move hook header

PenguLoader · Jan 19, 2024 · d086146 · d086146
1 parent 3632edc
commit d086146
Show file tree

Hide file tree

Showing 8 changed files with 146 additions and 132 deletions.
diff --git a/core/core.vcxproj b/core/core.vcxproj
@@ -43,6 +43,7 @@
   </ItemGroup>
   <ItemGroup>
     <ClInclude Include="src\commons.h" />
+    <ClInclude Include="src\hook.h" />
   </ItemGroup>
   <ItemGroup>
     <ResourceCompile Include="res\resource.rc" />

diff --git a/core/core.vcxproj.filters b/core/core.vcxproj.filters
@@ -88,5 +88,8 @@
     <ClInclude Include="src\commons.h">
       <Filter>src</Filter>
     </ClInclude>
+    <ClInclude Include="src\hook.h">
+      <Filter>src</Filter>
+    </ClInclude>
   </ItemGroup>
 </Project>
diff --git a/core/src/browser/browser.cc b/core/src/browser/browser.cc
@@ -1,4 +1,5 @@
 #include "commons.h"
+#include "hook.h"
 #include "include/capi/cef_app_capi.h"
 #include "include/capi/cef_client_capi.h"
 #include "include/capi/cef_browser_capi.h"

diff --git a/core/src/commons.h b/core/src/commons.h
@@ -31,7 +31,6 @@
 
 #include <type_traits>
 #include <atomic>
-#include <mutex>
 #include <string>
 #include <vector>
 #include <regex>
@@ -368,124 +367,4 @@ namespace shell
 
     void open_folder(const char *path);
     void open_folder(const wchar_t *path);
-}
-
-namespace hook
-{
-#   pragma pack(push, 1)
-    struct Shellcode
-    {
-        Shellcode(intptr_t addr) : addr(addr) {}
-
-    private:
-        // Special thanks to https://github.com/nbqofficial/divert/
-        uint8_t movabs = 0x48;      //                 
-        uint8_t mov_rax = 0xB8;     // movabs rax [addr]
-        intptr_t addr;              //
-        uint8_t push_rax = 0x50;    // push rax
-        uint8_t ret = 0xC3;         // ret
-    };
-#   pragma pack(pop)
-
-    struct Restorable
-    {
-        Restorable(void *func, const void *code, size_t size)
-            : func_(func)
-            , backup_(new uint8_t[size]{})
-            , size_(size)
-        {
-            memcpy(backup_, func, size);
-            memcpy_safe(func, code, size);
-        }
-
-        ~Restorable()
-        {
-            memcpy_safe(func_, backup_, size_);
-            delete[] backup_;
-        }
-
-        Restorable swap()
-        {
-            return Restorable(func_, backup_, size_);
-        }
-
-    private:
-        void *func_;
-        uint8_t *backup_;
-        size_t size_;
-
-        static void memcpy_safe(void *dst, const void *src, size_t size)
-        {
-            DWORD op;
-            VirtualProtect(dst, size, PAGE_EXECUTE_READWRITE, &op);
-            memcpy(dst, src, size);
-            VirtualProtect(dst, size, op, &op);
-        }
-    };
-
-    template<typename>
-    class Hook;
-
-    template<typename R, typename ...Args>
-    class Hook<R(*)(Args...)>
-    {
-    public:
-        using Fn = R(*)(Args...);
-
-        Hook()
-            : orig_(nullptr)
-            , rest_(nullptr)
-            , mutex_{}
-        {
-        }
-
-        ~Hook()
-        {
-            if (rest_ != nullptr)
-            {
-                std::lock_guard<std::mutex> lock(mutex_);
-                {
-                    delete rest_;
-                }
-            }
-        }
-
-        bool hook(Fn orig, Fn hook)
-        {
-            if (orig == nullptr || hook == nullptr)
-                return false;
-
-            orig_ = orig;
-
-            Shellcode code(reinterpret_cast<intptr_t>(hook));
-            rest_ = new Restorable(orig, &code, sizeof(code));
-
-            return true;
-        }
-
-        bool hook(const char *lib, const char *proc, Fn hook)
-        {
-            if (HMODULE mod = GetModuleHandleA(lib))
-                if (Fn orig = reinterpret_cast<Fn>(GetProcAddress(mod, proc)))
-                    return this->hook(orig, hook);
-
-            return false;
-        }
-
-        R operator ()(Args ...args)
-        {
-            std::lock_guard<std::mutex> lock(mutex_);
-            {
-                auto _t = rest_->swap();
-                {
-                    return orig_(args...);
-                }
-            }
-        }
-
-    protected:
-        Fn orig_;
-        Restorable *rest_;
-        std::mutex mutex_;
-    };
 }
diff --git a/core/src/dllmain.cc b/core/src/dllmain.cc
@@ -1,4 +1,5 @@
 #include "commons.h"
+#include "hook.h"
 #include "include/cef_version.h"
 
 EXTERN_C IMAGE_DOS_HEADER __ImageBase;
@@ -9,17 +10,10 @@ void HookRendererProcess();
 void InjectThisDll(HANDLE hProcess);
 
 static hook::Hook<decltype(&CreateProcessW)> Old_CreateProcessW;
-static BOOL WINAPI Hooked_CreateProcessW(
-    _In_opt_ LPCWSTR lpApplicationName,
-    _Inout_opt_ LPWSTR lpCommandLine,
-    _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes,
-    _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes,
-    _In_ BOOL bInheritHandles,
-    _In_ DWORD dwCreationFlags,
-    _In_opt_ LPVOID lpEnvironment,
-    _In_opt_ LPCWSTR lpCurrentDirectory,
-    _In_ LPSTARTUPINFOW lpStartupInfo,
-    _Out_ LPPROCESS_INFORMATION lpProcessInformation)
+static BOOL WINAPI Hooked_CreateProcessW(LPCWSTR lpApplicationName, LPWSTR lpCommandLine,
+    LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes,
+    BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory,
+    LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
 {
     bool is_renderer = std::regex_search(lpCommandLine,
         std::wregex(L"LeagueClientUxRender\\.exe.+--type=renderer", std::wregex::icase));

diff --git a/core/src/hook.h b/core/src/hook.h
@@ -0,0 +1,134 @@
+#pragma once
+
+#include <stdint.h>
+#include <string.h>
+#include <windows.h>
+#include <mutex>
+
+namespace hook
+{
+    struct Shellcode
+    {
+        uint8_t opcodes[12];
+
+        Shellcode(intptr_t addr)
+        {
+            // movabs rax [addr]
+            opcodes[0] = 0x48;
+            opcodes[1] = 0xB8;
+            memcpy(&opcodes[2], &addr, sizeof(intptr_t));
+
+            // push rax
+            opcodes[10] = 0x50;
+
+            // ret
+            opcodes[11] = 0xC3;
+
+            // TODO: macOS amd64
+            // jmp qword ptr [rip + offset]
+            // 0xFF 0x25 [offset 4] [addr 8] [pad 2]
+        }
+    };
+
+    struct Restorable
+    {
+        Restorable(void* func, const void* code, size_t size)
+            : func_(func)
+            , backup_(new uint8_t[size]{})
+            , size_(size)
+        {
+            memcpy(backup_, func, size);
+            memcpy_safe(func, code, size);
+        }
+
+        ~Restorable()
+        {
+            memcpy_safe(func_, backup_, size_);
+            delete[] backup_;
+        }
+
+        Restorable swap()
+        {
+            return Restorable(func_, backup_, size_);
+        }
+
+    private:
+        void* func_;
+        uint8_t* backup_;
+        size_t size_;
+
+        static void memcpy_safe(void* dst, const void* src, size_t size)
+        {
+            DWORD op;
+            VirtualProtect(dst, size, PAGE_EXECUTE_READWRITE, &op);
+            memcpy(dst, src, size);
+            VirtualProtect(dst, size, op, &op);
+        }
+    };
+
+    template<typename>
+    class Hook;
+
+    template<typename R, typename ...Args>
+    class Hook<R(*)(Args...)>
+    {
+    public:
+        using Fn = R(*)(Args...);
+
+        Hook()
+            : orig_(nullptr)
+            , rest_(nullptr)
+            , mutex_{}
+        {
+        }
+
+        ~Hook()
+        {
+            if (rest_ != nullptr)
+            {
+                std::lock_guard<std::mutex> _lock(mutex_);
+                {
+                    delete rest_;
+                }
+            }
+        }
+
+        bool hook(Fn orig, Fn hook)
+        {
+            if (orig == nullptr || hook == nullptr)
+                return false;
+
+            orig_ = orig;
+
+            Shellcode code(reinterpret_cast<intptr_t>(hook));
+            rest_ = new Restorable(orig, &code.opcodes, sizeof(code.opcodes));
+
+            return true;
+        }
+
+        bool hook(const char* lib, const char* proc, Fn hook)
+        {
+            if (HMODULE mod = GetModuleHandleA(lib))
+                if (Fn orig = reinterpret_cast<Fn>(GetProcAddress(mod, proc)))
+                    return this->hook(orig, hook);
+
+            return false;
+        }
+
+        R operator ()(Args ...args)
+        {
+            std::lock_guard<std::mutex> _lock(mutex_);
+            {
+                Restorable _t = rest_->swap();
+                {
+                    return orig_(args...);
+                }
+            }
+        }
+
+    protected:
+        Fn orig_;
+        Restorable* rest_;
+        std::mutex mutex_;
+    };
+}
diff --git a/core/src/libcef.cc b/core/src/libcef.cc
@@ -1,4 +1,5 @@
 #include "commons.h"
+#include "hook.h"
 #include "include/cef_version.h"
 
 #ifdef _MSC_VER

diff --git a/core/src/renderer/renderer.cc b/core/src/renderer/renderer.cc
@@ -1,4 +1,5 @@
 #include "commons.h"
+#include "hook.h"
 #include "include/capi/cef_app_capi.h"
 #include "include/capi/cef_render_process_handler_capi.h"