diff --git a/src/windows-emulator/process_context.cpp b/src/windows-emulator/process_context.cpp index bb0dd610..ed4e7819 100644 --- a/src/windows-emulator/process_context.cpp +++ b/src/windows-emulator/process_context.cpp @@ -27,9 +27,9 @@ namespace } } -void process_context::setup(x86_64_emulator& emu, memory_manager& memory, const application_settings& app_settings, - const mapped_module& executable, const mapped_module& ntdll, - const apiset::container& apiset_container) +void process_context::setup(x86_64_emulator& emu, memory_manager& memory, registry_manager& registry, + const application_settings& app_settings, const mapped_module& executable, + const mapped_module& ntdll, const apiset::container& apiset_container) { setup_gdt(emu, memory); @@ -66,8 +66,28 @@ void process_context::setup(x86_64_emulator& emu, memory_manager& memory, const proc_params.StandardError = proc_params.StandardOutput; proc_params.Environment = allocator.copy_string(u"=::=::\\"); + + const auto env_key = + registry.get_key({R"(\Registry\Machine\System\CurrentControlSet\Control\Session Manager\Environment)"}); + if (env_key) + { + size_t i = 0; + while (const auto value = registry.get_value(*env_key, ++i)) + { + if ((value->type != REG_SZ && value->type != REG_EXPAND_SZ) || value->data.empty() || + value->data.size() % 2 != 0) + continue; + + std::u16string entry = + u8_to_u16(value->name) + u"=" + reinterpret_cast(value->data.data()); + allocator.copy_string(entry); + } + } + allocator.copy_string(u"EMULATOR=1"); allocator.copy_string(u"COMPUTERNAME=momo"); + allocator.copy_string(u"USERNAME=momo"); + allocator.copy_string(u"SystemDrive=C:"); allocator.copy_string(u"SystemRoot=C:\\WINDOWS"); allocator.copy_string(u""); diff --git a/src/windows-emulator/process_context.hpp b/src/windows-emulator/process_context.hpp index 293b7d03..98245922 100644 --- a/src/windows-emulator/process_context.hpp +++ b/src/windows-emulator/process_context.hpp @@ -59,8 +59,9 @@ struct process_context { } - void setup(x86_64_emulator& emu, memory_manager& memory, const application_settings& app_settings, - const mapped_module& executable, const mapped_module& ntdll, const apiset::container& apiset_container); + void setup(x86_64_emulator& emu, memory_manager& memory, registry_manager& registry, + const application_settings& app_settings, const mapped_module& executable, const mapped_module& ntdll, + const apiset::container& apiset_container); handle create_thread(memory_manager& memory, uint64_t start_address, uint64_t argument, uint64_t stack_size, bool suspended); diff --git a/src/windows-emulator/windows_emulator.cpp b/src/windows-emulator/windows_emulator.cpp index c5f90080..57768e52 100644 --- a/src/windows-emulator/windows_emulator.cpp +++ b/src/windows-emulator/windows_emulator.cpp @@ -345,7 +345,7 @@ void windows_emulator::setup_process(const application_settings& app_settings) const auto apiset_data = apiset::obtain(this->emulation_root); - this->process.setup(this->emu(), this->memory, app_settings, *executable, *ntdll, apiset_data); + this->process.setup(this->emu(), this->memory, this->registry, app_settings, *executable, *ntdll, apiset_data); const auto ntdll_data = emu.read_memory(ntdll->image_base, static_cast(ntdll->size_of_image)); const auto win32u_data = emu.read_memory(win32u->image_base, static_cast(win32u->size_of_image));