BKLockly
diff --git a/‎.vs/Timestamp/FileContentIndex/14c68873-5434-44c3-8689-2f46c0516dd1.vsidx‎
38.8 KB b/‎.vs/Timestamp/FileContentIndex/14c68873-5434-44c3-8689-2f46c0516dd1.vsidx‎
38.8 KB
diff --git a/‎.vs/Timestamp/FileContentIndex/c875c5ae-27f1-4e72-9115-e438c604733b.vsidx‎
6.84 KB b/‎.vs/Timestamp/FileContentIndex/c875c5ae-27f1-4e72-9115-e438c604733b.vsidx‎
6.84 KB
diff --git a/‎.vs/Timestamp/v17/.suo‎
32 KB b/‎.vs/Timestamp/v17/.suo‎
32 KB
diff --git a/‎.vs/Timestamp/v17/Browse.VC.db‎
30.9 MB b/‎.vs/Timestamp/v17/Browse.VC.db‎
30.9 MB
diff --git a/‎.vs/Timestamp/v17/ipch/AutoPCH/4f47408f42d0ecc1/BOFDEFS.ipch‎
48.6 MB b/‎.vs/Timestamp/v17/ipch/AutoPCH/4f47408f42d0ecc1/BOFDEFS.ipch‎
48.6 MB
diff --git a/‎.vs/Timestamp/v17/ipch/AutoPCH/c450a9ce6dc4b66/SOURCE.ipch‎
48.8 MB b/‎.vs/Timestamp/v17/ipch/AutoPCH/c450a9ce6dc4b66/SOURCE.ipch‎
48.8 MB
diff --git a/‎.vs/Timestamp/v17/ipch/AutoPCH/db56be03cb30f776/SOURCE.ipch‎
46.6 MB b/‎.vs/Timestamp/v17/ipch/AutoPCH/db56be03cb30f776/SOURCE.ipch‎
46.6 MB
diff --git a/‎.vs/Timestamp/v17/ipch/AutoPCH/e7e896a1a206e936/SOURCE.ipch‎
46.6 MB b/‎.vs/Timestamp/v17/ipch/AutoPCH/e7e896a1a206e936/SOURCE.ipch‎
46.6 MB
diff --git a/‎Timestamp.sln‎
Lines changed: 37 additions & 0 deletions b/‎Timestamp.sln‎
Lines changed: 37 additions & 0 deletions
diff --git a/‎Timestamp/Source.c‎
Lines changed: 76 additions & 0 deletions b/‎Timestamp/Source.c‎
Lines changed: 76 additions & 0 deletions
@@ -0,0 +1,37 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.8.34330.188
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Timestamp", "Timestamp\Timestamp.vcxproj", "{EC92988C-4BEC-4CA5-98F0-243B88E0F029}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		BOF|x64 = BOF|x64
+		BOF|x86 = BOF|x86
+		Debug|x64 = Debug|x64
+		Debug|x86 = Debug|x86
+		Release|x64 = Release|x64
+		Release|x86 = Release|x86
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{EC92988C-4BEC-4CA5-98F0-243B88E0F029}.BOF|x64.ActiveCfg = BOF|x64
+		{EC92988C-4BEC-4CA5-98F0-243B88E0F029}.BOF|x64.Build.0 = BOF|x64
+		{EC92988C-4BEC-4CA5-98F0-243B88E0F029}.BOF|x86.ActiveCfg = BOF|Win32
+		{EC92988C-4BEC-4CA5-98F0-243B88E0F029}.BOF|x86.Build.0 = BOF|Win32
+		{EC92988C-4BEC-4CA5-98F0-243B88E0F029}.Debug|x64.ActiveCfg = Debug|x64
+		{EC92988C-4BEC-4CA5-98F0-243B88E0F029}.Debug|x64.Build.0 = Debug|x64
+		{EC92988C-4BEC-4CA5-98F0-243B88E0F029}.Debug|x86.ActiveCfg = Debug|Win32
+		{EC92988C-4BEC-4CA5-98F0-243B88E0F029}.Debug|x86.Build.0 = Debug|Win32
+		{EC92988C-4BEC-4CA5-98F0-243B88E0F029}.Release|x64.ActiveCfg = Release|x64
+		{EC92988C-4BEC-4CA5-98F0-243B88E0F029}.Release|x64.Build.0 = Release|x64
+		{EC92988C-4BEC-4CA5-98F0-243B88E0F029}.Release|x86.ActiveCfg = Release|Win32
+		{EC92988C-4BEC-4CA5-98F0-243B88E0F029}.Release|x86.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {C0E24622-9AFE-4A0C-9B21-9CA349027359}
+	EndGlobalSection
+EndGlobal
@@ -0,0 +1,76 @@
+#include <stdio.h>
+#include <Windows.h>
+#include "beacon.h"
+
+DECLSPEC_IMPORT BOOL WINAPI KERNEL32$SetFileTime(HANDLE, const FILETIME*, const FILETIME*, const FILETIME*);
+DECLSPEC_IMPORT HANDLE WINAPI KERNEL32$CreateFileA(LPCSTR, DWORD, DWORD, LPSECURITY_ATTRIBUTES, DWORD, DWORD, HANDLE);
+DECLSPEC_IMPORT BOOL WINAPI KERNEL32$CloseHandle(HANDLE);
+DECLSPEC_IMPORT BOOL WINAPI KERNEL32$GetFileTime(HANDLE, LPFILETIME, LPFILETIME, LPFILETIME);
+DECLSPEC_IMPORT DWORD WINAPI KERNEL32$GetLastError();
+
+void go(char* buff, int len) {
+    datap parser;
+    char* sourceFile;
+    char* targetFile;
+
+    BeaconDataParse(&parser, buff, len);
+    sourceFile = BeaconDataExtract(&parser, NULL);
+    targetFile = BeaconDataExtract(&parser, NULL);
+
+    if (!sourceFile || !targetFile) {
+        BeaconPrintf(CALLBACK_ERROR, "[!] Error: Two file paths required\n");
+        BeaconPrintf(CALLBACK_ERROR, "[-] Usage: inline-execute timestamp.o \"source_file\" \"target_file\"\n");
+        return;
+    }
+
+    BeaconPrintf(CALLBACK_OUTPUT, "[-] Source: %s\n", sourceFile);
+    BeaconPrintf(CALLBACK_OUTPUT, "[-] Target: %s\n", targetFile);
+
+    HANDLE hSourceFile = KERNEL32$CreateFileA(
+        sourceFile,
+        GENERIC_READ,
+        FILE_SHARE_READ,
+        NULL,
+        OPEN_EXISTING,
+        FILE_ATTRIBUTE_NORMAL,
+        NULL
+    );
+
+    if (hSourceFile == INVALID_HANDLE_VALUE) {
+        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to open source file (Error: %d)\n", KERNEL32$GetLastError());
+        return;
+    }
+
+    FILETIME ftCreation, ftLastAccess, ftLastWrite;
+    if (!KERNEL32$GetFileTime(hSourceFile, &ftCreation, &ftLastAccess, &ftLastWrite)) {
+        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to get source timestamps (Error: %d)\n", KERNEL32$GetLastError());
+        KERNEL32$CloseHandle(hSourceFile);
+        return;
+    }
+
+    KERNEL32$CloseHandle(hSourceFile);
+
+    HANDLE hTargetFile = KERNEL32$CreateFileA(
+        targetFile,
+        FILE_WRITE_ATTRIBUTES,
+        FILE_SHARE_READ | FILE_SHARE_WRITE,
+        NULL,
+        OPEN_EXISTING,
+        FILE_ATTRIBUTE_NORMAL,
+        NULL
+    );
+
+    if (hTargetFile == INVALID_HANDLE_VALUE) {
+        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to open target file (Error: %d)\n", KERNEL32$GetLastError());
+        return;
+    }
+
+    if (!KERNEL32$SetFileTime(hTargetFile, &ftCreation, &ftLastAccess, &ftLastWrite)) {
+        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to modify timestamps (Error: %d)\n", KERNEL32$GetLastError());
+    }
+    else {
+        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully modified timestamps\n");
+    }
+
+    KERNEL32$CloseHandle(hTargetFile);
+}