You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
242 lines
19 KiB
242 lines
19 KiB
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
|
|
<meta http-equiv="X-UA-Compatible" content="IE=11"/>
|
|
<meta name="generator" content="Doxygen 1.9.3"/>
|
|
<meta name="viewport" content="width=device-width, initial-scale=1"/>
|
|
<title>Theodosius: examples/demo/main.cpp File Reference</title>
|
|
<link href="../../tabs.css" rel="stylesheet" type="text/css"/>
|
|
<script type="text/javascript" src="../../jquery.js"></script>
|
|
<script type="text/javascript" src="../../dynsections.js"></script>
|
|
<link href="../../search/search.css" rel="stylesheet" type="text/css"/>
|
|
<script type="text/javascript" src="../../search/searchdata.js"></script>
|
|
<script type="text/javascript" src="../../search/search.js"></script>
|
|
<link href="../../doxygen.css" rel="stylesheet" type="text/css" />
|
|
</head>
|
|
<body>
|
|
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
|
|
<div id="titlearea">
|
|
<table cellspacing="0" cellpadding="0">
|
|
<tbody>
|
|
<tr id="projectrow">
|
|
<td id="projectlogo"><img alt="Logo" src="../../icon.png"/></td>
|
|
<td id="projectalign">
|
|
<div id="projectname">Theodosius<span id="projectnumber"> v3.0</span>
|
|
</div>
|
|
<div id="projectbrief">Jit linker, symbol mapper, and obfuscator</div>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
<!-- end header part -->
|
|
<!-- Generated by Doxygen 1.9.3 -->
|
|
<script type="text/javascript">
|
|
/* @license magnet:?xt=urn:btih:d3d9a9a6595521f9666a5e94cc830dab83b65699&dn=expat.txt MIT */
|
|
var searchBox = new SearchBox("searchBox", "../../search",'Search','.html');
|
|
/* @license-end */
|
|
</script>
|
|
<script type="text/javascript" src="../../menudata.js"></script>
|
|
<script type="text/javascript" src="../../menu.js"></script>
|
|
<script type="text/javascript">
|
|
/* @license magnet:?xt=urn:btih:d3d9a9a6595521f9666a5e94cc830dab83b65699&dn=expat.txt MIT */
|
|
$(function() {
|
|
initMenu('../../',true,false,'search.php','Search');
|
|
$(document).ready(function() { init_search(); });
|
|
});
|
|
/* @license-end */
|
|
</script>
|
|
<div id="main-nav"></div>
|
|
<!-- window showing the filter options -->
|
|
<div id="MSearchSelectWindow"
|
|
onmouseover="return searchBox.OnSearchSelectShow()"
|
|
onmouseout="return searchBox.OnSearchSelectHide()"
|
|
onkeydown="return searchBox.OnSearchSelectKey(event)">
|
|
</div>
|
|
|
|
<!-- iframe showing the search results (closed by default) -->
|
|
<div id="MSearchResultsWindow">
|
|
<iframe src="javascript:void(0)" frameborder="0"
|
|
name="MSearchResults" id="MSearchResults">
|
|
</iframe>
|
|
</div>
|
|
|
|
<div id="nav-path" class="navpath">
|
|
<ul>
|
|
<li class="navelem"><a class="el" href="../../dir_d28a4824dc47e487b107a5db32ef43c4.html">examples</a></li><li class="navelem"><a class="el" href="../../dir_e05ad14af1d92d65b2ce06383c709496.html">demo</a></li> </ul>
|
|
</div>
|
|
</div><!-- top -->
|
|
<div class="header">
|
|
<div class="summary">
|
|
<a href="#func-members">Functions</a> </div>
|
|
<div class="headertitle"><div class="title">main.cpp File Reference</div></div>
|
|
</div><!--header-->
|
|
<div class="contents">
|
|
<div class="textblock"><code>#include <Windows.h></code><br />
|
|
<code>#include <psapi.h></code><br />
|
|
<code>#include <filesystem></code><br />
|
|
<code>#include <fstream></code><br />
|
|
<code>#include <iostream></code><br />
|
|
<code>#include <spdlog/spdlog.h></code><br />
|
|
<code>#include <<a class="el" href="../../d2/d24/theo_8hpp_source.html">theo.hpp</a>></code><br />
|
|
<code>#include <<a class="el" href="../../de/d46/engine_8hpp_source.html">obf/engine.hpp</a>></code><br />
|
|
<code>#include <<a class="el" href="../../d2/df9/jcc__rewrite__pass_8hpp_source.html">obf/passes/jcc_rewrite_pass.hpp</a>></code><br />
|
|
<code>#include <<a class="el" href="../../d5/d54/next__inst__pass_8hpp_source.html">obf/passes/next_inst_pass.hpp</a>></code><br />
|
|
<code>#include <<a class="el" href="../../de/d64/reloc__transform__pass_8hpp_source.html">obf/passes/reloc_transform_pass.hpp</a>></code><br />
|
|
<code>#include "<a class="el" href="../../db/dae/hello__world__pass_8hpp_source.html">hello_world_pass.hpp</a>"</code><br />
|
|
</div>
|
|
<p><a href="../../df/d0a/main_8cpp_source.html">Go to the source code of this file.</a></p>
|
|
<table class="memberdecls">
|
|
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a id="func-members" name="func-members"></a>
|
|
Functions</h2></td></tr>
|
|
<tr class="memitem:a0ddf1224851353fc92bfbff6f499fa97"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="../../df/d0a/main_8cpp.html#a0ddf1224851353fc92bfbff6f499fa97">main</a> (int argc, char *argv[])</td></tr>
|
|
<tr class="memdesc:a0ddf1224851353fc92bfbff6f499fa97"><td class="mdescLeft"> </td><td class="mdescRight">example usage of how to interface with theo. please refer to the source code of this function for details. <a href="../../df/d0a/main_8cpp.html#a0ddf1224851353fc92bfbff6f499fa97">More...</a><br /></td></tr>
|
|
<tr class="separator:a0ddf1224851353fc92bfbff6f499fa97"><td class="memSeparator" colspan="2"> </td></tr>
|
|
</table>
|
|
<h2 class="groupheader">Function Documentation</h2>
|
|
<a id="a0ddf1224851353fc92bfbff6f499fa97" name="a0ddf1224851353fc92bfbff6f499fa97"></a>
|
|
<h2 class="memtitle"><span class="permalink"><a href="#a0ddf1224851353fc92bfbff6f499fa97">◆ </a></span>main()</h2>
|
|
|
|
<div class="memitem">
|
|
<div class="memproto">
|
|
<table class="memname">
|
|
<tr>
|
|
<td class="memname">int main </td>
|
|
<td>(</td>
|
|
<td class="paramtype">int </td>
|
|
<td class="paramname"><em>argc</em>, </td>
|
|
</tr>
|
|
<tr>
|
|
<td class="paramkey"></td>
|
|
<td></td>
|
|
<td class="paramtype">char * </td>
|
|
<td class="paramname"><em>argv</em>[] </td>
|
|
</tr>
|
|
<tr>
|
|
<td></td>
|
|
<td>)</td>
|
|
<td></td><td></td>
|
|
</tr>
|
|
</table>
|
|
</div><div class="memdoc">
|
|
|
|
<p>example usage of how to interface with theo. please refer to the source code of this function for details. </p>
|
|
<dl class="params"><dt>Parameters</dt><dd>
|
|
<table class="params">
|
|
<tr><td class="paramname">argc</td><td></td></tr>
|
|
<tr><td class="paramname">argv</td><td></td></tr>
|
|
</table>
|
|
</dd>
|
|
</dl>
|
|
<dl class="section return"><dt>Returns</dt><dd></dd></dl>
|
|
|
|
<p class="definition">Definition at line <a class="el" href="../../df/d0a/main_8cpp_source.html#l00057">57</a> of file <a class="el" href="../../df/d0a/main_8cpp_source.html">main.cpp</a>.</p>
|
|
<div class="fragment"><div class="line"><span class="lineno"> 57</span> {</div>
|
|
<div class="line"><span class="lineno"> 58</span> <span class="keywordflow">if</span> (argc < 2)</div>
|
|
<div class="line"><span class="lineno"> 59</span> <span class="keywordflow">return</span> -1;</div>
|
|
<div class="line"><span class="lineno"> 60</span> </div>
|
|
<div class="line"><span class="lineno"> 61</span> <span class="comment">// read in lib file...</span></div>
|
|
<div class="line"><span class="lineno"> 62</span> std::ifstream f(argv[1], std::ios::binary);</div>
|
|
<div class="line"><span class="lineno"> 63</span> <span class="keyword">auto</span> fsize = fs::file_size(fs::path(argv[1]));</div>
|
|
<div class="line"><span class="lineno"> 64</span> std::vector<std::uint8_t> fdata;</div>
|
|
<div class="line"><span class="lineno"> 65</span> fdata.resize(fsize);</div>
|
|
<div class="line"><span class="lineno"> 66</span> f.read((<span class="keywordtype">char</span>*)fdata.data(), fsize);</div>
|
|
<div class="line"><span class="lineno"> 67</span> </div>
|
|
<div class="line"><span class="lineno"> 68</span> LoadLibraryA(<span class="stringliteral">"user32.dll"</span>);</div>
|
|
<div class="line"><span class="lineno"> 69</span> LoadLibraryA(<span class="stringliteral">"win32u.dll"</span>);</div>
|
|
<div class="line"><span class="lineno"> 70</span> </div>
|
|
<div class="line"><span class="lineno"> 71</span> <span class="comment">// declare your allocator, resolver, and copier lambda functions.</span></div>
|
|
<div class="line"><span class="lineno"> 72</span> <span class="comment">//</span></div>
|
|
<div class="line"><span class="lineno"> 73</span> </div>
|
|
<div class="line"><span class="lineno"> 74</span> <a class="code hl_typedef" href="../../da/dbd/namespacetheo_1_1recomp.html#a96995cb0c5291dce945760c3d8f55241" title="a function which is called to allocate space for a symbol.">theo::recomp::allocator_t</a> allocator =</div>
|
|
<div class="line"><span class="lineno"> 75</span> [&](std::uint32_t size,</div>
|
|
<div class="line"><span class="lineno"> 76</span> coff::section_characteristics_t section_type) -> std::uintptr_t {</div>
|
|
<div class="line"><span class="lineno"> 77</span> <span class="keywordflow">return</span> <span class="keyword">reinterpret_cast<</span>std::uintptr_t<span class="keyword">></span>(VirtualAlloc(</div>
|
|
<div class="line"><span class="lineno"> 78</span> NULL, size, MEM_COMMIT | MEM_RESERVE,</div>
|
|
<div class="line"><span class="lineno"> 79</span> section_type.mem_execute ? PAGE_EXECUTE_READWRITE : PAGE_READWRITE));</div>
|
|
<div class="line"><span class="lineno"> 80</span> };</div>
|
|
<div class="line"><span class="lineno"> 81</span> </div>
|
|
<div class="line"><span class="lineno"> 82</span> <a class="code hl_typedef" href="../../da/dbd/namespacetheo_1_1recomp.html#a604e81450773453df676c3b573651adc" title="a function which is called by recomp_t to copy symbols into memory.">theo::recomp::copier_t</a> copier = [&](std::uintptr_t ptr, <span class="keywordtype">void</span>* buff,</div>
|
|
<div class="line"><span class="lineno"> 83</span> std::uint32_t size) {</div>
|
|
<div class="line"><span class="lineno"> 84</span> std::memcpy((<span class="keywordtype">void</span>*)ptr, buff, size);</div>
|
|
<div class="line"><span class="lineno"> 85</span> };</div>
|
|
<div class="line"><span class="lineno"> 86</span> </div>
|
|
<div class="line"><span class="lineno"> 87</span> <a class="code hl_typedef" href="../../da/dbd/namespacetheo_1_1recomp.html#a7364f8c94855a2a871a9d6e1057989f3" title="a function which is called by recomp_t to resolve external symbols">theo::recomp::resolver_t</a> resolver = [&](std::string sym) -> std::uintptr_t {</div>
|
|
<div class="line"><span class="lineno"> 88</span> <span class="keyword">auto</span> loaded_modules = std::make_unique<HMODULE[]>(64);</div>
|
|
<div class="line"><span class="lineno"> 89</span> std::uintptr_t result = 0u, loaded_module_sz = 0u;</div>
|
|
<div class="line"><span class="lineno"> 90</span> <span class="keywordflow">if</span> (!EnumProcessModules(GetCurrentProcess(), loaded_modules.get(), 512,</div>
|
|
<div class="line"><span class="lineno"> 91</span> (PDWORD)&loaded_module_sz))</div>
|
|
<div class="line"><span class="lineno"> 92</span> <span class="keywordflow">return</span> {};</div>
|
|
<div class="line"><span class="lineno"> 93</span> </div>
|
|
<div class="line"><span class="lineno"> 94</span> <span class="keywordflow">for</span> (<span class="keyword">auto</span> i = 0u; i < loaded_module_sz / 8u; i++) {</div>
|
|
<div class="line"><span class="lineno"> 95</span> <span class="keywordtype">wchar_t</span> file_name[MAX_PATH] = L<span class="stringliteral">""</span>;</div>
|
|
<div class="line"><span class="lineno"> 96</span> <span class="keywordflow">if</span> (!GetModuleFileNameExW(GetCurrentProcess(), loaded_modules.get()[i],</div>
|
|
<div class="line"><span class="lineno"> 97</span> file_name, _countof(file_name)))</div>
|
|
<div class="line"><span class="lineno"> 98</span> <span class="keywordflow">continue</span>;</div>
|
|
<div class="line"><span class="lineno"> 99</span> </div>
|
|
<div class="line"><span class="lineno"> 100</span> <span class="keywordflow">if</span> ((result = <span class="keyword">reinterpret_cast<</span>std::uintptr_t<span class="keyword">></span>(</div>
|
|
<div class="line"><span class="lineno"> 101</span> GetProcAddress(LoadLibraryW(file_name), sym.c_str()))))</div>
|
|
<div class="line"><span class="lineno"> 102</span> <span class="keywordflow">break</span>;</div>
|
|
<div class="line"><span class="lineno"> 103</span> }</div>
|
|
<div class="line"><span class="lineno"> 104</span> <span class="keywordflow">return</span> result;</div>
|
|
<div class="line"><span class="lineno"> 105</span> };</div>
|
|
<div class="line"><span class="lineno"> 106</span> </div>
|
|
<div class="line"><span class="lineno"> 107</span> <span class="comment">// init enc/dec tables only once... important that this is done before adding</span></div>
|
|
<div class="line"><span class="lineno"> 108</span> <span class="comment">// obfuscation passes to the engine...</span></div>
|
|
<div class="line"><span class="lineno"> 109</span> <span class="comment">//</span></div>
|
|
<div class="line"><span class="lineno"> 110</span> xed_tables_init();</div>
|
|
<div class="line"><span class="lineno"> 111</span> </div>
|
|
<div class="line"><span class="lineno"> 112</span> <span class="comment">// order matters, the order in which the pass is added is the order they</span></div>
|
|
<div class="line"><span class="lineno"> 113</span> <span class="comment">// will be executed!</span></div>
|
|
<div class="line"><span class="lineno"> 114</span> <span class="comment">//</span></div>
|
|
<div class="line"><span class="lineno"> 115</span> <span class="keyword">auto</span> engine = <a class="code hl_function" href="../../d9/d18/classtheo_1_1obf_1_1engine__t.html#a58715f5c3ade824a65e602aba570040e" title="get the singleton object of this class.">theo::obf::engine_t::get</a>();</div>
|
|
<div class="line"><span class="lineno"> 116</span> </div>
|
|
<div class="line"><span class="lineno"> 117</span> <span class="comment">// add in our hello world pass here</span></div>
|
|
<div class="line"><span class="lineno"> 118</span> <span class="comment">//</span></div>
|
|
<div class="line"><span class="lineno"> 119</span> engine->add_pass(<a class="code hl_function" href="../../d5/d6a/classtheo_1_1obf_1_1hello__world__pass__t.html#aa556436f48335fe485d96ebc44ac2293">theo::obf::hello_world_pass_t::get</a>());</div>
|
|
<div class="line"><span class="lineno"> 120</span> </div>
|
|
<div class="line"><span class="lineno"> 121</span> <span class="comment">// add the rest of the passes in this order. this order is important.</span></div>
|
|
<div class="line"><span class="lineno"> 122</span> <span class="comment">//</span></div>
|
|
<div class="line"><span class="lineno"> 123</span> engine->add_pass(<a class="code hl_function" href="../../dc/d39/classtheo_1_1obf_1_1reloc__transform__pass__t.html#a89aa46da5f721057cd8cf5189207d464">theo::obf::reloc_transform_pass_t::get</a>());</div>
|
|
<div class="line"><span class="lineno"> 124</span> engine->add_pass(<a class="code hl_function" href="../../d5/d08/classtheo_1_1obf_1_1next__inst__pass__t.html#a964e6f5291ccba0442519f2563b3a2e9">theo::obf::next_inst_pass_t::get</a>());</div>
|
|
<div class="line"><span class="lineno"> 125</span> engine->add_pass(<a class="code hl_function" href="../../d6/dc1/classtheo_1_1obf_1_1jcc__rewrite__pass__t.html#afc17278f751fe3f5868c988faffb3c92">theo::obf::jcc_rewrite_pass_t::get</a>());</div>
|
|
<div class="line"><span class="lineno"> 126</span> </div>
|
|
<div class="line"><span class="lineno"> 127</span> std::string entry_name;</div>
|
|
<div class="line"><span class="lineno"> 128</span> std::cout << <span class="stringliteral">"enter the name of the entry point: "</span>;</div>
|
|
<div class="line"><span class="lineno"> 129</span> std::cin >> entry_name;</div>
|
|
<div class="line"><span class="lineno"> 130</span> </div>
|
|
<div class="line"><span class="lineno"> 131</span> <span class="comment">// create a theo object and pass in the lib, your allocator, copier, and</span></div>
|
|
<div class="line"><span class="lineno"> 132</span> <span class="comment">// resolver functions, as well as the entry point symbol name.</span></div>
|
|
<div class="line"><span class="lineno"> 133</span> <span class="comment">//</span></div>
|
|
<div class="line"><span class="lineno"> 134</span> <a class="code hl_class" href="../../d9/dbc/classtheo_1_1theo__t.html" title="the main class which encapsulates a symbol table, decomp, and recomp objects. This class is a bridge ...">theo::theo_t</a> t(fdata, {allocator, copier, resolver}, entry_name.data());</div>
|
|
<div class="line"><span class="lineno"> 135</span> </div>
|
|
<div class="line"><span class="lineno"> 136</span> <span class="comment">// call the decompose method to decompose the lib into coff files and extract</span></div>
|
|
<div class="line"><span class="lineno"> 137</span> <span class="comment">// the symbols that are used. the result of this call will be an optional</span></div>
|
|
<div class="line"><span class="lineno"> 138</span> <span class="comment">// value containing the number of symbols extracted.</span></div>
|
|
<div class="line"><span class="lineno"> 139</span> <span class="comment">//</span></div>
|
|
<div class="line"><span class="lineno"> 140</span> <span class="keyword">auto</span> res = t.decompose();</div>
|
|
<div class="line"><span class="lineno"> 141</span> </div>
|
|
<div class="line"><span class="lineno"> 142</span> <span class="keywordflow">if</span> (!res.has_value()) {</div>
|
|
<div class="line"><span class="lineno"> 143</span> spdlog::error(<span class="stringliteral">"decomposition failed...\n"</span>);</div>
|
|
<div class="line"><span class="lineno"> 144</span> <span class="keywordflow">return</span> -1;</div>
|
|
<div class="line"><span class="lineno"> 145</span> }</div>
|
|
<div class="line"><span class="lineno"> 146</span> </div>
|
|
<div class="line"><span class="lineno"> 147</span> spdlog::info(<span class="stringliteral">"decomposed {} symbols..."</span>, res.value());</div>
|
|
<div class="line"><span class="lineno"> 148</span> <span class="keyword">auto</span> entry_pnt = t.compose();</div>
|
|
<div class="line"><span class="lineno"> 149</span> spdlog::info(<span class="stringliteral">"entry point address: {:X}"</span>, entry_pnt);</div>
|
|
<div class="line"><span class="lineno"> 150</span> <span class="keyword">reinterpret_cast<</span><span class="keywordtype">void</span> (*)()<span class="keyword">></span>(entry_pnt)();</div>
|
|
<div class="line"><span class="lineno"> 151</span>}</div>
|
|
</div><!-- fragment -->
|
|
<p class="reference">References <a class="el" href="../../d2/d26/theo_8cpp_source.html#l00056">theo::theo_t::compose()</a>, <a class="el" href="../../d2/d26/theo_8cpp_source.html#l00045">theo::theo_t::decompose()</a>, <a class="el" href="../../db/dae/hello__world__pass_8hpp_source.html#l00045">theo::obf::hello_world_pass_t::get()</a>, <a class="el" href="../../da/d5c/engine_8cpp_source.html#l00034">theo::obf::engine_t::get()</a>, <a class="el" href="../../d9/db4/jcc__rewrite__pass_8cpp_source.html#l00035">theo::obf::jcc_rewrite_pass_t::get()</a>, <a class="el" href="../../df/d7d/next__inst__pass_8cpp_source.html#l00034">theo::obf::next_inst_pass_t::get()</a>, and <a class="el" href="../../d6/da4/reloc__transform__pass_8cpp_source.html#l00034">theo::obf::reloc_transform_pass_t::get()</a>.</p>
|
|
|
|
</div>
|
|
</div>
|
|
</div><!-- contents -->
|
|
<!-- start footer part -->
|
|
<hr class="footer"/><address class="footer"><small>
|
|
Generated by <a href="https://www.doxygen.org/index.html"><img class="footer" src="../../doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.9.3
|
|
</small></address>
|
|
</body>
|
|
</html>
|