WIP Patch

2025-06-06 20:15:06 +08:00 · 2025-06-06 20:15:06 +08:00 · 360df2dfda
parent 8b73364db9
commit 360df2dfda
1 changed files with 52 additions and 0 deletions
--- a/patcher/patcher.cpp
+++ b/patcher/patcher.cpp
@ -439,6 +439,56 @@ struct Patcher {
      return false;
    }

+    // Patch the entry point to jump to our injected code
+    auto optionalHeader = peReader.get_optional_header();
+    if (!optionalHeader) {
+      spdlog::error("Could not get optional header for entry point patching");
+      return false;
+    }
+    
+    uint32_t entryPointRVA = optionalHeader->get_entry_point_address();
+    uint64_t entryPointVA = imageBase + entryPointRVA;
+    uint64_t targetVA = textInjectionRVA + imageBase;
+    
+    spdlog::info("Entry point at RVA: 0x{:x} (VA: 0x{:x})", entryPointRVA, entryPointVA);
+    spdlog::info("Target injection at VA: 0x{:x}", targetVA);
+    
+    // Find which section contains the entry point
+    COFFI::section* entrySection = nullptr;
+    uint32_t entryFileOffset = 0;
+    
+    auto& sections = peReader.get_sections();
+    for (auto& section : sections) {
+      uint32_t sectionRVA = section->get_virtual_address();
+      uint32_t sectionSize = section->get_virtual_size();
+      
+      if (entryPointRVA >= sectionRVA && entryPointRVA < sectionRVA + sectionSize) {
+        entrySection = section;
+        entryFileOffset = entryPointRVA - sectionRVA;
+        break;
+      }
+    }
+    
+    if (!entrySection) {
+      spdlog::error("Could not find section containing entry point");
+      return false;
+    }
+    
+    // Calculate relative jump offset
+    // jmp rel32 instruction: E9 xx xx xx xx (5 bytes)
+    // offset = target_address - (current_address + 5)
+    int32_t jumpOffset = static_cast<int32_t>(targetVA - (entryPointVA + 5));
+    
+    spdlog::info("Patching entry point with jmp instruction (offset: 0x{:x})", 
+                 static_cast<uint32_t>(jumpOffset));
+    
+    // Patch the entry point with jmp instruction
+    char* entryData = const_cast<char*>(entrySection->get_data()) + entryFileOffset;
+    entryData[0] = static_cast<char>(0xE9); // jmp rel32 opcode
+    *reinterpret_cast<int32_t*>(&entryData[1]) = jumpOffset;
+    
+    spdlog::info("Entry point patched successfully");
+
    // Save the modified PE file
    spdlog::info("Saving patched PE file to: {}", outputFile);
    if (!peReader.save(outputFile)) {
@ -446,6 +496,8 @@ struct Patcher {
      return false;
    }

+    
+    
    spdlog::info(
        "Successfully patched PE file! Main function injected at VA: 0x{:x}",
        textInjectionRVA + imageBase);