From 360df2dfdaa159a8e05b4a204b5a9bb0b58587d1 Mon Sep 17 00:00:00 2001
From: Guus Waals <_@guusw.nl>
Date: Fri, 6 Jun 2025 20:15:06 +0800
Subject: [PATCH] WIP Patch

---
 patcher/patcher.cpp | 52 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)

diff --git a/patcher/patcher.cpp b/patcher/patcher.cpp
index 5e3adabb..1e1dc269 100644
--- a/patcher/patcher.cpp
+++ b/patcher/patcher.cpp
@@ -439,6 +439,56 @@ struct Patcher {
       return false;
     }
 
+    // Patch the entry point to jump to our injected code
+    auto optionalHeader = peReader.get_optional_header();
+    if (!optionalHeader) {
+      spdlog::error("Could not get optional header for entry point patching");
+      return false;
+    }
+    
+    uint32_t entryPointRVA = optionalHeader->get_entry_point_address();
+    uint64_t entryPointVA = imageBase + entryPointRVA;
+    uint64_t targetVA = textInjectionRVA + imageBase;
+    
+    spdlog::info("Entry point at RVA: 0x{:x} (VA: 0x{:x})", entryPointRVA, entryPointVA);
+    spdlog::info("Target injection at VA: 0x{:x}", targetVA);
+    
+    // Find which section contains the entry point
+    COFFI::section* entrySection = nullptr;
+    uint32_t entryFileOffset = 0;
+    
+    auto& sections = peReader.get_sections();
+    for (auto& section : sections) {
+      uint32_t sectionRVA = section->get_virtual_address();
+      uint32_t sectionSize = section->get_virtual_size();
+      
+      if (entryPointRVA >= sectionRVA && entryPointRVA < sectionRVA + sectionSize) {
+        entrySection = section;
+        entryFileOffset = entryPointRVA - sectionRVA;
+        break;
+      }
+    }
+    
+    if (!entrySection) {
+      spdlog::error("Could not find section containing entry point");
+      return false;
+    }
+    
+    // Calculate relative jump offset
+    // jmp rel32 instruction: E9 xx xx xx xx (5 bytes)
+    // offset = target_address - (current_address + 5)
+    int32_t jumpOffset = static_cast<int32_t>(targetVA - (entryPointVA + 5));
+    
+    spdlog::info("Patching entry point with jmp instruction (offset: 0x{:x})", 
+                 static_cast<uint32_t>(jumpOffset));
+    
+    // Patch the entry point with jmp instruction
+    char* entryData = const_cast<char*>(entrySection->get_data()) + entryFileOffset;
+    entryData[0] = static_cast<char>(0xE9); // jmp rel32 opcode
+    *reinterpret_cast<int32_t*>(&entryData[1]) = jumpOffset;
+    
+    spdlog::info("Entry point patched successfully");
+
     // Save the modified PE file
     spdlog::info("Saving patched PE file to: {}", outputFile);
     if (!peReader.save(outputFile)) {
@@ -446,6 +496,8 @@ struct Patcher {
       return false;
     }
 
+    
+    
     spdlog::info(
         "Successfully patched PE file! Main function injected at VA: 0x{:x}",
         textInjectionRVA + imageBase);