[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 280
  • Last Modified:

Delphi code to C++ conversation

Hi

I have a piece of code and I want to convert it to C++ code, is there autometed tool to do it?

I paste my function here, maybe some one can do that manually or with autometed tool, so please advice about it, I don't know too much about Delphi.

Thanks
var
  bytesIO, c: DWORD;
  sp1: KSERVICE_PTR;
begin
  result := false;
  ZwQuerySystemInformation(SystemModuleInformation, @kmodule, sizeof(kmodule), @bytesIO);
 
  DeviceIoControl(DriverHandle, IOPORT_GET_KERNEL_SDT_INFO, nil, 0, @sdt1, sizeof(SERVICE_DESCRIPTOR_ENTRY), bytesIO, nil);
  CurrentTable := VirtualAlloc(nil, sdt1.NumberOfServices * sizeof(PVOID), MEM_COMMIT, PAGE_READWRITE);
  OrigTable := VirtualAlloc(nil, sdt1.NumberOfServices * sizeof(PVOID), MEM_COMMIT, PAGE_READWRITE);
 
  DumpOrigSDT();
  DeviceIoControl(DriverHandle, IOPORT_READ_KERNEL_SDT, nil, 0, CurrentTable, sdt1.NumberOfServices * sizeof(PVOID), bytesIO, nil);
  DumpExports(ntdll);
 
  for c := 0 to sdt1.NumberOfServices - 1 do
    dec(CurrentTable^[c], DWORD(kmodule.moduleinfo.Base));
 
  if (uhall) then
  begin
    for c := 0 to sdt1.NumberOfServices - 1 do
      if (CurrentTable^[c] <> OrigTable^[c]) then
      begin
        sp1.dwServiceNumber := c;
        sp1.dwServiceEntryPoint := pointer(OrigTable^[c] + DWORD(kmodule.moduleinfo.Base));
        result := DeviceIoControl(DriverHandle, IOPORT_WRITE_KERNEL_SDT, @sp1, sizeof(KSERVICE_PTR), nil, 0, bytesIO, nil);
      end;
  end
  else
  begin
    for c := 0 to sdt1.NumberOfServices - 1 do
      if (CurrentTable^[c] <> OrigTable^[c]) and (c = ServiceNumber) then
      begin
        sp1.dwServiceNumber := c;
        sp1.dwServiceEntryPoint := pointer(OrigTable^[c] + DWORD(kmodule.moduleinfo.Base));
        result := DeviceIoControl(DriverHandle, IOPORT_WRITE_KERNEL_SDT, @sp1, sizeof(KSERVICE_PTR), nil, 0, bytesIO, nil);
      end;
  end;
  VirtualFree(CurrentTable, 0, MEM_RELEASE);
  VirtualFree(OrigTable, 0, MEM_RELEASE);

Open in new window

0
CSecurity
Asked:
CSecurity
  • 4
  • 2
1 Solution
 
Geert GruwezOracle dbaCommented:
variable declarations are missing :

kmodule
DriverHandle
sdt1
CurrentTable
OrigTable
c
uhall
0
 
ThievingSixCommented:
kmodule:
SystemBasicInformation

The number of processors in the system in a SYSTEM_BASIC_INFORMATION structure. Use the GetSystemInfo function instead.

----------------------------------------------------------------

DriverHandle will be a DWORD

----------------------------------------------------------------

sdt1: Im guessings its a SERVICE_DESCRIPTOR_ENTRY structure

----------------------------------------------------------------

CurrentTable and OrigTable: pointer or pchar

----------------------------------------------------------------

c is defined already as a dword

----------------------------------------------------------------

uhall is a boolean
0
 
CSecurityAuthor Commented:
Exactly! ThievingSix is completely right
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
CSecurityAuthor Commented:
Entire code is attached
Test.txt
0
 
CSecurityAuthor Commented:
But I want only that part of code I sent, to be translated into C++ lang

Thanks once again
0
 
ThievingSixCommented:
Here's my fun little go at it. Please, don't burn you're eyes looking at my c++ code, I usually translate the other way around. Maybe it can help if no one else has a better translation.
typedef struct {
	DWORD dwServiceNumber;
	LPVOID dwServiceEntryPoint;
} _KSERVICE_PTR;
 
typedef _KSERVICE_PTR KSERVICE_PTR;
typedef _KSERVICE_PTR* PKSERVICE_PTR
 
typedef struct {
	unsigned long modulescount;
	SYSTEM_MODULE_INFORMATION moduleinfo;
} infobuffer;
 
typedef struct {
	PVOID* ServiceTableBase;
	PVOID* ServiceCounterTableBase;
	DWORD NumberOfServices;
	unsigned char * ParamTableBase;
} SERVICE_DESCRIPTOR_ENTRY
 
 
bool UnHook(DWORD ServiceNumber, BOOL uHall);
{
	BOOL Result = FALSE;
	DWORD BytesIO;
	DWORD C;
	KSERVICE_PTR sp1;
	DWORD DriverHandle;
	infobuffer kmodule;
	SERVICE_DESCRIPTOR_ENTRY sdt1;
	char* CurrentTable;
	char* OrigTable;
 
	ZwQuerySystemInformation(SystemModuleInformation,&kmodule,sizeof(kmodule),&bytesIO);
	DeviceIOControl(DriverHandle,IOPORT_GET_KERNEL_SDT_INFO,NULL,0,&sdt1,sizeof(SERVICE_DESCRIPTOR_ENTRY),bytesIO,NULL);
	CurrentTable = VirtualAlloc(NULL,sdt1.NumberOfServices * sizeof(PVOID),MEM_COMMIT,PAGE_READWRITE);
	OrigTable = VirtualAlloc(NULL,sdt1.NumberOfServices * sizeof(PVOID),MEM_COMMIT,PAGE_READWRITE);
	DumpOrigDT();
	DeviceIOControl(DriverHandle,IOPORT_READ_KERNEL_SDT,NULL,0,CurrentTable,sdt1.NumberOfServices * sizeof(PVOID),bytesIO,NULL);
	DumpExports(ntdll);
	for(c=0,c<sdt1.NumberOfServices,c++)
	{
		CurrentTable[c] -= DWORD(kmodule.modultinfo.base);
	}
	if(uhall) 
	{
		for(c=0,c<sdt1.NumberOfServices,c++)
		{
			if(CurrentTable[c] != OrigTable[c])
			{
				sp1.dwServiceNumber = c;
				sp1.dwServiceEntryPoint = LPVOID(OrigTable[c] + DWORD(kmodule.moduleinfo.Base));
				Result = DeviceIOControl(DriverHandle,IOPORT_WRITE_KERNEL_SDT,&sp1,sizeof(KSERVICE_PTR),NULL,0,bytesIO,NULL);
			}
		}
	}
	else
	{
		for(c=0,c<sdt1.NumberOfServices,c++)
		{
			if((CurrentTable[c] != OrigTable[c]) && (c == ServiceNumber))
			{
				sp1.dwServiceNumber = c;
				sp1.dwServiceEntryPoint = LPVOID(OrigTable[c] + DWORD(kmodule.moduleinfo.Base));
				Result = DeviceIOControl(DriverHandle,IOPORT_WRITE_KERNEL_SDT,&sp1,sizeof(KSERVICE_PTR),NULL,0,bytesIO,NULL);
			}
		}
	}
	VirtualFree(CurrentTable,0,MEM_RELEASE);
	VirtualFree(OrigTable,0,MEM_RELEASE);
 
}

Open in new window

0
 
CSecurityAuthor Commented:
Thank you so much, is it possible for you to convert DumpOrigDT(), without that I wasn't able to test the code.

Thank you so much for your work
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now