mirror of
https://github.com/gentilkiwi/mimikatz
synced 2024-12-13 17:45:13 +00:00
49 lines
1.7 KiB
C
49 lines
1.7 KiB
C
/* Benjamin DELPY `gentilkiwi`
|
|
http://blog.gentilkiwi.com
|
|
benjamin@gentilkiwi.com
|
|
Licence : https://creativecommons.org/licenses/by/4.0/
|
|
*/
|
|
#pragma once
|
|
#include "kull_m_memory.h"
|
|
#include "kull_m_service.h"
|
|
#include "kull_m_process.h"
|
|
|
|
typedef NTSTATUS (* PKULL_M_PATCH_CALLBACK) (int argc, wchar_t * args[]);
|
|
|
|
typedef struct _KULL_M_PATCH_PATTERN {
|
|
DWORD Length;
|
|
BYTE *Pattern;
|
|
} KULL_M_PATCH_PATTERN, *PKULL_M_PATCH_PATTERN;
|
|
|
|
typedef struct _KULL_M_PATCH_OFFSETS {
|
|
LONG off0;
|
|
LONG off1;
|
|
LONG off2;
|
|
LONG off3;
|
|
LONG off4;
|
|
LONG off5;
|
|
LONG off6;
|
|
LONG off7;
|
|
LONG off8;
|
|
LONG off9;
|
|
} KULL_M_PATCH_OFFSETS, *PKULL_M_PATCH_OFFSETS;
|
|
|
|
typedef struct _KULL_M_PATCH_GENERIC {
|
|
DWORD MinBuildNumber;
|
|
KULL_M_PATCH_PATTERN Search;
|
|
KULL_M_PATCH_PATTERN Patch;
|
|
KULL_M_PATCH_OFFSETS Offsets;
|
|
} KULL_M_PATCH_GENERIC, *PKULL_M_PATCH_GENERIC;
|
|
|
|
typedef struct _KULL_M_PATCH_MULTIPLE {
|
|
KULL_M_PATCH_PATTERN Search;
|
|
KULL_M_PATCH_PATTERN Patch;
|
|
LONG Offset;
|
|
KULL_M_MEMORY_ADDRESS AdressOfPatch;
|
|
DWORD OldProtect;
|
|
KULL_M_MEMORY_ADDRESS LocalBackup;
|
|
} KULL_M_PATCH_MULTIPLE, *PKULL_M_PATCH_MULTIPLE;
|
|
|
|
BOOL kull_m_patch(PKULL_M_MEMORY_SEARCH sMemory, PKULL_M_MEMORY_ADDRESS pPattern, SIZE_T szPattern, PKULL_M_MEMORY_ADDRESS pPatch, SIZE_T szPatch, LONG offsetOfPatch, PKULL_M_PATCH_CALLBACK pCallBackBeforeRestore, int argc, wchar_t * args[], NTSTATUS * pRetCallBack);
|
|
PKULL_M_PATCH_GENERIC kull_m_patch_getGenericFromBuild(PKULL_M_PATCH_GENERIC generics, SIZE_T cbGenerics, DWORD BuildNumber);
|
|
BOOL kull_m_patch_genericProcessOrServiceFromBuild(PKULL_M_PATCH_GENERIC generics, SIZE_T cbGenerics, PCWSTR processOrService, PCWSTR moduleName, BOOL isService); |