From 3df21a749ef47aadfa4d97bf09755ac3dcd0679d Mon Sep 17 00:00:00 2001 From: Kevin Trocolli Date: Sat, 17 Feb 2024 02:29:52 -0500 Subject: [PATCH] theatrhythm: touchscreen OK --- hooklib/createprocess.c | 46 ++++++++++++++++++++++++++++++++++++----- hooklib/createprocess.h | 1 + platform/cert.c | 2 +- sivahook/dllmain.c | 12 ++++++++++- sivahook/meson.build | 2 ++ sivahook/touch.c | 5 ++++- sivahook/unity.c | 2 ++ 7 files changed, 62 insertions(+), 8 deletions(-) diff --git a/hooklib/createprocess.c b/hooklib/createprocess.c index e44ebdb..065f7df 100644 --- a/hooklib/createprocess.c +++ b/hooklib/createprocess.c @@ -162,15 +162,18 @@ void createprocess_hook_init() { } did_init = true; - hook_table_apply( - NULL, - "kernel32.dll", - win32_hooks, - _countof(win32_hooks)); + createprocess_hook_insert_hook(NULL); InitializeCriticalSection(&createproc_lock); dprintf("CreateProcess: Init\n"); } +void createprocess_hook_insert_hook(HMODULE target) { + hook_table_apply( + target, + "kernel32.dll", + win32_hooks, + _countof(win32_hooks)); +} static BOOL WINAPI my_CreateProcessA( LPCSTR lpApplicationName, @@ -185,6 +188,7 @@ static BOOL WINAPI my_CreateProcessA( LPPROCESS_INFORMATION lpProcessInformation ) { + //dprintf("my_CreateProcessA: %s %s\n", lpApplicationName, lpCommandLine); for (int i = 0; i < process_nsyms_a; i++) { if (strncmp(process_syms_a[i].name, lpCommandLine, strlen(process_syms_a[i].name))) { continue; @@ -242,6 +246,38 @@ BOOL my_CreateProcessW( LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation) { + //dprintf("my_CreateProcessW: %S %S\n", lpApplicationName, lpCommandLine); + for (int i = 0; i < process_nsyms_w; i++) { + if (wcsncmp(process_syms_w[i].name, lpCommandLine, wcslen(process_syms_w[i].name))) { + continue; + } + + dprintf("CreateProcess: Hooking child process %S %S\n", lpApplicationName, lpCommandLine); + wchar_t new_cmd[MAX_PATH] = {0}; + wcscat_s(new_cmd, MAX_PATH, process_syms_w[i].head); + + if (!process_syms_w[i].replace_all) { + wcscat_s(new_cmd, MAX_PATH, lpCommandLine); + } + + if (process_syms_w[i].tail != NULL) { + wcscat_s(new_cmd, MAX_PATH, process_syms_w[i].tail); + } + + dprintf("CreateProcess: Replaced CreateProcessW %S\n", new_cmd); + return next_CreateProcessW( + lpApplicationName, + new_cmd, + lpProcessAttributes, + lpThreadAttributes, + bInheritHandles, + dwCreationFlags, + lpEnvironment, + lpCurrentDirectory, + lpStartupInfo, + lpProcessInformation + ); + } return next_CreateProcessW( lpApplicationName, lpCommandLine, diff --git a/hooklib/createprocess.h b/hooklib/createprocess.h index bf226d5..7eb2946 100644 --- a/hooklib/createprocess.h +++ b/hooklib/createprocess.h @@ -3,6 +3,7 @@ #include #include +void createprocess_hook_insert_hook(HMODULE target); HRESULT createprocess_push_hook_w(const wchar_t *name, const wchar_t *head, const wchar_t *tail, bool replace_all); HRESULT createprocess_push_hook_a(const char *name, const char *head, const char *tail, bool replace_all); diff --git a/platform/cert.c b/platform/cert.c index 704ab8f..500bfcf 100644 --- a/platform/cert.c +++ b/platform/cert.c @@ -91,7 +91,7 @@ PCCERT_CONTEXT WINAPI hook_CertFindCertificateInStore( wcscat_s(cert_path, _countof(cert_path), L"/"); wcscat_s(cert_path, _countof(cert_path), (wchar_t *)pvFindPara); // use the search string as a name - dprintf("Cert: Look for override cert at %S", cert_path); + dprintf("Cert: Look for override cert at %S\n", cert_path); HANDLE f = CreateFileW((LPCWSTR)pvFindPara, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); diff --git a/sivahook/dllmain.c b/sivahook/dllmain.c index cd8a2f1..5db89f3 100644 --- a/sivahook/dllmain.c +++ b/sivahook/dllmain.c @@ -51,8 +51,15 @@ static DWORD CALLBACK siva_pre_startup(void) if (FAILED(hr)) { goto fail; } + hr = siva_dll_init(&siva_hook_cfg.dll, siva_hook_mod); + if (FAILED(hr)) { + goto fail; + } + + hr = touch_hook_init(&siva_hook_cfg.touch); + if (FAILED(hr)) { goto fail; } @@ -76,8 +83,11 @@ BOOL WINAPI DllMain(HMODULE mod, DWORD cause, void *ctx) { HRESULT hr; - if (cause != DLL_PROCESS_ATTACH) { + if (cause == DLL_THREAD_ATTACH && sizeof(uint64_t) == 4) { dprintf("Connected\n"); + } + + if (cause != DLL_PROCESS_ATTACH) { return TRUE; } diff --git a/sivahook/meson.build b/sivahook/meson.build index 1331d71..c951b6a 100644 --- a/sivahook/meson.build +++ b/sivahook/meson.build @@ -25,5 +25,7 @@ shared_library( 'siva-dll.h', 'unity.c', 'unity.h', + 'touch.c', + 'touch.h', ], ) diff --git a/sivahook/touch.c b/sivahook/touch.c index ebee25b..a76f130 100644 --- a/sivahook/touch.c +++ b/sivahook/touch.c @@ -4,11 +4,14 @@ #include "sivahook/touch.h" #include "hooklib/createprocess.h" +#include "util/dprintf.h" + HRESULT touch_hook_init(const struct touch_config *cfg) { if (!cfg->enable) { return S_FALSE; } - return createprocess_push_hook_a("NanoTS_PTool_win8.exe", "inject.exe -d -k sivahook.dll ", NULL, false); + dprintf("Touch: hook init\n"); + return createprocess_push_hook_w(L"\"NanoTS_PTool_win8.exe\"", L"inject_32.exe -d -k sivahook_32.dll ", NULL, false); } \ No newline at end of file diff --git a/sivahook/unity.c b/sivahook/unity.c index 2153e16..d2145e0 100644 --- a/sivahook/unity.c +++ b/sivahook/unity.c @@ -8,6 +8,7 @@ #include "hooklib/dll.h" #include "hooklib/path.h" #include "hooklib/serial.h" +#include "hooklib/createprocess.h" #include "hooklib/reg.h" #include "hook/procaddr.h" @@ -107,6 +108,7 @@ static HMODULE WINAPI my_LoadLibraryW(const wchar_t *name) reg_hook_insert_hooks(result); proc_addr_insert_hooks(result); cert_hook_insert_hooks(result); + createprocess_hook_insert_hook(result); } for (size_t i = 0; i < dep_hooks_len; i++) {