From e0d3d70a1ead55e8d147e3885747306b614df8bb Mon Sep 17 00:00:00 2001 From: Reaver Date: Tue, 11 Sep 2018 16:52:05 +0300 Subject: [PATCH] Added KonamiLoader It boots any Konami game but it is missing I/O dll emulation which I will work on next. --- OpenParrotKonamiLoader/premake5.lua | 22 ++ OpenParrotKonamiLoader/src/PE.cpp | 57 ++++ OpenParrotKonamiLoader/src/PE.h | 18 ++ OpenParrotKonamiLoader/src/main.cpp | 428 ++++++++++++++++++++++++++++ OpenParrotKonamiLoader/src/main.h | 334 ++++++++++++++++++++++ premake5.lua | 3 +- 6 files changed, 861 insertions(+), 1 deletion(-) create mode 100644 OpenParrotKonamiLoader/premake5.lua create mode 100644 OpenParrotKonamiLoader/src/PE.cpp create mode 100644 OpenParrotKonamiLoader/src/PE.h create mode 100644 OpenParrotKonamiLoader/src/main.cpp create mode 100644 OpenParrotKonamiLoader/src/main.h diff --git a/OpenParrotKonamiLoader/premake5.lua b/OpenParrotKonamiLoader/premake5.lua new file mode 100644 index 0000000..0c08bcc --- /dev/null +++ b/OpenParrotKonamiLoader/premake5.lua @@ -0,0 +1,22 @@ +project "OpenParrotKonamiLoader" + targetname "OpenParrotKonamiLoader" + language "C++" + kind "ConsoleApp" + + characterset "MBCS" + + files + { + "src/**.cpp", "src/**.h", + "deps_inc/**.cpp", "deps_inc/**.h" + } + + includedirs { "src", "deps_inc" } + libdirs { } + + links { } + + postbuildcommands { } + + filter "platforms:x64" + targetsuffix "64" \ No newline at end of file diff --git a/OpenParrotKonamiLoader/src/PE.cpp b/OpenParrotKonamiLoader/src/PE.cpp new file mode 100644 index 0000000..c06d51c --- /dev/null +++ b/OpenParrotKonamiLoader/src/PE.cpp @@ -0,0 +1,57 @@ +#include "PE.H" +DWORD PEAlign(DWORD dwTarNum, DWORD dwAlignTo); +PEStruct getPEFileInformation(char *filename) +{ + HANDLE hFile; + PEStruct pRetnStruct; + pRetnStruct.fileSize = 0; + DWORD dwBytesRead; + hFile = CreateFile(filename, GENERIC_READ, FILE_SHARE_READ, NULL, + OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); + if (!hFile) + return pRetnStruct; + + pRetnStruct.fileSize = GetFileSize(hFile, 0); + if (!pRetnStruct.fileSize) + return pRetnStruct; + pRetnStruct.fileImage = malloc(pRetnStruct.fileSize); + if (!pRetnStruct.fileImage) + return pRetnStruct; + ReadFile(hFile, pRetnStruct.fileImage, pRetnStruct.fileSize, &dwBytesRead, NULL); + CloseHandle(hFile); + if (!dwBytesRead) + return pRetnStruct; + //copy portions to relevant sections + CopyMemory(&pRetnStruct.image_dos_header, pRetnStruct.fileImage, sizeof(IMAGE_DOS_HEADER)); + CopyMemory(&pRetnStruct.image_nt_headers, + ((BYTE *)pRetnStruct.fileImage + pRetnStruct.image_dos_header.e_lfanew), sizeof(IMAGE_NT_HEADERS)); + //address of first section + pRetnStruct.dwRO_first_section = pRetnStruct.image_dos_header.e_lfanew + sizeof(IMAGE_NT_HEADERS); + pRetnStruct.numOfSecs = pRetnStruct.image_nt_headers.FileHeader.NumberOfSections; + + CopyMemory(&pRetnStruct.image_section_header, ((BYTE *)pRetnStruct.fileImage + pRetnStruct.dwRO_first_section), + pRetnStruct.numOfSecs*sizeof(IMAGE_SECTION_HEADER)); + //now to fill in individual sections (.text .data) + for (int i = 0; i < pRetnStruct.numOfSecs; i++) + { + pRetnStruct.image_section[i] = (char *)malloc(PEAlign(pRetnStruct.image_section_header[i].SizeOfRawData, + pRetnStruct.image_nt_headers.OptionalHeader.FileAlignment)); + CopyMemory(pRetnStruct.image_section[i], ((BYTE *)pRetnStruct.fileImage + pRetnStruct.image_section_header[i].PointerToRawData), + pRetnStruct.image_section_header[i].SizeOfRawData); + } + return pRetnStruct; +} + +//googled function to correct file alignement in PE header. +//Just makes sure the outputted number will align correctly with the rest of the data. +DWORD PEAlign(DWORD dwTarNum, DWORD dwAlignTo) +{ + DWORD dwtemp; + dwtemp = dwTarNum / dwAlignTo; + if ((dwTarNum%dwAlignTo) != 0) + { + dwtemp++; + } + dwtemp = dwtemp*dwAlignTo; + return(dwtemp); +} \ No newline at end of file diff --git a/OpenParrotKonamiLoader/src/PE.h b/OpenParrotKonamiLoader/src/PE.h new file mode 100644 index 0000000..978bb71 --- /dev/null +++ b/OpenParrotKonamiLoader/src/PE.h @@ -0,0 +1,18 @@ +#include +#include +#define MAX_SECTION_NUM 20 + +typedef struct _PEStruct +{ + DWORD dwRO_first_section; + IMAGE_DOS_HEADER image_dos_header; + char *reservedheader; + IMAGE_NT_HEADERS image_nt_headers; + IMAGE_SECTION_HEADER image_section_header[MAX_SECTION_NUM]; + char *image_section[MAX_SECTION_NUM]; + void *fileImage; + DWORD fileSize; + DWORD numOfSecs; +} PEStruct, *PPEStruct; + +PEStruct getPEFileInformation(char *filename); \ No newline at end of file diff --git a/OpenParrotKonamiLoader/src/main.cpp b/OpenParrotKonamiLoader/src/main.cpp new file mode 100644 index 0000000..67da6ef --- /dev/null +++ b/OpenParrotKonamiLoader/src/main.cpp @@ -0,0 +1,428 @@ +#include + +typedef signed(__stdcall *dll_entry_main)(); +typedef signed(__stdcall *dll_entry_init)(); + +// LibAVS +typedef int(__cdecl *property_create)(int a1, char *a2, int a3); + +typedef int(__cdecl *property_node_create)(int a1, int a2, int a3, const char*a4, const char*a5); +typedef int(__cdecl *property_node_create2)(int a1, int a2, int a3, const char*a4, DWORD a5); + +typedef int(__cdecl *property_node_datasize)(int a1); + +typedef int(__cdecl *property_search)(int a1, int a2, const char *a3); + +typedef int(__cdecl *property_get_error)(int a1); + +typedef int(__cdecl *avs_boot)(int a1, void *a2, int a3, void *a4, int a5, void *a6, int a7); + +typedef unsigned int(__cdecl *log_body_misc)(const char *a1, int a2); + +typedef int(__cdecl *std_getenv)(const char*a1, int a2, int a3); + +// libAVS ea3 +typedef int(__cdecl *ea3_boot)(int a1); +typedef int(__stdcall *ea3_get_sic)(); + +property_create property_create_func_p; +property_node_create property_node_create_func_p; +property_node_create2 property_node_create_func_p2; +property_node_datasize property_node_datasize_func_p; +property_search property_search_func_p; +property_get_error property_get_error_func_p; +avs_boot avs_boot_func_p; +log_body_misc log_body_misc_func_p; +std_getenv std_getenv_func_p; + +// libavs ea3 +ea3_boot ea3_boot_func_p; +ea3_get_sic ea3_get_sic_func_p; + +void *avsMemRegion1 = 0; +void *avsMemRegion2 = 0; + +int ReturnsFalse() +{ + return 0; +} + +int eaBootExt(int a1) +{ + int v1; // eax + int v2; // eax + int v3; // eax + int v4; // eax + int v5; // eax + int v6; // eax + int v7; // eax + int v8; // eax + int v9; // eax + int v10; // eax + int v11; // eax + int v12; // eax + int v13; // eax + int v14; // eax + int v15; // eax + int v16; // eax + int v17; // eax + int v18; // eax + int v19; // eax + int v20; // eax + int v21; // eax + int v22; // eax + int v23; // eax + int v24; // eax + int v25; // eax + int v26; // eax + int v27; // eax + int v28; // eax + int v29; // eax + int v30; // eax + int v31; // eax + int v32; // eax + int v33; // eax + int v34; // eax + int v35; // eax + int v36; // eax + int v37; // eax + int v38; // eax + + property_node_create_func_p2(a1, 0, 7, "/ea3/pos/nr_coinslot", 1); + property_node_create_func_p2(a1, 0, 7, "/ea3/pos/nr_article", 3); + property_node_create_func_p2(a1, 0, 7, "/ea3/pos/nr_payment", 3); + v1 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/start/type", "consume"); + if (v1) + property_node_datasize_func_p(v1); + v2 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/start/player_ref", "/opt/coin/slot1/player"); + if (v2) + property_node_datasize_func_p(v2); + v3 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/start/credit_ref", "/opt/coin/start"); + if (v3) + property_node_datasize_func_p(v3); + property_node_create_func_p2(a1, 0, 3, "/ea3/pos/coin/start/article", 1); + v4 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/start/event", "game.s"); + if (v4) + property_node_datasize_func_p(v4); + v5 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/continue/type", "consume"); + if (v5) + property_node_datasize_func_p(v5); + v6 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/continue/player_ref", "/opt/coin/slot1/player"); + if (v6) + property_node_datasize_func_p(v6); + v7 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/continue/credit_ref", "/opt/coin/continue"); + if (v7) + property_node_datasize_func_p(v7); + property_node_create_func_p2(a1, 0, 3, "/ea3/pos/coin/continue/article", 2); + v8 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/continue/event", "game.c"); + if (v8) + property_node_datasize_func_p(v8); + v9 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/slot1/type", "throw"); + if (v9) + property_node_datasize_func_p(v9); + v10 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/slot1/src", "coin"); + if (v10) + property_node_datasize_func_p(v10); + property_node_create_func_p2(a1, 0, 3, "/ea3/pos/coin/slot1/slot", 1); + v11 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/slot1/player_ref", "/opt/coin/slot1/player"); + if (v11) + property_node_datasize_func_p(v11); + v12 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/slot1/coin_credit_ref", "/opt/coin/slot1/coin_credit"); + if (v12) + property_node_datasize_func_p(v12); + v13 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/slot1/event", "coin.i"); + if (v13) + property_node_datasize_func_p(v13); + v14 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/slots/type", "throw"); + if (v14) + property_node_datasize_func_p(v14); + v15 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/slots/src", "service"); + if (v15) + property_node_datasize_func_p(v15); + v16 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/slots/coin_event", "/coin/slot1"); + if (v16) + property_node_datasize_func_p(v16); + v17 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/slots/event", "service.p"); + if (v17) + property_node_datasize_func_p(v17); + v18 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/read/type", "consume"); + if (v18) + property_node_datasize_func_p(v18); + v19 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/read/player_ref", "/opt/coin/slot1/player"); + if (v19) + property_node_datasize_func_p(v19); + v20 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/read/credit_ref", "/opt/coin/event"); + if (v20) + property_node_datasize_func_p(v20); + property_node_create_func_p2(a1, 0, 3, "/ea3/pos/coin/read/article", 3); + v21 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/read/event", "pdata.r"); + if (v21) + property_node_datasize_func_p(v21); + v22 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/write/type", "consume"); + if (v22) + property_node_datasize_func_p(v22); + v23 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/write/player_ref", "/opt/coin/slot1/player"); + if (v23) + property_node_datasize_func_p(v23); + v24 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/write/credit_ref", "/opt/coin/event"); + if (v24) + property_node_datasize_func_p(v24); + property_node_create_func_p2(a1, 0, 3, "/ea3/pos/coin/write/article", 3); + v25 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/write/event", "pdata.w"); + if (v25) + property_node_datasize_func_p(v25); + v26 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/start_free/type", "consume"); + if (v26) + property_node_datasize_func_p(v26); + v27 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/start_free/player_ref", "/opt/coin/slot1/player"); + if (v27) + property_node_datasize_func_p(v27); + v28 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/start_free/credit_ref", "/opt/coin/event"); + if (v28) + property_node_datasize_func_p(v28); + property_node_create_func_p2(a1, 0, 3, "/ea3/pos/coin/start_free/article", 3); + v29 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/start_free/event", "game.s.free"); + if (v29) + property_node_datasize_func_p(v29); + v30 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/exstart/type", "consume"); + if (v30) + property_node_datasize_func_p(v30); + v31 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/exstart/player_ref", "/opt/coin/slot1/player"); + if (v31) + property_node_datasize_func_p(v31); + v32 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/exstart/credit_ref", "/opt/coin/exstart"); + if (v32) + property_node_datasize_func_p(v32); + property_node_create_func_p2(a1, 0, 3, "/ea3/pos/coin/exstart/article", 1); + v33 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/exstart/event", "HGT.game.s.ex"); + if (v33) + property_node_datasize_func_p(v33); + v34 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/end/type", "consume"); + if (v34) + property_node_datasize_func_p(v34); + v35 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/end/player_ref", "/opt/coin/slot1/player"); + if (v35) + property_node_datasize_func_p(v35); + v36 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/end/credit_ref", "/opt/coin/event"); + if (v36) + property_node_datasize_func_p(v36); + property_node_create_func_p2(a1, 0, 3, "/ea3/pos/coin/end/article", 3); + v37 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/end/event", "game.e"); + if (v37) + property_node_datasize_func_p(v37); + v38 = property_node_create_func_p(a1, 0, 11, "/ea3/pos/coin/freeplay_ref", "/opt/coin/freeplay"); + if (v38) + property_node_datasize_func_p(v38); + return 0; +} + +int __stdcall ea3boot(BYTE serviceMode, const char* pcbId, const char* hddId) +{ + int v3; // esi + + int v9; // eax + int v10; // eax + int v11; // eax + int v12; // eax + int v13; // eax + int v14; // eax + int v15; // eax + int v16; // eax + int v17; // eax + int v18; // eax + char v26[0x5000]; + int v19; + v3 = property_create_func_p(23, v26, 0x5000); + v9 = property_node_create_func_p(v3, 0, 11, "/ea3/soft/model", "HGT"); + if (v9) + property_node_datasize(v9); + v10 = property_node_create_func_p(v3, 0, 11, "/ea3/soft/dest", "E"); + if (v10) + property_node_datasize(v10); + v11 = property_node_create_func_p(v3, 0, 11, "/ea3/soft/spec", "A"); + if (v11) + property_node_datasize(v11); + v12 = property_node_create_func_p(v3, 0, 11, "/ea3/soft/rev", "A"); + if (v12) + property_node_datasize(v12); + v13 = property_node_create_func_p(v3, 0, 11, "/ea3/soft/ext", "2009062401"); + if (v13) + property_node_datasize(v13); + property_node_create_func_p2(v3, 0, 6, "/ea3/timezone", 32400); + v14 = property_node_create_func_p(v3, 0, 11, "/ea3/id/pcbid", pcbId); + if (v14) + property_node_datasize(v14); + v15 = property_node_create_func_p(v3, 0, 11, "/ea3/id/hardid", hddId); + if (v15) + property_node_datasize(v15); + v16 = property_node_create_func_p(v3, 0, 11, "/ea3/encoding", "SHIFT_JIS"); + if (v16) + property_node_datasize(v16); + v17 = property_node_create_func_p(v3, 0, 11, "/ea3/network/services", "services.eamuse.konami.fun"); + if (v17) + property_node_datasize(v17); + eaBootExt(v3); + property_node_create_func_p2(v3, 0, 7, "/ea3/facility/sz_prop_buf", 4096); + property_node_create_func_p2(v3, 0, 7, "/ea3/pos/sz_opt_buf", 0x10000); + property_node_create_func_p2(v3, 0, 7, "/ea3/network/sz_xrpc_buf", 0x8000); + property_node_create_func_p2(v3, 0, 3, "/ea3/option/service", serviceMode != 0); + property_node_create_func_p2(v3, 0, 3, "/ea3/option/posevent", 1); + property_node_create_func_p2(v3, 0, 3, "/ea3/option/antiresale", 1); + property_node_create_func_p2(v3, 0, 3, "/ea3/option/pcbevent", 1); + property_node_create_func_p2(v3, 0, 3, "/ea3/service/package", 1); + property_node_create_func_p2(v3, 0, 3, "/ea3/service/cardmng", 1); + property_node_create_func_p2(v3, 0, 7, "/ea3/pkglist/nr_entry", 100); + property_node_create_func_p2(v3, 0, 7, "/ea3/pkglist/nr_list_desc", 2); + property_node_create_func_p2(v3, 0, 7, "/ea3/pkglist/nr_file_desc", 2); + property_node_create_func_p2(v3, 0, 52, "/ea3/proxy/cache/use_previous_cache", 1); + property_node_create_func_p2(v3, 0, 5, "/ea3/proxy/cache/max_items", 100); + property_node_create_func_p2(v3, 0, 6, "/ea3/proxy/cache/retry_time/direct", 1800); + property_node_create_func_p2(v3, 0, 9, "/ea3/proxy/cache/max_size", 947912704); + //log_body_misc("ea3 boot", "センタ\x81[サ\x81[バ\x81[に\x90レ続しています\x81B\n"); + if (v3) + v18 = property_search_func_p(v3, 0, "/ea3"); + else + v18 = 0; + ea3_boot_func_p(v18); + v19 = ea3_get_sic_func_p(); + return 1; + //return log_body_misc_func_p("ea3 boot", "SIC: %s", v19); +} + +signed int avsBoot() +{ + int v0; // esi + int v1; // eax + int v2; // eax + void *v3; // eax + void *v4; // edi + void *v5; // eax + int v6; // ecx + int v7; // eax + bool v8; // sf + const char *v9; // eax + const char *v10; // eax + signed int result; // eax + char v12[0x550]; // [esp+Ch] [ebp-550h] + + v0 = property_create_func_p(7, v12, 0x550); + CreateDirectoryA("./CONF", 0); + CreateDirectoryA("./CONF/NVRAM", 0); + CreateDirectoryA("./CONF/RAW", 0); + v1 = property_node_create_func_p(v0, 0, 11, "/config/fs/nvram/device", "./CONF/NVRAM"); + if (v1) + property_node_datasize_func_p(v1); + v2 = property_node_create_func_p(v0, 0, 11, "/config/fs/raw/device", "./CONF/RAW"); + if (v2) + property_node_datasize(v2); + property_node_create_func_p2(v0, 0, 5, "/config/thread/nr_semaphore", 32); + property_node_create_func_p2(v0, 0, 5, "/config/net/nr_protocol", 8); + property_node_create_func_p2(v0, 0, 5, "/config/net/nr_socket", 8); + property_node_create_func_p2(v0, 0, 3, "/config/net/enable_raw", 1); + property_node_create_func_p2(v0, 0, 6, "/config/time/gmt_offset", 0); + if (property_get_error_func_p(v0)) + return 1; + v3 = malloc(0x400000u); + v4 = v3; + avsMemRegion1 = v3; + v5 = malloc(0x400000u); + avsMemRegion2 = v5; + if (!v4) + { + if (v5) + { + free(v5); + avsMemRegion2 = 0; + } + return 1; + } + if (v5) + { + if (v0) + { + v7 = property_search_func_p(v0, 0, "/config"); + v4 = avsMemRegion1; + v6 = v7; + v5 = avsMemRegion2; + } + else + { + v6 = 0; + } + avs_boot_func_p(v6, v4, 0x400000, v5, 0x400000, ReturnsFalse, 0); + result = 0; + } + else + { + free(v4); + avsMemRegion1 = 0; + result = 1; + } + return result; +} + +#include +#include + +inline bool file_exists(const std::string& name) +{ + struct stat buffer; + return (stat(name.c_str(), &buffer) == 0); +} + +void* f(void* a) +{ + return a; +} + +int main(int argc, char* argv[]) +{ + if (argc < 2) + { + printf("ERROR: param needs to be target dll\n"); + printf("USAGE: canaryloader.exe path/to/some.dll\n"); + return 0; + } + + if (!file_exists(argv[1])) + { + printf("ERROR: file does not exist.\n"); + return 0; + } + + auto gameBinary = LoadLibraryA(argv[1]); + auto libavs = LoadLibraryA("libavs-win32.dll"); + auto libavsea3 = LoadLibraryA("libavs-win32-ea3.dll"); + + dll_entry_main dllMain = (dll_entry_main)GetProcAddress(gameBinary, "dll_entry_main"); + + dll_entry_init dllInit = (dll_entry_init)GetProcAddress(gameBinary, "dll_entry_init"); + + // Resolve libavs-win32.dll apis + property_create_func_p = (property_create)GetProcAddress(libavs, "property_create"); + property_node_create_func_p = (property_node_create)GetProcAddress(libavs, "property_node_create"); + property_node_create_func_p2 = (property_node_create2)GetProcAddress(libavs, "property_node_create"); + property_node_datasize_func_p = (property_node_datasize)GetProcAddress(libavs, "property_node_datasize"); + property_search_func_p = (property_search)GetProcAddress(libavs, "property_search"); + property_get_error_func_p = (property_get_error)GetProcAddress(libavs, "property_get_error"); + avs_boot_func_p = (avs_boot)GetProcAddress(libavs, "avs_boot"); + log_body_misc_func_p = (log_body_misc)GetProcAddress(libavs, "log_body_misc"); + std_getenv_func_p = (std_getenv)GetProcAddress(libavs, "std_getenv"); + + // Resolve libavs-win32-ea.dll apis + ea3_boot_func_p = (ea3_boot)GetProcAddress(libavsea3, "ea3_boot"); + ea3_get_sic_func_p = (ea3_get_sic)GetProcAddress(libavsea3, "ea3_get_sic"); + // Init libavs-win32.dll + avsBoot(); + + // Init libavs-win32-ea3.dll + ea3boot(0, "DEADFACE107B4493AC12", "0100107B4493AC12"); + + dllInit(); + dllMain(); + + while (true) + Sleep(100); + + return 1; +} \ No newline at end of file diff --git a/OpenParrotKonamiLoader/src/main.h b/OpenParrotKonamiLoader/src/main.h new file mode 100644 index 0000000..2c8ab8d --- /dev/null +++ b/OpenParrotKonamiLoader/src/main.h @@ -0,0 +1,334 @@ +/* +I do not take credit for these stuctures, but rather give all credits to +the NTInternals Team. But, I do take credit for taking the useful things +from the site and putting them into a easy to use place. +thanks and hope someone finds these useful +~sean reed +*/ + +#pragma once + +#include +#include + +typedef void(*PELPEBLOCKROUTINE)(PVOID PebLock); + +typedef struct _ELLSA_UNICODE_STRING { + USHORT Length; + USHORT MaximumLength; + PWSTR Buffer; +}ELLSA_UNICODE_STRING, *PELLSA_UNICODE_STRING, ELUNICODE_STRING, *PELUNICODE_STRING; + +typedef struct _ELLIST_ENTRY +{ + struct _ELLIST_ENTRY *Flink; + struct _ELLIST_ENTRY *Blink; +} ELLIST_ENTRY, *PELLIST_ENTRY; + +typedef struct _ELPEB_LDR_DATA +{ + ULONG Length; + BOOLEAN Initialized; + PVOID SsHandle; + ELLIST_ENTRY InLoadOrderModuleList; + ELLIST_ENTRY InMemoryOrderModuleList; + ELLIST_ENTRY InInitializationOrderModuleList; + +} ELPEB_LDR_DATA, *PELPEB_LDR_DATA; + +typedef struct _ELRTL_DRIVE_LETTER_CURDIR +{ + USHORT Flags; + USHORT Length; + ULONG TimeStamp; + ELUNICODE_STRING DosPath; + +} ELRTL_DRIVE_LETTER_CURDIR, *PELRTL_DRIVE_LETTER_CURDIR; + +typedef struct _ELRTL_USER_PROCESS_PARAMETERS +{ + ULONG MaximumLength; + ULONG Length; + ULONG Flags; + ULONG DebugFlags; + PVOID ConsoleHandle; + ULONG ConsoleFlags; + HANDLE StdInputHandle; + HANDLE StdOutputHandle; + HANDLE StdErrorHandle; + ELUNICODE_STRING CurrentDirectoryPath; + HANDLE CurrentDirectoryHandle; + ELUNICODE_STRING DllPath; + ELUNICODE_STRING ImagePathName; + ELUNICODE_STRING CommandLine; + PVOID Environment; + ULONG StartingPositionLeft; + ULONG StartingPositionTop; + ULONG Width; + ULONG Height; + ULONG CharWidth; + ULONG CharHeight; + ULONG ConsoleTextAttributes; + ULONG WindowFlags; + ULONG ShowWindowFlags; + ELUNICODE_STRING WindowTitle; + ELUNICODE_STRING DesktopName; + ELUNICODE_STRING ShellInfo; + ELUNICODE_STRING RuntimeData; + ELRTL_DRIVE_LETTER_CURDIR DLCurrentDirectory[0x20]; + +} ELRTL_USER_PROCESS_PARAMETERS, *PELRTL_USER_PROCESS_PARAMETERS; + +typedef struct _ELPEB_FREE_BLOCK +{ + struct _ELPEB_FREE_BLOCK *Next; + ULONG Size; + +} ELPEB_FREE_BLOCK, *PELPEB_FREE_BLOCK; + +typedef struct _ELLDR_MODULE { + + ELLIST_ENTRY InLoadOrderModuleList; + ELLIST_ENTRY InMemoryOrderModuleList; + ELLIST_ENTRY InInitializationOrderModuleList; + PVOID BaseAddress; + PVOID EntryPoint; + ULONG SizeOfImage; + ELUNICODE_STRING FullDllName; + ELUNICODE_STRING BaseDllName; + ULONG Flags; + SHORT LoadCount; + SHORT TlsIndex; + ELLIST_ENTRY HashTableEntry; + ULONG TimeDateStamp; + +} ELLDR_MODULE, *ELPLDR_MODULE; + + +typedef struct _ELPEB +{ + BOOLEAN InheritedAddressSpace; + BOOLEAN ReadImageFileExecOptions; + BOOLEAN BeingDebugged; + BOOLEAN Spare; + HANDLE Mutant; + PVOID ImageBaseAddress; + PELPEB_LDR_DATA LoaderData; + PELRTL_USER_PROCESS_PARAMETERS ProcessParameters; + PVOID SubSystemData; + PVOID ProcessHeap; + PVOID FastPebLock; + PELPEBLOCKROUTINE FastPebLockRoutine; + PELPEBLOCKROUTINE FastPebUnlockRoutine; + ULONG EnvironmentUpdateCount; + PVOID *KernelCallbackTable; + PVOID EventLogSection; + PVOID EventLog; + PELPEB_FREE_BLOCK FreeList; + ULONG TlsExpansionCounter; + PVOID TlsBitmap; + ULONG TlsBitmapBits[0x2]; + PVOID ReadOnlySharedMemoryBase; + PVOID ReadOnlySharedMemoryHeap; + PVOID *ReadOnlyStaticServerData; + PVOID AnsiCodePageData; + PVOID OemCodePageData; + PVOID UnicodeCaseTableData; + ULONG NumberOfProcessors; + ULONG NtGlobalFlag; + BYTE Spare2[0x4]; + LARGE_INTEGER CriticalSectionTimeout; + ULONG HeapSegmentReserve; + ULONG HeapSegmentCommit; + ULONG HeapDeCommitTotalFreeThreshold; + ULONG HeapDeCommitFreeBlockThreshold; + ULONG NumberOfHeaps; + ULONG MaximumNumberOfHeaps; + PVOID **ProcessHeaps; + PVOID GdiSharedHandleTable; + PVOID ProcessStarterHelper; + PVOID GdiDCAttributeList; + PVOID LoaderLock; + ULONG OSMajorVersion; + ULONG OSMinorVersion; + ULONG OSBuildNumber; + ULONG OSPlatformId; + ULONG ImageSubSystem; + ULONG ImageSubSystemMajorVersion; + ULONG ImageSubSystemMinorVersion; + ULONG GdiHandleBuffer[0x22]; + ULONG PostProcessInitRoutine; + ULONG TlsExpansionBitmap; + BYTE TlsExpansionBitmapBits[0x80]; + ULONG SessionId; + +} ELPEB, *PELPEB; + +typedef struct _ELPROCESS_BASIC_INFORMATION +{ + PVOID Reserved1; + PELPEB PebBaseAddress; + PVOID Reserved2[2]; + ULONG_PTR UniqueProcessId; + PVOID Reserved3; +} ELPROCESS_BASIC_INFORMATION; + +typedef enum _ELPROCESS_INFORMATION_CLASS +{ + ProcessBasicInformation, + ProcessQuotaLimits, + ProcessIoCounters, + ProcessVmCounters, + ProcessTimes, + ProcessBasePriority, + ProcessRaisePriority, + ProcessDebugPort, + ProcessExceptionPort, + ProcessAccessToken, + ProcessLdtInformation, + ProcessLdtSize, + ProcessDefaultHardErrorMode, + ProcessIoPortHandlers, + ProcessPooledUsageAndLimits, + ProcessWorkingSetWatch, + ProcessUserModeIOPL, + ProcessEnableAlignmentFaultFixup, + ProcessPriorityClass, + ProcessWx86Information, + ProcessHandleCount, + ProcessAffinityMask, + ProcessPriorityBoost, + MaxProcessInfoClass +} ELPROCESS_INFORMATION_CLASS, *PELPROCESS_INFORMATION_CLASS; + +typedef struct _CLIENT_ID { + HANDLE UniqueProcess; + HANDLE UniqueThread; +} CLIENT_ID; + +typedef struct _ELSYSTEM_THREAD_INFORMATION { + LARGE_INTEGER KernelTime; + LARGE_INTEGER UserTime; + LARGE_INTEGER CreateTime; + ULONG WaitTime; + PVOID StartAddress; + CLIENT_ID ClientId; + LONG Priority; + LONG BasePriority; + ULONG ContextSwitches; + ULONG ThreadState; + ULONG WaitReason; +} ELSYSTEM_THREAD_INFORMATION, *PELSYSTEM_THREAD_INFORMATION; + +typedef enum _SYSTEM_INFORMATION_CLASS { + + SystemBasicInformation, SystemProcessorInformation, SystemPerformanceInformation, SystemTimeOfDayInformation, SystemPathInformation, SystemProcessInformation, SystemCallCountInformation, SystemDeviceInformation, SystemProcessorPerformanceInformation, SystemFlagsInformation, SystemCallTimeInformation, SystemModuleInformation, SystemLocksInformation, SystemStackTraceInformation, SystemPagedPoolInformation, SystemNonPagedPoolInformation, SystemHandleInformation, SystemObjectInformation, SystemPageFileInformation, SystemVdmInstemulInformation, SystemVdmBopInformation, SystemFileCacheInformation, SystemPoolTagInformation, SystemInterruptInformation, SystemDpcBehaviorInformation, SystemFullMemoryInformation, SystemLoadGdiDriverInformation, SystemUnloadGdiDriverInformation, SystemTimeAdjustmentInformation, SystemSummaryMemoryInformation, SystemNextEventIdInformation, SystemEventIdsInformation, SystemCrashDumpInformation, SystemExceptionInformation, SystemCrashDumpStateInformation, SystemKernelDebuggerInformation, SystemContextSwitchInformation, SystemRegistryQuotaInformation, SystemExtendServiceTableInformation, SystemPrioritySeperation, SystemPlugPlayBusInformation, SystemDockInformation, ELSystemPowerInformation, SystemProcessorSpeedInformation, SystemCurrentTimeZoneInformation, SystemLookasideInformation + +} ELSYSTEM_INFORMATION_CLASS, *PSYSTEM_INFORMATION_CLASS; +typedef enum _KWAIT_REASON +{ + Executive = 0, + FreePage = 1, + PageIn = 2, + PoolAllocation = 3, + DelayExecution = 4, + Suspended = 5, + UserRequest = 6, + WrExecutive = 7, + WrFreePage = 8, + WrPageIn = 9, + WrPoolAllocation = 10, + WrDelayExecution = 11, + WrSuspended = 12, + WrUserRequest = 13, + WrEventPair = 14, + WrQueue = 15, + WrLpcReceive = 16, + WrLpcReply = 17, + WrVirtualMemory = 18, + WrPageOut = 19, + WrRendezvous = 20, + Spare2 = 21, + Spare3 = 22, + Spare4 = 23, + Spare5 = 24, + WrCalloutStack = 25, + WrKernel = 26, + WrResource = 27, + WrPushLock = 28, + WrMutex = 29, + WrQuantumEnd = 30, + WrDispatchInt = 31, + WrPreempted = 32, + WrYieldExecution = 33, + WrFastMutex = 34, + WrGuardedMutex = 35, + WrRundown = 36, + MaximumWaitReason = 37 +} KWAIT_REASON; + +typedef struct _SYSTEM_THREAD { + + LARGE_INTEGER KernelTime; + LARGE_INTEGER UserTime; + LARGE_INTEGER CreateTime; + ULONG WaitTime; + PVOID StartAddress; + CLIENT_ID ClientId; + LONG Priority; + LONG BasePriority; + ULONG ContextSwitchCount; + ULONG State; + KWAIT_REASON WaitReason; + +} SYSTEM_THREAD, *PSYSTEM_THREAD; + +typedef struct _VM_COUNTERS +{ + int PeakVirtualSize; + int VirtualSize; + int PageFaultCount; + int PeakWorkingSetSize; + int WorkingSetSize; + int QuotaPeakPagedPoolUsage; + int QuotaPagedPoolUsage; + int QuotaPeakNonPagedPoolUsage; + int QuotaNonPagedPoolUsage; + int PagefileUsage; + int PeakPagefileUsage; +}VM_COUNTERS; + +typedef struct _SYSTEM_PROCESS_INFORMATION +{ + DWORD NextEntryOffset; + DWORD dThreadCount; + DWORD dReserved01; + DWORD dReserved02; + DWORD dReserved03; + DWORD dReserved04; + DWORD dReserved05; + DWORD dReserved06; + FILETIME ftCreateTime; /* relative to 01-01-1601 */ + FILETIME ftUserTime; /* 100 nsec units */ + FILETIME ftKernelTime; /* 100 nsec units */ + ELUNICODE_STRING ProcessName; + DWORD BasePriority; + DWORD dUniqueProcessId; + DWORD dParentProcessID; + DWORD dHandleCount; + DWORD dReserved07; + DWORD dReserved08; + DWORD VmCounters; + DWORD dCommitCharge; + ELSYSTEM_THREAD_INFORMATION ThreadInfos[1]; +} ELSYSTEM_PROCESS_INFORMATION, *PELSYSTEM_PROCESS_INFORMATION; + + +//Gets the PEB for the current process +PELPEB EL_GetPeb(); + +//prints out the Loaded Modules for the current Peb +DWORD EL_PrintModules(PELPEB peb); + +//hides a module +DWORD EL_HideModule(PELPEB peb, const wchar_t *dll); \ No newline at end of file diff --git a/premake5.lua b/premake5.lua index 3e0e349..8e98d0d 100644 --- a/premake5.lua +++ b/premake5.lua @@ -68,4 +68,5 @@ project "udis86" } include "OpenParrot" -include "OpenParrotLoader" \ No newline at end of file +include "OpenParrotLoader" +include "OpenParrotKonamiLoader" \ No newline at end of file