Backport from identical part of Stryker
This commit is contained in:
hfiref0x 2018-03-19 22:25:30 +07:00
parent 330be3fe54
commit 1794592f64
4 changed files with 12 additions and 10 deletions

Binary file not shown.

View File

@ -1,12 +1,12 @@
/*******************************************************************************
*
* (C) COPYRIGHT AUTHORS, 2016 - 2017
* (C) COPYRIGHT AUTHORS, 2016 - 2018
*
* TITLE: MAIN.C
*
* VERSION: 1.12
* VERSION: 1.13
*
* DATE: 01 Dec 2017
* DATE: 09 Mar 2018
*
* Furutaka entry point.
*
@ -41,11 +41,11 @@ ULONG g_NtBuildNumber = 0;
#define supImageHandle 0x1a000
#define PAGE_SIZE 0x1000
#define T_LOADERTITLE TEXT("Turla Driver Loader v1.1.2 (01/12/17)")
#define T_LOADERTITLE TEXT("Turla Driver Loader v1.1.3 (09/03/18)")
#define T_LOADERUNSUP TEXT("Unsupported WinNT version\r\n")
#define T_LOADERRUN TEXT("Another instance running, close it before\r\n")
#define T_LOADERUSAGE TEXT("Usage: loader drivertoload\n\re.g. loader mydrv.sys\r\n")
#define T_LOADERINTRO TEXT("Turla Driver Loader v1.1.2 started\r\n(c) 2016 - 2017 TDL Project\r\nSupported x64 OS : 7 and above\r\n")
#define T_LOADERINTRO TEXT("Turla Driver Loader v1.1.3 started\r\n(c) 2016 - 2018 TDL Project\r\nSupported x64 OS : 7 and above\r\n")
/*
* TDLVBoxInstalled
@ -382,6 +382,7 @@ UINT TDLMapDriver(
)
{
UINT result = (UINT)-1;
ULONG DllCharacteristics = IMAGE_FILE_EXECUTABLE_IMAGE;
ULONG isz, prologueSize, dataOffset;
SIZE_T memIO;
ULONG_PTR KernelBase, KernelImage = 0;
@ -403,7 +404,7 @@ UINT TDLMapDriver(
RtlSecureZeroMemory(&uStr, sizeof(uStr));
RtlInitUnicodeString(&uStr, lpDriverFullName);
status = LdrLoadDll(NULL, NULL, &uStr, (PVOID)&Image);
status = LdrLoadDll(NULL, &DllCharacteristics, &uStr, (PVOID)&Image);
if ((!NT_SUCCESS(status)) || (Image == NULL)) {
cuiPrintText(g_ConOut, TEXT("Ldr: Error while loading input driver file"), g_ConsoleOutput, TRUE);
break;
@ -867,7 +868,7 @@ void TDLMain()
_strcat(text, TEXT(" build "));
ultostr(osv.dwBuildNumber, _strend(text));
cuiPrintText(g_ConOut, text, g_ConsoleOutput, TRUE);
#if 0
//
// If VirtualBox installed on the same machine warn user,
// however this is unnecessary can lead to any conflicts.
@ -878,6 +879,7 @@ void TDLMain()
TEXT("Ldr: Warning, VirtualBox software installed, conflicts are possible"),
g_ConsoleOutput, TRUE);
}
#endif
uResult = TDLProcessCommandLine(GetCommandLine());

Binary file not shown.

View File

@ -1,6 +1,6 @@
a761bbb4a1b7813132dc8d8ed526d24289dc603bc706da238e1f23d75dbd66aa *Compiled\dummy.sys
f6610691bc3b9f96dad8bfc00b3ceb939ebcb17844d1ca5ee26f8364944ca110 *Compiled\dummy2.sys
a7b38ab63ccdca7dc1a677974a7b4e325e195a233ae4a70dc14ab957aef5975c *Compiled\Furutaka.exe
8663927eaf8a0ebd87750d7f36f3c191c729e69ac7a63743fa1a7a0408895c50 *Compiled\Furutaka.exe
14eec2753d0e9b432c54c4a70fc59e3be75674313b6308a7a820e6682f775eb9 *Source\DummyDrv\dummy.sln
d61ebda2674d2db05a235478f89fed02c2de049b00ac5648fcebd4c4e638f71c *Source\DummyDrv\dummy\dummy.vcxproj
2d469aafdb7e37a2d58d4e7875abbfd27599762333cba8e28376c16fa7446e9c *Source\DummyDrv\dummy\dummy.vcxproj.filters
@ -22,10 +22,10 @@ b4d5fe6532f439d6c1161b06dfe90a6bee063c003645204d31b678efd033ae51 *Source\Furutak
9b9f412b442a3a328693af6f6be5bc3f00b0723e49012e6395d3d5eb9184b078 *Source\Furutaka\global.h
94cbbb81022dbd0205a3e7ede89775b43f9f45e934a3079fdb7f5217d8794fe0 *Source\Furutaka\instdrv.c
33b8666748f027ff93707e6e2a1b52303c3664399000ff18b4a8fe864b731640 *Source\Furutaka\instdrv.h
3a7e165f891de48c942af84c9424c3f264e735d8d759fa4b694b6108686c0f05 *Source\Furutaka\main.c
5b8be75beb30d40561a88a6a40e306bc5477f87c453fce8e5cb464d7bc2f63e9 *Source\Furutaka\main.c
b29970b67a406364e4a8fef971e48383de176229a9333168bd03caa474d19e3b *Source\Furutaka\ntos.h
fe6f865af4e22a2f7e1349891e935d7825caf08a06993d4e24d1596dab77963e *Source\Furutaka\resource.h
a2ceea364b0cc637a441649c48b23ade244b45838f7cc0289338ff854ec4ed00 *Source\Furutaka\resource.rc
6bacf082d32cd5fcc5e787578614d871e88e5cbb5aa7161edcc4607c31a5657b *Source\Furutaka\resource.rc
6f8ae02b3a6da025d5f918080e70245760d472dd5eb23fcc3964d425bee41336 *Source\Furutaka\shellcode.h
6ae8ca2192e5277e85a625c772092988592248dbaa444f385446202ea9e42eb5 *Source\Furutaka\sup.c
059014233efa8963d28b21f77aa37ae1c0ed3e152a9737ae8ec45338dee1d860 *Source\Furutaka\sup.h