remove uneccessary functions and fixed spacing

2022-12-19 14:34:08 -05:00 · 2022-12-19 14:34:08 -05:00 · 268735433b
parent 63852c5c03
commit 268735433b
3 changed files with 13 additions and 11 deletions
--- a/donut.c
+++ b/donut.c
@ -57,6 +57,7 @@ static API_IMPORT api_imports[] = {
  {KERNEL32_DLL, "WaitForSingleObject"},
  {KERNEL32_DLL, "CreateThread"},
  {KERNEL32_DLL, "CreateFileA"},
+  {KERNEL32_DLL, "GetFileSizeEx"},
  {KERNEL32_DLL, "GetThreadContext"},
  {KERNEL32_DLL, "GetCurrentThread"},
  {KERNEL32_DLL, "GetCurrentProcess"},
@ -112,8 +113,8 @@ static API_IMPORT api_imports[] = {
  {NTDLL_DLL,    "NtCreateSection"},
  {NTDLL_DLL,    "NtMapViewOfSection"},
  {NTDLL_DLL,    "NtUnmapViewOfSection"},
-  {KERNEL32_DLL, "AddVectoredExceptionHandler"},
-  {KERNEL32_DLL, "RemoveVectoredExceptionHandler"},
+  //{KERNEL32_DLL, "AddVectoredExceptionHandler"},
+  //{KERNEL32_DLL, "RemoveVectoredExceptionHandler"},
  //{NTDLL_DLL,    "RtlFreeUnicodeString"},
  //{NTDLL_DLL,    "RtlFreeString"},
  
@ -2303,7 +2304,7 @@ int main(int argc, char *argv[]) {
      printf("  [ Upload to     : %s\n", c.server);
    }
    
-    printf("  [ AMSI/WDLP/ETW     : %s\n",
+    printf("  [ AMSI/WDLP/ETW : %s\n",
      c.bypass == DONUT_BYPASS_NONE  ? "none" : 
      c.bypass == DONUT_BYPASS_ABORT ? "abort" : "continue");

--- a/include/donut.h
+++ b/include/donut.h
@ -295,6 +295,7 @@ typedef struct _DONUT_INSTANCE {
        WaitForSingleObject_t            WaitForSingleObject;
        CreateThread_t                   CreateThread;
        CreateFileA_t                    CreateFileA;
+        GetFileSizeEx_t                  GetFileSizeEx;
        GetThreadContext_t               GetThreadContext;
        GetCurrentThread_t               GetCurrentThread;
        GetCurrentProcess_t              GetCurrentProcess;
@ -356,8 +357,8 @@ typedef struct _DONUT_INSTANCE {
        NtCreateSection_t                NtCreateSection;
        NtMapViewOfSection_t             NtMapViewOfSection;
        NtUnmapViewOfSection_t           NtUnmapViewOfSection;
-        AddVectoredExceptionHandler_t    AddVectoredExceptionHandler;
-        RemoveVectoredExceptionHandler_t RemoveVectoredExceptionHandler;
+       // AddVectoredExceptionHandler_t    AddVectoredExceptionHandler;
+       // RemoveVectoredExceptionHandler_t RemoveVectoredExceptionHandler;
       // RtlFreeUnicodeString_t         RtlFreeUnicodeString;
       // RtlFreeString_t                RtlFreeString;
      };
--- a/loader/winapi.h
+++ b/loader/winapi.h
@ -475,6 +475,10 @@
      DWORD                 dwCreationDisposition,
      DWORD                 dwFlagsAndAttributes,
      HANDLE                hTemplateFile);
+
+    typedef BOOL (WINAPI *GetFileSizeEx_t)(
+      HANDLE                hFile,
+      PLARGE_INTEGER        lpFileSize);
    
    typedef BOOL (WINAPI *RtlCreateUnicodeString_t)(
      PUNICODE_STRING        DestinationString,
@ -560,18 +564,14 @@

    typedef HANDLE (WINAPI *GetCurrentThread_t)(VOID);
    
+    /*
    typedef PVOID (WINAPI *AddVectoredExceptionHandler_t)(
      ULONG                       First,
      PVECTORED_EXCEPTION_HANDLER Handler);

    typedef ULONG (WINAPI *RemoveVectoredExceptionHandler_t)(
      PVOID                       Handle);
-
-    typedef PVOID (WINAPI *AddVectoredContinueHandler_t)(
-      ULONG                       First,
-      PVECTORED_EXCEPTION_HANDLER Handler);
-
-    typedef ULONG (WINAPI *RemoveVectoredContinueHandler_t)(PVOID Handle);
+    */

 #endif