Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add x86_64 support #97

Open
wants to merge 21 commits into
base: x86_64
Choose a base branch
from
Open
Changes from 1 commit
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
8bf7233
Added "debug" target in Makefile
cube0x8 Feb 15, 2021
9a2ee40
Added ARCH target flag for the peloader library. Added first test whi…
cube0x8 Feb 17, 2021
15ad102
Modified test target.
cube0x8 Feb 26, 2021
de07f73
a x64 PE is mapped and linked.
cube0x8 Feb 26, 2021
77497a9
Created skeleton for x64 APIs loading.
cube0x8 Mar 3, 2021
4d8d7b0
Removed libdisasm and imported zydis as submodule. libdisasm has been…
cube0x8 Mar 22, 2021
bc565fe
Added x86_64 support for libhook and added assembly dispatchers to re…
cube0x8 Apr 9, 2021
cb17618
x86_64 WINAPIs are correctly dispatched and mpclient boots up and sca…
cube0x8 May 9, 2021
56f4b3e
Added x86_64_call_exported_function wrapper to call DLL exports.
cube0x8 May 11, 2021
844c5fe
Fixed bug on stack alignment for x64 dispatchers and added priority f…
cube0x8 May 12, 2021
97d3bec
No redzone for mpclient_x64 and peloader. The subhook hooks were push…
cube0x8 May 14, 2021
188676c
The jmp from the fixup area to the x86_64 dispatcher is made by subho…
cube0x8 May 23, 2021
8ecacf9
Added check on setup_call_to_dispatcher return value. Integrated log.…
cube0x8 May 29, 2021
020b7a7
It looks like __attribute__((ms_abi)) can spawn deamons, resurrect th…
cube0x8 May 29, 2021
3a0edb7
x64 NASM dispatchers are not useful anymore :( re-written the libhook…
cube0x8 May 29, 2021
5c65a4f
Implemented remove_function_redirect function
cube0x8 May 30, 2021
c827d74
Added -maccumulate-outgoing-args to compile mpclient_x64, since it al…
cube0x8 May 30, 2021
9675382
Added x64 SEH support
cube0x8 Jul 16, 2021
04cda3f
Removed a __debugbreak() in the wrong place and freed FunctionEntry a…
cube0x8 Jul 19, 2021
d4acd2b
both mpclient and mpclient_x64 compile
cube0x8 Jul 27, 2021
5c344a0
Removed NASM dependency
cube0x8 Jul 28, 2021
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Added x86_64 support for libhook and added assembly dispatchers to re…
…direct functions and switch calling convention
cube0x8 committed Apr 9, 2021
commit bc565fea09aad3d74f7a98b4c8d023774147deeb
3 changes: 3 additions & 0 deletions .gitmodules
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
[submodule "intercept/zydis"]
path = intercept/zydis
url = https://github.com/zyantific/zydis.git
[submodule "intercept/subhook"]
path = intercept/subhook
url = https://github.com/cube0x8/subhook.git
22 changes: 16 additions & 6 deletions Makefile
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
CFLAGS = -march=native -ggdb3 -std=gnu99 -fshort-wchar -Wno-multichar -Iinclude -mstackrealign
CPPFLAGS= -D_GNU_SOURCE -I. -Iintercept -Ipeloader
CFLAGS = -march=native -ggdb3 -std=gnu99 -fshort-wchar -Wno-multichar -Iinclude -Iintercept/include -Ipeloader -mstackrealign
CPPFLAGS= -D_GNU_SOURCE -I.
LDFLAGS = $(CFLAGS) -lm -Wl,--dynamic-list=exports.lst
LDLIBS = -Wl,intercept/libhook.a -Wl,intercept/libZydis.a,--whole-archive -Wl,peloader/libpeloader.a,--no-whole-archive
LDLIBS = -Wl,intercept/libhook.a -Wl,intercept/libx64_dispatcher.a -Wl,intercept/libZydis.a,--whole-archive -Wl,intercept/libsubhook.a -Wl,peloader/libpeloader.a,--no-whole-archive

.PHONY: clean peloader intercept

@@ -19,13 +19,16 @@ all: $(TARGETS)

debug: CFLAGS += $(DEBUG_CFLAGS)
debug: BUILD_TARGET = "debug"
debug: CMAKE_FLAGS = -DCMAKE_BUILD_TYPE=Debug
debug: $(TARGETS)
-mkdir -p faketemp

intercept:
cd intercept; mkdir build; cd build; cmake -DCMAKE_BUILD_TYPE=Debug ..; make
cd intercept; mkdir build; cd build; cmake $(CMAKE_FLAGS) ..; make
cp intercept/build/libhook.a intercept/libhook.a
cp intercept/build/zydis/libZydis.a intercept/libZydis.a
cp intercept/build/subhook/libsubhook.a intercept/libsubhook.a
cp intercept/build/libx64_dispatcher.a intercept/libx64_dispatcher.a

peloader:
make -C peloader $(BUILD_TARGET)
@@ -37,14 +40,21 @@ intercept/libhook.a: intercept

mpclient: CFLAGS += -m32
mpclient: LDFLAGS += -m32
mpclient: CMAKE_FLAGS += -DARCH:STRING=x86
mpclient: mpclient.o | peloader intercept
$(CC) $(CFLAGS) $^ -o $@ $(LDLIBS) $(LDFLAGS)

mpclient_x64: CFLAGS += -g -O0
mpclient_x64: CFLAGS += -g -O0 -fPIC
mpclient_x64: CMAKE_FLAGS = -DARCH:STRING=x64 -DCMAKE_BUILD_TYPE=Debug
mpclient_x64: mpclient_x64.o | peloader_x64 intercept
$(CC) $(CFLAGS) $^ -o $@ $(LDLIBS) $(LDFLAGS)

tests: CMAKE_FLAGS = -DARCH:STRING=x64 -DCMAKE_BUILD_TYPE=Debug
tests: peloader_x64
cd tests; mkdir build; cd build; cmake $(CMAKE_FLAGS) ..; cd tests; make
cd tests; ./build/tests/check_hook; ./build/tests/check_peloader

clean:
rm -rf a.out core *.o core.* vgcore.* gmon.out mpclient intercept/build intercept/libhook.a intercept/libZydis.a
rm -rf a.out core *.o core.* vgcore.* gmon.out mpclient intercept/build intercept/*.a tests/build
make -C peloader clean
rm -rf faketemp
5 changes: 4 additions & 1 deletion intercept/.gitignore
Original file line number Diff line number Diff line change
@@ -1 +1,4 @@
build/
build*/
cmake-build*
Makefile
Testing
54 changes: 47 additions & 7 deletions intercept/CMakeLists.txt
Original file line number Diff line number Diff line change
@@ -1,17 +1,57 @@
cmake_minimum_required(VERSION "3.13")
project("hook")
project(hook C)

# Set nasm environment
set(CMAKE_ASM_NASM_OBJECT_FORMAT elf64)
set(CMAKE_ASM_NASM_LINK_EXECUTABLE "ld <LINK_FLAGS> <OBJECTS> -o <TARGET> <LINK_LIBRARIES>")
set(CMAKE_ASM_NASM_OBJECT_FORMAT elf64)
set(DISPATCHER_ASM_FILE "${CMAKE_CURRENT_SOURCE_DIR}/src/x64_dispatcher.asm")
set_source_files_properties(${DISPATCHER_ASM_FILE} PROPERTIES LANGUAGE ASM_NASM)

enable_language(ASM_NASM)
set(CAN_USE_ASSEMBLER TRUE)

# create dispatcher static library
add_library(x64_dispatcher ${DISPATCHER_ASM_FILE})

# set arch variables (default x86)
# to change the ARCH value to x64, pass -DARCH:STRING=x64 as argument to cmake command
set(ARCH "x86" CACHE STRING "user-specified architecture")
set(HOOK_SRC "./src/hook.c")

if(${ARCH} STREQUAL "x64")
set(HOOK_SRC "./src/hook_x86_64.c")
elseif(NOT ${ARCH} STREQUAL "x86")
message(FATAL_ERROR "Allowed ARCH values: x86, x64")
endif()

include_directories("./include")

# Register Zydis dependency.
# Disable build of tools and examples.
option(ZYDIS_BUILD_TOOLS "" OFF)
option(ZYDIS_BUILD_EXAMPLES "" OFF)
# build subhook as static library and disable tests
option(SUBHOOK_STATIC "" ON)
option(SUBHOOK_TESTS "" OFF)
# force subhook to compile a 32bit library if ARCH == x86
if(${ARCH} STREQUAL "x86")
option(SUBHOOK_FORCE_32BIT "" ON)
endif()

# Register Zydis and subhook dependencies.
add_subdirectory("zydis")
add_subdirectory("subhook")

# Create our libhook static library
add_library("hook" "hook.c")
add_library("hook" ${HOOK_SRC})

target_compile_options ( Zydis PUBLIC -m32 )
set_target_properties( hook PROPERTIES LINK_FLAGS -m32 )
# change build and linker options based on user-supplied ARCH value
if(${ARCH} STREQUAL "x86")
target_compile_options ( Zydis PUBLIC -m32 )
set_target_properties( hook PROPERTIES LINK_FLAGS -m32 )
endif()

# Have CMake link our project executable against Zydis.
target_link_libraries("hook" PRIVATE "Zydis")
# Have CMake link our project executable against Zydis and subhook.
target_link_libraries(hook PRIVATE "Zydis")
target_link_libraries(hook PRIVATE "subhook")
target_link_libraries(hook PRIVATE "x64_dispatcher")
256 changes: 0 additions & 256 deletions intercept/Makefile

This file was deleted.

Loading