Mirrors
/
vxug-VXAPI
mirror of https://github.com/vxunderground/VX-API
6
0
Fork 0
Code Issues Projects Releases Wiki Activity

2.0.332 

2.0.332
This commit is contained in:
vxunderground 2022-11-02 22:32:43 -05:00
parent 17a9197a17
commit 44160f79d4
3 changed files with 52 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -3,7 +3,7 @@ managed by [vx-underground](https://vx-underground.org) | follow us on [Twitter]
# VX-API
Version: 2.0.328
Version: 2.0.332
Developer: smelly__vx
@ -157,6 +157,7 @@ You're free to use this in any manner you please. You do not need to use this en
| ------------- | ---- | ----- |
| StringToken | Needs revision, buggy | N/A |
| NtQueryOpenSubKeysEx | admin required | N/A |
| ManualResourceDataFetching by Orca | Review and complete | N/A |
| MpfComMonitorChromeSessionOnce | Usability improvements needed | N/A |
| ~~DelayedExecutionExecuteOnDisplayOff~~ | ~~TryDllMultiMethod~~ | October 30th, 2022 |
| ~~GetPidFromWindowsTerminalService~~ | ~~TryDllMultiMethod~~ | October 30th, 2022 |

4
VX-API/Main.cpp
View File

@ -43,9 +43,9 @@ int main(VOID)
SHELLCODE_EXECUTION_INFORMATION Sei = { 0 };
Sei.Payload = GlobalOpenCalcPayload;
Sei.dwLengthOfPayloadInBytes = 277;
Sei.MethodEnum = E_ENUMPWRSCHEMES;
Sei.MethodEnum = E_ENUMERATELOADEDMODULES;
//ShellcodeExecutionViaFunctionCallbackMain(&Sei);
ShellcodeExecutionViaFunctionCallbackMain(&Sei);
return dwError;
}

101
VX-API/ManualResourceDataFetching.cpp
View File

@ -1,54 +1,49 @@
#include <Windows.h>
#include <stdio.h>
BOOL GetResourceData(HMODULE hModule, WORD ResourceId, PVOID* ppResourceRawData, PDWORD psResourceDataSize) {
CHAR* pBaseAddr = (CHAR*)hModule;
PIMAGE_DOS_HEADER pImgDosHdr = (PIMAGE_DOS_HEADER)pBaseAddr;
PIMAGE_NT_HEADERS pImgNTHdr = (PIMAGE_NT_HEADERS)(pBaseAddr + pImgDosHdr->e_lfanew);
PIMAGE_OPTIONAL_HEADER pImgOptionalHdr = (PIMAGE_OPTIONAL_HEADER)&pImgNTHdr->OptionalHeader;
PIMAGE_DATA_DIRECTORY pDataDir = (PIMAGE_DATA_DIRECTORY)&pImgOptionalHdr->DataDirectory[IMAGE_DIRECTORY_ENTRY_RESOURCE];
PIMAGE_RESOURCE_DIRECTORY pResourceDir = NULL, pResourceDir2 = NULL, pResourceDir3 = NULL;
PIMAGE_RESOURCE_DIRECTORY_ENTRY pResourceEntry = NULL, pResourceEntry2 = NULL, pResourceEntry3 = NULL;
PIMAGE_RESOURCE_DATA_ENTRY pResource = NULL;
pResourceDir = (PIMAGE_RESOURCE_DIRECTORY)(pBaseAddr + pDataDir->VirtualAddress);
pResourceEntry = (IMAGE_RESOURCE_DIRECTORY_ENTRY*)(pResourceDir + 1);
for (size_t i = 0; i < (pResourceDir->NumberOfNamedEntries + pResourceDir->NumberOfIdEntries); i++) {
if (pResourceEntry[i].DataIsDirectory == 0)
break;
pResourceDir2 = (PIMAGE_RESOURCE_DIRECTORY)(pBaseAddr + pDataDir->VirtualAddress + (pResourceEntry[i].OffsetToDirectory & 0x7FFFFFFF));
pResourceEntry2 = (PIMAGE_RESOURCE_DIRECTORY_ENTRY)(pResourceDir2 + 1);
if (pResourceEntry2->DataIsDirectory == 1 && pResourceEntry2->Id == ResourceId){
pResourceDir3 = (PIMAGE_RESOURCE_DIRECTORY)(pBaseAddr + pDataDir->VirtualAddress + (pResourceEntry2->OffsetToDirectory & 0x7FFFFFFF));
pResourceEntry3 = (PIMAGE_RESOURCE_DIRECTORY_ENTRY)(pResourceDir3 + 1);
pResource = (PIMAGE_RESOURCE_DATA_ENTRY)(pBaseAddr + pDataDir->VirtualAddress + (pResourceEntry3->OffsetToData & 0x7FFFFFFF));
*ppResourceRawData = (PVOID)(pBaseAddr + (pResource->OffsetToData));
*psResourceDataSize = pResource->Size;
break;
}
}
if (*ppResourceRawData != NULL && *psResourceDataSize != NULL)
return TRUE;
return FALSE;
}
#include "Win32Helper.h"
//
//BOOL GetResourceData(HMODULE hModule, WORD ResourceId, PVOID* ppResourceRawData, PDWORD psResourceDataSize) {
//
// CHAR* pBaseAddr = (CHAR*)hModule;
// PIMAGE_DOS_HEADER pImgDosHdr = (PIMAGE_DOS_HEADER)pBaseAddr;
// PIMAGE_NT_HEADERS pImgNTHdr = (PIMAGE_NT_HEADERS)(pBaseAddr + pImgDosHdr->e_lfanew);
// PIMAGE_OPTIONAL_HEADER pImgOptionalHdr = (PIMAGE_OPTIONAL_HEADER)&pImgNTHdr->OptionalHeader;
// PIMAGE_DATA_DIRECTORY pDataDir = (PIMAGE_DATA_DIRECTORY)&pImgOptionalHdr->DataDirectory[IMAGE_DIRECTORY_ENTRY_RESOURCE];
//
// PIMAGE_RESOURCE_DIRECTORY pResourceDir = NULL, pResourceDir2 = NULL, pResourceDir3 = NULL;
// PIMAGE_RESOURCE_DIRECTORY_ENTRY pResourceEntry = NULL, pResourceEntry2 = NULL, pResourceEntry3 = NULL;
//
// PIMAGE_RESOURCE_DATA_ENTRY pResource = NULL;
//
//
// pResourceDir = (PIMAGE_RESOURCE_DIRECTORY)(pBaseAddr + pDataDir->VirtualAddress);
// pResourceEntry = (IMAGE_RESOURCE_DIRECTORY_ENTRY*)(pResourceDir + 1);
//
//
// for (size_t i = 0; i < (pResourceDir->NumberOfNamedEntries + pResourceDir->NumberOfIdEntries); i++) {
//
// if (pResourceEntry[i].DataIsDirectory == 0)
// break;
//
// pResourceDir2 = (PIMAGE_RESOURCE_DIRECTORY)(pBaseAddr + pDataDir->VirtualAddress + (pResourceEntry[i].OffsetToDirectory & 0x7FFFFFFF));
// pResourceEntry2 = (PIMAGE_RESOURCE_DIRECTORY_ENTRY)(pResourceDir2 + 1);
//
// if (pResourceEntry2->DataIsDirectory == 1 && pResourceEntry2->Id == ResourceId){
//
// pResourceDir3 = (PIMAGE_RESOURCE_DIRECTORY)(pBaseAddr + pDataDir->VirtualAddress + (pResourceEntry2->OffsetToDirectory & 0x7FFFFFFF));
// pResourceEntry3 = (PIMAGE_RESOURCE_DIRECTORY_ENTRY)(pResourceDir3 + 1);
//
// pResource = (PIMAGE_RESOURCE_DATA_ENTRY)(pBaseAddr + pDataDir->VirtualAddress + (pResourceEntry3->OffsetToData & 0x7FFFFFFF));
//
// *ppResourceRawData = (PVOID)(pBaseAddr + (pResource->OffsetToData));
// *psResourceDataSize = pResource->Size;
//
// break;
// }
//
// }
//
// if (*ppResourceRawData != NULL && *psResourceDataSize != NULL)
// return TRUE;
//
// return FALSE;
//}