////////////////////////////////////////////////////////////////////////////////
// Reads in the image to be injected
////////////////////////////////////////////////////////////////////////////////
internal Boolean ReadSourceImageFile(String sourceImage)
{
String file = System.IO.Path.GetFullPath(sourceImage);
if (!System.IO.File.Exists(file))
{
Console.WriteLine("[-] File Not Found");
return(false);
}
image = System.IO.File.ReadAllBytes(file);
pinnedArray = GCHandle.Alloc(image, GCHandleType.Pinned);
imagePtr = pinnedArray.AddrOfPinnedObject();
imageDosHeader = (Winnt._IMAGE_DOS_HEADER)Marshal.PtrToStructure(imagePtr, typeof(Winnt._IMAGE_DOS_HEADER));
IntPtr ntHeaderPtr = new IntPtr(imagePtr.ToInt64() + imageDosHeader.e_lfanew);
imageFileHeader = (Winnt._IMAGE_FILE_HEADER)Marshal.PtrToStructure(new IntPtr(ntHeaderPtr.ToInt64() + sizeof(UInt32)), typeof(Winnt._IMAGE_FILE_HEADER));
if (is32Bit)
{
imageNTHeader32 = (Winnt._IMAGE_NT_HEADERS)Marshal.PtrToStructure(ntHeaderPtr, typeof(Winnt._IMAGE_NT_HEADERS));
}
else
{
imageNTHeader64 = (Winnt._IMAGE_NT_HEADERS64)Marshal.PtrToStructure(ntHeaderPtr, typeof(Winnt._IMAGE_NT_HEADERS64));
}
return(true);
}
internal Boolean Execute(Byte[] fileBytes)
{
using (MemoryStream memoryStream = new MemoryStream(fileBytes, 0, fileBytes.Length))
{
BinaryReader binaryReader = new BinaryReader(memoryStream);
imageDosHeader = FromBinaryReader <Winnt._IMAGE_DOS_HEADER>(binaryReader);
memoryStream.Seek(imageDosHeader.e_lfanew, SeekOrigin.Begin);
if (!ReadHeaders(ref binaryReader))
{
return(false);
}
}
imageBytes = fileBytes;
return(true);
}
internal Boolean Execute(String library)
{
using (FileStream fileStream = new FileStream(library, FileMode.Open, FileAccess.Read))
{
binaryReader = new BinaryReader(fileStream);
imageDosHeader = FromBinaryReader <Winnt._IMAGE_DOS_HEADER>(binaryReader);
fileStream.Seek(imageDosHeader.e_lfanew, SeekOrigin.Begin);
if (!ReadHeaders(ref binaryReader))
{
return(false);
}
}
imageBytes = File.ReadAllBytes(library);
return(true);
}
////////////////////////////////////////////////////////////////////////////////
// Reads in the image to be injected
////////////////////////////////////////////////////////////////////////////////
internal Boolean ReadSourceImageString(String sourceImage)
{
image = Convert.FromBase64String(sourceImage);
pinnedArray = GCHandle.Alloc(image, GCHandleType.Pinned);
imagePtr = pinnedArray.AddrOfPinnedObject();
imageDosHeader = (Winnt._IMAGE_DOS_HEADER)Marshal.PtrToStructure(imagePtr, typeof(Winnt._IMAGE_DOS_HEADER));
IntPtr ntHeaderPtr = new IntPtr(imagePtr.ToInt64() + imageDosHeader.e_lfanew);
imageFileHeader = (Winnt._IMAGE_FILE_HEADER)Marshal.PtrToStructure(new IntPtr(ntHeaderPtr.ToInt64() + sizeof(UInt32)), typeof(Winnt._IMAGE_FILE_HEADER));
if (is32Bit)
{
imageNTHeader32 = (Winnt._IMAGE_NT_HEADERS)Marshal.PtrToStructure(ntHeaderPtr, typeof(Winnt._IMAGE_NT_HEADERS));
}
else
{
imageNTHeader64 = (Winnt._IMAGE_NT_HEADERS64)Marshal.PtrToStructure(ntHeaderPtr, typeof(Winnt._IMAGE_NT_HEADERS64));
}
return(true);
}
