noury/mirror-ac
1
0
Fork 0
mirror of https://github.com/donnaskiez/ac.git synced 2024-11-21 22:24:08 +01:00
Code Issues Projects Releases Packages Wiki Activity
mirror-ac/user/report.h

112 lines
2.3 KiB
C
Raw Normal View History

EPIC
2023-08-18 07:33:13 +02:00
#ifndef REPORT_H
#define REPORT_H
#include <Windows.h>
#include "threadpool.h"
#include "client.h"
OMG
2023-08-18 10:39:21 +02:00
#include <TlHelp32.h>
#define REPORT_BUFFER_SIZE 1024
fix sig scan
2023-08-18 15:22:53 +02:00
#define MAX_SIGNATURE_SIZE 256
big money changes to driver
2023-08-19 04:52:57 +02:00
#define MODULE_VALIDATION_FAILURE_MAX_REPORT_COUNT 5
OMG
2023-08-18 10:39:21 +02:00
#define REPORT_CODE_MODULE_VERIFICATION 10
fix sig scan
2023-08-18 15:22:53 +02:00
#define REPORT_CODE_START_ADDRESS_VERIFICATION 20
#define REPORT_PAGE_PROTECTION_VERIFICATION 30
#define REPORT_PATTERN_SCAN_FAILURE 40
big money changes to driver
2023-08-19 04:52:57 +02:00
#define REPORT_NMI_CALLBACK_FAILURE 50
#define REPORT_MODULE_VALIDATION_FAILURE 60
EPIC
2023-08-18 07:33:13 +02:00
bedtime (:
2023-08-18 16:34:15 +02:00
EPIC
2023-08-18 07:33:13 +02:00
namespace global
{
class Report
{
std::shared_ptr<global::ThreadPool> thread_pool;
got report working YES
2023-08-18 09:18:00 +02:00
std::shared_ptr<global::Client> client;
OMG
2023-08-18 10:39:21 +02:00
std::mutex mutex;
byte buffer[ REPORT_BUFFER_SIZE ];
fix sig scan
2023-08-18 15:22:53 +02:00
EPIC
2023-08-18 07:33:13 +02:00
public:
fix sig scan
2023-08-18 15:22:53 +02:00
EPIC
2023-08-18 07:33:13 +02:00
Report( std::shared_ptr<global::ThreadPool> ThreadPool, LPTSTR PipeName );
OMG
2023-08-18 10:39:21 +02:00
bedtime (:
2023-08-18 16:34:15 +02:00
/* lock buffer, copy report, send to service then clear buffer */
OMG
2023-08-18 10:39:21 +02:00
template <typename T>
void ReportViolation( T* Report )
{
mutex.lock();
bedtime (:
2023-08-18 16:34:15 +02:00
global::headers::PIPE_PACKET_HEADER header;
header.message_type = REPORT_PACKET_ID;
memcpy( this->buffer, &header, sizeof( global::headers::PIPE_PACKET_HEADER ) );
oh my fgosh we got it working
2023-08-20 11:17:03 +02:00
memcpy( PVOID( ( UINT64 )this->buffer + sizeof( global::headers::PIPE_PACKET_HEADER ) ), Report, sizeof( T ) );
this->client->WriteToPipe( buffer, sizeof(T) + sizeof( global::headers::PIPE_PACKET_HEADER ) );
OMG
2023-08-18 10:39:21 +02:00
RtlZeroMemory( this->buffer, REPORT_BUFFER_SIZE );
bedtime (:
2023-08-18 16:34:15 +02:00
OMG
2023-08-18 10:39:21 +02:00
mutex.unlock();
}
EPIC
2023-08-18 07:33:13 +02:00
};
OMG
2023-08-18 10:39:21 +02:00
namespace report_structures
{
struct MODULE_VERIFICATION_CHECKSUM_FAILURE
{
INT report_code;
UINT64 module_base_address;
UINT64 module_size;
std::string module_name;
};
fix sig scan
2023-08-18 15:22:53 +02:00
struct PROCESS_THREAD_START_FAILURE
{
INT report_code;
LONG thread_id;
UINT64 start_address;
};
struct PAGE_PROTECTION_FAILURE
{
INT report_code;
UINT64 page_base_address;
LONG allocation_protection;
LONG allocation_state;
LONG allocation_type;
};
struct PATTERN_SCAN_FAILURE
{
INT report_code;
INT signature_id;
UINT64 address;
};
big money changes to driver
2023-08-19 04:52:57 +02:00
struct NMI_CALLBACK_FAILURE
{
INT report_code;
INT were_nmis_disabled;
UINT64 kthread_address;
UINT64 invalid_rip;
};
struct MODULE_VALIDATION_FAILURE_HEADER
{
INT module_count;
};
struct MODULE_VALIDATION_FAILURE
{
INT report_code;
e
2023-08-19 11:44:42 +02:00
INT report_type;
big money changes to driver
2023-08-19 04:52:57 +02:00
UINT64 driver_base_address;
UINT64 driver_size;
reawr
2023-08-20 09:32:46 +02:00
CHAR driver_name[ 128 ];
big money changes to driver
2023-08-19 04:52:57 +02:00
};
OMG
2023-08-18 10:39:21 +02:00
}
EPIC
2023-08-18 07:33:13 +02:00
}
#endif
Reference in a new issue Copy permalink