forked from VenTaz/Themidie
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy paththemidie.cpp
158 lines (128 loc) · 4.85 KB
/
themidie.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
#define WIN32_MEAN_AND_LEAN
#include <Windows.h>
#include <string>
#include "themidie.hpp"
std::string
convert_path(std::string& path)
{
unsigned long long position{};
while ((position = path.find("\\")) != std::string::npos) {
path.erase(position, std::string("\\").size());
path.insert(position, "/");
}
return path;
}
std::string
remove_exe_name_from_path(std::string& path)
{
unsigned long long pos = std::string::npos;
std::string exe_name = "x64dbg.exe";
while ((pos = path.find(exe_name)) != std::string::npos)
{
path.erase(pos, exe_name.length());
}
return path;
}
void
start(std::string exe_path)
{
_STARTUPINFOA si; memset(&si, 0, sizeof(si)); si.cb = sizeof(si);
_PROCESS_INFORMATION pi; memset(&pi, 0, sizeof(pi));
int next = 0;
HINSTANCE__ *kernel_module = 0;
void *load_library_function = 0, *themidie_dll_address = 0;
void *remote_thread = 0;
next = CreateProcessA(exe_path.c_str(), 0, 0, 0, 0, 4, 0, 0, &si, &pi);
if (!next) { error("Could not create target process, please retry with admin rights."); }
else
{
kernel_module = GetModuleHandleA("kernel32.dll");
if (!kernel_module) { error("Could not find kernel32.dll module into target process. Is it loaded?"); }
else
{
load_library_function = GetProcAddress(kernel_module, "LoadLibraryA");
if (!load_library_function) { error("Could not find LoadLibraryA function into target process."); }
else
{
char buffer[260]; GetModuleFileNameA(0, buffer, 260);
std::string themidie_dll_path = convert_path(remove_exe_name_from_path(std::string(buffer)) + "plugins\\Themidie.dll");
themidie_dll_address = VirtualAllocEx(pi.hProcess, 0, strlen(themidie_dll_path.c_str()), 8192 | 4096, 4);
if (!themidie_dll_address) { error("Could not allocate memory into target process."); }
else
{
next = WriteProcessMemory(pi.hProcess, themidie_dll_address, themidie_dll_path.c_str(), strlen(themidie_dll_path.c_str()), 0);
if (!next) { error("Could not write Themidie into target process."); }
else
{
remote_thread = CreateRemoteThread(pi.hProcess, 0, 0, (PTHREAD_START_ROUTINE)load_library_function, themidie_dll_address, 0, 0);
if (!remote_thread) { error("Could not load Themidie into target process."); }
else
{
next = ShowWindow(GetForegroundWindow(), 6);
if (!next) { error("Could not minimize x64dbg window. Is the ShowWindow function hooked by another plugin?"); }
else
{
CloseHandle(pi.hProcess);
ResumeThread(pi.hThread);
}
}
}
}
}
}
}
}
void
open_and_start_exe()
{
tagOFNA ofn;
char file_name[260] = "";
memset(&ofn, 0, sizeof(ofn));
ofn.lStructSize = sizeof(tagOFNA);
ofn.hwndOwner = NULL;
ofn.lpstrFilter = "Executable Files (*.exe*)\0*.exe*\0";
ofn.lpstrFile = file_name;
ofn.nMaxFile = 260;
ofn.Flags = 524288 | 4096 | 4;
ofn.lpstrDefExt = "";
GetOpenFileNameA(&ofn);
std::string file_name_string = file_name;
start(convert_path(file_name_string));
}
PLUG_EXPORT void
CBMENUENTRY(CBTYPE cb_type, PLUG_CB_MENUENTRY* info)
{
switch (info->hEntry)
{
case MENU_START:
open_and_start_exe();
break;
case MENU_ABOUT:
tagMSGBOXPARAMSA mpar;
char hdr[64];
char about[128];
wsprintfA(hdr, "Themidie");
wsprintfA(about, "Author: VenTaz\nDiscord: VenTaz#8766\nhttps://hactify.ru");
memset(&mpar, 0, sizeof(mpar));
mpar.cbSize = sizeof(mpar);
mpar.hInstance = instance;
mpar.hwndOwner = hwnd_dlg;
mpar.dwStyle = 0L | 128L;
mpar.dwLanguageId = MAKELANGID(LANG_NEUTRAL, SUBLANG_NEUTRAL);
mpar.lpszIcon = MAKEINTRESOURCEA(IDI_ICON1);
mpar.lpszText = about;
mpar.lpszCaption = hdr;
MessageBoxIndirectA(&mpar);
break;
default:
break;
}
}
void
plugin_setup(PLUG_SETUPSTRUCT *setup_struct)
{
h_menu = setup_struct->hMenu;
_plugin_menuaddentry(h_menu, MENU_START, "&Start");
_plugin_menuaddseparator(h_menu);
_plugin_menuaddentry(h_menu, MENU_ABOUT, "&About");
}