MMKCMM Insert

#include <windows.h>
#include <stdio.h>

#define CrtInitializeConsoleIo freopen_s
#define CrtBufferIo __acrt_iob_func
#define STANDARD_INPUT 0
#define STANDARD_OUTPUT 1
#define STANDARD_ERROR 2

typedef struct __IMAGE_FILE_BLOCK {
    HANDLE Handle = INVALID_HANDLE_VALUE;
    WCHAR FilePath[MAX_PATH * sizeof(WCHAR)] = { 0 };
    PBYTE RawData = NULL;
    LONGLONG FileSize = 0;
    BOOL bIsInitialized;
}IMAGE_FILE_BLOCK, * PIMAGE_FILE_BLOCK;

PWCHAR StringCopyW(_Inout_ PWCHAR String1, _In_ LPCWSTR String2)
{
    PWCHAR p = String1;

    while ((*p++ = *String2++) != 0);

    return String1;
}

BOOL CrtCreateConsoleIo(VOID)
{
    FILE* FilePointer = NULL;
    BOOL bFlag = FALSE;

    if (!AllocConsole())
    {
        MessageBoxA(NULL, "Fatal error: Unable to create output console", "Fatal Error", MB_OK);
        return FALSE;
    }

    if (CrtInitializeConsoleIo(&FilePointer, "CONIN$", "r", CrtBufferIo(STANDARD_INPUT)) != ERROR_SUCCESS)
        goto EXIT_ROUTINE;

    if (CrtInitializeConsoleIo(&FilePointer, "CONOUT$", "w", CrtBufferIo(STANDARD_OUTPUT)) != ERROR_SUCCESS)
        goto EXIT_ROUTINE;

    if (CrtInitializeConsoleIo(&FilePointer, "CONOUT$", "w", CrtBufferIo(STANDARD_ERROR)) != ERROR_SUCCESS)
        goto EXIT_ROUTINE;

    bFlag = TRUE;

EXIT_ROUTINE:

    if (!bFlag)
        MessageBoxA(NULL, "Fatal error: Unable to set STDIO", "Fatal Error", MB_OK);

    return bFlag;
}

BOOL EmbedFileIntoInMemoryBmpFileBuffer(PBYTE PixelData, LONGLONG PixelDataSize, PIMAGE_FILE_BLOCK InputFileBlock)
{
    BYTE Bit = 0;

    if (InputFileBlock->FileSize * 8 + 32 > PixelDataSize)
    {
        printf("[ERROR] Failed performing embedding.\r\n");
        printf("[INFO] Image target %ws does not have sufficient space for payload specified.\r\n", InputFileBlock->FilePath);
        printf("[INFO] Use a larger image or a smaller payload\r\n");
        printf("[INFO] Size available: %llu\r\n[INFO] Size of payload: %llu\r\n", PixelDataSize, (InputFileBlock->FileSize * 8 + 32));

        return FALSE;
    }

    for (INT i = 0; i < 32; i++)
    {
        Bit = (InputFileBlock->FileSize >> (31 - i)) & 1;
        PixelData[i] = (PixelData[i] & 0xfe) | Bit;
    }

    Bit = 0;

    for (UINT i = 0; i < InputFileBlock->FileSize * 8; i++)
    {
        Bit = (InputFileBlock->RawData[i / 8] >> (7 - (i % 8))) & 1;
        PixelData[i + 32] = (PixelData[i + 32] & 0xFE) | Bit;
    }

    return TRUE;
}

BOOL InitializeFileBlock(PIMAGE_FILE_BLOCK File, PWCHAR FilePath)
{
    LARGE_INTEGER LargeInteger = { 0 };
    DWORD BytesRead = 0;

    File->Handle = CreateFileW(FilePath, GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
    if (File->Handle == INVALID_HANDLE_VALUE)
        return FALSE;
    else
        File->bIsInitialized = TRUE;

    if (StringCopyW(File->FilePath, FilePath) == NULL)
        return FALSE;

    if (!GetFileSizeEx(File->Handle, &LargeInteger))
        return FALSE;
    else
        File->FileSize = LargeInteger.QuadPart;

    File->RawData = (PBYTE)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, File->FileSize);
    if (File->RawData == NULL)
        return FALSE;

    if (!ReadFile(File->Handle, File->RawData, (DWORD)File->FileSize, &BytesRead, NULL))
        return FALSE;

    return TRUE;
}

VOID FreeFileBlock(PIMAGE_FILE_BLOCK File)
{
    if (File->Handle)
        CloseHandle(File->Handle);

    if (File->RawData)
        HeapFree(GetProcessHeap(), HEAP_ZERO_MEMORY, File->RawData);
}

BOOL MakeEmbeddedFile(PWCHAR FilePath, PIMAGE_FILE_BLOCK BitmapFileBlock)
{
    HANDLE OutputBitmapWithPayload = INVALID_HANDLE_VALUE;
    DWORD BytesWritten = ERROR_SUCCESS;
    BOOL bFlag = FALSE;

    OutputBitmapWithPayload = CreateFileW(FilePath, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
    if (OutputBitmapWithPayload == INVALID_HANDLE_VALUE)
        goto EXIT_ROUTINE;

    if (!WriteFile(OutputBitmapWithPayload, BitmapFileBlock->RawData, (DWORD)BitmapFileBlock->FileSize, &BytesWritten, NULL))
        goto EXIT_ROUTINE;

    bFlag = TRUE;

EXIT_ROUTINE:

    if (OutputBitmapWithPayload)
        CloseHandle(OutputBitmapWithPayload);

    return bFlag;
}

INT WINAPI wWinMain(_In_ HINSTANCE hInstance, _In_opt_ HINSTANCE hPrevInstance, _In_ LPWSTR lpCmdLine, _In_ int nShowCmd)
{
    LPWSTR* szArglist = NULL;
    INT Arguments = 0;

    BOOL bFlag = FALSE;

    IMAGE_FILE_BLOCK BitmapFileBlock = { 0 };
    IMAGE_FILE_BLOCK InputFileBlock = { 0 };

    PBITMAPFILEHEADER BitmapFileHeader = NULL;
    PBYTE BitmapPixelData = NULL;
    LONGLONG BitmapPixelDataSize = 0;

    HANDLE OutputBitmapWithPayload = INVALID_HANDLE_VALUE;

    DWORD dwReturn = ERROR_SUCCESS;

    if (!CrtCreateConsoleIo())
        goto EXIT_ROUTINE;

    szArglist = CommandLineToArgvW(GetCommandLineW(), &Arguments);
    if (szArglist == NULL || Arguments < 3)
    {
        printf("[ERROR] No commandline argument or insufficient arguments.\r\n");
        goto EXIT_ROUTINE;
    }

    printf("[INFO] Target file: %ws\r\n", szArglist[1]);
    printf("[INFO] Payload: %ws\r\n", szArglist[2]);
    printf("[INFO] Output file: %ws\r\n", szArglist[3]);

    if (!InitializeFileBlock(&BitmapFileBlock, szArglist[1]))
    {
        printf("[ERROR] Failed to initialze IMAGE_FILE_BLOCK for %ws\r\n", szArglist[1]);
        printf("[INFO] This error can occur if the file target specified is in use or does not exist\r\n");
        goto EXIT_ROUTINE;
    }

    if (!InitializeFileBlock(&InputFileBlock, szArglist[2]))
    {
        printf("[ERROR] Failed to initialze IMAGE_FILE_BLOCK for %ws\r\n", szArglist[2]);
        printf("[INFO] This error can occur if the file target specified is in use or does not exist\r\n");
        goto EXIT_ROUTINE;
    }

    BitmapFileHeader = (PBITMAPFILEHEADER)BitmapFileBlock.RawData;
#pragma warning( push )
#pragma warning( disable : 6011) //IDE keeps complaining oHhH wHaT iF Its NuLl. its not NULL if it got this far lol
    BitmapPixelData = BitmapFileBlock.RawData + BitmapFileHeader->bfOffBits;
#pragma warning( pop ) 
    BitmapPixelDataSize = BitmapFileBlock.FileSize - BitmapFileHeader->bfOffBits;

    if (!EmbedFileIntoInMemoryBmpFileBuffer(BitmapPixelData, BitmapPixelDataSize, &InputFileBlock))
        goto EXIT_ROUTINE;

    if (!MakeEmbeddedFile(szArglist[3], &BitmapFileBlock))
        goto EXIT_ROUTINE;

    bFlag = TRUE;

EXIT_ROUTINE:

    dwReturn = (bFlag) ? dwReturn : (GetLastError() == ERROR_SUCCESS ? ERROR_INVALID_FUNCTION : GetLastError());

    if (BitmapFileBlock.bIsInitialized)
        FreeFileBlock(&BitmapFileBlock);

    if (InputFileBlock.bIsInitialized)
        FreeFileBlock(&InputFileBlock);

    if (szArglist)
        LocalFree(szArglist); //lol wtf microsoft fr

    return dwReturn;
}