell_PTRS[0] = 0x21B036;
+        symbols_PTRS->twinui_pcshell_PTRS[1] = 0x5CD740;
+        symbols_PTRS->twinui_pcshell_PTRS[2] = 0x5F7058;
+        symbols_PTRS->twinui_pcshell_PTRS[3] = 0x5F7860;
+        symbols_PTRS->twinui_pcshell_PTRS[4] = 0x5DBDD8;
+        symbols_PTRS->twinui_pcshell_PTRS[5] = 0x5DBA94;
+        symbols_PTRS->twinui_pcshell_PTRS[6] = 0x5CEB90;
+        symbols_PTRS->twinui_pcshell_PTRS[7] = 0x4D780;
+        bIsTwinuiPcshellHardcoded = TRUE;
+    }
+    if (bIsTwinuiPcshellHardcoded)
+    {
+        wprintf(L"[Symbols] Identified known \"" TEXT(TWINUI_PCSHELL_SB_NAME) L".dll\" with hash %s.\n", hash);
+    }

+    GetWindowsDirectoryW(wszPath, MAX_PATH);
+    wcscat_s(wszPath, MAX_PATH, L"\\SystemApps\\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\\" TEXT(STARTDOCKED_SB_NAME) L".dll");
+    ComputeFileHash(wszPath, hash, 100);
+    if (!_wcsicmp(hash, L"b57bb94a48d2422de9a78c5fcba28f98")) // 282, 318
+    {
        symbols_PTRS->startdocked_PTRS[0] = 0x188EBC;
        symbols_PTRS->startdocked_PTRS[1] = 0x188EBC;
        symbols_PTRS->startdocked_PTRS[2] = 0x187120;
        symbols_PTRS->startdocked_PTRS[3] = 0x3C10;
        symbols_PTRS->startdocked_PTRS[4] = 0x160AEC;
+        bIsStartHardcoded = TRUE;
    }
-    else
+    else if (!_wcsicmp(hash, L"e9c1c45a659dafabf671cb0ae195f8d9")) // 346
+    {
+        symbols_PTRS->startdocked_PTRS[0] = 0x18969C;
+        symbols_PTRS->startdocked_PTRS[1] = 0x18969C;
+        symbols_PTRS->startdocked_PTRS[2] = 0x187900;
+        symbols_PTRS->startdocked_PTRS[3] = 0x3C00;
+        symbols_PTRS->startdocked_PTRS[4] = 0x1612CC;
+        bIsStartHardcoded = TRUE;
+    }
+    if (bIsStartHardcoded)
+    {
+        wprintf(L"[Symbols] Identified known \"" TEXT(STARTDOCKED_SB_NAME) L".dll\" with hash %s.\n", hash);
+
+        RegCreateKeyExW(
+            HKEY_CURRENT_USER,
+            TEXT(REGPATH) L"\\" TEXT(STARTDOCKED_SB_NAME),
+            0,
+            NULL,
+            REG_OPTION_NON_VOLATILE,
+            KEY_WRITE,
+            NULL,
+            &hKey,
+            &dwDisposition
+        );
+        if (hKey)
+        {
+            RegSetValueExW(
+                hKey,
+                TEXT(STARTDOCKED_SB_0),
+                0,
+                REG_DWORD,
+                &(symbols_PTRS->startdocked_PTRS[0]),
+                sizeof(DWORD)
+            );
+            RegSetValueExW(
+                hKey,
+                TEXT(STARTDOCKED_SB_1),
+                0,
+                REG_DWORD,
+                &(symbols_PTRS->startdocked_PTRS[1]),
+                sizeof(DWORD)
+            );
+            RegSetValueExW(
+                hKey,
+                TEXT(STARTDOCKED_SB_2),
+                0,
+                REG_DWORD,
+                &(symbols_PTRS->startdocked_PTRS[2]),
+                sizeof(DWORD)
+            );
+            RegSetValueExW(
+                hKey,
+                TEXT(STARTDOCKED_SB_3),
+                0,
+                REG_DWORD,
+                &(symbols_PTRS->startdocked_PTRS[3]),
+                sizeof(DWORD)
+            );
+            RegSetValueExW(
+                hKey,
+                TEXT(STARTDOCKED_SB_4),
+                0,
+                REG_DWORD,
+                &(symbols_PTRS->startdocked_PTRS[4]),
+                sizeof(DWORD)
+            );
+            RegCloseKey(hKey);
+        }
+    }
+
+    if (!bIsTwinuiPcshellHardcoded || !bIsStartHardcoded)
    {
        RegCreateKeyExW(
            HKEY_CURRENT_USER,
@ -728,10 +831,7 @@ BOOL LoadSymbols(symbols_addr* symbols_PTRS, HMODULE hModule)
        &dwSize
    );
    RegCloseKey(hKey);
-    if (!bNeedToDownload &&
-        !IsBuild(rovi, ubr, 22000, 282) &&
-        !IsBuild(rovi, ubr, 22000, 318)
-        )
+    if (!bNeedToDownload && (!bIsTwinuiPcshellHardcoded || !bIsStartHardcoded))
    {
        bNeedToDownload = wcscmp(szReportedVersion, szStoredVersion);
    }
--- a/ExplorerPatcher/utility.c
+++ b/ExplorerPatcher/utility.c
@ -413,3 +413,115 @@ void* ReadFromFile(wchar_t* wszFileName, DWORD* dwSize)
    }
    return ok;
 }
+
+int ComputeFileHash(LPCWSTR filename, LPCWSTR hash, DWORD dwHash)
+{
+    DWORD dwStatus = 0;
+    BOOL bResult = FALSE;
+    HCRYPTPROV hProv = 0;
+    HCRYPTHASH hHash = 0;
+    HANDLE hFile = NULL;
+    BYTE* rgbFile;
+    DWORD cbRead = 0;
+    BYTE rgbHash[16];
+    DWORD cbHash = 0;
+    WCHAR rgbDigits[] = L"0123456789abcdef";
+    // Logic to check usage goes here.
+
+    hFile = CreateFile(filename,
+        GENERIC_READ,
+        FILE_SHARE_READ,
+        NULL,
+        OPEN_EXISTING,
+        FILE_FLAG_SEQUENTIAL_SCAN,
+        NULL);
+
+    if (INVALID_HANDLE_VALUE == hFile)
+    {
+        dwStatus = GetLastError();
+        return dwStatus;
+    }
+
+    LARGE_INTEGER dwFileSize;
+    GetFileSizeEx(hFile, &dwFileSize);
+    if (!dwFileSize.LowPart)
+    {
+        dwStatus = GetLastError();
+        CloseHandle(hFile);
+        return dwStatus;
+    }
+
+    rgbFile = malloc(dwFileSize.LowPart);
+    if (!rgbFile)
+    {
+        dwStatus = E_OUTOFMEMORY;
+        CloseHandle(hFile);
+        return dwStatus;
+    }
+
+    // Get handle to the crypto provider
+    if (!CryptAcquireContext(&hProv,
+        NULL,
+        NULL,
+        PROV_RSA_FULL,
+        CRYPT_VERIFYCONTEXT))
+    {
+        dwStatus = GetLastError();
+        CloseHandle(hFile);
+        return dwStatus;
+    }
+
+    if (!CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash))
+    {
+        dwStatus = GetLastError();
+        CloseHandle(hFile);
+        CryptReleaseContext(hProv, 0);
+        return dwStatus;
+    }
+
+    while (bResult = ReadFile(hFile, rgbFile, dwFileSize.LowPart, &cbRead, NULL))
+    {
+        if (0 == cbRead)
+        {
+            break;
+        }
+
+        if (!CryptHashData(hHash, rgbFile, cbRead, 0))
+        {
+            dwStatus = GetLastError();
+            CryptReleaseContext(hProv, 0);
+            CryptDestroyHash(hHash);
+            CloseHandle(hFile);
+            return dwStatus;
+        }
+    }
+
+    if (!bResult)
+    {
+        dwStatus = GetLastError();
+        CryptReleaseContext(hProv, 0);
+        CryptDestroyHash(hHash);
+        CloseHandle(hFile);
+        return dwStatus;
+    }
+
+    cbHash = 16;
+    if (CryptGetHashParam(hHash, HP_HASHVAL, rgbHash, &cbHash, 0))
+    {
+        for (DWORD i = 0; i < cbHash; i++)
+        {
+            swprintf_s(hash + (i * 2), dwHash, L"%c%c", rgbDigits[rgbHash[i] >> 4], rgbDigits[rgbHash[i] & 0xf]);
+        }
+    }
+    else
+    {
+        dwStatus = GetLastError();
+    }
+
+    CryptDestroyHash(hHash);
+    CryptReleaseContext(hProv, 0);
+    CloseHandle(hFile);
+    free(rgbFile);
+
+    return dwStatus;
+}
--- a/ExplorerPatcher/utility.h
+++ b/ExplorerPatcher/utility.h
@ -4,6 +4,7 @@
 //#define USE_PRIVATE_INTERFACES
 #endif
 #include <Windows.h>
+#include <stdio.h>
 #include <tchar.h>
 #include <windows.data.xml.dom.h>
 #include <accctrl.h>
@ -212,6 +213,8 @@ static BOOL AppsShouldUseDarkMode() { return TRUE; }

 void* ReadFromFile(wchar_t* wszFileName, DWORD* dwSize);

+int ComputeFileHash(LPCWSTR filename, LPCWSTR hash, DWORD dwHash);
+
 inline long long milliseconds_now() {
    LARGE_INTEGER s_frequency;
    BOOL s_use_qpc = QueryPerformanceFrequency(&s_frequency);