Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <windows.h>
- #include <tchar.h>
- #include <strsafe.h>
- #include <winternl.h>
- #include <wingdi.h>
- #include <Psapi.h>
- typedef enum { L_DEBUG, L_INFO, L_WARN, L_ERROR } LEVEL, *PLEVEL;
- #define MAX_LOG_MESSAGE 1024
- void hexdump(void *mem, unsigned int len);
- BOOL LogMessage(LEVEL Level, LPCTSTR Format, ...);
- #pragma comment(lib, "psapi.lib")
- #pragma comment(lib,"user32.lib")
- #pragma comment(lib,"Gdi32.lib")
- #pragma comment(lib, "ntdll.lib")
- typedef DWORD (NTAPI *_NtUserSetWindowFNID)
- (
- HWND,
- LONG
- );
- _NtUserSetWindowFNID NtUserSetWindowFNID ;
- LONG MenuWindowProc;
- static LRESULT CALLBACK
- xxWindowHookProc(INT code, WPARAM wParam, LPARAM lParam){
- PCWPSTRUCT pcwp=(PCWPSTRUCT)lParam;
- HWND hTarget=NULL;
- if (pcwp->message == WM_NCCREATE)
- {
- if (hTarget == NULL)
- {
- hTarget = pcwp->hwnd;
- SetWindowLongPtrA(pcwp->hwnd, GWLP_WNDPROC, MenuWindowProc);
- for (int i=0; i <400;++i){
- SetWindowLongPtrA(hTarget, i, 0x22);
- }
- }
- }
- return CallNextHookEx(0,code,wParam,lParam);
- }
- void Stage0()
- {
- HMODULE user32 = LoadLibraryA("user32.dll");
- MenuWindowProc=(LONG)(GetProcAddress(user32,"MenuWindowProcW"));
- LogMessage(L_INFO,"MenuWindowProc %x",MenuWindowProc);
- WNDCLASSA cls;
- cls.style=0;
- cls.lpfnWndProc=DefWindowProcW;
- cls.cbWndExtra=0x1000;
- cls.cbClsExtra=0;
- cls.hInstance=GetModuleHandleA(NULL);
- cls.hIcon = NULL;
- cls.hCursor = LoadCursor(0, IDC_ARROW);
- cls.hbrBackground = (HBRUSH)(COLOR_WINDOW + 1);
- cls.lpszMenuName = NULL;
- cls.lpszClassName = "MyWinClass";
- if (RegisterClassA(&cls)==NULL){
- LogMessage(L_ERROR,"FAILED");
- return ;
- }
- SetWindowsHookExA(WH_CALLWNDPROC,xxWindowHookProc,GetModuleHandleA(NULL), GetCurrentThreadId());
- HWND h=CreateWindowExA(0,"MyWinClass","MyWindow",0,0,0,100,100,NULL,NULL,GetModuleHandleA(NULL),NULL);
- LogMessage(L_INFO,"Hwnd %x",h);
- DestroyWindow(h);
- }
- void main()
- {
- LogMessage(L_INFO,TEXT("Stage 0: test"));
- Stage0();
- }
- #ifndef HEXDUMP_COLS
- #define HEXDUMP_COLS 16
- #endif
- void hexdump(void *mem, unsigned int len)
- {
- unsigned int i, j;
- for(i = 0; i < len + ((len % HEXDUMP_COLS) ? (HEXDUMP_COLS - len % HEXDUMP_COLS) : 0); i++)
- {
- /* print offset */
- if(i % HEXDUMP_COLS == 0)
- {
- printf("0x%06x: ", i);
- }
- /* print hex data */
- if(i < len)
- {
- printf("%02x ", 0xFF & ((char*)mem)[i]);
- }
- else /* end of block, just aligning for ASCII dump */
- {
- printf(" ");
- }
- /* print ASCII dump */
- if(i % HEXDUMP_COLS == (HEXDUMP_COLS - 1))
- {
- for(j = i - (HEXDUMP_COLS - 1); j <= i; j++)
- {
- if(j >= len) /* end of block, not really printing */
- {
- putchar(' ');
- }
- else if(isprint(((char*)mem)[j])) /* printable char */
- {
- putchar(0xFF & ((char*)mem)[j]);
- }
- else /* other char */
- {
- putchar('.');
- }
- }
- putchar('\n');
- }
- }
- }
- BOOL LogMessage(LEVEL Level, LPCTSTR Format, ...)
- {
- TCHAR Buffer[MAX_LOG_MESSAGE] = { 0 };
- va_list Args;
- va_start(Args, Format);
- StringCchVPrintf(Buffer, MAX_LOG_MESSAGE, Format, Args);
- va_end(Args);
- switch (Level) {
- case L_DEBUG: _ftprintf(stdout, TEXT("[?] %s\n"), Buffer); break;
- case L_INFO: _ftprintf(stdout, TEXT("[+] %s\n"), Buffer); break;
- case L_WARN: _ftprintf(stderr, TEXT("[*] %s\n"), Buffer); break;
- case L_ERROR: _ftprintf(stderr, TEXT("[!] %s\n"), Buffer); break;
- }
- fflush(stdout);
- fflush(stderr);
- return TRUE;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
