SbieLdr

2020-11-04 10:18:57 +01:00 · 2020-11-04 10:18:57 +01:00 · 4fcdc5fee3
parent f2314e2847
commit 4fcdc5fee3
3 changed files with 62 additions and 10 deletions
--- a/Sandboxie/apps/ldr/SbieLdr.vcxproj
+++ b/Sandboxie/apps/ldr/SbieLdr.vcxproj
@ -101,7 +101,7 @@
    </ClCompile>
    <Link>
      <SubSystem>Console</SubSystem>
-      <AdditionalDependencies>SbieDll.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>SbieDll.lib;ntdll.lib;%(AdditionalDependencies)</AdditionalDependencies>
    </Link>
    <ResourceCompile />
  </ItemDefinitionGroup>
@ -114,7 +114,7 @@
    </ClCompile>
    <Link>
      <SubSystem>Console</SubSystem>
-      <AdditionalDependencies>SbieDll.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>SbieDll.lib;ntdll.lib;%(AdditionalDependencies)</AdditionalDependencies>
    </Link>
    <ResourceCompile />
  </ItemDefinitionGroup>
@ -128,7 +128,7 @@
    </ClCompile>
    <Link>
      <SubSystem>Console</SubSystem>
-      <AdditionalDependencies>SbieDll.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>SbieDll.lib;ntdll.lib;%(AdditionalDependencies)</AdditionalDependencies>
    </Link>
    <ResourceCompile />
  </ItemDefinitionGroup>
@ -142,7 +142,7 @@
    </ClCompile>
    <Link>
      <SubSystem>Console</SubSystem>
-      <AdditionalDependencies>SbieDll.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>SbieDll.lib;ntdll.lib;%(AdditionalDependencies)</AdditionalDependencies>
    </Link>
    <ResourceCompile />
  </ItemDefinitionGroup>
--- a/Sandboxie/apps/ldr/global.h
+++ b/Sandboxie/apps/ldr/global.h
@ -15,8 +15,12 @@
 *   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
 #include <ntstatus.h>
 #define WIN32_NO_STATUS
 typedef long NTSTATUS;
 #include <windows.h>
 #include <stdio.h>
 #include "core/dll/sbiedll.h"
-
+#include "common/win32_ntddk.h"
--- a/Sandboxie/apps/ldr/main.c
+++ b/Sandboxie/apps/ldr/main.c
@ -20,16 +20,64 @@
 #include "common/my_version.h"
 #include "msgs/msgs.h"
-int __cdecl wmain(int argc, char **argv)
+int __cdecl wmain(int argc, wchar_t **argv)
 {
-	int errlvl = SbieDll_InjectLow_InitHelper();
+	STARTUPINFOW si = { 0 };
 	PROCESS_INFORMATION pi = { 0 };
 	BOOLEAN isWow64 = FALSE;
 	ULONG errlvl;
 	if (argc < 2) {
 		fprintf(stderr, "Usage: SbieLdr EXE\n");
 		fprintf(stderr, "Inject a SbieDll.dll into a process during start up.\n");
 		return 1;
 	}
 	errlvl = SbieDll_InjectLow_InitHelper();
 	if (errlvl) {
-		//LogEvent(MSG_9234, 0x9241, errlvl);
+		fprintf(stderr, "Failed to initialize helper 0x%08X.\n", errlvl);
 		return errlvl;
 	}
-	SbieDll_InjectLow_InitSyscalls(FALSE);
+	errlvl = SbieDll_InjectLow_InitSyscalls(FALSE);
 	if (errlvl) {
 		fprintf(stderr, "Failed to initialize syscalls 0x%08X.\n", errlvl);
 		return errlvl;
 	}
-	return 0;
+	si.cb = sizeof(STARTUPINFO);
 	if (!CreateProcessW(NULL, argv[1], NULL, NULL, FALSE, CREATE_SUSPENDED, NULL, NULL, &si, &pi)) {
 		fprintf(stderr, "CreateProcess(\"%S\") failed; error code = 0x%08X\n", argv[1], GetLastError());
 		return 1;
 	}
 #ifdef _WIN64
 	ULONG_PTR peb32;
 	if (!NT_SUCCESS(NtQueryInformationProcess(pi.hProcess, ProcessWow64Information, &peb32, sizeof(ULONG_PTR), NULL))) {
 		fprintf(stderr, "NtQueryInformationProcess failed; error code = 0x%08X\n", GetLastError());
 		errlvl = 1;
 		goto finish;
 	}
 	isWow64 = !!peb32;
 #endif
 	errlvl = SbieDll_InjectLow(pi.hProcess, isWow64, 2, FALSE);
 	if (errlvl) {
 		fprintf(stderr, "inject failed 0x%08X, prcess terminate.\n", errlvl);
 		goto finish;
 	}
 	if (ResumeThread(pi.hThread) == -1) {
 		fprintf(stderr, "ResumeThread failed; error code = 0x%08X\n", GetLastError());
 		errlvl = 1;
 		goto finish;
 	}
 finish:
 	if(errlvl)
 		TerminateProcess(pi.hProcess, -1);
 	CloseHandle(pi.hProcess);
 	return errlvl;
 }