  

1.    Visual C++ Runtime.  malloc, memcpy, str* -  .
 WinAPI       malloc  HeapAlloc,  memcpy  CopyMemory,  strstr  StrStr (shlwapi.h/.lib).
CRT       .
1.1. STL     .
1.2.   STL     .  std::mutex   200.      ,   ,        !
2.           ( /MT). 
3.    Andrivet (, . _STR())
4.     GetApi.h.  ,     .


 

1.    Microsoft Visual Studio    2015.
2.  Visual Studio     :
*    :
-  /  : $(SolutionDir)Bin\$(PlatformTarget)\$(Configuration)\
-  /  : $(SolutionDir)\obj\$(Platform)\$(Configuration)\$(ProjectName)\
-  /   SDK  Windows: <       >
- /++ /  /  : 
- /++ /   /   :     (Release/Debug )
- /++ /   /    : 
- /++ /   /  /++ : 
*  Release:
-    (/++  ): 
-    (/): 
   
/DEBUG:NONE /EMITPOGOPHASEINFO
https://stackoverflow.com/questions/45538668/remove-image-debug-directory-from-rdata-section
- /++ /   /   : 
- /++ /   /    :  
- /++ /  /    : 
*   LLVM-Obfuscator:
Clang        .pdb,      .
  (Visual Studio):
-  ->  ,  /pdbaltpath:<>,    pdb   .
5.      - x32-  x64-.
6.            .exe/.dll.
  .dll   __    .exe.
7.         ,    .
8.     .      modulename.log (     ).
          .
9.       config.h ( ,   -     - , -   ).
10.        Windows.
      Windows - Windows XP (  - Windows Vista).
11.       notelemetry.obj (https://stackoverflow.com/questions/37761768/how-to-prevent-visual-studio-2015-update-2-to-add-telemetry-main-invoke-trigger)
12.    Cobalt Strike:
#define DLL_API __declspec(dllexport)
extern "C" DLL_API void CALLBACK StartDLL(HWND hwnd, HINSTANCE hinst, LPSTR lpszCmdLine, int nCmdShow)
 :

TStr DllCmdLine;
for(int i = 1; i < argc; i++)
    DllCmdLine += TStr(argv[i]) + (i < argc - 1 ? " " : "");
char *OutputData;
int OutputSize;
int *p = &OutputSize;
pStartDLL(HWND(&OutputData), HINSTANCE(&OutputSize), &DllCmdLine[0], SW_MAX + 1);
  :       ,    .

 

     :

 modulename/Release_logged/x86
 modulename/Release_logged/x64
 modulename/Release_nologs/x86
 modulename/Release_nologs/x64

 Release_logged        (      Release!
..      ,    ).
 release_nologs -   ,   .
           ( cookies.22.04.2019).
        ,     ( cookies.22.04.2019.2)

      -       ,
      ,         .
         .

         :

* README.txt -      .
     ,  ,  ,    
   .
   : .    - ,         .

  :
-  
-  
- 
-     ( )
- ,    ,     ,  

* RELEASE_NOTES.txt   :

11.02.2010
 1.1
-     
-   
-       ,    
-    

01.02.2010
   -   

01.01.2010
  


 

    :
-    
-       Release_nologs.
         Far,
    IDA Pro (     Open Subview -> Strings),
   .
-           
(  d:\work\Vasya Ivanov\project\project.pdb)
-        Release_nologs
(IDA Pro           )
-    dyncheck.com   .    !
  :
* x86 -  6- 
* x64 -  3- 
!!!    virustotal.com!!!


 

      .rar      16 .
    (  ,   ,   ).
     .
     .
modulename.22.09.2010.rar -  
c.rar -  


 GIT

 GIT   ,   .

  ,    .

  ,    .

  ,    .

     -    .
     -      ,       .

 :
- 
-   , , URL  IP-, , ,  -  ,    
(   ,     , - , URL   , )
-   ( .obj, .suo, .sdf     Visual Studio   IDE)
-   -    (.exe )

     ( git  )
-     (     )
-        (       )
-    (  :      )

 -       ,      .
      - -  mission impossible.
             blame.


git blame src/file.cpp

  ,        .      Visual Studio
(     Solution Explorer ->  ())
 ,    - ,  "some update", 
-     ;
-       ,           ".";
-    ,       (       "commit",   ,
       ,       )
-   diff (   ,  merge tool   Visual Studio)   

  ,    :
-   -          "  -      - -  -"
-   -          "  HTTP-"

 ,    ,       ,         .

     ,    ,    .
   ?


 1.   

     .bat   .


@echo off
rem usage: publish_build.bat

SetLocal EnableDelayedExpansion
set outdir=f:\temp
set srcdir=f:\Projects\project\Bin

for /f %%x in ('wmic path win32_localtime get /format:list ^| findstr "="') do set %%x
set today=%Day%.%Month%.%Year%
set outdir=%outdir%\g%today%
echo %outdir%
if not exist %outdir% goto :startcopy
set /a x=2
:while
if %x% lss 100 (
  echo %x%
  set /a x+=1
  if not exist %outdir%.%x% (
     set outdir=%outdir%.%x%
     goto :startcopy
  )
  goto :while
)
)

:startcopy
mkdir %outdir%
mkdir %outdir%\logged
mkdir %outdir%\logged\Release.x86
mkdir %outdir%\logged\Release.x64
xcopy /Y %srcdir%\x86\Release_logged\module.dll %outdir%\logged\Release.x86
xcopy /Y %srcdir%\x86\Release_logged\loader-test.exe %outdir%\logged\Release.x86
xcopy /Y %srcdir%\x64\Release_logged\module.dll %outdir%\logged\Release.x64
xcopy /Y %srcdir%\x64\Release_logged\loader-test.exe %outdir%\logged\Release.x64

mkdir %outdir%\not_logged
mkdir %outdir%\not_logged\Release.x86
mkdir %outdir%\not_logged\Release.x64
xcopy /Y %srcdir%\x86\Release_nologs\module.dll %outdir%\not_logged\Release.x86
xcopy /Y %srcdir%\x86\Release_nologs\loader-test.exe %outdir%\not_logged\Release.x86
xcopy /Y %srcdir%\x64\Release_nologs\module.dll %outdir%\not_logged\Release.x64
xcopy /Y %srcdir%\x64\Release_nologs\loader-test.exe %outdir%\not_logged\Release.x64

xcopy /Y %srcdir%\..\RELEASE_NOTES.txt %outdir%
xcopy /Y %srcdir%\..\readme.user.txt %outdir%

EndLocal