Added basic unix support.

Author: KN4CK3R

NativeCore/Unix/CloseRemoteProcess.cpp

@@ -0,0 +1,6 @@
+#include "NativeCore.hpp"
+
+extern "C" void CloseRemoteProcess(RC_Pointer handle)
+{
+	
+}

NativeCore/Unix/ControlRemoteProcess.cpp

@@ -0,0 +1,19 @@
+//#include <sys/types.h>
+#include <csignal>
+
+#include "NativeCore.hpp"
+
+extern "C" void ControlRemoteProcess(RC_Pointer handle, ControlRemoteProcessAction action)
+{
+	int signal = SIGKILL;
+	if (action == ControlRemoteProcessAction::Suspend)
+	{
+		signal = SIGSTOP;
+	}
+	else if (action == ControlRemoteProcessAction::Resume)
+	{
+		signal = SIGCONT;
+	}
+
+	kill((pid_t)(intptr_t)handle, signal);
+}

NativeCore/Unix/Debugger.cpp

@@ -0,0 +1,26 @@
+#include "NativeCore.hpp"
+
+extern "C" bool AttachDebuggerToProcess(RC_Pointer id)
+{
+	return false;
+}
+
+extern "C" void DetachDebuggerFromProcess(RC_Pointer id)
+{
+	
+}
+
+extern "C" bool AwaitDebugEvent(DebugEvent* evt, int timeoutInMilliseconds)
+{
+	return false;
+}
+
+extern "C" void HandleDebugEvent(DebugEvent* evt)
+{
+	
+}
+
+extern "C" bool SetHardwareBreakpoint(RC_Pointer id, RC_Pointer address, HardwareBreakpointRegister reg, HardwareBreakpointTrigger type, HardwareBreakpointSize size, bool set)
+{
+	return false;
+}

NativeCore/Unix/DisassembleCode.cpp

@@ -0,0 +1,10 @@
+#include <vector>
+#include <cstdint>
+//#include <beaengine/BeaEngine.h>
+
+#include "NativeCore.hpp"
+
+extern "C" bool DisassembleCode(RC_Pointer address, RC_Size length, RC_Pointer virtualAddress, InstructionData* instruction)
+{
+	return false;
+}

NativeCore/Unix/EnumerateProcesses.cpp

@@ -0,0 +1,85 @@
+//#include <experimental/filesystem>
+#include <boost/filesystem.hpp>
+#include <sstream>
+
+#include "NativeCore.hpp"
+
+//using fs = std::experimental::filesystem;
+//using sys = std;
+/*using fs = boost::filesystem;
+using sys = boost::system;*/
+
+enum class Platform
+{
+	Unknown,
+	X86,
+	X64
+};
+
+bool is_number(const std::string& s)
+{
+	std::string::const_iterator it = s.begin();
+	while (it != s.end() && std::isdigit(*it)) ++it;
+	return !s.empty() && it == s.end();
+}
+
+template<typename T>
+T parse_type(const std::string& s)
+{
+	std::stringstream ss(s);
+
+	T val;
+	ss >> val;
+	return val;
+}
+
+extern "C" void EnumerateProcesses(EnumerateProcessCallback callbackProcess)
+{
+	//using namespace std::experimental::filesystem;
+	//using namespace std;
+
+	using namespace boost::filesystem;
+	using namespace boost::system;
+
+	if (callbackProcess == nullptr)
+	{
+		return;
+	}
+
+	path proc("/proc");
+
+	if (is_directory(proc))
+	{
+		for (auto& p : directory_iterator(proc))
+		{
+			if (is_directory(p))
+			{
+				auto processPath = p.path();
+
+				auto name = processPath.filename().string();
+				if (is_number(name))
+				{
+					size_t pid = parse_type<size_t>(name);
+
+					auto exeSymLink = processPath / "exe";
+					if (is_symlink(symlink_status(exeSymLink)))
+					{
+						error_code ec;
+						auto e = read_symlink(exeSymLink, ec);
+
+						if (!ec)
+						{
+							//auto elfHeader = processPath / "";
+
+							EnumerateProcessData data = {};
+							data.Id = pid;
+							MultiByteToUnicode(e.string().c_str(), data.ModulePath, PATH_MAXIMUM_LENGTH);
+
+							callbackProcess(&data);
+						}
+					}
+				}
+			}
+		}
+	}
+}

NativeCore/Unix/EnumerateRemoteSectionsAndModules.cpp

@@ -0,0 +1,129 @@
+#include <fstream>
+#include <sstream>
+#include <unordered_map>
+
+#include "NativeCore.hpp"
+
+inline bool operator&(SectionProtection& lhs, SectionProtection rhs)
+{
+	using T = std::underlying_type_t<SectionProtection>;
+
+	return (static_cast<T>(lhs) & static_cast<T>(rhs)) == static_cast<T>(rhs);
+}
+
+template<typename T>
+inline std::istream& skip(std::istream& s)
+{
+	auto f = s.flags();
+	s >> std::noskipws;
+
+	T t;
+	s >> t;
+
+	s.flags(f);
+
+	return s;
+}
+
+std::istream& operator >> (std::istream& s, SectionProtection& protection)
+{
+	protection = SectionProtection::NoAccess;
+
+	if (s.get() == 'r') protection |= SectionProtection::Read;
+	if (s.get() == 'w') protection |= SectionProtection::Write;
+	if (s.get() == 'x') protection |= SectionProtection::Execute;
+
+	return s;
+}
+
+extern "C" void EnumerateRemoteSectionsAndModules(RC_Pointer handle, EnumerateRemoteSectionsCallback callbackSection, EnumerateRemoteModulesCallback callbackModule)
+{
+	if (callbackSection == nullptr && callbackModule == nullptr)
+	{
+		return;
+	}
+
+	struct ModuleInfo
+	{
+		intptr_t Start = 0;
+		intptr_t End = 0;
+		RC_UnicodeChar Path[PATH_MAXIMUM_LENGTH] = {};
+	};
+
+	std::ifstream input(((std::stringstream&)(std::stringstream() << "/proc/" << (intptr_t)handle << "/maps")).str());
+
+	std::unordered_map<int, ModuleInfo> modules;
+
+	std::string line;
+	while (std::getline(input, line))
+	{
+		std::stringstream ss(line);
+
+		intptr_t start;
+		intptr_t end;
+		SectionProtection protection;
+		intptr_t offset;
+		int dev1, dev2;
+		int inode;
+		std::string path;
+		ss >> std::hex >> start >> skip<char> >> end >> skip<char> >> protection >> skip<char> >> offset >> dev1 >> skip<char> >> dev2 >> std::dec >> inode >> std::skipws >> path;
+
+		EnumerateRemoteSectionData section = {};
+		section.BaseAddress = (RC_Pointer)start;
+		section.Size = end - start;
+		section.Protection = protection;
+
+		section.Category = SectionCategory::Unknown;
+		section.Type = SectionType::Unknown;
+		if (inode != 0)
+		{
+			section.Type = SectionType::Image;
+
+			if (protection & SectionProtection::Read && protection & SectionProtection::Execute)
+			{
+				section.Category = SectionCategory::CODE;
+			}
+			else if (protection & SectionProtection::Read && protection & SectionProtection::Write)
+			{
+				section.Category = SectionCategory::DATA;
+			}
+
+			MultiByteToUnicode(path.c_str(), section.ModulePath, PATH_MAXIMUM_LENGTH);
+
+			auto& module = modules[inode];
+			module.Start = module.Start != 0 ? std::min(module.Start, start) : start;
+			module.End = module.End != 0 ? std::max(module.End, end) : end;
+			if (module.Path[0] == 0)
+			{
+				std::memcpy(module.Path, section.ModulePath, PATH_MAXIMUM_LENGTH);
+			}
+		}
+		else
+		{
+			section.Type = SectionType::Mapped;
+
+			if (protection & SectionProtection::Read || protection & SectionProtection::Write)
+			{
+				section.Category = SectionCategory::HEAP;
+			}
+		}
+
+		if (callbackSection != nullptr)
+		{
+			callbackSection(&section);
+		}
+	}
+
+	if (callbackModule != nullptr)
+	{
+		for (auto&& kv : modules)
+		{
+			EnumerateRemoteModuleData module = {};
+			module.BaseAddress = (RC_Pointer)kv.second.Start;
+			module.Size = kv.second.End - kv.second.Start;
+			std::memcpy(module.Path, kv.second.Path, PATH_MAXIMUM_LENGTH);
+
+			callbackModule(&module);
+		}
+	}
+}

NativeCore/Unix/IsProcessValid.cpp

@@ -0,0 +1,9 @@
+#include <sys/types.h>
+#include <signal.h>
+
+#include "NativeCore.hpp"
+
+extern "C" bool IsProcessValid(RC_Pointer handle)
+{
+	return kill((pid_t)(intptr_t)handle, 0) == 0;
+}