nk3aqtb

main.h

Oct 25th, 2021
546
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1.  
  2. #ifndef __MAIN_H__
  3. #define __MAIN_H__
  4.  
  5. #define NT_SUCCESS(x) ((x) >= 0)
  6.  
  7. /* The CLIENT_ID structure contains identifiers of a process and a thread */
  8. typedef struct _CLIENT_ID
  9. {
  10.     PVOID UniqueProcess;
  11.     PVOID UniqueThread;
  12. } CLIENT_ID, *PCLIENT_ID;
  13.  
  14. /* The UNICODE_STRING structure is used to pass Unicode strings */
  15. typedef struct _UNICODE_STRING
  16. {
  17.     USHORT Length;
  18.     USHORT MaximumLength;
  19.     PWSTR Buffer;
  20. } UNICODE_STRING, *PUNICODE_STRING;
  21.  
  22. /* MSDN-Quote:
  23. The OBJECT_ATTRIBUTES structure specifies attributes that can be applied to objects or object handles by routines
  24. that create objects and/or return handles to objects.
  25. Use the InitializeObjectAttributes macro to initialize the members of the OBJECT_ATTRIBUTES structure.
  26. Note that InitializeObjectAttributes initializes the SecurityQualityOfService member to NULL. If you must specify a non-NULL value,
  27. set the SecurityQualityOfService member after initialization */
  28. typedef struct _OBJECT_ATTRIBUTES
  29. {
  30.     ULONG           Length;
  31.     HANDLE          RootDirectory;
  32.     PUNICODE_STRING ObjectName;
  33.     ULONG           Attributes;
  34.     PVOID           SecurityDescriptor;
  35.     PVOID           SecurityQualityOfService;
  36. }  OBJECT_ATTRIBUTES, *POBJECT_ATTRIBUTES;
  37.  
  38. #define InitializeObjectAttributes(p, n, a, r, s) \
  39. { \
  40.     (p)->Length = sizeof(OBJECT_ATTRIBUTES); \
  41.     (p)->RootDirectory = r; \
  42.     (p)->Attributes = a; \
  43.     (p)->ObjectName = n; \
  44.     (p)->SecurityDescriptor = s; \
  45.     (p)->SecurityQualityOfService = NULL; \
  46. }
  47.  
  48. typedef NTSTATUS(NTAPI *_RtlCreateUserThread)(HANDLE ProcessHandle, PSECURITY_DESCRIPTOR SecurityDescriptor, BOOLEAN CreateSuspended, ULONG StackZeroBits, PULONG StackReserved, PULONG StackCommit, PVOID StartAddress, PVOID StartParameter, PHANDLE ThreadHandle, PCLIENT_ID ClientID);
  49. typedef PIMAGE_NT_HEADERS(NTAPI *_RtlImageNtHeader)(PVOID ModuleAddress);
  50. typedef NTSTATUS(NTAPI *_RtlAdjustPrivilege)(ULONG Privilege, BOOLEAN Enable, BOOLEAN CurrentThread, PBOOLEAN Enabled);
  51. typedef NTSTATUS(NTAPI *_NtOpenProcess)(PHANDLE ProcessHandle, ACCESS_MASK AccessMask, POBJECT_ATTRIBUTES ObjectAttributes, PCLIENT_ID ClientID);
  52. typedef NTSTATUS(NTAPI *_NtWriteVirtualMemory)(HANDLE ProcessHandle, PVOID BaseAddress, PVOID Buffer, ULONG NumberOfBytesToWrite, PULONG NumberOfBytesWritten);
  53. typedef NTSTATUS(NTAPI *_NtClose)(HANDLE ObjectHandle);
  54. typedef NTSTATUS(NTAPI *_NtWaitForSingleObject)(HANDLE Handle, BOOLEAN Alertable, PLARGE_INTEGER Timeout);
  55.  
  56. /* Returns the process id of the specified process name */
  57. DWORD GetProcID(std::string ProcName);
  58. /* Function we gonna inject in a process */
  59. DWORD WINAPI FuncThread(LPVOID unused);
  60. /* Check if the specified process is running/existing */
  61. BOOL ProcessExists(std::string process);
  62. /* Returns the address of the specified library */
  63. PVOID GetLibraryProcAddress(PSTR LibraryName, PSTR ProcName);
  64. ///----------------------------------------------------------------------///
  65.  
  66. #endif
RAW Paste Data