noury/mirror-ac
1
0
Fork 0
mirror of https://github.com/donnaskiez/ac.git synced 2024-11-21 22:24:08 +01:00
Code Issues Projects Releases Packages Wiki Activity

BIG CLEANUP

Browse source
This commit is contained in:
donnaskiez 2024-06-09 22:09:18 +10:00
parent 6895b1723d
commit 3c1ee3a14b
52 changed files with 7 additions and 3363 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

118
ac.sln
View file

@ -5,12 +5,6 @@ VisualStudioVersion = 17.5.33502.453
MinimumVisualStudioVersion = 10.0.40219.1 MinimumVisualStudioVersion = 10.0.40219.1
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "driver", "driver\driver.vcxproj", "{0AE83EC6-DDEA-4EDE-B1B2-1B2AB1E8BB54}" Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "driver", "driver\driver.vcxproj", "{0AE83EC6-DDEA-4EDE-B1B2-1B2AB1E8BB54}"
EndProject EndProject
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "service", "service\service.csproj", "{6228E9DD-E1EA-45D8-8054-A00FC2D63414}"
EndProject
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "server", "server\server.csproj", "{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}"
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "testdrv", "test\driver\testdrv.vcxproj", "{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}"
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "module", "module\module.vcxproj", "{3B18467A-4358-45EF-81B1-5C6F9B0B6728}" Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "module", "module\module.vcxproj", "{3B18467A-4358-45EF-81B1-5C6F9B0B6728}"
EndProject EndProject
Global Global
@ -81,118 +75,6 @@ Global
{0AE83EC6-DDEA-4EDE-B1B2-1B2AB1E8BB54}.Release|x86.ActiveCfg = Release|x64 {0AE83EC6-DDEA-4EDE-B1B2-1B2AB1E8BB54}.Release|x86.ActiveCfg = Release|x64
{0AE83EC6-DDEA-4EDE-B1B2-1B2AB1E8BB54}.Release|x86.Build.0 = Release|x64 {0AE83EC6-DDEA-4EDE-B1B2-1B2AB1E8BB54}.Release|x86.Build.0 = Release|x64
{0AE83EC6-DDEA-4EDE-B1B2-1B2AB1E8BB54}.Release|x86.Deploy.0 = Release|x64 {0AE83EC6-DDEA-4EDE-B1B2-1B2AB1E8BB54}.Release|x86.Deploy.0 = Release|x64
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Debug|Any CPU.Build.0 = Debug|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Debug|ARM64.ActiveCfg = Debug|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Debug|ARM64.Build.0 = Debug|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Debug|x64.ActiveCfg = Debug|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Debug|x64.Build.0 = Debug|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Debug|x86.ActiveCfg = Debug|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Debug|x86.Build.0 = Debug|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win10|Any CPU.ActiveCfg = Release - No Server|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win10|Any CPU.Build.0 = Release - No Server|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win10|ARM64.ActiveCfg = Release - No Server|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win10|ARM64.Build.0 = Release - No Server|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win10|x64.ActiveCfg = Release - No Server|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win10|x64.Build.0 = Release - No Server|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win10|x86.ActiveCfg = Release - No Server|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win10|x86.Build.0 = Release - No Server|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win11|Any CPU.ActiveCfg = Release - No Server|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win11|Any CPU.Build.0 = Release - No Server|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win11|ARM64.ActiveCfg = Release - No Server|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win11|ARM64.Build.0 = Release - No Server|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win11|x64.ActiveCfg = Release - No Server|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win11|x64.Build.0 = Release - No Server|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win11|x86.ActiveCfg = Release - No Server|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win11|x86.Build.0 = Release - No Server|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release|Any CPU.ActiveCfg = Release|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release|Any CPU.Build.0 = Release|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release|ARM64.ActiveCfg = Release|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release|ARM64.Build.0 = Release|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release|x64.ActiveCfg = Release|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release|x64.Build.0 = Release|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release|x86.ActiveCfg = Release|Any CPU
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release|x86.Build.0 = Release|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Debug|Any CPU.Build.0 = Debug|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Debug|ARM64.ActiveCfg = Debug|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Debug|ARM64.Build.0 = Debug|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Debug|x64.ActiveCfg = Debug|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Debug|x64.Build.0 = Debug|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Debug|x86.ActiveCfg = Debug|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Debug|x86.Build.0 = Debug|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win10|Any CPU.ActiveCfg = Release - No Server|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win10|Any CPU.Build.0 = Release - No Server|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win10|ARM64.ActiveCfg = Release - No Server|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win10|ARM64.Build.0 = Release - No Server|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win10|x64.ActiveCfg = Release - No Server|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win10|x64.Build.0 = Release - No Server|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win10|x86.ActiveCfg = Release - No Server|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win10|x86.Build.0 = Release - No Server|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win11|Any CPU.ActiveCfg = Release - No Server|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win11|Any CPU.Build.0 = Release - No Server|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win11|ARM64.ActiveCfg = Release - No Server|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win11|ARM64.Build.0 = Release - No Server|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win11|x64.ActiveCfg = Release - No Server|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win11|x64.Build.0 = Release - No Server|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win11|x86.ActiveCfg = Release - No Server|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win11|x86.Build.0 = Release - No Server|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release|Any CPU.ActiveCfg = Release|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release|Any CPU.Build.0 = Release|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release|ARM64.ActiveCfg = Release|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release|ARM64.Build.0 = Release|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release|x64.ActiveCfg = Release|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release|x64.Build.0 = Release|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release|x86.ActiveCfg = Release|Any CPU
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release|x86.Build.0 = Release|Any CPU
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|Any CPU.ActiveCfg = Debug|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|Any CPU.Build.0 = Debug|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|Any CPU.Deploy.0 = Debug|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|ARM64.ActiveCfg = Debug|ARM64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|ARM64.Build.0 = Debug|ARM64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|ARM64.Deploy.0 = Debug|ARM64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|x64.ActiveCfg = Debug|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|x64.Build.0 = Debug|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|x64.Deploy.0 = Debug|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|x86.ActiveCfg = Debug|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|x86.Build.0 = Debug|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|x86.Deploy.0 = Debug|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|Any CPU.ActiveCfg = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|Any CPU.Build.0 = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|Any CPU.Deploy.0 = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|ARM64.ActiveCfg = Release - No Server|ARM64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|ARM64.Build.0 = Release - No Server|ARM64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|ARM64.Deploy.0 = Release - No Server|ARM64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|x64.ActiveCfg = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|x64.Build.0 = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|x64.Deploy.0 = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|x86.ActiveCfg = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|x86.Build.0 = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|x86.Deploy.0 = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|Any CPU.ActiveCfg = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|Any CPU.Build.0 = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|Any CPU.Deploy.0 = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|ARM64.ActiveCfg = Release - No Server|ARM64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|ARM64.Build.0 = Release - No Server|ARM64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|ARM64.Deploy.0 = Release - No Server|ARM64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|x64.ActiveCfg = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|x64.Build.0 = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|x64.Deploy.0 = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|x86.ActiveCfg = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|x86.Build.0 = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|x86.Deploy.0 = Release - No Server|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|Any CPU.ActiveCfg = Release|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|Any CPU.Build.0 = Release|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|Any CPU.Deploy.0 = Release|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|ARM64.ActiveCfg = Release|ARM64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|ARM64.Build.0 = Release|ARM64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|ARM64.Deploy.0 = Release|ARM64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|x64.ActiveCfg = Release|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|x64.Build.0 = Release|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|x64.Deploy.0 = Release|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|x86.ActiveCfg = Release|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|x86.Build.0 = Release|x64
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|x86.Deploy.0 = Release|x64
{3B18467A-4358-45EF-81B1-5C6F9B0B6728}.Debug|Any CPU.ActiveCfg = Debug|x64 {3B18467A-4358-45EF-81B1-5C6F9B0B6728}.Debug|Any CPU.ActiveCfg = Debug|x64
{3B18467A-4358-45EF-81B1-5C6F9B0B6728}.Debug|Any CPU.Build.0 = Debug|x64 {3B18467A-4358-45EF-81B1-5C6F9B0B6728}.Debug|Any CPU.Build.0 = Debug|x64
{3B18467A-4358-45EF-81B1-5C6F9B0B6728}.Debug|ARM64.ActiveCfg = Debug|x64 {3B18467A-4358-45EF-81B1-5C6F9B0B6728}.Debug|ARM64.ActiveCfg = Debug|x64

16
dblayout.drawio
View file

@ -1,16 +0,0 @@
<mxfile host="app.diagrams.net" modified="2023-09-07T11:40:22.850Z" agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" etag="zxLKc88AkFicnfjyOcSN" version="21.7.2" type="device">
<diagram name="Page-1" id="lGA2o3BVWdjGpJAT47dB">
<mxGraphModel dx="1434" dy="790" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="3Gc6Ea0flFLE_1pXqOZ2-15" value="&lt;div style=&quot;box-sizing:border-box;width:100%;background:#e4e4e4;padding:2px;&quot;&gt;User&lt;/div&gt;&lt;table style=&quot;width:100%;font-size:1em;&quot; cellpadding=&quot;2&quot; cellspacing=&quot;0&quot;&gt;&lt;tbody&gt;&lt;tr&gt;&lt;td&gt;PK&lt;/td&gt;&lt;td&gt;UserId&lt;br&gt;&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;FK1&lt;/td&gt;&lt;td&gt;HardwareId&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;&lt;/td&gt;&lt;td&gt;Steam64Id&lt;br&gt;Banned&lt;br&gt;&lt;br&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/tbody&gt;&lt;/table&gt;" style="verticalAlign=top;align=left;overflow=fill;html=1;whiteSpace=wrap;" vertex="1" parent="1">
<mxGeometry x="60" y="290" width="180" height="145" as="geometry" />
</mxCell>
<mxCell id="3Gc6Ea0flFLE_1pXqOZ2-16" value="&lt;div style=&quot;box-sizing:border-box;width:100%;background:#e4e4e4;padding:2px;&quot;&gt;User&lt;/div&gt;&lt;table style=&quot;width:100%;font-size:1em;&quot; cellpadding=&quot;2&quot; cellspacing=&quot;0&quot;&gt;&lt;tbody&gt;&lt;tr&gt;&lt;td&gt;PK&lt;/td&gt;&lt;td&gt;UserId&lt;br&gt;&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;FK1&lt;/td&gt;&lt;td&gt;HardwareId&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;&lt;/td&gt;&lt;td&gt;Steam64Id&lt;br&gt;Banned&lt;br&gt;&lt;br&gt;&lt;/td&gt;&lt;/tr&gt;&lt;/tbody&gt;&lt;/table&gt;" style="verticalAlign=top;align=left;overflow=fill;html=1;whiteSpace=wrap;" vertex="1" parent="1">
<mxGeometry x="360" y="290" width="180" height="145" as="geometry" />
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>

17
module/kernel_interface/kernel_interface.cpp
View file

@ -292,23 +292,6 @@ void kernel_interface::kernel_interface::send_pending_irp() {
LOG_ERROR("failed to insert irp into irp queue %x", status); LOG_ERROR("failed to insert irp into irp queue %x", status);
} }
// void kernel_interface::kernel_interface::query_deferred_reports() {
// unsigned long bytes_returned = 0;
// void *buffer = malloc(MAXIMUM_REPORT_BUFFER_SIZE);
// if (!buffer)
// return;
// for (int i = 0; i < QUERY_DEFERRED_REPORT_COUNT; i++) {
// unsigned int status =
// generic_driver_call_output(ioctl_code::QueryDeferredReports, buffer,
// MAXIMUM_REPORT_BUFFER_SIZE,
// &bytes_returned);
// if (status && bytes_returned > 0)
// helper::print_kernel_report(buffer);
// memset(buffer, 0, MAXIMUM_REPORT_BUFFER_SIZE);
// }
// free(buffer);
// }
void kernel_interface::kernel_interface::write_shared_mapping_operation( void kernel_interface::kernel_interface::write_shared_mapping_operation(
shared_state_operation_id operation_id) { shared_state_operation_id operation_id) {
InterlockedExchange16( InterlockedExchange16(

8
notes.md
View file

@ -1,8 +0,0 @@
new feature notes:
- random heartbeat timer event callback. These timers should be single shot events, once fired we get a new random time and insert that. This way the timer objects are always fresh and we dont use a global timer object.
- session cookie new value per session
- session statistics need to be updated each time a new irp is inserted into the queue
- same with when we receive an irp
- this information can be used to detect malicious interferrence with the system
- use a reverse irp method, user mode program receives and irp and checks if it contains a special code indicating it must send an irp to tthe driver ?

37
server/Database/Entity/HardwareConfiguration.cs
View file

@ -1,37 +0,0 @@
using Serilog;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using server.Database.Model;
using System.Reflection.Metadata.Ecma335;
using Microsoft.EntityFrameworkCore;
namespace server.Database.Entity
{
public class HardwareConfigurationEntity : HardwareConfiguration
{
private readonly ModelContext _modelContext;
public UserEntity UserEntity { get; set; }
public HardwareConfigurationEntity(ModelContext modelContext)
{
UserEntity = new UserEntity(modelContext);
_modelContext = modelContext;
}
public bool CheckIfHardwareIsBanned()
{
return _modelContext.HardwareConfiguration.Any(
h => h.MotherboardSerial == MotherboardSerial &&
h.DeviceDrive0Serial == DeviceDrive0Serial &&
h.IsBanned);
}
public void InsertHardwareConfiguration()
{
_modelContext.HardwareConfiguration.Add(this);
}
}
}

19
server/Database/Entity/Report/IReportEntity.cs
View file

@ -1,19 +0,0 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace server.Database.Entity.Report
{
/// <summary>
/// Implements the IReport interface
/// </summary>
public interface IReportEntity
{
/// <summary>
/// Inserts the report into the database.
/// </summary>
void InsertReport();
}
}

26
server/Database/Entity/Report/ReportEntity.cs
View file

@ -1,26 +0,0 @@
using server.Database.Model;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace server.Database.Entity.Report
{
public class ReportEntity : Model.Report
{
private readonly ModelContext _modelContext;
private UserEntity UserEntity { get; set; }
public ReportEntity(ModelContext modelContext)
{
UserEntity = new UserEntity(modelContext);
_modelContext = modelContext;
}
public void InsertReport()
{
_modelContext.Reports.Add(this);
}
}
}

26
server/Database/Entity/Report/Types/AttachProcessEntity.cs
View file

@ -1,26 +0,0 @@
using server.Database.Model;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace server.Database.Entity.Report.Types
{
public class AttachProcessEntity : ReportTypeAttachProcess, IReportEntity
{
private readonly ModelContext _modelContext;
public ReportEntity ReportEntity { get; set; }
public AttachProcessEntity(ModelContext modelContext)
{
ReportEntity = new ReportEntity(modelContext);
_modelContext = modelContext;
}
public void InsertReport()
{
_modelContext.ReportTypeAttachProcess.Add(this);
}
}
}

26
server/Database/Entity/Report/Types/HiddenSystemThreadEntity.cs
View file

@ -1,26 +0,0 @@
using server.Database.Model;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace server.Database.Entity.Report.Types
{
public class HiddenSystemThreadEntity : ReportTypeHiddenSystemThread, IReportEntity
{
private readonly ModelContext _modelContext;
public ReportEntity ReportEntity { get; set; }
public HiddenSystemThreadEntity(ModelContext modelContext)
{
ReportEntity = new ReportEntity(modelContext);
_modelContext = modelContext;
}
public void InsertReport()
{
_modelContext.ReportTypeHiddenSystemThread.Add(this);
}
}
}

25
server/Database/Entity/Report/Types/IllegalHandleOperationEntity.cs
View file

@ -1,25 +0,0 @@
using server.Database.Model;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace server.Database.Entity.Report.Types
{
public class ReportTypeIllegalHandleOperationEntity : ReportTypeIllegalHandleOperation, IReportEntity
{
private readonly ModelContext _modelContext;
public ReportEntity ReportEntity { get; set; }
public ReportTypeIllegalHandleOperationEntity(ModelContext modelContext)
{
ReportEntity = new ReportEntity(modelContext);
_modelContext = modelContext;
}
public void InsertReport()
{
_modelContext.ReportTypeIllegalHandleOperation.Add(this);
}
}
}

26
server/Database/Entity/Report/Types/InvalidProcessAllocationEntity.cs
View file

@ -1,26 +0,0 @@
using server.Database.Model;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace server.Database.Entity.Report.Types
{
public class InvalidProcessAllocationEntity : ReportTypeInvalidProcessAllocation, IReportEntity
{
private readonly ModelContext _modelContext;
public ReportEntity ReportEntity { get; set; }
public InvalidProcessAllocationEntity(ModelContext modelContext)
{
ReportEntity = new ReportEntity(modelContext);
_modelContext = modelContext;
}
public void InsertReport()
{
_modelContext.ReportTypeInvalidProcessAllocation.Add(this);
}
}
}

26
server/Database/Entity/Report/Types/NmiCallbackEntity.cs
View file

@ -1,26 +0,0 @@
using server.Database.Model;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace server.Database.Entity.Report.Types
{
public class NmiCallbackEntity : ReportTypeNmiCallback, IReportEntity
{
private readonly ModelContext _modelContext;
public ReportEntity ReportEntity { get; set; }
public NmiCallbackEntity(ModelContext modelContext)
{
ReportEntity = new ReportEntity(modelContext);
_modelContext = modelContext;
}
public void InsertReport()
{
_modelContext.ReportTypeNmiCallback.Add(this);
}
}
}

26
server/Database/Entity/Report/Types/PageProtectionEntity.cs
View file

@ -1,26 +0,0 @@
using server.Database.Model;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace server.Database.Entity.Report.Types
{
public class PageProtectionEntity : ReportTypePageProtection, IReportEntity
{
private readonly ModelContext _modelContext;
public ReportEntity ReportEntity { get; set; }
public PageProtectionEntity(ModelContext modelContext)
{
ReportEntity = new ReportEntity(modelContext);
_modelContext = modelContext;
}
public void InsertReport()
{
_modelContext.ReportTypePageProtection.Add(this);
}
}
}

26
server/Database/Entity/Report/Types/PatternScanEntity.cs
View file

@ -1,26 +0,0 @@
using server.Database.Model;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace server.Database.Entity.Report.Types
{
public class PatternScanEntity : ReportTypePatternScan, IReportEntity
{
private readonly ModelContext _modelContext;
public ReportEntity ReportEntity { get; set; }
public PatternScanEntity(ModelContext modelContext)
{
ReportEntity = new ReportEntity(modelContext);
_modelContext = modelContext;
}
public void InsertReport()
{
_modelContext.ReportTypePatternScan.Add(this);
}
}
}

27
server/Database/Entity/Report/Types/ProcessModuleIntegrityCheckEntity.cs
View file

@ -1,27 +0,0 @@
using server.Database.Model;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace server.Database.Entity.Report.Types
{
public class ProcessModuleIntegrityCheckEntity : ReportTypeProcessModuleIntegrityCheck, IReportEntity
{
private readonly ModelContext _modelContext;
public ReportEntity ReportEntity { get; set; }
public ProcessModuleIntegrityCheckEntity(ModelContext modelContext)
{
ReportEntity = new ReportEntity(modelContext);
_modelContext = modelContext;
}
public void InsertReport()
{
_modelContext.ReportTypeProcessModuleIntegrityCheck.Add(this);
}
}
}

26
server/Database/Entity/Report/Types/StartAddressEntity.cs
View file

@ -1,26 +0,0 @@
using server.Database.Model;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace server.Database.Entity.Report.Types
{
public class StartAddressEntity : ReportTypeStartAddress, IReportEntity
{
private readonly ModelContext _modelContext;
public ReportEntity ReportEntity { get; set; }
public StartAddressEntity(ModelContext modelContext)
{
ReportEntity = new ReportEntity(modelContext);
_modelContext = modelContext;
}
public void InsertReport()
{
_modelContext.ReportTypeStartAddress.Add(this);
}
}
}

26
server/Database/Entity/Report/Types/SystemModuleValidationEntity.cs
View file

@ -1,26 +0,0 @@
using server.Database.Model;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace server.Database.Entity.Report.Types
{
public class SystemModuleValidationEntity : ReportTypeSystemModuleValidation, IReportEntity
{
private readonly ModelContext _modelContext;
public ReportEntity ReportEntity { get; set; }
public SystemModuleValidationEntity(ModelContext modelContext)
{
ReportEntity = new ReportEntity(modelContext);
_modelContext = modelContext;
}
public void InsertReport()
{
_modelContext.ReportTypeSystemModuleValidation.Add(this);
}
}
}

48
server/Database/Entity/User.cs
View file

@ -1,48 +0,0 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using server.Database.Model;
using Serilog;
namespace server.Database.Entity
{
public class UserEntity : User
{
private readonly ModelContext _modelContext;
public UserEntity(ModelContext modelContext)
{
_modelContext = modelContext;
}
public bool CheckIfUserExists()
{
return _modelContext.Users.Any(u => u.Steam64Id == Steam64Id);
}
public bool CheckIfUserIsBanned()
{
return _modelContext.Users.Any(u => u.Steam64Id == Steam64Id && u.IsBanned);
}
public User GetUserBySteamId(ulong steamId)
{
return _modelContext.Users.First(u => u.Steam64Id == steamId);
}
public bool CheckIfUsersHardwareExists()
{
List<HardwareConfiguration> hardwareConfigurations = _modelContext.HardwareConfiguration
.Where(h => h.User.Steam64Id == Steam64Id).ToList();
return hardwareConfigurations.Count > 0;
}
public void InsertUser()
{
_modelContext.Users.Add(this);
}
}
}

137
server/Database/Model/Model.cs
View file

@ -1,137 +0,0 @@
using Microsoft.EntityFrameworkCore;
using Microsoft.EntityFrameworkCore.Metadata.Internal;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using static Microsoft.EntityFrameworkCore.DbLoggerCategory;
namespace server.Database.Model
{
public class User
{
public int UserId { get; set; }
public ulong Steam64Id { get; set; }
public bool IsBanned { get; set; }
public virtual ICollection<HardwareConfiguration> HardwareConfigurations { get; set; }
public virtual ICollection<Report> Reports { get; set; }
}
public class HardwareConfiguration
{
public int HardwareId { get; set; }
public virtual User User { get; set; }
public bool IsBanned { get; set; }
public string DeviceDrive0Serial { get; set; }
public string MotherboardSerial { get; set; }
}
public class Report
{
public int ReportId { get; set; }
public virtual User User { get; set; }
public int ReportCode { get; set; }
public virtual ICollection<ReportTypeIllegalHandleOperation> ReportTypeIllegalHandleOperations { get; set; }
public virtual ICollection<ReportTypeStartAddress> ReportTypeStartAddresses { get; set; }
public virtual ICollection<ReportTypePageProtection> ReportTypePageProtections { get; set; }
public virtual ICollection<ReportTypePatternScan> ReportTypePatternScans { get; set; }
public virtual ICollection<ReportTypeNmiCallback> ReportTypeNmiCallbacks { get; set; }
public virtual ICollection<ReportTypeSystemModuleValidation> ReportTypeSystemModuleValidations { get; set; }
public virtual ICollection<ReportTypeHiddenSystemThread> ReportTypeHiddenSystemThreads { get; set; }
public virtual ICollection<ReportTypeAttachProcess> ReportTypeAttachProcesses { get; set; }
public virtual ICollection<ReportTypeInvalidProcessAllocation> ReportTypeInvalidProcessAllocations { get; set; }
public virtual ICollection<ReportTypeProcessModuleIntegrityCheck> ReportTypeProcessModuleIntegrityChecks { get; set; }
}
public class ReportTypeIllegalHandleOperation
{
public int ReportNumber { get; set; }
public virtual Report Report { get; set; }
public int IsKernelHandle { get; set; }
public uint ProcessId { get; set; }
public uint ThreadId { get; set; }
public uint DesiredAccess { get; set; }
public string ProcessName { get; set; }
}
public class ReportTypeStartAddress
{
public int ReportNumber { get; set; }
public virtual Report Report { get; set; }
public int ThreadId { get; set; }
public long ThreadStartAddress { get; set; }
}
public class ReportTypePageProtection
{
public virtual Report Report { get; set; }
public int ReportNumber { get; set; }
public ulong PageBaseAddress { get; set; }
public long AllocationProtection { get; set; }
public long AllocationState { get; set; }
public long AllocationType { get; set; }
}
public class ReportTypePatternScan
{
public virtual Report Report { get; set; }
public int ReportNumber { get; set; }
public int SignatureId { get; set; }
public ulong Address { get; set; }
}
public class ReportTypeNmiCallback
{
public virtual Report Report { get; set; }
public int ReportNumber { get; set; }
public int WereNmisDisabled { get; set; }
public ulong KThreadAddress { get; set; }
public ulong InvalidRip { get; set; }
}
public class ReportTypeSystemModuleValidation
{
public virtual Report Report { get; set; }
public int ReportNumber { get; set; }
public int ReportType { get; set; }
public long DriverBaseAddress { get; set; }
public long DriverSize { get; set; }
public string ModuleName { get; set; }
}
public class ReportTypeHiddenSystemThread
{
public virtual Report Report { get; set; }
public int ReportNumber { get; set; }
public int FoundInKThreadList { get; set; }
public int FoundInPspCidTable { get; set; }
public long ThreadAddress { get; set; }
public int ThreadId { get; set; }
public byte[] ThreadStructure { get; set; }
}
public class ReportTypeAttachProcess
{
public virtual Report Report { get; set; }
public int ReportNumber { get; set; }
public int ThreadId { get; set; }
public long ThreadAddress { get; set; }
}
public class ReportTypeInvalidProcessAllocation
{
public virtual Report Report { get; set; }
public int ReportNumber { get; set; }
public byte[] ProcessStructure { get; set; }
}
public class ReportTypeProcessModuleIntegrityCheck
{
public virtual Report Report { get; set; }
public int ReportNumber { get; set; }
public long ModuleBaseAddress { get; set; }
public int ModuleSize { get; set; }
public string ModuleName { get; set; }
}
}

290
server/Database/Model/ModelContext.cs
View file

@ -1,290 +0,0 @@
using Google.Protobuf.Reflection;
using Microsoft.EntityFrameworkCore;
using MySql.EntityFrameworkCore.Extensions;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Reflection.Emit;
using System.Text;
using System.Threading.Tasks;
namespace server.Database.Model
{
public class ModelContext : DbContext
{
public DbSet<User> Users { get; set; }
public DbSet<HardwareConfiguration> HardwareConfiguration { get; set; }
public DbSet<Report> Reports { get; set; }
public DbSet<ReportTypeIllegalHandleOperation> ReportTypeIllegalHandleOperation { get; set; }
public DbSet<ReportTypeStartAddress> ReportTypeStartAddress { get; set; }
public DbSet<ReportTypePageProtection> ReportTypePageProtection { get; set; }
public DbSet<ReportTypePatternScan> ReportTypePatternScan { get; set; }
public DbSet<ReportTypeNmiCallback> ReportTypeNmiCallback { get; set; }
public DbSet<ReportTypeSystemModuleValidation> ReportTypeSystemModuleValidation { get; set; }
public DbSet<ReportTypeHiddenSystemThread> ReportTypeHiddenSystemThread { get; set; }
public DbSet<ReportTypeAttachProcess> ReportTypeAttachProcess { get; set; }
public DbSet<ReportTypeInvalidProcessAllocation> ReportTypeInvalidProcessAllocation { get; set; }
public DbSet<ReportTypeProcessModuleIntegrityCheck> ReportTypeProcessModuleIntegrityCheck { get; set; }
protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
{
optionsBuilder.UseMySQL("server=localhost;userid=root;password=root;database=ac_db");
}
protected override void OnModelCreating(ModelBuilder modelBuilder)
{
base.OnModelCreating(modelBuilder);
modelBuilder.Entity<User>(entity =>
{
entity.HasKey(e => e.UserId);
entity.Property(e => e.UserId)
.UseMySQLAutoIncrementColumn(entity.Property(e => e.UserId).Metadata.Name);
entity.Property(e => e.Steam64Id)
.IsRequired();
entity.Property(e => e.IsBanned)
.HasDefaultValue(false);
});
modelBuilder.Entity<HardwareConfiguration>(entity =>
{
entity.HasKey(e => e.HardwareId);
entity.Property(e => e.HardwareId)
.UseMySQLAutoIncrementColumn(entity.Property(e => e.HardwareId).Metadata.Name);
entity.Property(e => e.IsBanned)
.HasDefaultValue(false);
entity.Property(e => e.MotherboardSerial)
.IsRequired();
entity.Property(e => e.DeviceDrive0Serial)
.IsRequired();
entity.HasOne(d => d.User)
.WithMany(f => f.HardwareConfigurations);
});
modelBuilder.Entity<Report>(entity =>
{
entity.HasKey(e => e.ReportId);
entity.Property(e => e.ReportId)
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportId).Metadata.Name);
entity.HasOne(d => d.User)
.WithMany(e => e.Reports);
entity.Property(e => e.ReportCode)
.IsRequired();
});
modelBuilder.Entity<ReportTypeIllegalHandleOperation>(entity =>
{
entity.HasKey(e => e.ReportNumber);
entity.Property(e => e.ReportNumber)
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
entity.Property(e => e.IsKernelHandle)
.IsRequired();
entity.Property(e => e.ProcessId)
.IsRequired();
entity.Property(e => e.ThreadId)
.IsRequired();
entity.Property(e => e.DesiredAccess)
.IsRequired();
entity.Property(e => e.ProcessName)
.IsRequired();
entity.HasOne(d => d.Report)
.WithMany(f => f.ReportTypeIllegalHandleOperations);
});
modelBuilder.Entity<ReportTypeStartAddress>(entity =>
{
entity.HasKey(e => e.ReportNumber);
entity.Property(e => e.ReportNumber)
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
entity.Property(e => e.ThreadId)
.IsRequired();
entity.Property(e => e.ThreadStartAddress)
.IsRequired();
entity.HasOne(d => d.Report)
.WithMany(f => f.ReportTypeStartAddresses);
});
modelBuilder.Entity<ReportTypePageProtection>(entity =>
{
entity.HasKey(e => e.ReportNumber);
entity.Property(e => e.ReportNumber)
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
entity.Property(e => e.AllocationProtection)
.IsRequired();
entity.Property(e => e.AllocationState)
.IsRequired();
entity.Property(e => e.AllocationType)
.IsRequired();
entity.HasOne(d => d.Report)
.WithMany(f => f.ReportTypePageProtections);
});
modelBuilder.Entity<ReportTypePatternScan>(entity =>
{
entity.HasKey(e => e.ReportNumber);
entity.Property(e => e.ReportNumber)
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
entity.Property(e => e.SignatureId)
.IsRequired();
entity.Property(e => e.Address)
.IsRequired();
entity.HasOne(d => d.Report)
.WithMany(f => f.ReportTypePatternScans);
});
modelBuilder.Entity<ReportTypeNmiCallback>(entity =>
{
entity.HasKey(e => e.ReportNumber);
entity.Property(e => e.ReportNumber)
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
entity.Property(e => e.WereNmisDisabled)
.IsRequired();
entity.Property(e => e.KThreadAddress)
.IsRequired();
entity.Property(e => e.InvalidRip)
.IsRequired();
entity.HasOne(d => d.Report)
.WithMany(f => f.ReportTypeNmiCallbacks);
});
modelBuilder.Entity<ReportTypeSystemModuleValidation>(entity =>
{
entity.HasKey(e => e.ReportNumber);
entity.Property(e => e.ReportNumber)
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
entity.Property(e => e.ReportType)
.IsRequired();
entity.Property(e => e.DriverBaseAddress)
.IsRequired();
entity.Property(e => e.DriverSize)
.IsRequired();
entity.Property(e => e.ModuleName)
.IsRequired();
entity.HasOne(d => d.Report)
.WithMany(f => f.ReportTypeSystemModuleValidations);
});
modelBuilder.Entity<ReportTypeHiddenSystemThread>(entity =>
{
entity.HasKey(e => e.ReportNumber);
entity.Property(e => e.ReportNumber)
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
entity.Property(e => e.FoundInKThreadList)
.IsRequired();
entity.Property(e => e.FoundInPspCidTable)
.IsRequired();
entity.Property(e => e.ThreadAddress)
.IsRequired();
entity.Property(e => e.ThreadId)
.IsRequired();
entity.Property(e => e.ThreadStructure)
.IsRequired();
entity.HasOne(d => d.Report)
.WithMany(f => f.ReportTypeHiddenSystemThreads);
});
modelBuilder.Entity<ReportTypeAttachProcess>(entity =>
{
entity.HasKey(e => e.ReportNumber);
entity.Property(e => e.ReportNumber)
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
entity.Property(e => e.ThreadId)
.IsRequired();
entity.Property(e => e.ThreadAddress)
.IsRequired();
entity.Property(e => e.ThreadAddress)
.IsRequired();
entity.HasOne(d => d.Report)
.WithMany(f => f.ReportTypeAttachProcesses);
});
modelBuilder.Entity<ReportTypeInvalidProcessAllocation>(entity =>
{
entity.HasKey(e => e.ReportNumber);
entity.Property(e => e.ReportNumber)
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
entity.Property(e => e.ProcessStructure)
.IsRequired();
entity.HasOne(d => d.Report)
.WithMany(f => f.ReportTypeInvalidProcessAllocations);
});
modelBuilder.Entity<ReportTypeProcessModuleIntegrityCheck>(entity =>
{
entity.HasKey(e => e.ReportNumber);
entity.Property(e => e.ReportNumber)
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
entity.Property(e => e.ModuleBaseAddress)
.IsRequired();
entity.Property(e => e.ModuleSize)
.IsRequired();
entity.Property(e => e.ModuleName)
.IsRequired();
entity.HasOne(d => d.Report)
.WithMany(f => f.ReportTypeProcessModuleIntegrityChecks);
});
}
}
}

89
server/Helper.cs
View file

@ -1,89 +0,0 @@
using Microsoft.AspNetCore.Mvc.Infrastructure;
using Serilog;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading.Tasks;
#pragma warning disable CS8600
#pragma warning disable CS8603
namespace server
{
public class Helper
{
unsafe public static T BytesToStructure<T>(byte[] buffer, int offset)
{
int typeSize = Marshal.SizeOf(typeof(T));
if (buffer.Length == 0)
return default(T);
IntPtr ptr = Marshal.AllocHGlobal(typeSize);
try
{
Marshal.Copy(buffer, offset, ptr, typeSize);
T result = (T)Marshal.PtrToStructure(ptr, typeof(T));
Marshal.FreeHGlobal(ptr);
return result;
}
catch(Exception ex)
{
Log.Information(ex.Message);
return default(T);
}
}
unsafe public static byte[] StructureToBytes<T>(ref T structure)
{
int typeSize = Marshal.SizeOf(typeof(T));
byte[] buffer = new byte[typeSize];
IntPtr ptr = Marshal.AllocHGlobal(typeSize);
try
{
Marshal.StructureToPtr(structure, ptr, true);
Marshal.Copy(ptr, buffer, 0, typeSize);
Marshal.FreeHGlobal(ptr);
return buffer;
}
catch (Exception ex)
{
Log.Information(ex.Message);
return null;
}
}
unsafe public static string FixedUnsafeBufferToSafeString(ref byte[] buffer, int bufferSize, int offset, int stringSize)
{
if (stringSize > bufferSize)
return null;
char[] stringBuffer = new char[stringSize];
for (int i = 0; i < stringSize; i++)
{
stringBuffer[i] = (char)buffer[offset + i];
}
return new string(stringBuffer);
}
unsafe public static void CopyMemory(ref byte[] source, ref byte[] destination, int size, int offset)
{
if (size > destination.Length)
return;
for (int i=0; i < size; i++)
{
destination[i] = source[i + offset];
}
}
}
}
#pragma warning restore CS8600
#pragma warning restore CS8603

607
server/Message/ClientReport.cs
View file

@ -1,607 +0,0 @@
using Serilog;
using server.Database.Entity;
using server.Database.Entity.Report;
using server.Database.Entity.Report.Types;
using server.Database.Model;
using server.Types.ClientReport;
using System;
using System.Collections.Generic;
using System.Drawing.Printing;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading.Tasks;
using static server.Message.MessageHandler;
namespace server.Message
{
public class ClientReport : IClientMessage
{
private readonly ILogger _logger;
private byte[] _buffer;
private int _bufferSize;
private int _bytesRead;
private PACKET_HEADER _packetHeader;
CLIENT_REPORT_PACKET_HEADER _currentReportHeader;
private CLIENT_REPORT_PACKET_RESPONSE _responsePacket;
private enum CLIENT_SEND_REPORT_ID
{
PROCESS_MODULE_VERIFICATION = 10,
START_ADDRESS_VERIFICATION = 20,
PAGE_PROTECTION_VERIFICATION = 30,
PATTERN_SCAN_FAILURE = 40,
NMI_CALLBACK_FAILURE = 50,
MODULE_VALIDATION_FAILURE = 60,
ILLEGAL_HANDLE_OPERATION = 70,
INVALID_PROCESS_ALLOCATION = 80,
HIDDEN_SYSTEM_THREAD = 90,
ILLEGAL_ATTACH_PROCESS = 100
}
private struct CLIENT_REPORT_PACKET_HEADER
{
public int reportCode;
}
private struct CLIENT_REPORT_PACKET_RESPONSE
{
public int success;
}
public ClientReport(ILogger logger, byte[] buffer, int bufferSize, PACKET_HEADER packetHeader)
{
this._logger = logger;
this._buffer = buffer;
this._bufferSize = bufferSize;
this._packetHeader = packetHeader;
this._bytesRead = 0;
this._responsePacket = new CLIENT_REPORT_PACKET_RESPONSE();
this.GetPacketHeader();
_logger.Information("buffer size: {0}", bufferSize);
}
unsafe public void GetPacketHeader()
{
this._currentReportHeader =
Helper.BytesToStructure<CLIENT_REPORT_PACKET_HEADER>(this._buffer, Marshal.SizeOf(typeof(PACKET_HEADER)) + this._bytesRead);
}
public byte[] GetResponsePacket()
{
return Helper.StructureToBytes<CLIENT_REPORT_PACKET_RESPONSE>(ref this._responsePacket);
}
private void SetResponsePacketData(int success)
{
this._responsePacket.success = success;
}
unsafe public bool HandleMessage()
{
if (this._currentReportHeader.reportCode == 0)
{
_logger.Error("Failed to get the report packet code");
SetResponsePacketData(1);
return false;
}
while (this._bytesRead < this._bufferSize)
{
this.GetPacketHeader();
_logger.Information("Report code: {0}", this._currentReportHeader.reportCode);
switch (this._currentReportHeader.reportCode)
{
case (int)CLIENT_SEND_REPORT_ID.PROCESS_MODULE_VERIFICATION:
_logger.Information("REPORT CODE: MODULE_VERIFICATION");
break;
case (int)CLIENT_SEND_REPORT_ID.START_ADDRESS_VERIFICATION:
_logger.Information("REPORT CODE: START_ADDRESS_VERIFICATION");
HandleReportStartAddressVerification(this._bytesRead);
this._bytesRead += Marshal.SizeOf(typeof(PROCESS_THREAD_START_FAILURE)) +
Marshal.SizeOf(typeof(PACKET_HEADER));
break;
case (int)CLIENT_SEND_REPORT_ID.PAGE_PROTECTION_VERIFICATION:
_logger.Information("REPORT CODE: PAGE_PROTECTION_VERIFICATION");
HandleReportPageProtection(this._bytesRead);
this._bytesRead += Marshal.SizeOf(typeof(PAGE_PROTECTION_FAILURE)) +
Marshal.SizeOf(typeof(PACKET_HEADER));
break;
case (int)CLIENT_SEND_REPORT_ID.PATTERN_SCAN_FAILURE:
_logger.Information("REPORT_PATTERN_SCAN_FAILURE");
HandleReportPatternScan(this._bytesRead);
this._bytesRead += Marshal.SizeOf(typeof(PATTERN_SCAN_FAILURE)) +
Marshal.SizeOf(typeof(PACKET_HEADER));
break;
case (int)CLIENT_SEND_REPORT_ID.NMI_CALLBACK_FAILURE:
_logger.Information("REPORT_NMI_CALLBACK_FAILURE");
HandleReportNmiCallback(this._bytesRead);
this._bytesRead += Marshal.SizeOf(typeof(NMI_CALLBACK_FAILURE)) +
Marshal.SizeOf(typeof(PACKET_HEADER));
break;
case (int)CLIENT_SEND_REPORT_ID.MODULE_VALIDATION_FAILURE:
_logger.Information("REPORT_MODULE_VALIDATION_FAILURE");
HandleReportSystemModuleValidation(this._bytesRead);
this._bytesRead += Marshal.SizeOf(typeof(MODULE_VALIDATION_FAILURE)) +
Marshal.SizeOf(typeof(PACKET_HEADER));
break;
case (int)CLIENT_SEND_REPORT_ID.ILLEGAL_HANDLE_OPERATION:
_logger.Information("REPORT_ILLEGAL_HANDLE_OPERATION");
HandleReportIllegalHandleOperation(this._bytesRead);
this._bytesRead += Marshal.SizeOf(typeof(OPEN_HANDLE_FAILURE)) +
Marshal.SizeOf(typeof(PACKET_HEADER));
break;
case (int)CLIENT_SEND_REPORT_ID.INVALID_PROCESS_ALLOCATION:
_logger.Information("REPORT_INVALID_PROCESS_ALLOCATION");
HandleReportInvalidProcessAllocation(this._bytesRead);
this._bytesRead += Marshal.SizeOf(typeof(INVALID_PROCESS_ALLOCATION_FAILURE)) +
Marshal.SizeOf(typeof(PACKET_HEADER));
break;
case (int)CLIENT_SEND_REPORT_ID.HIDDEN_SYSTEM_THREAD:
_logger.Information("REPORT_HIDDEN_SYSTEM_THREAD");
HandleReportHiddenSystemThread(this._bytesRead);
this._bytesRead += Marshal.SizeOf(typeof(HIDDEN_SYSTEM_THREAD_FAILURE)) +
Marshal.SizeOf(typeof(PACKET_HEADER));
break;
case (int)CLIENT_SEND_REPORT_ID.ILLEGAL_ATTACH_PROCESS:
_logger.Information("REPORT_ILLEGAL_ATTACH_PROCESS");
HandleReportAttachProcess(this._bytesRead);
this._bytesRead += Marshal.SizeOf(typeof(ATTACH_PROCESS_FAILURE)) +
Marshal.SizeOf(typeof(PACKET_HEADER));
break;
default:
_logger.Information("Report code not handled yet");
SetResponsePacketData(0);
return false;
}
}
SetResponsePacketData(1);
return true;
}
unsafe public void HandleReportIllegalHandleOperation(int offset)
{
OPEN_HANDLE_FAILURE report =
Helper.BytesToStructure<OPEN_HANDLE_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
if (report.IsKernelHandle == 0 &&
report.ProcessId == 0 &&
report.DesiredAccess == 0)
{
return;
}
_logger.Information("ProcessName: {0}, ProcessID: {1:x}, ThreadId: {2:x}, DesiredAccess{3:x}",
report.ProcessName,
report.ProcessId,
report.ThreadId,
report.DesiredAccess);
using (var context = new ModelContext())
{
/*
* This doesn't seem to be the most optimal way to do this, but it works..
* Maybe look into it further at somepoint..
*/
UserEntity user = new UserEntity(context);
var newReport = new ReportEntity(context)
{
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
ReportCode = (int)CLIENT_SEND_REPORT_ID.ILLEGAL_HANDLE_OPERATION
};
newReport.InsertReport();
var reportTypeIllegalHandleOperation = new ReportTypeIllegalHandleOperationEntity(context)
{
Report = newReport,
IsKernelHandle = report.IsKernelHandle,
ProcessId = report.ProcessId,
ThreadId = report.ThreadId,
DesiredAccess = report.DesiredAccess,
ProcessName = report.ProcessName
};
reportTypeIllegalHandleOperation.InsertReport();
context.SaveChanges();
}
}
unsafe public void HandleReportStartAddressVerification(int offset)
{
PROCESS_THREAD_START_FAILURE report =
Helper.BytesToStructure<PROCESS_THREAD_START_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
if (report.ThreadId == 0 &&
report.StartAddress == 0)
{
return;
}
_logger.Information("ThreadId: {0}, ThreadStartAddress: {1:x}",
report.ThreadId,
report.StartAddress);
using (var context = new ModelContext())
{
UserEntity user = new UserEntity(context);
var newReport = new ReportEntity(context)
{
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
ReportCode = (int)CLIENT_SEND_REPORT_ID.START_ADDRESS_VERIFICATION
};
newReport.InsertReport();
var reportTypeStartAddress = new StartAddressEntity(context)
{
Report = newReport,
ThreadId = report.ThreadId,
ThreadStartAddress = report.StartAddress
};
reportTypeStartAddress.InsertReport();
context.SaveChanges();
}
}
unsafe public void HandleReportPageProtection(int offset)
{
PAGE_PROTECTION_FAILURE report =
Helper.BytesToStructure<PAGE_PROTECTION_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
if (report.AllocationProtection == 0 &&
report.PageBaseAddress == 0 &&
report.AllocationState == 0 &&
report.AllocationType == 0 )
{
return;
}
_logger.Information("Page base address: {0:x}, allocation protection: {1:x}, allocation state: {2:x}, allocationtype: {3:x}",
report.PageBaseAddress,
report.AllocationProtection,
report.AllocationState,
report.AllocationType);
using (var context = new ModelContext())
{
UserEntity user = new UserEntity(context);
var newReport = new ReportEntity(context)
{
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
ReportCode = (int)CLIENT_SEND_REPORT_ID.PAGE_PROTECTION_VERIFICATION
};
newReport.InsertReport();
var reportTypePageProtection = new PageProtectionEntity(context)
{
Report = newReport,
PageBaseAddress = report.PageBaseAddress,
AllocationProtection = report.AllocationProtection,
AllocationState = report.AllocationState,
AllocationType = report.AllocationType
};
reportTypePageProtection.InsertReport();
context.SaveChanges();
}
}
unsafe public void HandleReportPatternScan(int offset)
{
PATTERN_SCAN_FAILURE report =
Helper.BytesToStructure<PATTERN_SCAN_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
if (report.Address == 0 &&
report.SignatureId == 0)
{
return;
}
_logger.Information("signature id: {0}, address: {1:x}",
report.SignatureId,
report.Address);
using (var context = new ModelContext())
{
UserEntity user = new UserEntity(context);
var newReport = new ReportEntity(context)
{
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
ReportCode = (int)CLIENT_SEND_REPORT_ID.PATTERN_SCAN_FAILURE
};
newReport.InsertReport();
var reportTypePatternScan = new PatternScanEntity(context)
{
Report = newReport,
SignatureId = report.SignatureId,
Address = report.Address
};
reportTypePatternScan.InsertReport();
context.SaveChanges();
}
}
unsafe public void HandleReportNmiCallback(int offset)
{
NMI_CALLBACK_FAILURE report =
Helper.BytesToStructure<NMI_CALLBACK_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
if (report.InvalidRip == 0 &&
report.WereNmisDisabled == 0 &&
report.KThreadAddress == 0)
{
return;
}
_logger.Information("were nmis disabled: {0}, kthread: {1:x}, invalid rip: {2:x}",
report.WereNmisDisabled,
report.KThreadAddress,
report.InvalidRip);
using (var context = new ModelContext())
{
UserEntity user = new UserEntity(context);
var newReport = new ReportEntity(context)
{
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
ReportCode = (int)CLIENT_SEND_REPORT_ID.NMI_CALLBACK_FAILURE
};
newReport.InsertReport();
var reportTypeNmiCallback = new NmiCallbackEntity(context)
{
Report = newReport,
WereNmisDisabled = report.WereNmisDisabled,
KThreadAddress = report.KThreadAddress,
InvalidRip = report.InvalidRip
};
reportTypeNmiCallback.InsertReport();
context.SaveChanges();
}
}
unsafe public void HandleReportSystemModuleValidation(int offset)
{
MODULE_VALIDATION_FAILURE report =
Helper.BytesToStructure<MODULE_VALIDATION_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
if (report.ReportType == 0 &&
report.ReportCode == 0 &&
report.DriverSize == 0 &&
report.DriverBaseAddress == 0)
{
return;
}
_logger.Information("report type: {0}, driver base: {1:x}, size: {2}, module name: {3}",
report.ReportType,
report.DriverBaseAddress,
report.DriverSize,
report.ModuleName);
using (var context = new ModelContext())
{
UserEntity user = new UserEntity(context);
var newReport = new ReportEntity(context)
{
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
ReportCode = (int)CLIENT_SEND_REPORT_ID.MODULE_VALIDATION_FAILURE
};
newReport.InsertReport();
var reportTypeSystemModuleValidation = new SystemModuleValidationEntity(context)
{
Report = newReport,
ReportType = report.ReportType,
DriverBaseAddress = report.DriverBaseAddress,
DriverSize = report.DriverSize,
ModuleName = report.ModuleName
};
reportTypeSystemModuleValidation.InsertReport();
context.SaveChanges();
}
}
unsafe public void HandleReportHiddenSystemThread(int offset)
{
HIDDEN_SYSTEM_THREAD_FAILURE report =
Helper.BytesToStructure<HIDDEN_SYSTEM_THREAD_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
/* todo: some weird reference bug here */
if (report.FoundInPspCidTable == 0 &&
report.FoundInKThreadList == 0 &&
report.ThreadId == 0 &&
report.ThreadAddress == 0)
{
return;
}
_logger.Information("found in kthread list: {0}, found in pspcidtable: {1}, thread address: {2:x}, thread id: {3:x}",
report.FoundInKThreadList,
report.FoundInPspCidTable,
report.ThreadAddress,
report.ThreadId);
using (var context = new ModelContext())
{
UserEntity user = new UserEntity(context);
var newReport = new ReportEntity(context)
{
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
ReportCode = (int)CLIENT_SEND_REPORT_ID.HIDDEN_SYSTEM_THREAD
};
newReport.InsertReport();
var reportTypeHiddenSystemThread = new HiddenSystemThreadEntity(context)
{
Report = newReport,
FoundInKThreadList = report.FoundInKThreadList,
FoundInPspCidTable = report.FoundInPspCidTable,
ThreadAddress = report.ThreadAddress,
ThreadId = report.ThreadId,
ThreadStructure = report.ThreadStructure
};
reportTypeHiddenSystemThread.InsertReport();
context.SaveChanges();
}
}
unsafe public void HandleReportAttachProcess(int offset)
{
ATTACH_PROCESS_FAILURE report =
Helper.BytesToStructure<ATTACH_PROCESS_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
if (report.ThreadAddress == 0 &&
report.ThreadId == 0)
{
return;
}
_logger.Information("thread id: {0:x}, thread address: {1:x}",
report.ThreadId,
report.ThreadAddress);
using (var context = new ModelContext())
{
UserEntity user = new UserEntity(context);
var newReport = new ReportEntity(context)
{
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
ReportCode = (int)CLIENT_SEND_REPORT_ID.ILLEGAL_ATTACH_PROCESS
};
newReport.InsertReport();
var reportTypeAttachProcess = new AttachProcessEntity(context)
{
Report = newReport,
ThreadId = report.ThreadId,
ThreadAddress = report.ThreadAddress,
};
reportTypeAttachProcess.InsertReport();
context.SaveChanges();
}
}
unsafe public void HandleReportInvalidProcessAllocation(int offset)
{
INVALID_PROCESS_ALLOCATION_FAILURE report =
Helper.BytesToStructure<INVALID_PROCESS_ALLOCATION_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
if (report.Equals(null)) { return; }
if (report.ReportCode == 0 &&
report.ProcessStructure.Length == 0)
{
return;
}
_logger.Information("received invalid process allocation structure");
using (var context = new ModelContext())
{
UserEntity user = new UserEntity(context);
var newReport = new ReportEntity(context)
{
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
ReportCode = (int)CLIENT_SEND_REPORT_ID.INVALID_PROCESS_ALLOCATION
};
newReport.InsertReport();
var reportTypeInvalidProcessAllocation = new InvalidProcessAllocationEntity(context)
{
Report = newReport,
ProcessStructure = report.ProcessStructure
};
reportTypeInvalidProcessAllocation.InsertReport();
context.SaveChanges();
}
}
}
}

53
server/Message/ClientRequest.cs
View file

@ -1,53 +0,0 @@
using Serilog;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading.Tasks;
using static server.Message.MessageHandler;
namespace server.Message
{
public class ClientRequest : IClientMessage
{
private readonly ILogger _logger;
private byte[] _buffer;
private int _bufferSize;
private CLIENT_REQUEST_HEADER _header;
private enum CLIENT_REQUEST_ID
{
BLACKLISTED_SIGNATURES = 10,
WINDOWS_VERSION_STRUCTURE_OFFSETS = 20
}
private struct CLIENT_REQUEST_HEADER
{
public int RequestId;
}
public ClientRequest(ILogger logger, ref byte[] buffer, int bufferSize)
{
this._logger = logger;
this._buffer = buffer;
this._bufferSize = bufferSize;
}
public bool HandleMessage()
{
throw new NotImplementedException();
}
public unsafe void GetPacketHeader()
{
this._header =
Helper.BytesToStructure<CLIENT_REQUEST_HEADER>(this._buffer, Marshal.SizeOf(typeof(PACKET_HEADER)));
}
public byte[] GetResponsePacket()
{
throw new NotImplementedException();
}
}
}

157
server/Message/ClientSend.cs
View file

@ -1,157 +0,0 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Reflection.PortableExecutable;
using System.Text;
using System.Threading.Tasks;
using Serilog;
using server.Database.Entity;
using server.Database.Model;
using server.Types.ClientSend;
using static server.Message.MessageHandler;
namespace server.Message
{
public class ClientSend : IClientMessage
{
private readonly ILogger _logger;
private byte[] _buffer;
private int _bufferSize;
private int _sendId;
private PACKET_HEADER _packetHeader;
private CLIENT_SEND_PACKET_HEADER _clientSendPacketHeader;
private CLIENT_SEND_PACKET_RESPONSE _responsePacket;
private enum CLIENT_SEND_REQUEST_ID
{
SYSTEM_INFORMATION = 10
}
private struct CLIENT_SEND_PACKET_HEADER
{
public int RequestId;
public int PacketSize;
};
private struct CLIENT_SEND_PACKET_RESPONSE
{
public int RequestId;
public int CanUserProceed;
public int reason;
}
public ClientSend(ILogger logger, ref byte[] buffer, int bufferSize, PACKET_HEADER packetHeader)
{
this._logger = logger;
this._buffer = buffer;
this._bufferSize = bufferSize;
this._packetHeader = packetHeader;
this._responsePacket = new CLIENT_SEND_PACKET_RESPONSE();
this.GetPacketHeader();
}
unsafe public void GetPacketHeader()
{
this._clientSendPacketHeader =
Helper.BytesToStructure<CLIENT_SEND_PACKET_HEADER>(_buffer, sizeof(PACKET_HEADER));
}
public byte[] GetResponsePacket()
{
return Helper.StructureToBytes<CLIENT_SEND_PACKET_RESPONSE>(ref this._responsePacket);
}
public bool HandleMessage()
{
if (this._clientSendPacketHeader.RequestId == 0)
{
_logger.Error("Failed to get the client send report code");
return false;
}
switch (this._clientSendPacketHeader.RequestId)
{
case (int)CLIENT_SEND_REQUEST_ID.SYSTEM_INFORMATION:
HandleClientSendHardwareInformation(this._clientSendPacketHeader);
break;
}
return true;
}
unsafe private void HandleClientSendHardwareInformation(CLIENT_SEND_PACKET_HEADER sendPacketHeader)
{
_logger.Information("Handling client send hardware information");
PACKET_CLIENT_HARDWARE_INFORMATION info =
Helper.BytesToStructure<PACKET_CLIENT_HARDWARE_INFORMATION>(
_buffer, sizeof(PACKET_HEADER) + sizeof(CLIENT_SEND_PACKET_HEADER));
_logger.Information("SteamId: {0}, Mobo Serial: {1}, drive serial: {2}",
this._packetHeader.steam64_id,
info.MotherboardSerialNumber,
info.DeviceDriver0Serial);
using (var context = new ModelContext())
{
context.Database.EnsureCreated();
var user = new UserEntity(context)
{
Steam64Id = this._packetHeader.steam64_id
};
var hardwareConfiguration = new HardwareConfigurationEntity(context)
{
DeviceDrive0Serial = info.DeviceDriver0Serial,
MotherboardSerial = info.MotherboardSerialNumber,
};
if (user.CheckIfUserExists())
{
if (user.CheckIfUserIsBanned())
{
_logger.Information("User is banned, updating response packet to halt client.");
SetResponsePacketData(0, sendPacketHeader.RequestId, (int)USER_BAN_REASONS.USER_BAN);
return;
}
hardwareConfiguration.User = user.GetUserBySteamId(this._packetHeader.steam64_id);
}
else
{
_logger.Information("User does not exist in database, creating new user.");
user.InsertUser();
hardwareConfiguration.User = user;
}
if (hardwareConfiguration.CheckIfHardwareIsBanned())
{
_logger.Information("User is hardware banned, updating response packet to halt client.");
SetResponsePacketData(0, sendPacketHeader.RequestId, (int)USER_BAN_REASONS.HARDWARE_BAN);
return;
}
if (user.CheckIfUsersHardwareExists())
{
_logger.Information("Users hardware already references the user.");
SetResponsePacketData(1, sendPacketHeader.RequestId, 0);
return;
}
_logger.Information("Users hardware does not existing, inserting hardware.");
hardwareConfiguration.InsertHardwareConfiguration();
SetResponsePacketData(1, sendPacketHeader.RequestId, 0);
context.SaveChanges();
}
}
private void SetResponsePacketData(int canUserProceed, int requestId, int reason)
{
this._responsePacket.CanUserProceed = canUserProceed;
this._responsePacket.RequestId = requestId;
this._responsePacket.reason = reason;
}
}
}

28
server/Message/IClientMessage.cs
View file

@ -1,28 +0,0 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace server.Message
{
public interface IClientMessage
{
/// <summary>
/// Implements a function that returns the packet header for the type of client
/// message it is handling. Is an unsafe function because we are taking the
/// size of struct which makes c# unhappy.
/// </summary>
unsafe void GetPacketHeader();
/// <summary>
/// Function which implements the core logic to handle a message received from
/// the client. Should take care of all major actions when handling the message.
/// </summary>
bool HandleMessage();
/// <summary>
/// Function that returns the response packet in the form of a byte array.
/// </summary>
byte[] GetResponsePacket();
}
}

108
server/Message/MessageHandler.cs
View file

@ -1,108 +0,0 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Reflection.Metadata.Ecma335;
using System.Runtime.CompilerServices;
using System.Text;
using System.Threading.Tasks;
using Serilog;
using System.Net;
using System.Net.Sockets;
using server.Types.ClientReport;
using server.Types.ClientSend;
using System.Runtime.InteropServices;
using server.Database.Model;
using server.Database.Entity;
using Org.BouncyCastle.Asn1.BC;
using Org.BouncyCastle.Asn1.Ocsp;
namespace server.Message
{
public class MessageHandler
{
private byte[] _buffer;
private int _bufferSize;
private ILogger _logger;
private PACKET_HEADER _header;
private NetworkStream _networkStream;
private TcpClient _tcpClient;
private enum MESSAGE_TYPE
{
MESSAGE_TYPE_CLIENT_REPORT = 1,
MESSAGE_TYPE_CLIENT_SEND = 2,
MESSAGE_TYPE_CLIENT_REQUEST = 3
}
public struct PACKET_HEADER
{
public int message_type;
public ulong steam64_id;
};
private struct PACKET_REQUEST_HEADER
{
public int RequestId;
}
public MessageHandler(TcpClient client, byte[] buffer, int bufferSize, ILogger logger)
{
_tcpClient = client;
_networkStream = client.GetStream();
_buffer = buffer;
_bufferSize = bufferSize;
_logger = logger;
_header = GetMessageHeader();
switch (_header.message_type)
{
case (int)MESSAGE_TYPE.MESSAGE_TYPE_CLIENT_REPORT:
HandleClientSendReport();
break;
case (int)MESSAGE_TYPE.MESSAGE_TYPE_CLIENT_SEND:
HandleClientSendMessage();
break;
default:
_logger.Information("This message type is not accepted at the moment.");
break;
}
}
private void HandleClientSendReport()
{
ClientReport report = new ClientReport(_logger, _buffer, _bufferSize, _header);
if (report.HandleMessage())
{
byte[] reponsePacket = report.GetResponsePacket();
this.SendResponsePacketToClient(reponsePacket);
return;
}
_logger.Warning("Failed to handle client sent report");
}
private void HandleClientSendMessage()
{
ClientSend send = new ClientSend(_logger, ref _buffer, _bufferSize, _header);
if (send.HandleMessage())
{
byte[] responsePacket = send.GetResponsePacket();
this.SendResponsePacketToClient(responsePacket);
return;
}
_logger.Warning("Failed to handle client send message");
}
private PACKET_HEADER GetMessageHeader()
{
return Helper.BytesToStructure<PACKET_HEADER>(_buffer, 0);
}
private void SendResponsePacketToClient(byte[] responsePacket)
{
_networkStream.Write(responsePacket, 0, responsePacket.Length);
}
}
}

25
server/Program.cs
View file

@ -1,25 +0,0 @@
using Serilog;
using server.Database;
using server.Database.Entity;
using server.Database.Model;
using System.Configuration;
using System.Net;
using System.Net.Sockets;
using System.Reflection.Metadata.Ecma335;
using System.Text;
namespace server
{
public class Program
{
public static async Task Main(string[] args)
{
using var logger = new LoggerConfiguration()
.WriteTo.Console()
.CreateLogger();
Server server = new Server(logger);
await server.Listen();
}
}
}

72
server/Server.cs
View file

@ -1,72 +0,0 @@
using System.IO;
using System;
using System.Net;
using System.Net.Sockets;
using System.Reflection.Metadata.Ecma335;
using System.Text;
using Serilog;
using server.Message;
using Microsoft.EntityFrameworkCore.Metadata.Conventions;
using K4os.Compression.LZ4.Streams.Adapters;
namespace server
{
public class Server
{
private IPEndPoint _ipEndPoint;
private TcpListener _tcpListener;
private ILogger _logger;
public Server(ILogger logger)
{
_ipEndPoint = new IPEndPoint(IPAddress.Any, 8888);
_tcpListener = new TcpListener(_ipEndPoint);
_logger = logger;
}
public async Task Listen()
{
_tcpListener.Start();
_logger.Information("Listening for incoming connections...");
while (true)
{
TcpClient client = await _tcpListener.AcceptTcpClientAsync();
NetworkStream _stream = client.GetStream();
TcpClient clientReference = client;
byte[] buffer = new byte[2048];
int bytesRead = 0;
using (MemoryStream stream = new MemoryStream())
{
while (_stream.DataAvailable)
{
bytesRead = _stream.Read(buffer, 0, buffer.Length);
_logger.Information("bytes read: {0}", bytesRead);
stream.Write(buffer, 0, bytesRead);
}
byte[] message = stream.ToArray();
if (message.Length == 0)
{
_logger.Error("Null message received at server");
continue;
}
ThreadPool.QueueUserWorkItem(state => DispatchMessage(state, clientReference, message, message.Length));
}
}
}
private void DispatchMessage(Object? stateInfo, TcpClient client, byte[] buffer, int bufferSize)
{
MessageHandler message = new MessageHandler(client, buffer, bufferSize, _logger);
}
}
}

134
server/Types.cs
View file

@ -1,134 +0,0 @@
using Org.BouncyCastle.Utilities;
using Serilog;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Numerics;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading.Tasks;
namespace server
{
namespace Types
{
namespace ClientSend
{
struct CLIENT_SEND_PACKET_HEADER
{
public int RequestId;
public int PacketSize;
};
public enum USER_BAN_REASONS
{
HARDWARE_BAN = 10,
USER_BAN = 20
}
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Ansi)]
public unsafe struct PACKET_CLIENT_HARDWARE_INFORMATION
{
[MarshalAs(UnmanagedType.ByValTStr, SizeConst = 64)]
public string MotherboardSerialNumber;
[MarshalAs(UnmanagedType.ByValTStr, SizeConst = 64)]
public string DeviceDriver0Serial;
}
}
namespace ClientReport
{
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Ansi)]
public unsafe struct PROCESS_MODULE_INTEGRITY_CHECK_FAILURE
{
public int ReportCode;
public UInt64 ModuleBaseAddress;
public int ModuleSize;
[MarshalAs(UnmanagedType.ByValTStr, SizeConst = 256)]
public string ModuleName;
}
public struct PROCESS_THREAD_START_FAILURE
{
public int ReportCode;
public int ThreadId;
public long StartAddress;
}
public struct PAGE_PROTECTION_FAILURE
{
public int ReportCode;
public UInt64 PageBaseAddress;
public long AllocationProtection;
public long AllocationState;
public long AllocationType;
}
public struct PATTERN_SCAN_FAILURE
{
public int ReportCode;
public int SignatureId;
public UInt64 Address;
}
public struct NMI_CALLBACK_FAILURE
{
public int ReportCode;
public int WereNmisDisabled;
public UInt64 KThreadAddress;
public UInt64 InvalidRip;
}
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Ansi)]
public unsafe struct MODULE_VALIDATION_FAILURE
{
public int ReportCode;
public int ReportType;
public long DriverBaseAddress;
public long DriverSize;
[MarshalAs(UnmanagedType.ByValTStr, SizeConst = 128)]
public string ModuleName;
}
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Ansi)]
public unsafe struct OPEN_HANDLE_FAILURE
{
public int ReportCode;
public int IsKernelHandle;
public uint ProcessId;
public uint ThreadId;
public uint DesiredAccess;
[MarshalAs(UnmanagedType.ByValTStr, SizeConst = 64)]
public string ProcessName;
}
[StructLayout(LayoutKind.Sequential)]
public unsafe struct INVALID_PROCESS_ALLOCATION_FAILURE
{
public int ReportCode;
[MarshalAs(UnmanagedType.ByValArray, SizeConst = 4096)]
public byte[] ProcessStructure;
}
[StructLayout(LayoutKind.Sequential)]
public struct HIDDEN_SYSTEM_THREAD_FAILURE
{
public int ReportCode;
public int FoundInKThreadList;
public int FoundInPspCidTable;
public long ThreadAddress;
public int ThreadId;
[MarshalAs(UnmanagedType.ByValArray, SizeConst = 4096)]
public byte[] ThreadStructure;
}
public struct ATTACH_PROCESS_FAILURE
{
public int ReportCode;
public int ThreadId;
public long ThreadAddress;
}
}
}
}

7
server/main.go Normal file
View file

@ -0,0 +1,7 @@
package main
import "fmt"
func main() {
fmt.Println("Hello, World!")
}

25
server/server.csproj
View file

@ -1,25 +0,0 @@
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<OutputType>Exe</OutputType>
<TargetFramework>net7.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
<AllowUnsafeBlocks>True</AllowUnsafeBlocks>
<Configurations>Debug;Release;Release - No Server;Release - No Server - Win11</Configurations>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="7.0.10" />
<PackageReference Include="MySql.Data" Version="8.1.0" />
<PackageReference Include="MySql.EntityFrameworkCore" Version="7.0.5" />
<PackageReference Include="Serilog" Version="3.0.1" />
<PackageReference Include="Serilog.Sinks.Console" Version="4.1.0" />
<PackageReference Include="Serilog.Sinks.File" Version="5.0.0" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\service\service.csproj" />
</ItemGroup>
</Project>

65
service/Client.cs
View file

@ -1,65 +0,0 @@
using Microsoft.AspNetCore.Authentication.OAuth.Claims;
using System.Net;
using System.Net.Sockets;
using System.Text;
using Serilog;
using Microsoft.AspNetCore.Http;
using System.Linq.Expressions;
namespace service
{
public class Client
{
private readonly Serilog.ILogger _logger;
private IPEndPoint _ipEndPoint;
private TcpClient _tcpClient;
private NetworkStream _stream;
private byte[] _buffer;
private int _bufferSize;
public Client(ref byte[] buffer, int bufferSize, Serilog.ILogger logger)
{
_logger = logger;
_ipEndPoint = new IPEndPoint(IPAddress.Parse("127.0.0.1"), 8888);
_tcpClient = new TcpClient();
_tcpClient.Connect(_ipEndPoint);
_stream = _tcpClient.GetStream();
_buffer = buffer;
_bufferSize = bufferSize;
}
public void SendMessageToServer()
{
try
{
_stream.Write(_buffer, 0, _bufferSize);
}
catch(Exception ex)
{
_logger.Error("{0}", ex.Message);
}
}
public byte[]? GetResponseFromServer()
{
byte[] buffer = new byte[1024];
try
{
using (MemoryStream memoryStream = new MemoryStream())
{
int bytesRead = _stream.Read(buffer, 0, 1024);
memoryStream.Write(buffer, 0, bytesRead);
return memoryStream.ToArray();
}
}
catch(Exception ex)
{
_logger.Error("{0}", ex.Message);
return null;
}
}
}
}

27
service/Program.cs
View file

@ -1,27 +0,0 @@
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Serilog;
namespace service
{
public class Program
{
public static void Main(string[] args)
{
CreateHostBuilder(args).Build().Run();
}
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.UseWindowsService()
.ConfigureServices((hostContext, services) =>
{
services.AddHostedService<Worker>();
})
.UseSerilog((context, configuration) =>
{
var config = context.Configuration;
configuration.ReadFrom.Configuration(config);
});
}
}

11
service/Properties/launchSettings.json
View file

@ -1,11 +0,0 @@
{
"profiles": {
"service": {
"commandName": "Project",
"dotnetRunMessages": true,
"environmentVariables": {
"DOTNET_ENVIRONMENT": "Development"
}
}
}
}

110
service/Worker.cs
View file

@ -1,110 +0,0 @@
using System.IO.Pipes;
using System.Runtime.CompilerServices;
using System.Runtime.InteropServices;
using System;
using System.Reflection.PortableExecutable;
using System.Net.Sockets;
using System.Net;
using System.Net.Http;
using Serilog;
#pragma warning disable CS1998 // Async method lacks 'await' operators and will run synchronously
#pragma warning disable CS8600
#pragma warning disable CS8603
namespace service
{
public class Worker : BackgroundService
{
private readonly Serilog.ILogger _logger;
private NamedPipeServerStream _pipeServer;
private byte[] _buffer;
private int _bufferSize;
private static int MAX_BUFFER_SIZE = 8192;
private static int OK_RESPONSE_SIZE = 4;
public Worker(Serilog.ILogger logger)
{
_logger = logger;
_pipeServer = new NamedPipeServerStream(
"DonnaACPipe",
PipeDirection.InOut,
1,
0,
PipeOptions.Asynchronous,
MAX_BUFFER_SIZE,
MAX_BUFFER_SIZE);
_bufferSize = MAX_BUFFER_SIZE;
_buffer = new byte[_bufferSize];
}
protected override async Task ExecuteAsync(CancellationToken stoppingToken)
{
_logger.Information("Windows service starting, waiting for client to connect");
// to do: verify whos connecting
_pipeServer.WaitForConnection();
_logger.Information("Client connected to the pipe server");
while (!stoppingToken.IsCancellationRequested)
{
try
{
int numBytesRead = _pipeServer.Read(_buffer, 0, _bufferSize);
if (numBytesRead > 0)
{
_logger.Information("Message received at pipe server with size: {0}", numBytesRead);
Client message = new Client(ref _buffer, numBytesRead, _logger);
message.SendMessageToServer();
ThreadPool.QueueUserWorkItem(state => RelayResponseMessage(ref message));
}
}
catch (Exception ex)
{
_logger.Error("Reading buffer from pipe failed with message: {0}", ex.Message);
}
Array.Clear(_buffer, 0, _bufferSize);
}
}
private void RelayResponseMessage(ref Client message)
{
byte[] responseMessage = message.GetResponseFromServer();
if (responseMessage == null)
{
_logger.Warning("Response message is null");
return;
}
_logger.Information("Sending response message to client with size: {0}", responseMessage.Length);
_pipeServer.Write(responseMessage, 0, responseMessage.Length);
}
[DllImport("kernel32.dll", SetLastError = true)]
internal static extern bool GetNamedPipeClientProcessId(IntPtr Pipe, out uint ClientProcessId);
public static uint GetNamedPipeClientProcId(NamedPipeServerStream PipeServer)
{
UInt32 procId;
IntPtr pipeHandle = PipeServer.SafePipeHandle.DangerousGetHandle();
if (GetNamedPipeClientProcessId(pipeHandle, out procId))
return procId;
return 0;
}
}
}
#pragma warning restore CS1998 // Async method lacks 'await' operators and will run synchronously
#pragma warning restore CS8600
#pragma warning restore CS8603

8
service/appsettings.Development.json
View file

@ -1,8 +0,0 @@
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.Hosting.Lifetime": "Information"
}
}
}

21
service/appsettings.json
View file

@ -1,21 +0,0 @@
{
"AllowedHosts": "*",
"Serilog": {
"MinimumLevel": "Debug",
"Override": {
"Microsoft.AspNetCore": "Warning"
},
"WriteTo": [
{
"Name": "Console"
},
{
"Name": "File",
"Args": {
"path": "bin/logs.txt",
"rollingInterval": "Day"
}
}
]
}
}

42
service/helper.cs
View file

@ -1,42 +0,0 @@
using Serilog;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading.Tasks;
#pragma warning disable CS8600
#pragma warning disable CS8603
namespace service
{
public class Helper
{
unsafe public static T BytesToStructure<T>(byte[] buffer, int offset)
{
int typeSize = Marshal.SizeOf(typeof(T));
if (buffer.Length == 0)
return default(T);
IntPtr ptr = Marshal.AllocHGlobal(typeSize);
try
{
Marshal.Copy(buffer, offset, ptr, typeSize);
T result = (T)Marshal.PtrToStructure(ptr, typeof(T));
Marshal.FreeHGlobal(ptr);
return result;
}
catch (Exception ex)
{
Log.Information(ex.Message);
return default(T);
}
}
}
}
#pragma warning restore CS8600
#pragma warning restore CS8603

22
service/service.csproj
View file

@ -1,22 +0,0 @@
<Project Sdk="Microsoft.NET.Sdk.Worker">
<PropertyGroup>
<TargetFramework>net7.0</TargetFramework>
<Nullable>enable</Nullable>
<ImplicitUsings>enable</ImplicitUsings>
<UserSecretsId>dotnet-service-ab667d6f-8728-45a8-a87c-ae511852674a</UserSecretsId>
<AllowUnsafeBlocks>true</AllowUnsafeBlocks>
<Configurations>Debug;Release;Release - No Server;Release - No Server - Win11</Configurations>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.AspNetCore.Hosting.Abstractions" Version="2.1.1" />
<PackageReference Include="Microsoft.Extensions.Hosting" Version="7.0.1" />
<PackageReference Include="Microsoft.Extensions.Hosting.WindowsServices" Version="7.0.1" />
<PackageReference Include="Serilog" Version="3.0.1" />
<PackageReference Include="Serilog.AspNetCore" Version="7.0.0" />
<PackageReference Include="Serilog.Extensions.Hosting" Version="7.0.0" />
<PackageReference Include="Serilog.Settings.Configuration" Version="7.0.0" />
<PackageReference Include="Serilog.Sinks.File" Version="5.0.0" />
</ItemGroup>
</Project>

38
test/cli/driver.h
View file

@ -1,38 +0,0 @@
#pragma once
#include <string>
#include <iostream>
#include <Windows.h>
class DriverInterface
{
HANDLE driver_handle;
bool validate_process_name()
{
}
public:
DriverInterface(std::string& process_name)
{
this->driver_handle = CreateFileW(
L"donna-ac-test",
GENERIC_WRITE | GENERIC_READ | GENERIC_EXECUTE,
0,
0,
OPEN_EXISTING,
FILE_ATTRIBUTE_SYSTEM | FILE_FLAG_OVERLAPPED,
0
);
if (this->driver_handle == INVALID_HANDLE_VALUE)
{
std::cerr << "Failed to open handle to driver" << std::endl;
return;
}
}
};

57
test/cli/main.cpp
View file

@ -1,57 +0,0 @@
#include <iostream>
#include <string>
#include <vector>
#include <string_view>
#include <Windows.h>
#include <tlhelp32.h>
std::wstring cstr_to_wstr(std::string cstr)
{
return std::wstring(cstr.begin(), cstr.end());
}
DWORD get_proc_id_by_name(const std::string& process_name)
{
PROCESSENTRY32 entry = { 0 };
entry.dwSize = sizeof(PROCESSENTRY32);
HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
while (Process32Next(snapshot, &entry))
{
if (entry.szExeFile == cstr_to_wstr(process_name))
{
return entry.th32ProcessID;
}
}
CloseHandle(snapshot);
return 0;
}
int main(int argc, char* argv[])
{
if (argc < 2)
{
std::cerr << "Please enter a valid Process Name";
return EXIT_FAILURE;
}
const std::vector<std::string_view> args(argv + 1, argv + argc);
std::string process_name = std::string(args[0].data());
DWORD proc_id = get_proc_id_by_name(process_name);
if (!proc_id)
{
std::cerr << "Process does not exist, please enter a valid running process name." << std::endl;
return EXIT_FAILURE;
}
return EXIT_SUCCESS;
}

201
test/cli/testcli.vcxproj
View file

@ -1,201 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release - No Server|Win32">
<Configuration>Release - No Server</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release - No Server|x64">
<Configuration>Release - No Server</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<PropertyGroup Label="Globals">
<VCProjectVersion>17.0</VCProjectVersion>
<Keyword>Win32Proj</Keyword>
<ProjectGuid>{bb9e4b6e-81e3-4d39-8928-0ba3f947c479}</ProjectGuid>
<RootNamespace>testcli</RootNamespace>
<WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v143</PlatformToolset>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v143</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v143</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v143</PlatformToolset>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v143</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v143</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ImportGroup Label="ExtensionSettings">
</ImportGroup>
<ImportGroup Label="Shared">
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|Win32'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<PropertyGroup Label="UserMacros" />
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|Win32'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
<LanguageStandard>stdcpp17</LanguageStandard>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
<LanguageStandard>stdcpp17</LanguageStandard>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|x64'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
<LanguageStandard>stdcpp17</LanguageStandard>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemGroup>
<ClCompile Include="main.cpp" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="driver.h" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
</Project>

27
test/cli/testcli.vcxproj.filters
View file

@ -1,27 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup>
<Filter Include="Source Files">
<UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
<Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
</Filter>
<Filter Include="Header Files">
<UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
<Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
</Filter>
<Filter Include="Resource Files">
<UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
<Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
</Filter>
</ItemGroup>
<ItemGroup>
<ClCompile Include="main.cpp">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="driver.h">
<Filter>Header Files</Filter>
</ClInclude>
</ItemGroup>
</Project>

11
test/driver/common.hpp
View file

@ -1,11 +0,0 @@
#include <ntifs.h>
#define STATIC static
#define VOID void
typedef UINT32 uint32_t;
typedef UINT64 uint64_t;
typedef UINT16 uint16_t;
#define DEBUG_LOG(fmt, ...) ImpDbgPrintEx(DPFLTR_IHVDRIVER_ID, 0, "[+] " fmt "\n", ##__VA_ARGS__)
#define DEBUG_ERROR(fmt, ...) ImpDbgPrintEx(DPFLTR_IHVDRIVER_ID, 0, "[-] " fmt "\n", ##__VA_ARGS__)

3
test/driver/driver.hpp
View file

@ -1,3 +0,0 @@
#pragma once
#include "common.hpp"

9
test/driver/framework.hpp
View file

@ -1,9 +0,0 @@
#include "common.hpp"
namespace framework
{
class state
{
};
}

67
test/driver/main.cpp
View file

@ -1,67 +0,0 @@
#include "driver.hpp"
UNICODE_STRING DRIVER_NAME = RTL_CONSTANT_STRING(L"donna-ac-test");
UNICODE_STRING DRIVER_LINK = RTL_CONSTANT_STRING(L"donna-ac-test-link");
#define IOCTL_RUN_NMI_CALLBACKS \
CTL_CODE(FILE_DEVICE_UNKNOWN, 0x20001, METHOD_BUFFERED, FILE_ANY_ACCESS)
NTSTATUS
DeviceControl(_In_ PDEVICE_OBJECT DeviceObject, _Inout_ PIRP Irp) {
UNREFERENCED_PARAMETER(DeviceObject);
NTSTATUS status = STATUS_SUCCESS;
PIO_STACK_LOCATION stack_location = IoGetCurrentIrpStackLocation(Irp);
switch (stack_location->Parameters.DeviceIoControl.IoControlCode) {}
end:
Irp->IoStatus.Status = status;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return status;
}
NTSTATUS
DeviceClose(_In_ PDEVICE_OBJECT DeviceObject, _Inout_ PIRP Irp) {
UNREFERENCED_PARAMETER(DeviceObject);
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return Irp->IoStatus.Status;
}
NTSTATUS
DeviceCreate(_In_ PDEVICE_OBJECT DeviceObject, _Inout_ PIRP Irp) {
UNREFERENCED_PARAMETER(DeviceObject);
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return Irp->IoStatus.Status;
}
STATIC
VOID DriverUnload(_In_ PDRIVER_OBJECT DriverObject) {
IoDeleteDevice(DriverObject->DeviceObject);
}
extern "C" NTSTATUS DriverEntry(_In_ PDRIVER_OBJECT DriverObject,
_In_ PUNICODE_STRING RegistryPath) {
NTSTATUS status;
status = IoCreateDevice(DriverObject, NULL, &DRIVER_NAME, FILE_DEVICE_UNKNOWN,
FILE_DEVICE_SECURE_OPEN, FALSE,
&DriverObject->DeviceObject);
if (!NT_SUCCESS(status)) {
return STATUS_FAILED_DRIVER_ENTRY;
}
status = IoCreateSymbolicLink(&DRIVER_LINK, &DRIVER_NAME);
if (!NT_SUCCESS(status)) {
IoDeleteDevice(DriverObject->DeviceObject);
return STATUS_FAILED_DRIVER_ENTRY;
}
DriverObject->MajorFunction[IRP_MJ_CREATE] = DeviceCreate;
DriverObject->MajorFunction[IRP_MJ_CLOSE] = DeviceClose;
DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = DeviceControl;
DriverObject->DriverUnload = DriverUnload;
return STATUS_SUCCESS;
}

7
test/driver/patch.cpp
View file

@ -1,7 +0,0 @@
#include "patch.hpp"
namespace framework {
patch::patch(char *image_name) {}
patch::~patch() {}
} // namespace framework

17
test/driver/patch.hpp
View file

@ -1,17 +0,0 @@
#include "common.hpp"
namespace framework {
class patch
{
private:
char* image_name;
void* image_base;
void* patch_address;
void* original_bytes;
unsigned long patch_size;
public:
patch(char* image_name);
~patch();
};
}

77
test/driver/testdrv.inf
View file

@ -1,77 +0,0 @@
;
; testdrv.inf
;
[Version]
Signature="$WINDOWS NT$"
Class=System ; TODO: specify appropriate Class
ClassGuid={4d36e97d-e325-11ce-bfc1-08002be10318} ; TODO: specify appropriate ClassGuid
Provider=%ManufacturerName%
CatalogFile=testdrv.cat
DriverVer= ; TODO: set DriverVer in stampinf property pages
PnpLockdown=1
[DestinationDirs]
DefaultDestDir = 12
testdrv_Device_CoInstaller_CopyFiles = 11
[SourceDisksNames]
1 = %DiskName%,,,""
[SourceDisksFiles]
testdrv.sys = 1,,
WdfCoInstaller$KMDFCOINSTALLERVERSION$.dll=1 ; make sure the number matches with SourceDisksNames
;*****************************************
; Install Section
;*****************************************
[Manufacturer]
%ManufacturerName%=Standard,NT$ARCH$
[Standard.NT$ARCH$]
%testdrv.DeviceDesc%=testdrv_Device, Root\testdrv ; TODO: edit hw-id
[testdrv_Device.NT]
CopyFiles=Drivers_Dir
[Drivers_Dir]
testdrv.sys
;-------------- Service installation
[testdrv_Device.NT.Services]
AddService = testdrv,%SPSVCINST_ASSOCSERVICE%, testdrv_Service_Inst
; -------------- testdrv driver install sections
[testdrv_Service_Inst]
DisplayName = %testdrv.SVCDESC%
ServiceType = 1 ; SERVICE_KERNEL_DRIVER
StartType = 3 ; SERVICE_DEMAND_START
ErrorControl = 1 ; SERVICE_ERROR_NORMAL
ServiceBinary = %12%\testdrv.sys
;
;--- testdrv_Device Coinstaller installation ------
;
[testdrv_Device.NT.CoInstallers]
AddReg=testdrv_Device_CoInstaller_AddReg
CopyFiles=testdrv_Device_CoInstaller_CopyFiles
[testdrv_Device_CoInstaller_AddReg]
HKR,,CoInstallers32,0x00010000, "WdfCoInstaller$KMDFCOINSTALLERVERSION$.dll,WdfCoInstaller"
[testdrv_Device_CoInstaller_CopyFiles]
WdfCoInstaller$KMDFCOINSTALLERVERSION$.dll
[testdrv_Device.NT.Wdf]
KmdfService = testdrv, testdrv_wdfsect
[testdrv_wdfsect]
KmdfLibraryVersion = $KMDFVERSION$
[Strings]
SPSVCINST_ASSOCSERVICE= 0x00000002
ManufacturerName="<Your manufacturer name>" ;TODO: Replace with your manufacturer name
DiskName = "testdrv Installation Disk"
testdrv.DeviceDesc = "testdrv Device"
testdrv.SVCDESC = "testdrv Service"

221
test/driver/testdrv.vcxproj
View file

@ -1,221 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release - No Server - Win11|ARM64">
<Configuration>Release - No Server - Win11</Configuration>
<Platform>ARM64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release - No Server - Win11|x64">
<Configuration>Release - No Server - Win11</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release - No Server|ARM64">
<Configuration>Release - No Server</Configuration>
<Platform>ARM64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release - No Server|x64">
<Configuration>Release - No Server</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|ARM64">
<Configuration>Debug</Configuration>
<Platform>ARM64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|ARM64">
<Configuration>Release</Configuration>
<Platform>ARM64</Platform>
</ProjectConfiguration>
</ItemGroup>
<PropertyGroup Label="Globals">
<ProjectGuid>{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}</ProjectGuid>
<TemplateGuid>{1bc93793-694f-48fe-9372-81e2b05556fd}</TemplateGuid>
<TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
<MinimumVisualStudioVersion>12.0</MinimumVisualStudioVersion>
<Configuration>Debug</Configuration>
<Platform Condition="'$(Platform)' == ''">x64</Platform>
<RootNamespace>testdrv</RootNamespace>
<WindowsTargetPlatformVersion>$(LatestTargetPlatformVersion)</WindowsTargetPlatformVersion>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
<TargetVersion>Windows10</TargetVersion>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
<ConfigurationType>Driver</ConfigurationType>
<DriverType>KMDF</DriverType>
<DriverTargetPlatform>Universal</DriverTargetPlatform>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
<TargetVersion>Windows10</TargetVersion>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
<ConfigurationType>Driver</ConfigurationType>
<DriverType>KMDF</DriverType>
<DriverTargetPlatform>Universal</DriverTargetPlatform>
<Driver_SpectreMitigation>false</Driver_SpectreMitigation>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|x64'" Label="Configuration">
<TargetVersion>Windows10</TargetVersion>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
<ConfigurationType>Driver</ConfigurationType>
<DriverType>KMDF</DriverType>
<DriverTargetPlatform>Universal</DriverTargetPlatform>
<Driver_SpectreMitigation>false</Driver_SpectreMitigation>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server - Win11|x64'" Label="Configuration">
<TargetVersion>Windows10</TargetVersion>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
<ConfigurationType>Driver</ConfigurationType>
<DriverType>KMDF</DriverType>
<DriverTargetPlatform>Universal</DriverTargetPlatform>
<Driver_SpectreMitigation>false</Driver_SpectreMitigation>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'" Label="Configuration">
<TargetVersion>Windows10</TargetVersion>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
<ConfigurationType>Driver</ConfigurationType>
<DriverType>KMDF</DriverType>
<DriverTargetPlatform>Universal</DriverTargetPlatform>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'" Label="Configuration">
<TargetVersion>Windows10</TargetVersion>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
<ConfigurationType>Driver</ConfigurationType>
<DriverType>KMDF</DriverType>
<DriverTargetPlatform>Universal</DriverTargetPlatform>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|ARM64'" Label="Configuration">
<TargetVersion>Windows10</TargetVersion>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
<ConfigurationType>Driver</ConfigurationType>
<DriverType>KMDF</DriverType>
<DriverTargetPlatform>Universal</DriverTargetPlatform>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server - Win11|ARM64'" Label="Configuration">
<TargetVersion>Windows10</TargetVersion>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
<ConfigurationType>Driver</ConfigurationType>
<DriverType>KMDF</DriverType>
<DriverTargetPlatform>Universal</DriverTargetPlatform>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ImportGroup Label="ExtensionSettings">
</ImportGroup>
<ImportGroup Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<PropertyGroup Label="UserMacros" />
<PropertyGroup />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
<Inf2CatUseLocalTime>true</Inf2CatUseLocalTime>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|x64'">
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
<Inf2CatUseLocalTime>true</Inf2CatUseLocalTime>
<OutDir>$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server - Win11|x64'">
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
<Inf2CatUseLocalTime>true</Inf2CatUseLocalTime>
<OutDir>$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|ARM64'">
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server - Win11|ARM64'">
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
</PropertyGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<DriverSign>
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
</DriverSign>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<DriverSign>
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
</DriverSign>
<ClCompile>
<TreatWarningAsError>false</TreatWarningAsError>
<LanguageStandard>stdcpp20</LanguageStandard>
</ClCompile>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|x64'">
<DriverSign>
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
</DriverSign>
<ClCompile>
<TreatWarningAsError>false</TreatWarningAsError>
</ClCompile>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server - Win11|x64'">
<DriverSign>
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
</DriverSign>
<ClCompile>
<TreatWarningAsError>false</TreatWarningAsError>
</ClCompile>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">
<DriverSign>
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
</DriverSign>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|ARM64'">
<DriverSign>
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
</DriverSign>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server - Win11|ARM64'">
<DriverSign>
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
</DriverSign>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">
<DriverSign>
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
</DriverSign>
</ItemDefinitionGroup>
<ItemGroup>
<Inf Include="testdrv.inf" />
</ItemGroup>
<ItemGroup>
<FilesToPackage Include="$(TargetPath)" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="main.cpp" />
<ClCompile Include="patch.cpp" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="common.hpp" />
<ClInclude Include="driver.hpp" />
<ClInclude Include="framework.hpp" />
<ClInclude Include="patch.hpp" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
</Project>

48
test/driver/testdrv.vcxproj.filters
View file

@ -1,48 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup>
<Filter Include="Source Files">
<UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
<Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
</Filter>
<Filter Include="Header Files">
<UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
<Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
</Filter>
<Filter Include="Resource Files">
<UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
<Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
</Filter>
<Filter Include="Driver Files">
<UniqueIdentifier>{8E41214B-6785-4CFE-B992-037D68949A14}</UniqueIdentifier>
<Extensions>inf;inv;inx;mof;mc;</Extensions>
</Filter>
</ItemGroup>
<ItemGroup>
<Inf Include="testdrv.inf">
<Filter>Driver Files</Filter>
</Inf>
</ItemGroup>
<ItemGroup>
<ClCompile Include="main.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="patch.cpp">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="driver.hpp">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="framework.hpp">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="common.hpp">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="patch.hpp">
<Filter>Header Files</Filter>
</ClInclude>
</ItemGroup>
</Project>