Initial commit

This commit is contained in:
crt0mega 2020-06-04 15:02:40 +02:00
commit f91f052c0b
9 changed files with 374 additions and 0 deletions

3
.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
*.o
laa_patcher
*.exe

2
Makefile Normal file
View File

@ -0,0 +1,2 @@
laa_patcher: laa_patcher.c help.c patch.c
gcc -o laa_patcher laa_patcher.c help.c patch.c

7
README.md Normal file
View File

@ -0,0 +1,7 @@
# laa_patcher
## Usage:
`./laa_patcher win32pe.exe`
## What does it do?
It's a simple C progam which patches existing Win32 PE binaries to be LARGE_ADDRESS_AWARE.
## Why does it look so ugly? :tw-1f4a9:
It's my first C program so don't judge :tw-1f61d:

31
help.c Normal file
View File

@ -0,0 +1,31 @@
/*
* help.c
*
* Copyright 2020 crt0mega <crt0mega@c-r-t.tk>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301, USA.
*
*
*/
#include <stdio.h>
void help()
{
printf("\nUsage:\nlaa_patcher <some.exe>\n"
"This Program sets or unsets the LARGE_ADDRESS_AWARE flag on "
"32 Bit PE Executables.\n");
}

24
help.h Normal file
View File

@ -0,0 +1,24 @@
/*
* help.h
*
* Copyright 2020 crt0mega <crt0mega@c-r-t.tk>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301, USA.
*
*
*/
void help();

87
laa_patcher.c Normal file
View File

@ -0,0 +1,87 @@
/*
* laa_patcher.c
*
* Copyright 2020 crt0mega <crt0mega@c-r-t.tk>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301, USA.
*
*
*/
#include <stdio.h>
#include <stdbool.h>
#include <string.h>
#include "help.h"
#include "patch.h"
#define VERSION 0.1
int main(int argc, char **argv)
{
// Introduce yerself
printf("laa_patcher v%g (c) 2020 by crt0mega\n", VERSION, argc);
if (argc == 1)
{
help();
return 0;
}
char filename[strlen(argv[1])];
strcpy(filename, argv[1]);
printf("\nPatching %s ...\n", filename);
if (ispe(filename))
{
printf("- %s is a PE binary...\n", filename);
}
else
{
printf("- %s is no PE binary, aborting.\n", filename);
return 1;
}
if (ispatched(filename))
{
printf("- %s is already aware of large addresses, unpatching.\n", filename);
//return 1;
}
// Let's get busy
bool success;
success = patch(filename);
if (success == true)
{
printf("- %s successfully patched.\n", filename);
return 0;
}
else
{
printf("- Error while patching %s.\n", filename);
return 1;
}
}

40
laa_patcher.geany Normal file
View File

@ -0,0 +1,40 @@
[editor]
line_wrapping=false
line_break_column=72
auto_continue_multiline=true
[file_prefs]
final_new_line=true
ensure_convert_new_lines=false
strip_trailing_spaces=false
replace_tabs=false
[indentation]
indent_width=4
indent_type=1
indent_hard_tab_width=8
detect_indent=false
detect_indent_width=false
indent_mode=2
[project]
name=laa_patcher
base_path=/home/crt0mega/Projekte/laa_patcher/
description=
file_patterns=
[long line marker]
long_line_behaviour=1
long_line_column=72
[files]
current_page=0
FILE_NAME_0=853;C;0;EUTF-8;1;1;0;%2Fhome%2Fcrt0mega%2FProjekte%2Flaa_patcher%2Flaa_patcher.c;0;4
[VTE]
last_dir=/home/crt0mega
[build-menu]
EX_00_LB=_Execute
EX_00_CM="./%e"
EX_00_WD=

152
patch.c Normal file
View File

@ -0,0 +1,152 @@
/*
* patch.c
*
* Copyright 2020 crt0mega <crt0mega@c-r-t.tk>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301, USA.
*
*
*/
#include <stdio.h>
#include <stdbool.h>
#include <stdint.h>
#define IS_LAA 0x0020
bool ispe(char *filename)
{
FILE *pFile;
int16_t header;
int32_t peloc;
int32_t peheader;
pFile = fopen(filename, "rb");
fread(&header, sizeof(header), 1, pFile);
if (header != 0x5a4d) //Check presence of MZ magic bytes
{
fclose(pFile);
return false;
}
fseek(pFile, 0x3c, SEEK_SET);
fread(&peloc, sizeof(peloc), 1, pFile); //Get PE header location
fseek(pFile, peloc, SEEK_SET);
fread(&peheader, sizeof(peheader), 1, pFile);
if (peheader != 0x4550) // Check presence of PE magic bytes
{
fclose(pFile);
return false;
}
fclose(pFile);
return true;
}
bool ispatched(char *filename)
{
FILE *pFile;
int32_t peloc;
int32_t peheader;
int16_t laa;
if (!ispe(filename))
{
printf("How did we even get here?!");
return false;
}
pFile = fopen(filename, "rb");
fseek(pFile, 0x3c, SEEK_SET);
fread(&peloc, sizeof(peloc), 1, pFile);
fseek(pFile, peloc, SEEK_SET); // Seek to PE Location and
fread(&peheader, sizeof(peheader), 1, pFile); // Fetch header
if (peheader != 0x4550)
{
printf("How the hell did we even geht here?!");
return false;
}
fseek(pFile, 0x12, SEEK_CUR); // Seek to characteristics
fread(&laa, sizeof(laa), 1, pFile); // Read characteristics
fclose(pFile);
if ((laa & IS_LAA) == IS_LAA)
{
return true;
}
return false;
}
bool patch(char *filename)
{
FILE *pFile;
int32_t peloc;
int32_t peheader;
int16_t laa;
if (!ispe(filename))
{
printf("How did we even get here?!\n");
return false;
}
pFile = fopen(filename, "r+b");
fseek(pFile, 0x3c, SEEK_SET);
fread(&peloc, sizeof(peloc), 1, pFile);
fseek(pFile, peloc, SEEK_SET); // Seek to PE Location and
fread(&peheader, sizeof(peheader), 1, pFile); // Fetch header
if (peheader != 0x4550)
{
printf("How the hell did we even geht here?!\n");
return false;
}
fseek(pFile, 0x12, SEEK_CUR); // Seek to characteristics
fread(&laa, sizeof(laa), 1, pFile); // Read characteristics
int16_t setlaa;
if ((laa & IS_LAA) == IS_LAA)
{
setlaa=laa&~IS_LAA;
}
else
{
setlaa=laa|IS_LAA;
}
fseek(pFile, -sizeof(laa), SEEK_CUR); // Seek back
fwrite(&setlaa, 1, sizeof(setlaa), pFile); // Write new value
fclose(pFile);
return true;
}

28
patch.h Normal file
View File

@ -0,0 +1,28 @@
/*
* patch.h
*
* Copyright 2020 crt0mega <crt0mega@c-r-t.tk>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301, USA.
*
*
*/
#include <stdbool.h>
int patch(char *filename);
bool ispe(char *filename);
bool ispatched(char *filename);