mirror of https://github.com/vxunderground/VX-API
parent
6c7a892c91
commit
cc8255f356
|
@ -3,7 +3,7 @@ managed by [vx-underground](https://vx-underground.org) | follow us on [Twitter]
|
|||
|
||||
# VX-API
|
||||
|
||||
Version: 2.0.293
|
||||
Version: 2.0.298
|
||||
|
||||
Developer: smelly__vx
|
||||
|
||||
|
@ -153,14 +153,14 @@ You're free to use this in any manner you please. You do not need to use this en
|
|||
| Function Name | Note | Fixed |
|
||||
| ------------- | ---- | ----- |
|
||||
| StringToken | Needs revision, buggy | N/A |
|
||||
| CreateProcessFromIShellDispatchInvoke | TryDllMultiMethod | N/A |
|
||||
| UnusedSubroutineGetShellViewForDesktop | TryDllMultiMethod | N/A |
|
||||
| DelayedExecutionExecuteOnDisplayOff | TryDllMultiMethod | N/A |
|
||||
| GetPidFromWindowsTerminalService | TryDllMultiMethod | N/A |
|
||||
| GetCurrentUserSid | TryDllMultiMethod | N/A |
|
||||
| NtQueryOpenSubKeysEx | admin required | N/A |
|
||||
| GetProcessBinaryNameFromHwndW | make A variant | N/A |
|
||||
| MpfComMonitorChromeSessionOnce | Usability improvements needed | N/A |
|
||||
| ~~GetCurrentUserSid~~ | ~~TryDllMultiMethod~~ |October 29th, 2022 |
|
||||
| ~~GetProcessBinaryNameFromHwndW~~ | ~~make A variant~~ | October 29th, 2022 |
|
||||
| ~~CreateProcessFromIShellDispatchInvoke~~ | ~~TryDllMultiMethod~~ | October 29th, 2022 |
|
||||
| ~~ShellcodeExecViaCertFindChainInStore~~ | ~~Buggy, unstable~~ | October 23rd, 2022 |
|
||||
| ~~RecursiveFindFile~~ | ~~TryDllMultiMethod~~ | October 21th, 2022 |
|
||||
| ~~UrlDownloadToFileSynchronous~~ | ~~TryDllMultiMethod~~ | October 21th, 2022 |
|
||||
|
|
|
@ -15,7 +15,7 @@ DWORD CreateProcessFromIShellDispatchInvokeW(_In_ PWCHAR BinaryPath)
|
|||
DISPPARAMS DispatchParameters;
|
||||
LPOLESTR MemberString = (PWCHAR)L"ShellExecute";
|
||||
|
||||
hModule = LoadLibraryW(L"Shell32.dll");
|
||||
hModule = TryLoadDllMultiMethodW((PWCHAR)L"Shell32.dll");
|
||||
if (hModule == NULL)
|
||||
return GetLastErrorFromTeb();
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@ LPWSTR GetCurrentUserSidW(VOID)
|
|||
HMODULE hAdvapi = NULL;
|
||||
HANDLE hToken = NULL;
|
||||
|
||||
hAdvapi = LoadLibraryW(L"Advapi32.dll");
|
||||
hAdvapi = TryLoadDllMultiMethodW((PWCHAR)L"Advapi32.dll");
|
||||
if (hAdvapi == NULL)
|
||||
goto EXIT_ROUTINE;
|
||||
|
||||
|
@ -99,7 +99,7 @@ LPSTR GetCurrentUserSidA(VOID)
|
|||
HMODULE hAdvapi = NULL;
|
||||
HANDLE hToken = NULL;
|
||||
|
||||
hAdvapi = LoadLibraryW(L"Advapi32.dll");
|
||||
hAdvapi = TryLoadDllMultiMethodW((PWCHAR)L"Advapi32.dll");
|
||||
if (hAdvapi == NULL)
|
||||
goto EXIT_ROUTINE;
|
||||
|
||||
|
|
|
@ -26,6 +26,40 @@ BOOL GetProcessBinaryNameFromHwndW(_In_ HWND ProcessHwnd, _Inout_ PWCHAR BinaryN
|
|||
|
||||
bFlag = TRUE;
|
||||
|
||||
EXIT_ROUTINE:
|
||||
|
||||
if (hHandle)
|
||||
CloseHandle(hHandle);
|
||||
|
||||
return bFlag;
|
||||
}
|
||||
|
||||
BOOL GetProcessBinaryNameFromHwndA(_In_ HWND ProcessHwnd, _Inout_ PCHAR BinaryName, _In_ DWORD BufferSize)
|
||||
{
|
||||
CHAR Buffer[MAX_PATH * sizeof(WCHAR)] = { 0 };
|
||||
DWORD ProcessId = ERROR_SUCCESS;
|
||||
HANDLE hHandle = NULL;
|
||||
BOOL bFlag = FALSE;
|
||||
DWORD dwError = 0;
|
||||
DWORD dwLength = MAX_PATH * sizeof(WCHAR);
|
||||
|
||||
GetWindowThreadProcessId(ProcessHwnd, &ProcessId);
|
||||
|
||||
hHandle = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, ProcessId);
|
||||
if (hHandle == NULL)
|
||||
return FALSE;
|
||||
|
||||
if (!QueryFullProcessImageNameA(hHandle, 0, Buffer, &dwLength))
|
||||
goto EXIT_ROUTINE;
|
||||
|
||||
if (MAX_PATH * sizeof(WCHAR) > BufferSize)
|
||||
goto EXIT_ROUTINE;
|
||||
|
||||
if (StringCopyA(BinaryName, Buffer) == NULL)
|
||||
goto EXIT_ROUTINE;
|
||||
|
||||
bFlag = TRUE;
|
||||
|
||||
EXIT_ROUTINE:
|
||||
|
||||
if (hHandle)
|
||||
|
|
|
@ -172,6 +172,7 @@ HMODULE TryLoadDllMultiMethodW(_In_ PWCHAR DllName);
|
|||
HMODULE TryLoadDllMultiMethodA(_In_ PCHAR DllName);
|
||||
DWORD CreateThreadAndWaitForCompletion(_In_ LPTHREAD_START_ROUTINE StartAddress, _In_ LPVOID Parameters, _In_ DWORD dwMilliseconds);
|
||||
BOOL GetProcessBinaryNameFromHwndW(_In_ HWND ProcessHwnd, _Inout_ PWCHAR BinaryName, _In_ DWORD BufferSize);
|
||||
BOOL GetProcessBinaryNameFromHwndA(_In_ HWND ProcessHwnd, _Inout_ PCHAR BinaryName, _In_ DWORD BufferSize)
|
||||
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue