evilactually/patcher.c

## patcher.c
#include <windows.h>
#include <string.h>
#include <assert.h>
#include <stdio.h>

size_t cmpxchg16b_size = 41;
char cmpxchg16b_r8[]  = { 0x41, 0x52, 0x41, 0x53, 0x4D, 0x8B, 0x10, 0x4D, 0x8B, 0x58, 0x08, 0x49, 0x39, 0xC2, 0x75, 0x0E, 0x49, 0x39, 0xD3, 0x75, 0x09, 0x49, 0x89, 0x18, 0x49, 0x89, 0x48, 0x08, 0xEB, 0x06, 0x4C, 0x89, 0xD0, 0x4C, 0x89, 0xDA, 0x41, 0x5B, 0x41, 0x5A, 0xC3 };
char cmpxchg16b_r9[]  = { 0x41, 0x52, 0x41, 0x53, 0x4D, 0x8B, 0x11, 0x4D, 0x8B, 0x59, 0x08, 0x49, 0x39, 0xC2, 0x75, 0x0E, 0x49, 0x39, 0xD3, 0x75, 0x09, 0x49, 0x89, 0x19, 0x49, 0x89, 0x49, 0x08, 0xEB, 0x06, 0x4C, 0x89, 0xD0, 0x4C, 0x89, 0xDA, 0x41, 0x5B, 0x41, 0x5A, 0xC3 };
char cmpxchg16b_r11[] = { 0x41, 0x50, 0x41, 0x51, 0x4D, 0x8B, 0x03, 0x4D, 0x8B, 0x4B, 0x08, 0x49, 0x39, 0xC0, 0x75, 0x0E, 0x49, 0x39, 0xD1, 0x75, 0x09, 0x49, 0x89, 0x1B, 0x49, 0x89, 0x4B, 0x08, 0xEB, 0x06, 0x4C, 0x89, 0xC0, 0x4C, 0x89, 0xCA, 0x41, 0x59, 0x41, 0x58, 0xC3 };

int cmpxchg16b_r8_cave = 0x2E6DDC;
int cmpxchg16b_r9_cave = 0x2E704A;
int cmpxchg16b_r11_cave = 0x2e7126;

char* program_data;
HANDLE hFile;
HANDLE hMapping;

void load_program(const char* file) {
    hFile = CreateFile(file, GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
    assert(hFile != INVALID_HANDLE_VALUE);
    hMapping = CreateFileMapping(hFile, NULL, PAGE_READWRITE, 0, 0, NULL);
    assert(hMapping);
    program_data = MapViewOfFile(hMapping, FILE_MAP_WRITE, 0,0,0);
    assert(program_data);
}

void unload_program() {
    UnmapViewOfFile(program_data);
    CloseHandle(hMapping);
    CloseHandle(hFile);
}

void install_cave(int cave_offset, const char* cave_data, size_t size) {
    memcpy(program_data + cave_offset, cave_data, size);
}

void install_call(int target_offset, int cave_offset) {
    int return_offset = target_offset + 5;
    int jump_offset = cave_offset - return_offset;
    char call_data[5] = {0xE8, 0x00, 0x00, 0x00, 0x00};
    *((int*)(call_data + 1)) = jump_offset;
    memcpy(program_data + target_offset, call_data, 5);
}

int main(int argc, char const *argv[])
{
    load_program(argv[1]);
    install_cave(0x2E6DDC, cmpxchg16b_r8, cmpxchg16b_size);
    install_cave(0x2E704A, cmpxchg16b_r9, cmpxchg16b_size);
    install_cave(0x2e7126, cmpxchg16b_r11, cmpxchg16b_size);

    // r8
    install_call(0x2e7247, 0x2E6DDC);
    install_call(0x2e7658, 0x2E6DDC);

    // r9
    install_call(0x2e7287, 0x2E704A);
    install_call(0x2e72cf, 0x2E704A);
    install_call(0x2e731e, 0x2E704A);
    install_call(0x2e743b, 0x2E704A);
    install_call(0x2e7605, 0x2E704A);

    // r11
    install_call(0x2e75af, 0x2e7126);

    unload_program();
    return 0;
};
	#include <windows.h>
	#include <string.h>
	#include <assert.h>
	#include <stdio.h>

	size_t cmpxchg16b_size = 41;
	char cmpxchg16b_r8[] = { 0x41, 0x52, 0x41, 0x53, 0x4D, 0x8B, 0x10, 0x4D, 0x8B, 0x58, 0x08, 0x49, 0x39, 0xC2, 0x75, 0x0E, 0x49, 0x39, 0xD3, 0x75, 0x09, 0x49, 0x89, 0x18, 0x49, 0x89, 0x48, 0x08, 0xEB, 0x06, 0x4C, 0x89, 0xD0, 0x4C, 0x89, 0xDA, 0x41, 0x5B, 0x41, 0x5A, 0xC3 };
	char cmpxchg16b_r9[] = { 0x41, 0x52, 0x41, 0x53, 0x4D, 0x8B, 0x11, 0x4D, 0x8B, 0x59, 0x08, 0x49, 0x39, 0xC2, 0x75, 0x0E, 0x49, 0x39, 0xD3, 0x75, 0x09, 0x49, 0x89, 0x19, 0x49, 0x89, 0x49, 0x08, 0xEB, 0x06, 0x4C, 0x89, 0xD0, 0x4C, 0x89, 0xDA, 0x41, 0x5B, 0x41, 0x5A, 0xC3 };
	char cmpxchg16b_r11[] = { 0x41, 0x50, 0x41, 0x51, 0x4D, 0x8B, 0x03, 0x4D, 0x8B, 0x4B, 0x08, 0x49, 0x39, 0xC0, 0x75, 0x0E, 0x49, 0x39, 0xD1, 0x75, 0x09, 0x49, 0x89, 0x1B, 0x49, 0x89, 0x4B, 0x08, 0xEB, 0x06, 0x4C, 0x89, 0xC0, 0x4C, 0x89, 0xCA, 0x41, 0x59, 0x41, 0x58, 0xC3 };

	int cmpxchg16b_r8_cave = 0x2E6DDC;
	int cmpxchg16b_r9_cave = 0x2E704A;
	int cmpxchg16b_r11_cave = 0x2e7126;

	char* program_data;
	HANDLE hFile;
	HANDLE hMapping;

	void load_program(const char* file) {
	hFile = CreateFile(file, GENERIC_READ \| GENERIC_WRITE, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
	assert(hFile != INVALID_HANDLE_VALUE);
	hMapping = CreateFileMapping(hFile, NULL, PAGE_READWRITE, 0, 0, NULL);
	assert(hMapping);
	program_data = MapViewOfFile(hMapping, FILE_MAP_WRITE, 0,0,0);
	assert(program_data);
	}

	void unload_program() {
	UnmapViewOfFile(program_data);
	CloseHandle(hMapping);
	CloseHandle(hFile);
	}

	void install_cave(int cave_offset, const char* cave_data, size_t size) {
	memcpy(program_data + cave_offset, cave_data, size);
	}

	void install_call(int target_offset, int cave_offset) {
	int return_offset = target_offset + 5;
	int jump_offset = cave_offset - return_offset;
	char call_data[5] = {0xE8, 0x00, 0x00, 0x00, 0x00};
	((int)(call_data + 1)) = jump_offset;
	memcpy(program_data + target_offset, call_data, 5);
	}

	int main(int argc, char const *argv[])
	{
	load_program(argv[1]);
	install_cave(0x2E6DDC, cmpxchg16b_r8, cmpxchg16b_size);
	install_cave(0x2E704A, cmpxchg16b_r9, cmpxchg16b_size);
	install_cave(0x2e7126, cmpxchg16b_r11, cmpxchg16b_size);

	// r8
	install_call(0x2e7247, 0x2E6DDC);
	install_call(0x2e7658, 0x2E6DDC);

	// r9
	install_call(0x2e7287, 0x2E704A);
	install_call(0x2e72cf, 0x2E704A);
	install_call(0x2e731e, 0x2E704A);
	install_call(0x2e743b, 0x2E704A);
	install_call(0x2e7605, 0x2E704A);

	// r11
	install_call(0x2e75af, 0x2e7126);

	unload_program();
	return 0;
	};