-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathasurautils.h
218 lines (191 loc) · 6.5 KB
/
asurautils.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
#pragma once
#pragma comment (lib, "ntdll")
#include <windows.h>
#include <stdio.h>
#ifdef asura_cpp
#include <iostream>
#include <sstream>
#include <vector>
#include <dirent.h>
#include <shlobj.h>
#include <tchar.h>
#include <thread>
#endif
#define __kernel_entry __allowed(on_function)
#define FILE_SUPERSEDED 0x00000000
#define FILE_OPENED 0x00000001
#define FILE_CREATED 0x00000002
#define FILE_OVERWRITTEN 0x00000003
#define FILE_EXISTS 0x00000004
#define FILE_DOES_NOT_EXIST 0x00000005
#define OBJ_PROTECT_CLOSE 0x00000001
#define OBJ_INHERIT 0x00000002
#define OBJ_AUDIT_OBJECT_CLOSE 0x00000004
#define OBJ_PERMANENT 0x00000010
#define OBJ_EXCLUSIVE 0x00000020
#define OBJ_CASE_INSENSITIVE 0x00000040
#define OBJ_OPENIF 0x00000080
#define OBJ_OPENLINK 0x00000100
#define OBJ_KERNEL_HANDLE 0x00000200
#define OBJ_FORCE_ACCESS_CHECK 0x00000400
#define OBJ_IGNORE_IMPERSONATED_DEVICEMAP 0x00000800
#define OBJ_DONT_REPARSE 0x00001000
#define OBJ_VALID_ATTRIBUTES 0x00001ff2
#define NT_SUCCESS(Status) (((NTSTATUS)(Status)) >= 0)
#define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
#ifndef InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s) \
{ \
(p)->Length = sizeof(OBJECT_ATTRIBUTES); \
(p)->RootDirectory = r; \
(p)->Attributes = a; \
(p)->ObjectName = n; \
(p)->SecurityDescriptor = s; \
(p)->SecurityQualityOfService = NULL; \
}
#endif
#define RTL_CONSTANT_STRING(s) \
{ \
sizeof(s) - sizeof((s)[0]), sizeof(s), s \
}
#define MAX_PATH 260
#ifdef BUILDING_DLL
#define LIB_API __declspec(dllexport)
#else
#define LIB_API __declspec(dllimport)
#endif
//------------------------ Structures ------------------------
typedef struct _PS_ATTRIBUTE {
ULONGLONG Attribute;
SIZE_T Size;
union {
ULONG_PTR Value;
PVOID ValuePtr;
};
PSIZE_T ReturnLength;
} PS_ATTRIBUTE, * PPS_ATTRIBUTE;
typedef struct _PS_ATTRIBUTE_LIST {
SIZE_T TotalLength;
PS_ATTRIBUTE Attributes[2];
} PS_ATTRIBUTE_LIST, * PPS_ATTRIBUTE_LIST;
//0x10 bytes (sizeof)
typedef struct _IO_STATUS_BLOCK
{
union
{
LONG Status; //0x0
VOID* Pointer; //0x0
};
ULONGLONG Information; //0x8
}IO_STATUS_BLOCK, *PIO_STATUS_BLOCK;
typedef struct _OBJECT_ATTRIBUTES
{
ULONG Length; //0x0
VOID* RootDirectory; //0x8
struct _UNICODE_STRING* ObjectName; //0x10
ULONG Attributes; //0x18
VOID* SecurityDescriptor; //0x20
VOID* SecurityQualityOfService; //0x28
}OBJECT_ATTRIBUTES, * POBJECT_ATTRIBUTES;
typedef struct _UNICODE_STRING
{
USHORT Length;
USHORT MaximumLength;
PWSTR Buffer;
} UNICODE_STRING, *PUNICODE_STRING;
typedef struct _CLIENT_ID
{
HANDLE UniqueProcess;
HANDLE UniqueThread;
} CLIENT_ID, *PCLIENT_ID;
typedef NTSTATUS(NTAPI *PUSER_THREAD_START_ROUTINE)(
_In_ PVOID ThreadParameter
);
//------------------------ Native function structures ------------------------
typedef NTSTATUS(NTAPI* NtCreateFile)(
_Out_ PHANDLE FileHandle,
_In_ ACCESS_MASK DesiredAccess,
_In_ POBJECT_ATTRIBUTES ObjectAttributes,
_Out_ PIO_STATUS_BLOCK IoStatusBlock,
_In_opt_ PLARGE_INTEGER AllocationSize,
_In_ ULONG FileAttributes,
_In_ ULONG ShareAccess,
_In_ ULONG CreateDisposition,
_In_ ULONG CreateOptions,
_In_reads_bytes_opt_(EaLength) PVOID EaBuffer,
_In_ ULONG EaLength
);
typedef NTSTATUS(NTAPI* RtlInitUnicodeStringEx)(
_Out_ PUNICODE_STRING DestinationString,
_In_opt_z_ PCWSTR SourceString
);
typedef VOID(NTAPI* RtlInitUnicodeString)(
_Out_ PUNICODE_STRING DestinationString,
_In_opt_z_ PCWSTR SourceString
);
extern NTSTATUS NtAllocateVirtualMemory(
IN HANDLE ProcessHandle,
IN OUT PVOID *BaseAddress,
IN ULONG ZeroBits,
IN OUT PSIZE_T RegionSize,
IN ULONG AllocationType,
IN ULONG Protect);
extern NTSTATUS NtOpenProcess(
OUT PHANDLE ProcessHandle,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes,
IN PCLIENT_ID ClientId OPTIONAL);
extern NTSTATUS NtWriteVirtualMemory(
IN HANDLE ProcessHandle,
IN PVOID BaseAddress,
IN PVOID Buffer,
IN SIZE_T NumberOfBytesToWrite,
OUT PSIZE_T NumberOfBytesWritten OPTIONAL);
extern NTSTATUS NtWaitForSingleObject(
_In_ HANDLE Handle,
_In_ BOOLEAN Alertable,
_In_opt_ PLARGE_INTEGER Timeout);
extern NTSTATUS(NTAPI *NtCreateThreadEx)(
_Out_ PHANDLE ThreadHandle,
_In_ ACCESS_MASK DesiredAccess,
_In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
_In_ HANDLE ProcessHandle,
_In_ PUSER_THREAD_START_ROUTINE StartRoutine,
_In_opt_ PVOID Argument,
_In_ ULONG CreateFlags, // THREAD_CREATE_FLAGS_*
_In_ SIZE_T ZeroBits,
_In_ SIZE_T StackSize,
_In_ SIZE_T MaximumStackSize,
_In_opt_ PPS_ATTRIBUTE_LIST AttributeList);
// ------------------------ Not Native stuff ------------------------
#ifdef asura_cpp
extern "C" LIB_API int fileCreation (const std::string &path);
extern "C" LIB_API DWORD iterate_subdirs(const std::string &dir_path, std::vector <std::string> &dirs);
extern "C" LIB_API HMODULE getMod(IN LPCWSTR modName);
extern "C" LIB_API wchar_t *AnsiToUnicode(const char* str);
extern "C" LIB_API void testfoo1(); // make another one and put them in asuradll
extern "C" LIB_API void testfoo2();
extern "C" LIB_API DWORD CLEANUP(
_In_opt_ HANDLE _hProcess_,
_In_opt_ HMODULE _dllHandle_,
_In_opt_ HANDLE _hFileHandle_,
_In_opt_ HANDLE _hThread_
);
typedef NTSTATUS(NTAPI *NtClose)(
_In_ HANDLE handle);
typedef DWORD (*Piterate_sub)(const std::string &dir_path, std::vector<std::string> &dirs);
typedef int (*PfileCreation)(const std::string &path);
typedef void (*foo1)();
typedef void (*foo2)();
typedef wchar_t *(*PAnsiToUnicode)(const char* str);
typedef DWORD (*PCLEANUP)(
_In_opt_ HANDLE _hProcess_,
_In_opt_ HMODULE _dllHandle_,
_In_opt_ HANDLE _hFileHandle_,
_In_opt_ HANDLE _hThread_
);
#else
extern NTSTATUS NtClose(
_In_ HANDLE handle
);
#endif