Skip to content

Commit 590760d

Browse files
UEFI-codeUEFI-code
committed
Improve Code
1 parent 1e1e14a commit 590760d

2 files changed

Lines changed: 12 additions & 21 deletions

File tree

MonikaHijack/HijackMainThread_Returnable.cpp

Lines changed: 12 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -179,7 +179,6 @@ void InjectShellcode()
179179
printf("Allocated RWX memory at address: 0x%p\n", targetGalgame.remotePayloadMemory);
180180
// Write the MonikaPayload to the allocated memory
181181
WriteProcessMemory(targetGalgame.hProcess, targetGalgame.remotePayloadMemory, MonikaPayload, sizeof(MonikaPayload), NULL);
182-
printf("Shellcode written to remote memory successfully\n");
183182
return;
184183
}
185184

@@ -268,15 +267,24 @@ int main()
268267

269268
// Get the target process ID
270269
GetProcessIdByName(targetProcessName);
271-
272270
if (!targetGalgame.processId)
273271
{
274272
printf("Target process \"%s\" not found.\n", targetProcessName);
275273
return 0;
276274
}
277-
278275
printf("Target process \"%s\" found with PID %lu\n", targetProcessName, targetGalgame.processId);
279276

277+
// Get the main thread ID
278+
GetMainThreadId();
279+
if (!targetGalgame.mainThreadId)
280+
{
281+
printf("Failed to find main thread.\n");
282+
CloseHandle(targetGalgame.hProcess);
283+
targetGalgame.hProcess = NULL;
284+
return 0;
285+
}
286+
printf("Main thread found with TID %lu\n", targetGalgame.mainThreadId);
287+
280288
targetGalgame.hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, targetGalgame.processId);
281289
if (!targetGalgame.hProcess)
282290
{
@@ -292,33 +300,17 @@ int main()
292300

293301
// Inject MonikaPayload and get the remote memory address
294302
InjectShellcode();
295-
296303
if (!targetGalgame.remotePayloadMemory)
297304
{
298305
printf("Failed to inject MonikaPayload.\n");
299306
CloseHandle(targetGalgame.hProcess);
300307
targetGalgame.hProcess = NULL;
301308
return 0;
302309
}
303-
304310
printf("Shellcode injected successfully.\n");
305311

306-
// Get the main thread ID
307-
GetMainThreadId();
308-
309-
if (!targetGalgame.mainThreadId)
310-
{
311-
printf("Failed to find main thread.\n");
312-
CloseHandle(targetGalgame.hProcess);
313-
targetGalgame.hProcess = NULL;
314-
return 0;
315-
}
316-
317-
printf("Main thread found with TID %lu\n", targetGalgame.mainThreadId);
318-
319312
// Hijack the main thread
320313
HijackMainThread();
321-
322314
if (!targetGalgame.hThread)
323315
{
324316
printf("Failed to hijack main thread.\n");
@@ -332,9 +324,8 @@ int main()
332324
// Note: Releasing RWX memory may cause glitches in the target process
333325
// VirtualFreeEx(targetGalgame.hProcess, targetGalgame.remotePayloadMemory, 0, MEM_RELEASE);
334326
// targetGalgame.remotePayloadMemory = NULL;
335-
336327
CloseHandle(targetGalgame.hProcess);
337328
targetGalgame.hProcess = NULL;
338329

339330
return 0;
340-
}
331+
}

MonikaHijack/HijackMainThread_Returnable.exe

0 Bytes
Binary file not shown.

0 commit comments

Comments
 (0)