<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
< html xmlns = "http://www.w3.org/1999/xhtml" >
< head >
< meta http-equiv = "Content-Type" content = "text/xhtml;charset=UTF-8" / >
< meta http-equiv = "X-UA-Compatible" content = "IE=11" / >
< meta name = "generator" content = "Doxygen 1.9.3" / >
< meta name = "viewport" content = "width=device-width, initial-scale=1" / >
< title > Theodosius: examples/demo/main.cpp File Reference< / title >
< link href = "../../tabs.css" rel = "stylesheet" type = "text/css" / >
< script type = "text/javascript" src = "../../jquery.js" > < / script >
< script type = "text/javascript" src = "../../dynsections.js" > < / script >
< link href = "../../search/search.css" rel = "stylesheet" type = "text/css" / >
< script type = "text/javascript" src = "../../search/searchdata.js" > < / script >
< script type = "text/javascript" src = "../../search/search.js" > < / script >
< link href = "../../doxygen.css" rel = "stylesheet" type = "text/css" / >
< / head >
< body >
< div id = "top" > <!-- do not remove this div, it is closed by doxygen! -->
< div id = "titlearea" >
< table cellspacing = "0" cellpadding = "0" >
< tbody >
< tr id = "projectrow" >
< td id = "projectlogo" > < img alt = "Logo" src = "../../icon.png" / > < / td >
< td id = "projectalign" >
< div id = "projectname" > Theodosius< span id = "projectnumber" >   v3.0< / span >
< / div >
< div id = "projectbrief" > Jit linker, symbol mapper, and obfuscator< / div >
< / td >
< / tr >
< / tbody >
< / table >
< / div >
<!-- end header part -->
<!-- Generated by Doxygen 1.9.3 -->
< script type = "text/javascript" >
/* @license magnet:?xt=urn:btih:d3d9a9a6595521f9666a5e94cc830dab83b65699& dn=expat.txt MIT */
var searchBox = new SearchBox("searchBox", "../../search",'Search','.html');
/* @license-end */
< / script >
< script type = "text/javascript" src = "../../menudata.js" > < / script >
< script type = "text/javascript" src = "../../menu.js" > < / script >
< script type = "text/javascript" >
/* @license magnet:?xt=urn:btih:d3d9a9a6595521f9666a5e94cc830dab83b65699& dn=expat.txt MIT */
$(function() {
initMenu('../../',true,false,'search.php','Search');
$(document).ready(function() { init_search(); });
});
/* @license-end */
< / script >
< div id = "main-nav" > < / div >
<!-- window showing the filter options -->
< div id = "MSearchSelectWindow"
onmouseover="return searchBox.OnSearchSelectShow()"
onmouseout="return searchBox.OnSearchSelectHide()"
onkeydown="return searchBox.OnSearchSelectKey(event)">
< / div >
<!-- iframe showing the search results (closed by default) -->
< div id = "MSearchResultsWindow" >
< iframe src = "javascript:void(0)" frameborder = "0"
name="MSearchResults" id="MSearchResults">
< / iframe >
< / div >
< div id = "nav-path" class = "navpath" >
< ul >
< li class = "navelem" > < a class = "el" href = "../../dir_d28a4824dc47e487b107a5db32ef43c4.html" > examples< / a > < / li > < li class = "navelem" > < a class = "el" href = "../../dir_e05ad14af1d92d65b2ce06383c709496.html" > demo< / a > < / li > < / ul >
< / div >
< / div > <!-- top -->
< div class = "header" >
< div class = "summary" >
< a href = "#func-members" > Functions< / a > < / div >
< div class = "headertitle" > < div class = "title" > main.cpp File Reference< / div > < / div >
< / div > <!-- header -->
< div class = "contents" >
< div class = "textblock" > < code > #include < Windows.h> < / code > < br / >
< code > #include < psapi.h> < / code > < br / >
< code > #include < filesystem> < / code > < br / >
< code > #include < fstream> < / code > < br / >
< code > #include < iostream> < / code > < br / >
< code > #include < spdlog/spdlog.h> < / code > < br / >
< code > #include < < a class = "el" href = "../../d2/d24/theo_8hpp_source.html" > theo.hpp< / a > > < / code > < br / >
< code > #include < < a class = "el" href = "../../de/d46/engine_8hpp_source.html" > obf/engine.hpp< / a > > < / code > < br / >
< code > #include < < a class = "el" href = "../../d2/df9/jcc__rewrite__pass_8hpp_source.html" > obf/passes/jcc_rewrite_pass.hpp< / a > > < / code > < br / >
< code > #include < < a class = "el" href = "../../d5/d54/next__inst__pass_8hpp_source.html" > obf/passes/next_inst_pass.hpp< / a > > < / code > < br / >
< code > #include < < a class = "el" href = "../../de/d64/reloc__transform__pass_8hpp_source.html" > obf/passes/reloc_transform_pass.hpp< / a > > < / code > < br / >
< code > #include " < a class = "el" href = "../../db/dae/hello__world__pass_8hpp_source.html" > hello_world_pass.hpp< / a > " < / code > < br / >
< / div >
< p > < a href = "../../df/d0a/main_8cpp_source.html" > Go to the source code of this file.< / a > < / p >
< table class = "memberdecls" >
< tr class = "heading" > < td colspan = "2" > < h2 class = "groupheader" > < a id = "func-members" name = "func-members" > < / a >
Functions< / h2 > < / td > < / tr >
< tr class = "memitem:a0ddf1224851353fc92bfbff6f499fa97" > < td class = "memItemLeft" align = "right" valign = "top" > int  < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "../../df/d0a/main_8cpp.html#a0ddf1224851353fc92bfbff6f499fa97" > main< / a > (int argc, char *argv[])< / td > < / tr >
< tr class = "memdesc:a0ddf1224851353fc92bfbff6f499fa97" > < td class = "mdescLeft" >   < / td > < td class = "mdescRight" > example usage of how to interface with theo. please refer to the source code of this function for details. < a href = "../../df/d0a/main_8cpp.html#a0ddf1224851353fc92bfbff6f499fa97" > More...< / a > < br / > < / td > < / tr >
< tr class = "separator:a0ddf1224851353fc92bfbff6f499fa97" > < td class = "memSeparator" colspan = "2" >   < / td > < / tr >
< / table >
< h2 class = "groupheader" > Function Documentation< / h2 >
< a id = "a0ddf1224851353fc92bfbff6f499fa97" name = "a0ddf1224851353fc92bfbff6f499fa97" > < / a >
< h2 class = "memtitle" > < span class = "permalink" > < a href = "#a0ddf1224851353fc92bfbff6f499fa97" > ◆ < / a > < / span > main()< / h2 >
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
< td class = "memname" > int main < / td >
< td > (< / td >
< td class = "paramtype" > int  < / td >
< td class = "paramname" > < em > argc< / em > , < / td >
< / tr >
< tr >
< td class = "paramkey" > < / td >
< td > < / td >
< td class = "paramtype" > char *  < / td >
< td class = "paramname" > < em > argv< / em > []  < / td >
< / tr >
< tr >
< td > < / td >
< td > )< / td >
< td > < / td > < td > < / td >
< / tr >
< / table >
< / div > < div class = "memdoc" >
< p > example usage of how to interface with theo. please refer to the source code of this function for details. < / p >
< dl class = "params" > < dt > Parameters< / dt > < dd >
< table class = "params" >
< tr > < td class = "paramname" > argc< / td > < td > < / td > < / tr >
< tr > < td class = "paramname" > argv< / td > < td > < / td > < / tr >
< / table >
< / dd >
< / dl >
< dl class = "section return" > < dt > Returns< / dt > < dd > < / dd > < / dl >
< p class = "definition" > Definition at line < a class = "el" href = "../../df/d0a/main_8cpp_source.html#l00057" > 57< / a > of file < a class = "el" href = "../../df/d0a/main_8cpp_source.html" > main.cpp< / a > .< / p >
< div class = "fragment" > < div class = "line" > < span class = "lineno" > 57< / span > {< / div >
< div class = "line" > < span class = "lineno" > 58< / span > < span class = "keywordflow" > if< / span > (argc < 2)< / div >
< div class = "line" > < span class = "lineno" > 59< / span > < span class = "keywordflow" > return< / span > -1;< / div >
< div class = "line" > < span class = "lineno" > 60< / span > < / div >
< div class = "line" > < span class = "lineno" > 61< / span > < span class = "comment" > // read in lib file...< / span > < / div >
< div class = "line" > < span class = "lineno" > 62< / span > std::ifstream f(argv[1], std::ios::binary);< / div >
< div class = "line" > < span class = "lineno" > 63< / span > < span class = "keyword" > auto< / span > fsize = fs::file_size(fs::path(argv[1]));< / div >
< div class = "line" > < span class = "lineno" > 64< / span > std::vector< std::uint8_t> fdata;< / div >
< div class = "line" > < span class = "lineno" > 65< / span > fdata.resize(fsize);< / div >
< div class = "line" > < span class = "lineno" > 66< / span > f.read((< span class = "keywordtype" > char< / span > *)fdata.data(), fsize);< / div >
< div class = "line" > < span class = "lineno" > 67< / span > < / div >
< div class = "line" > < span class = "lineno" > 68< / span > LoadLibraryA(< span class = "stringliteral" > " user32.dll" < / span > );< / div >
< div class = "line" > < span class = "lineno" > 69< / span > LoadLibraryA(< span class = "stringliteral" > " win32u.dll" < / span > );< / div >
< div class = "line" > < span class = "lineno" > 70< / span > < / div >
< div class = "line" > < span class = "lineno" > 71< / span > < span class = "comment" > // declare your allocator, resolver, and copier lambda functions.< / span > < / div >
< div class = "line" > < span class = "lineno" > 72< / span > < span class = "comment" > //< / span > < / div >
< div class = "line" > < span class = "lineno" > 73< / span > < / div >
< div class = "line" > < span class = "lineno" > 74< / span > < a class = "code hl_typedef" href = "../../da/dbd/namespacetheo_1_1recomp.html#a96995cb0c5291dce945760c3d8f55241" title = "a function which is called to allocate space for a symbol." > theo::recomp::allocator_t< / a > allocator =< / div >
< div class = "line" > < span class = "lineno" > 75< / span > [& ](std::uint32_t size,< / div >
< div class = "line" > < span class = "lineno" > 76< / span > coff::section_characteristics_t section_type) -> std::uintptr_t {< / div >
< div class = "line" > < span class = "lineno" > 77< / span > < span class = "keywordflow" > return< / span > < span class = "keyword" > reinterpret_cast< < / span > std::uintptr_t< span class = "keyword" > > < / span > (VirtualAlloc(< / div >
< div class = "line" > < span class = "lineno" > 78< / span > NULL, size, MEM_COMMIT | MEM_RESERVE,< / div >
< div class = "line" > < span class = "lineno" > 79< / span > section_type.mem_execute ? PAGE_EXECUTE_READWRITE : PAGE_READWRITE));< / div >
< div class = "line" > < span class = "lineno" > 80< / span > };< / div >
< div class = "line" > < span class = "lineno" > 81< / span > < / div >
< div class = "line" > < span class = "lineno" > 82< / span > < a class = "code hl_typedef" href = "../../da/dbd/namespacetheo_1_1recomp.html#a604e81450773453df676c3b573651adc" title = "a function which is called by recomp_t to copy symbols into memory." > theo::recomp::copier_t< / a > copier = [& ](std::uintptr_t ptr, < span class = "keywordtype" > void< / span > * buff,< / div >
< div class = "line" > < span class = "lineno" > 83< / span > std::uint32_t size) {< / div >
< div class = "line" > < span class = "lineno" > 84< / span > std::memcpy((< span class = "keywordtype" > void< / span > *)ptr, buff, size);< / div >
< div class = "line" > < span class = "lineno" > 85< / span > };< / div >
< div class = "line" > < span class = "lineno" > 86< / span > < / div >
< div class = "line" > < span class = "lineno" > 87< / span > < a class = "code hl_typedef" href = "../../da/dbd/namespacetheo_1_1recomp.html#a7364f8c94855a2a871a9d6e1057989f3" title = "a function which is called by recomp_t to resolve external symbols" > theo::recomp::resolver_t< / a > resolver = [& ](std::string sym) -> std::uintptr_t {< / div >
< div class = "line" > < span class = "lineno" > 88< / span > < span class = "keyword" > auto< / span > loaded_modules = std::make_unique< HMODULE[]> (64);< / div >
< div class = "line" > < span class = "lineno" > 89< / span > std::uintptr_t result = 0u, loaded_module_sz = 0u;< / div >
< div class = "line" > < span class = "lineno" > 90< / span > < span class = "keywordflow" > if< / span > (!EnumProcessModules(GetCurrentProcess(), loaded_modules.get(), 512,< / div >
< div class = "line" > < span class = "lineno" > 91< / span > (PDWORD)& loaded_module_sz))< / div >
< div class = "line" > < span class = "lineno" > 92< / span > < span class = "keywordflow" > return< / span > {};< / div >
< div class = "line" > < span class = "lineno" > 93< / span > < / div >
< div class = "line" > < span class = "lineno" > 94< / span > < span class = "keywordflow" > for< / span > (< span class = "keyword" > auto< / span > i = 0u; i < loaded_module_sz / 8u; i++) {< / div >
< div class = "line" > < span class = "lineno" > 95< / span > < span class = "keywordtype" > wchar_t< / span > file_name[MAX_PATH] = L< span class = "stringliteral" > " " < / span > ;< / div >
< div class = "line" > < span class = "lineno" > 96< / span > < span class = "keywordflow" > if< / span > (!GetModuleFileNameExW(GetCurrentProcess(), loaded_modules.get()[i],< / div >
< div class = "line" > < span class = "lineno" > 97< / span > file_name, _countof(file_name)))< / div >
< div class = "line" > < span class = "lineno" > 98< / span > < span class = "keywordflow" > continue< / span > ;< / div >
< div class = "line" > < span class = "lineno" > 99< / span > < / div >
< div class = "line" > < span class = "lineno" > 100< / span > < span class = "keywordflow" > if< / span > ((result = < span class = "keyword" > reinterpret_cast< < / span > std::uintptr_t< span class = "keyword" > > < / span > (< / div >
< div class = "line" > < span class = "lineno" > 101< / span > GetProcAddress(LoadLibraryW(file_name), sym.c_str()))))< / div >
< div class = "line" > < span class = "lineno" > 102< / span > < span class = "keywordflow" > break< / span > ;< / div >
< div class = "line" > < span class = "lineno" > 103< / span > }< / div >
< div class = "line" > < span class = "lineno" > 104< / span > < span class = "keywordflow" > return< / span > result;< / div >
< div class = "line" > < span class = "lineno" > 105< / span > };< / div >
< div class = "line" > < span class = "lineno" > 106< / span > < / div >
< div class = "line" > < span class = "lineno" > 107< / span > < span class = "comment" > // init enc/dec tables only once... important that this is done before adding< / span > < / div >
< div class = "line" > < span class = "lineno" > 108< / span > < span class = "comment" > // obfuscation passes to the engine...< / span > < / div >
< div class = "line" > < span class = "lineno" > 109< / span > < span class = "comment" > //< / span > < / div >
< div class = "line" > < span class = "lineno" > 110< / span > xed_tables_init();< / div >
< div class = "line" > < span class = "lineno" > 111< / span > < / div >
< div class = "line" > < span class = "lineno" > 112< / span > < span class = "comment" > // order matters, the order in which the pass is added is the order they< / span > < / div >
< div class = "line" > < span class = "lineno" > 113< / span > < span class = "comment" > // will be executed!< / span > < / div >
< div class = "line" > < span class = "lineno" > 114< / span > < span class = "comment" > //< / span > < / div >
< div class = "line" > < span class = "lineno" > 115< / span > < span class = "keyword" > auto< / span > engine = < a class = "code hl_function" href = "../../d9/d18/classtheo_1_1obf_1_1engine__t.html#a58715f5c3ade824a65e602aba570040e" title = "get the singleton object of this class." > theo::obf::engine_t::get< / a > ();< / div >
< div class = "line" > < span class = "lineno" > 116< / span > < / div >
< div class = "line" > < span class = "lineno" > 117< / span > < span class = "comment" > // add in our hello world pass here< / span > < / div >
< div class = "line" > < span class = "lineno" > 118< / span > < span class = "comment" > //< / span > < / div >
< div class = "line" > < span class = "lineno" > 119< / span > engine-> add_pass(< a class = "code hl_function" href = "../../d5/d6a/classtheo_1_1obf_1_1hello__world__pass__t.html#aa556436f48335fe485d96ebc44ac2293" > theo::obf::hello_world_pass_t::get< / a > ());< / div >
< div class = "line" > < span class = "lineno" > 120< / span > < / div >
< div class = "line" > < span class = "lineno" > 121< / span > < span class = "comment" > // add the rest of the passes in this order. this order is important.< / span > < / div >
< div class = "line" > < span class = "lineno" > 122< / span > < span class = "comment" > //< / span > < / div >
< div class = "line" > < span class = "lineno" > 123< / span > engine-> add_pass(< a class = "code hl_function" href = "../../dc/d39/classtheo_1_1obf_1_1reloc__transform__pass__t.html#a89aa46da5f721057cd8cf5189207d464" > theo::obf::reloc_transform_pass_t::get< / a > ());< / div >
< div class = "line" > < span class = "lineno" > 124< / span > engine-> add_pass(< a class = "code hl_function" href = "../../d5/d08/classtheo_1_1obf_1_1next__inst__pass__t.html#a964e6f5291ccba0442519f2563b3a2e9" > theo::obf::next_inst_pass_t::get< / a > ());< / div >
< div class = "line" > < span class = "lineno" > 125< / span > engine-> add_pass(< a class = "code hl_function" href = "../../d6/dc1/classtheo_1_1obf_1_1jcc__rewrite__pass__t.html#afc17278f751fe3f5868c988faffb3c92" > theo::obf::jcc_rewrite_pass_t::get< / a > ());< / div >
< div class = "line" > < span class = "lineno" > 126< / span > < / div >
< div class = "line" > < span class = "lineno" > 127< / span > std::string entry_name;< / div >
< div class = "line" > < span class = "lineno" > 128< / span > std::cout < < < span class = "stringliteral" > " enter the name of the entry point: " < / span > ;< / div >
< div class = "line" > < span class = "lineno" > 129< / span > std::cin > > entry_name;< / div >
< div class = "line" > < span class = "lineno" > 130< / span > < / div >
< div class = "line" > < span class = "lineno" > 131< / span > < span class = "comment" > // create a theo object and pass in the lib, your allocator, copier, and< / span > < / div >
< div class = "line" > < span class = "lineno" > 132< / span > < span class = "comment" > // resolver functions, as well as the entry point symbol name.< / span > < / div >
< div class = "line" > < span class = "lineno" > 133< / span > < span class = "comment" > //< / span > < / div >
< div class = "line" > < span class = "lineno" > 134< / span > < a class = "code hl_class" href = "../../d9/dbc/classtheo_1_1theo__t.html" title = "the main class which encapsulates a symbol table, decomp, and recomp objects. This class is a bridge ..." > theo::theo_t< / a > t(fdata, {allocator, copier, resolver}, entry_name.data());< / div >
< div class = "line" > < span class = "lineno" > 135< / span > < / div >
< div class = "line" > < span class = "lineno" > 136< / span > < span class = "comment" > // call the decompose method to decompose the lib into coff files and extract< / span > < / div >
< div class = "line" > < span class = "lineno" > 137< / span > < span class = "comment" > // the symbols that are used. the result of this call will be an optional< / span > < / div >
< div class = "line" > < span class = "lineno" > 138< / span > < span class = "comment" > // value containing the number of symbols extracted.< / span > < / div >
< div class = "line" > < span class = "lineno" > 139< / span > < span class = "comment" > //< / span > < / div >
< div class = "line" > < span class = "lineno" > 140< / span > < span class = "keyword" > auto< / span > res = t.decompose();< / div >
< div class = "line" > < span class = "lineno" > 141< / span > < / div >
< div class = "line" > < span class = "lineno" > 142< / span > < span class = "keywordflow" > if< / span > (!res.has_value()) {< / div >
< div class = "line" > < span class = "lineno" > 143< / span > spdlog::error(< span class = "stringliteral" > " decomposition failed...\n" < / span > );< / div >
< div class = "line" > < span class = "lineno" > 144< / span > < span class = "keywordflow" > return< / span > -1;< / div >
< div class = "line" > < span class = "lineno" > 145< / span > }< / div >
< div class = "line" > < span class = "lineno" > 146< / span > < / div >
< div class = "line" > < span class = "lineno" > 147< / span > spdlog::info(< span class = "stringliteral" > " decomposed {} symbols..." < / span > , res.value());< / div >
< div class = "line" > < span class = "lineno" > 148< / span > < span class = "keyword" > auto< / span > entry_pnt = t.compose();< / div >
< div class = "line" > < span class = "lineno" > 149< / span > spdlog::info(< span class = "stringliteral" > " entry point address: {:X}" < / span > , entry_pnt);< / div >
< div class = "line" > < span class = "lineno" > 150< / span > < span class = "keyword" > reinterpret_cast< < / span > < span class = "keywordtype" > void< / span > (*)()< span class = "keyword" > > < / span > (entry_pnt)();< / div >
< div class = "line" > < span class = "lineno" > 151< / span > }< / div >
< / div > <!-- fragment -->
< p class = "reference" > References < a class = "el" href = "../../d2/d26/theo_8cpp_source.html#l00056" > theo::theo_t::compose()< / a > , < a class = "el" href = "../../d2/d26/theo_8cpp_source.html#l00045" > theo::theo_t::decompose()< / a > , < a class = "el" href = "../../db/dae/hello__world__pass_8hpp_source.html#l00045" > theo::obf::hello_world_pass_t::get()< / a > , < a class = "el" href = "../../da/d5c/engine_8cpp_source.html#l00034" > theo::obf::engine_t::get()< / a > , < a class = "el" href = "../../d9/db4/jcc__rewrite__pass_8cpp_source.html#l00035" > theo::obf::jcc_rewrite_pass_t::get()< / a > , < a class = "el" href = "../../df/d7d/next__inst__pass_8cpp_source.html#l00034" > theo::obf::next_inst_pass_t::get()< / a > , and < a class = "el" href = "../../d6/da4/reloc__transform__pass_8cpp_source.html#l00034" > theo::obf::reloc_transform_pass_t::get()< / a > .< / p >
< / div >
< / div >
< / div > <!-- contents -->
<!-- start footer part -->
< hr class = "footer" / > < address class = "footer" > < small >
Generated by  < a href = "https://www.doxygen.org/index.html" > < img class = "footer" src = "../../doxygen.svg" width = "104" height = "31" alt = "doxygen" / > < / a > 1.9.3
< / small > < / address >
< / body >
< / html >
