Skip to content

Commit 6d22ece

Browse files
KN4CK3RKN4CK3R
committed
Merge
2 parents 4c4780c + 6dfb3c9 commit 6d22ece

File tree

3 files changed

+26
-6
lines changed

3 files changed

+26
-6
lines changed

PipeServer/PipeStream

PipeServer/dllmain.cpp

Lines changed: 22 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ namespace fs = std::experimental::filesystem;
33
#include <process.h>
44

55
#include "PipeStream/NamedPipeServerStream.hpp"
6+
#include "PipeStream/Exceptions.hpp"
67
#include "MessageClient.hpp"
78

89
std::wstring CreatePipeName()
@@ -58,11 +59,11 @@ void PipeThread(void*)
5859

5960
pipe.Disconnect();
6061
}
61-
catch (InvalidOperationException*)
62+
catch (InvalidOperationException&)
6263
{
6364

6465
}
65-
catch (IOException*)
66+
catch (IOException&)
6667
{
6768

6869
}
@@ -73,15 +74,34 @@ void PipeThread(void*)
7374
}
7475
}
7576
//---------------------------------------------------------------------------
77+
LONG CALLBACK VectoredExceptionHandler(PEXCEPTION_POINTERS exceptionPointers)
78+
{
79+
if (exceptionPointers->ExceptionRecord->ExceptionCode == EXCEPTION_INVALID_HANDLE)
80+
{
81+
return EXCEPTION_CONTINUE_EXECUTION;
82+
}
83+
84+
return EXCEPTION_CONTINUE_SEARCH;
85+
}
86+
//---------------------------------------------------------------------------
7687
BOOL WINAPI DllMain(HMODULE handle, DWORD reason, PVOID reversed)
7788
{
7889
if (reason == DLL_PROCESS_ATTACH)
7990
{
91+
AddVectoredExceptionHandler(NULL, VectoredExceptionHandler);
92+
8093
_beginthread(PipeThread, 0, nullptr);
8194

8295
return TRUE;
8396
}
8497

98+
if (reason == DLL_PROCESS_DETACH)
99+
{
100+
RemoveVectoredExceptionHandler(VectoredExceptionHandler);
101+
102+
return TRUE;
103+
}
104+
85105
return FALSE;
86106
}
87107
//---------------------------------------------------------------------------

README.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,8 +10,8 @@ ReClass.NET <--------> Zombie <--------> Target
1010
- Download from https://github.com/KN4CK3R/ReClass.NET-HandleAbuser/releases
1111
- Copy the dll files in the appropriate Plugin folder (ReClass.NET/x86/Plugins or ReClass.NET/x64/Plugins)
1212
- Start ReClass.NET and check the plugins form if the HandleAbuser plugin is listed. Open the "Native" tab and switch all available methods to the HandleAbuser plugin.
13-
- Inject the PipeServer.dll into the target.
14-
- Attach to the process via its pipe and use ReClass.NET as normal.
13+
- Inject the PipeServer.dll into the zombie process.
14+
- Attach to the target process through the zombie process pipe and use ReClass.NET as normal.
1515

1616
## Compiling
1717
If you want to compile the ReClass.NET HandleAbuser Plugin just fork the repository and create the following folder structure. If you don't use this structure you need to fix the project references.
@@ -22,4 +22,4 @@ If you want to compile the ReClass.NET HandleAbuser Plugin just fork the reposit
2222
..\ReClass.NET-HandleAbuserPlugin
2323
..\ReClass.NET-HandleAbuserPlugin\Plugin
2424
..\ReClass.NET-HandleAbuserPlugin\Plugin\HandleAbuserPlugin.csproj
25-
```
25+
```

0 commit comments

Comments
 (0)