mirror of
https://github.com/donnaskiez/ac.git
synced 2024-11-21 22:24:08 +01:00
BIG CLEANUP
This commit is contained in:
parent
6895b1723d
commit
3c1ee3a14b
52 changed files with 7 additions and 3363 deletions
118
ac.sln
118
ac.sln
|
@ -5,12 +5,6 @@ VisualStudioVersion = 17.5.33502.453
|
|||
MinimumVisualStudioVersion = 10.0.40219.1
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "driver", "driver\driver.vcxproj", "{0AE83EC6-DDEA-4EDE-B1B2-1B2AB1E8BB54}"
|
||||
EndProject
|
||||
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "service", "service\service.csproj", "{6228E9DD-E1EA-45D8-8054-A00FC2D63414}"
|
||||
EndProject
|
||||
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "server", "server\server.csproj", "{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}"
|
||||
EndProject
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "testdrv", "test\driver\testdrv.vcxproj", "{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}"
|
||||
EndProject
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "module", "module\module.vcxproj", "{3B18467A-4358-45EF-81B1-5C6F9B0B6728}"
|
||||
EndProject
|
||||
Global
|
||||
|
@ -81,118 +75,6 @@ Global
|
|||
{0AE83EC6-DDEA-4EDE-B1B2-1B2AB1E8BB54}.Release|x86.ActiveCfg = Release|x64
|
||||
{0AE83EC6-DDEA-4EDE-B1B2-1B2AB1E8BB54}.Release|x86.Build.0 = Release|x64
|
||||
{0AE83EC6-DDEA-4EDE-B1B2-1B2AB1E8BB54}.Release|x86.Deploy.0 = Release|x64
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Debug|Any CPU.Build.0 = Debug|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Debug|ARM64.ActiveCfg = Debug|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Debug|ARM64.Build.0 = Debug|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Debug|x64.ActiveCfg = Debug|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Debug|x64.Build.0 = Debug|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Debug|x86.ActiveCfg = Debug|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Debug|x86.Build.0 = Debug|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win10|Any CPU.ActiveCfg = Release - No Server|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win10|Any CPU.Build.0 = Release - No Server|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win10|ARM64.ActiveCfg = Release - No Server|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win10|ARM64.Build.0 = Release - No Server|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win10|x64.ActiveCfg = Release - No Server|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win10|x64.Build.0 = Release - No Server|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win10|x86.ActiveCfg = Release - No Server|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win10|x86.Build.0 = Release - No Server|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win11|Any CPU.ActiveCfg = Release - No Server|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win11|Any CPU.Build.0 = Release - No Server|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win11|ARM64.ActiveCfg = Release - No Server|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win11|ARM64.Build.0 = Release - No Server|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win11|x64.ActiveCfg = Release - No Server|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win11|x64.Build.0 = Release - No Server|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win11|x86.ActiveCfg = Release - No Server|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release - No Server - Win11|x86.Build.0 = Release - No Server|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release|Any CPU.ActiveCfg = Release|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release|Any CPU.Build.0 = Release|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release|ARM64.ActiveCfg = Release|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release|ARM64.Build.0 = Release|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release|x64.ActiveCfg = Release|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release|x64.Build.0 = Release|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release|x86.ActiveCfg = Release|Any CPU
|
||||
{6228E9DD-E1EA-45D8-8054-A00FC2D63414}.Release|x86.Build.0 = Release|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Debug|Any CPU.Build.0 = Debug|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Debug|ARM64.ActiveCfg = Debug|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Debug|ARM64.Build.0 = Debug|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Debug|x64.ActiveCfg = Debug|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Debug|x64.Build.0 = Debug|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Debug|x86.ActiveCfg = Debug|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Debug|x86.Build.0 = Debug|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win10|Any CPU.ActiveCfg = Release - No Server|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win10|Any CPU.Build.0 = Release - No Server|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win10|ARM64.ActiveCfg = Release - No Server|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win10|ARM64.Build.0 = Release - No Server|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win10|x64.ActiveCfg = Release - No Server|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win10|x64.Build.0 = Release - No Server|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win10|x86.ActiveCfg = Release - No Server|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win10|x86.Build.0 = Release - No Server|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win11|Any CPU.ActiveCfg = Release - No Server|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win11|Any CPU.Build.0 = Release - No Server|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win11|ARM64.ActiveCfg = Release - No Server|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win11|ARM64.Build.0 = Release - No Server|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win11|x64.ActiveCfg = Release - No Server|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win11|x64.Build.0 = Release - No Server|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win11|x86.ActiveCfg = Release - No Server|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release - No Server - Win11|x86.Build.0 = Release - No Server|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release|Any CPU.ActiveCfg = Release|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release|Any CPU.Build.0 = Release|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release|ARM64.ActiveCfg = Release|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release|ARM64.Build.0 = Release|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release|x64.ActiveCfg = Release|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release|x64.Build.0 = Release|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release|x86.ActiveCfg = Release|Any CPU
|
||||
{4D0777F0-2D3D-4FD7-9C0F-CD4DEC1A99E9}.Release|x86.Build.0 = Release|Any CPU
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|Any CPU.ActiveCfg = Debug|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|Any CPU.Build.0 = Debug|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|Any CPU.Deploy.0 = Debug|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|ARM64.ActiveCfg = Debug|ARM64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|ARM64.Build.0 = Debug|ARM64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|ARM64.Deploy.0 = Debug|ARM64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|x64.ActiveCfg = Debug|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|x64.Build.0 = Debug|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|x64.Deploy.0 = Debug|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|x86.ActiveCfg = Debug|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|x86.Build.0 = Debug|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Debug|x86.Deploy.0 = Debug|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|Any CPU.ActiveCfg = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|Any CPU.Build.0 = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|Any CPU.Deploy.0 = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|ARM64.ActiveCfg = Release - No Server|ARM64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|ARM64.Build.0 = Release - No Server|ARM64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|ARM64.Deploy.0 = Release - No Server|ARM64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|x64.ActiveCfg = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|x64.Build.0 = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|x64.Deploy.0 = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|x86.ActiveCfg = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|x86.Build.0 = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win10|x86.Deploy.0 = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|Any CPU.ActiveCfg = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|Any CPU.Build.0 = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|Any CPU.Deploy.0 = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|ARM64.ActiveCfg = Release - No Server|ARM64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|ARM64.Build.0 = Release - No Server|ARM64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|ARM64.Deploy.0 = Release - No Server|ARM64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|x64.ActiveCfg = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|x64.Build.0 = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|x64.Deploy.0 = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|x86.ActiveCfg = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|x86.Build.0 = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release - No Server - Win11|x86.Deploy.0 = Release - No Server|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|Any CPU.ActiveCfg = Release|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|Any CPU.Build.0 = Release|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|Any CPU.Deploy.0 = Release|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|ARM64.ActiveCfg = Release|ARM64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|ARM64.Build.0 = Release|ARM64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|ARM64.Deploy.0 = Release|ARM64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|x64.ActiveCfg = Release|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|x64.Build.0 = Release|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|x64.Deploy.0 = Release|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|x86.ActiveCfg = Release|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|x86.Build.0 = Release|x64
|
||||
{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}.Release|x86.Deploy.0 = Release|x64
|
||||
{3B18467A-4358-45EF-81B1-5C6F9B0B6728}.Debug|Any CPU.ActiveCfg = Debug|x64
|
||||
{3B18467A-4358-45EF-81B1-5C6F9B0B6728}.Debug|Any CPU.Build.0 = Debug|x64
|
||||
{3B18467A-4358-45EF-81B1-5C6F9B0B6728}.Debug|ARM64.ActiveCfg = Debug|x64
|
||||
|
|
|
@ -1,16 +0,0 @@
|
|||
<mxfile host="app.diagrams.net" modified="2023-09-07T11:40:22.850Z" agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" etag="zxLKc88AkFicnfjyOcSN" version="21.7.2" type="device">
|
||||
<diagram name="Page-1" id="lGA2o3BVWdjGpJAT47dB">
|
||||
<mxGraphModel dx="1434" dy="790" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
|
||||
<root>
|
||||
<mxCell id="0" />
|
||||
<mxCell id="1" parent="0" />
|
||||
<mxCell id="3Gc6Ea0flFLE_1pXqOZ2-15" value="<div style="box-sizing:border-box;width:100%;background:#e4e4e4;padding:2px;">User</div><table style="width:100%;font-size:1em;" cellpadding="2" cellspacing="0"><tbody><tr><td>PK</td><td>UserId<br></td></tr><tr><td>FK1</td><td>HardwareId</td></tr><tr><td></td><td>Steam64Id<br>Banned<br><br></td></tr></tbody></table>" style="verticalAlign=top;align=left;overflow=fill;html=1;whiteSpace=wrap;" vertex="1" parent="1">
|
||||
<mxGeometry x="60" y="290" width="180" height="145" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="3Gc6Ea0flFLE_1pXqOZ2-16" value="<div style="box-sizing:border-box;width:100%;background:#e4e4e4;padding:2px;">User</div><table style="width:100%;font-size:1em;" cellpadding="2" cellspacing="0"><tbody><tr><td>PK</td><td>UserId<br></td></tr><tr><td>FK1</td><td>HardwareId</td></tr><tr><td></td><td>Steam64Id<br>Banned<br><br></td></tr></tbody></table>" style="verticalAlign=top;align=left;overflow=fill;html=1;whiteSpace=wrap;" vertex="1" parent="1">
|
||||
<mxGeometry x="360" y="290" width="180" height="145" as="geometry" />
|
||||
</mxCell>
|
||||
</root>
|
||||
</mxGraphModel>
|
||||
</diagram>
|
||||
</mxfile>
|
|
@ -292,23 +292,6 @@ void kernel_interface::kernel_interface::send_pending_irp() {
|
|||
LOG_ERROR("failed to insert irp into irp queue %x", status);
|
||||
}
|
||||
|
||||
// void kernel_interface::kernel_interface::query_deferred_reports() {
|
||||
// unsigned long bytes_returned = 0;
|
||||
// void *buffer = malloc(MAXIMUM_REPORT_BUFFER_SIZE);
|
||||
// if (!buffer)
|
||||
// return;
|
||||
// for (int i = 0; i < QUERY_DEFERRED_REPORT_COUNT; i++) {
|
||||
// unsigned int status =
|
||||
// generic_driver_call_output(ioctl_code::QueryDeferredReports, buffer,
|
||||
// MAXIMUM_REPORT_BUFFER_SIZE,
|
||||
// &bytes_returned);
|
||||
// if (status && bytes_returned > 0)
|
||||
// helper::print_kernel_report(buffer);
|
||||
// memset(buffer, 0, MAXIMUM_REPORT_BUFFER_SIZE);
|
||||
// }
|
||||
// free(buffer);
|
||||
// }
|
||||
|
||||
void kernel_interface::kernel_interface::write_shared_mapping_operation(
|
||||
shared_state_operation_id operation_id) {
|
||||
InterlockedExchange16(
|
||||
|
|
8
notes.md
8
notes.md
|
@ -1,8 +0,0 @@
|
|||
new feature notes:
|
||||
|
||||
- random heartbeat timer event callback. These timers should be single shot events, once fired we get a new random time and insert that. This way the timer objects are always fresh and we dont use a global timer object.
|
||||
- session cookie new value per session
|
||||
- session statistics need to be updated each time a new irp is inserted into the queue
|
||||
- same with when we receive an irp
|
||||
- this information can be used to detect malicious interferrence with the system
|
||||
- use a reverse irp method, user mode program receives and irp and checks if it contains a special code indicating it must send an irp to tthe driver ?
|
|
@ -1,37 +0,0 @@
|
|||
using Serilog;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
using server.Database.Model;
|
||||
using System.Reflection.Metadata.Ecma335;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
|
||||
namespace server.Database.Entity
|
||||
{
|
||||
public class HardwareConfigurationEntity : HardwareConfiguration
|
||||
{
|
||||
private readonly ModelContext _modelContext;
|
||||
public UserEntity UserEntity { get; set; }
|
||||
|
||||
public HardwareConfigurationEntity(ModelContext modelContext)
|
||||
{
|
||||
UserEntity = new UserEntity(modelContext);
|
||||
_modelContext = modelContext;
|
||||
}
|
||||
|
||||
public bool CheckIfHardwareIsBanned()
|
||||
{
|
||||
return _modelContext.HardwareConfiguration.Any(
|
||||
h => h.MotherboardSerial == MotherboardSerial &&
|
||||
h.DeviceDrive0Serial == DeviceDrive0Serial &&
|
||||
h.IsBanned);
|
||||
}
|
||||
|
||||
public void InsertHardwareConfiguration()
|
||||
{
|
||||
_modelContext.HardwareConfiguration.Add(this);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,19 +0,0 @@
|
|||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace server.Database.Entity.Report
|
||||
{
|
||||
/// <summary>
|
||||
/// Implements the IReport interface
|
||||
/// </summary>
|
||||
public interface IReportEntity
|
||||
{
|
||||
/// <summary>
|
||||
/// Inserts the report into the database.
|
||||
/// </summary>
|
||||
void InsertReport();
|
||||
}
|
||||
}
|
|
@ -1,26 +0,0 @@
|
|||
using server.Database.Model;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace server.Database.Entity.Report
|
||||
{
|
||||
public class ReportEntity : Model.Report
|
||||
{
|
||||
private readonly ModelContext _modelContext;
|
||||
private UserEntity UserEntity { get; set; }
|
||||
|
||||
public ReportEntity(ModelContext modelContext)
|
||||
{
|
||||
UserEntity = new UserEntity(modelContext);
|
||||
_modelContext = modelContext;
|
||||
}
|
||||
|
||||
public void InsertReport()
|
||||
{
|
||||
_modelContext.Reports.Add(this);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,26 +0,0 @@
|
|||
using server.Database.Model;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace server.Database.Entity.Report.Types
|
||||
{
|
||||
public class AttachProcessEntity : ReportTypeAttachProcess, IReportEntity
|
||||
{
|
||||
private readonly ModelContext _modelContext;
|
||||
public ReportEntity ReportEntity { get; set; }
|
||||
|
||||
public AttachProcessEntity(ModelContext modelContext)
|
||||
{
|
||||
ReportEntity = new ReportEntity(modelContext);
|
||||
_modelContext = modelContext;
|
||||
}
|
||||
|
||||
public void InsertReport()
|
||||
{
|
||||
_modelContext.ReportTypeAttachProcess.Add(this);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,26 +0,0 @@
|
|||
using server.Database.Model;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace server.Database.Entity.Report.Types
|
||||
{
|
||||
public class HiddenSystemThreadEntity : ReportTypeHiddenSystemThread, IReportEntity
|
||||
{
|
||||
private readonly ModelContext _modelContext;
|
||||
public ReportEntity ReportEntity { get; set; }
|
||||
|
||||
public HiddenSystemThreadEntity(ModelContext modelContext)
|
||||
{
|
||||
ReportEntity = new ReportEntity(modelContext);
|
||||
_modelContext = modelContext;
|
||||
}
|
||||
|
||||
public void InsertReport()
|
||||
{
|
||||
_modelContext.ReportTypeHiddenSystemThread.Add(this);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,25 +0,0 @@
|
|||
using server.Database.Model;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace server.Database.Entity.Report.Types
|
||||
{
|
||||
public class ReportTypeIllegalHandleOperationEntity : ReportTypeIllegalHandleOperation, IReportEntity
|
||||
{
|
||||
private readonly ModelContext _modelContext;
|
||||
public ReportEntity ReportEntity { get; set; }
|
||||
|
||||
public ReportTypeIllegalHandleOperationEntity(ModelContext modelContext)
|
||||
{
|
||||
ReportEntity = new ReportEntity(modelContext);
|
||||
_modelContext = modelContext;
|
||||
}
|
||||
public void InsertReport()
|
||||
{
|
||||
_modelContext.ReportTypeIllegalHandleOperation.Add(this);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,26 +0,0 @@
|
|||
using server.Database.Model;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace server.Database.Entity.Report.Types
|
||||
{
|
||||
public class InvalidProcessAllocationEntity : ReportTypeInvalidProcessAllocation, IReportEntity
|
||||
{
|
||||
private readonly ModelContext _modelContext;
|
||||
public ReportEntity ReportEntity { get; set; }
|
||||
|
||||
public InvalidProcessAllocationEntity(ModelContext modelContext)
|
||||
{
|
||||
ReportEntity = new ReportEntity(modelContext);
|
||||
_modelContext = modelContext;
|
||||
}
|
||||
|
||||
public void InsertReport()
|
||||
{
|
||||
_modelContext.ReportTypeInvalidProcessAllocation.Add(this);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,26 +0,0 @@
|
|||
using server.Database.Model;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace server.Database.Entity.Report.Types
|
||||
{
|
||||
public class NmiCallbackEntity : ReportTypeNmiCallback, IReportEntity
|
||||
{
|
||||
private readonly ModelContext _modelContext;
|
||||
public ReportEntity ReportEntity { get; set; }
|
||||
|
||||
public NmiCallbackEntity(ModelContext modelContext)
|
||||
{
|
||||
ReportEntity = new ReportEntity(modelContext);
|
||||
_modelContext = modelContext;
|
||||
}
|
||||
|
||||
public void InsertReport()
|
||||
{
|
||||
_modelContext.ReportTypeNmiCallback.Add(this);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,26 +0,0 @@
|
|||
using server.Database.Model;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace server.Database.Entity.Report.Types
|
||||
{
|
||||
public class PageProtectionEntity : ReportTypePageProtection, IReportEntity
|
||||
{
|
||||
private readonly ModelContext _modelContext;
|
||||
public ReportEntity ReportEntity { get; set; }
|
||||
|
||||
public PageProtectionEntity(ModelContext modelContext)
|
||||
{
|
||||
ReportEntity = new ReportEntity(modelContext);
|
||||
_modelContext = modelContext;
|
||||
}
|
||||
|
||||
public void InsertReport()
|
||||
{
|
||||
_modelContext.ReportTypePageProtection.Add(this);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,26 +0,0 @@
|
|||
using server.Database.Model;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace server.Database.Entity.Report.Types
|
||||
{
|
||||
public class PatternScanEntity : ReportTypePatternScan, IReportEntity
|
||||
{
|
||||
private readonly ModelContext _modelContext;
|
||||
public ReportEntity ReportEntity { get; set; }
|
||||
|
||||
public PatternScanEntity(ModelContext modelContext)
|
||||
{
|
||||
ReportEntity = new ReportEntity(modelContext);
|
||||
_modelContext = modelContext;
|
||||
}
|
||||
|
||||
public void InsertReport()
|
||||
{
|
||||
_modelContext.ReportTypePatternScan.Add(this);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,27 +0,0 @@
|
|||
using server.Database.Model;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace server.Database.Entity.Report.Types
|
||||
{
|
||||
public class ProcessModuleIntegrityCheckEntity : ReportTypeProcessModuleIntegrityCheck, IReportEntity
|
||||
{
|
||||
private readonly ModelContext _modelContext;
|
||||
|
||||
public ReportEntity ReportEntity { get; set; }
|
||||
|
||||
public ProcessModuleIntegrityCheckEntity(ModelContext modelContext)
|
||||
{
|
||||
ReportEntity = new ReportEntity(modelContext);
|
||||
_modelContext = modelContext;
|
||||
}
|
||||
|
||||
public void InsertReport()
|
||||
{
|
||||
_modelContext.ReportTypeProcessModuleIntegrityCheck.Add(this);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,26 +0,0 @@
|
|||
using server.Database.Model;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace server.Database.Entity.Report.Types
|
||||
{
|
||||
public class StartAddressEntity : ReportTypeStartAddress, IReportEntity
|
||||
{
|
||||
private readonly ModelContext _modelContext;
|
||||
public ReportEntity ReportEntity { get; set; }
|
||||
|
||||
public StartAddressEntity(ModelContext modelContext)
|
||||
{
|
||||
ReportEntity = new ReportEntity(modelContext);
|
||||
_modelContext = modelContext;
|
||||
}
|
||||
|
||||
public void InsertReport()
|
||||
{
|
||||
_modelContext.ReportTypeStartAddress.Add(this);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,26 +0,0 @@
|
|||
using server.Database.Model;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace server.Database.Entity.Report.Types
|
||||
{
|
||||
public class SystemModuleValidationEntity : ReportTypeSystemModuleValidation, IReportEntity
|
||||
{
|
||||
private readonly ModelContext _modelContext;
|
||||
public ReportEntity ReportEntity { get; set; }
|
||||
|
||||
public SystemModuleValidationEntity(ModelContext modelContext)
|
||||
{
|
||||
ReportEntity = new ReportEntity(modelContext);
|
||||
_modelContext = modelContext;
|
||||
}
|
||||
|
||||
public void InsertReport()
|
||||
{
|
||||
_modelContext.ReportTypeSystemModuleValidation.Add(this);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,48 +0,0 @@
|
|||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
using server.Database.Model;
|
||||
using Serilog;
|
||||
|
||||
namespace server.Database.Entity
|
||||
{
|
||||
public class UserEntity : User
|
||||
{
|
||||
private readonly ModelContext _modelContext;
|
||||
|
||||
public UserEntity(ModelContext modelContext)
|
||||
{
|
||||
_modelContext = modelContext;
|
||||
}
|
||||
|
||||
public bool CheckIfUserExists()
|
||||
{
|
||||
return _modelContext.Users.Any(u => u.Steam64Id == Steam64Id);
|
||||
}
|
||||
|
||||
public bool CheckIfUserIsBanned()
|
||||
{
|
||||
return _modelContext.Users.Any(u => u.Steam64Id == Steam64Id && u.IsBanned);
|
||||
}
|
||||
|
||||
public User GetUserBySteamId(ulong steamId)
|
||||
{
|
||||
return _modelContext.Users.First(u => u.Steam64Id == steamId);
|
||||
}
|
||||
|
||||
public bool CheckIfUsersHardwareExists()
|
||||
{
|
||||
List<HardwareConfiguration> hardwareConfigurations = _modelContext.HardwareConfiguration
|
||||
.Where(h => h.User.Steam64Id == Steam64Id).ToList();
|
||||
|
||||
return hardwareConfigurations.Count > 0;
|
||||
}
|
||||
|
||||
public void InsertUser()
|
||||
{
|
||||
_modelContext.Users.Add(this);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,137 +0,0 @@
|
|||
using Microsoft.EntityFrameworkCore;
|
||||
using Microsoft.EntityFrameworkCore.Metadata.Internal;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
using static Microsoft.EntityFrameworkCore.DbLoggerCategory;
|
||||
|
||||
namespace server.Database.Model
|
||||
{
|
||||
public class User
|
||||
{
|
||||
public int UserId { get; set; }
|
||||
public ulong Steam64Id { get; set; }
|
||||
public bool IsBanned { get; set; }
|
||||
public virtual ICollection<HardwareConfiguration> HardwareConfigurations { get; set; }
|
||||
public virtual ICollection<Report> Reports { get; set; }
|
||||
}
|
||||
|
||||
public class HardwareConfiguration
|
||||
{
|
||||
public int HardwareId { get; set; }
|
||||
public virtual User User { get; set; }
|
||||
public bool IsBanned { get; set; }
|
||||
public string DeviceDrive0Serial { get; set; }
|
||||
public string MotherboardSerial { get; set; }
|
||||
}
|
||||
|
||||
public class Report
|
||||
{
|
||||
public int ReportId { get; set; }
|
||||
public virtual User User { get; set; }
|
||||
public int ReportCode { get; set; }
|
||||
public virtual ICollection<ReportTypeIllegalHandleOperation> ReportTypeIllegalHandleOperations { get; set; }
|
||||
public virtual ICollection<ReportTypeStartAddress> ReportTypeStartAddresses { get; set; }
|
||||
public virtual ICollection<ReportTypePageProtection> ReportTypePageProtections { get; set; }
|
||||
public virtual ICollection<ReportTypePatternScan> ReportTypePatternScans { get; set; }
|
||||
public virtual ICollection<ReportTypeNmiCallback> ReportTypeNmiCallbacks { get; set; }
|
||||
public virtual ICollection<ReportTypeSystemModuleValidation> ReportTypeSystemModuleValidations { get; set; }
|
||||
public virtual ICollection<ReportTypeHiddenSystemThread> ReportTypeHiddenSystemThreads { get; set; }
|
||||
public virtual ICollection<ReportTypeAttachProcess> ReportTypeAttachProcesses { get; set; }
|
||||
public virtual ICollection<ReportTypeInvalidProcessAllocation> ReportTypeInvalidProcessAllocations { get; set; }
|
||||
public virtual ICollection<ReportTypeProcessModuleIntegrityCheck> ReportTypeProcessModuleIntegrityChecks { get; set; }
|
||||
}
|
||||
|
||||
public class ReportTypeIllegalHandleOperation
|
||||
{
|
||||
public int ReportNumber { get; set; }
|
||||
public virtual Report Report { get; set; }
|
||||
public int IsKernelHandle { get; set; }
|
||||
public uint ProcessId { get; set; }
|
||||
public uint ThreadId { get; set; }
|
||||
public uint DesiredAccess { get; set; }
|
||||
public string ProcessName { get; set; }
|
||||
}
|
||||
|
||||
public class ReportTypeStartAddress
|
||||
{
|
||||
public int ReportNumber { get; set; }
|
||||
public virtual Report Report { get; set; }
|
||||
public int ThreadId { get; set; }
|
||||
public long ThreadStartAddress { get; set; }
|
||||
}
|
||||
|
||||
public class ReportTypePageProtection
|
||||
{
|
||||
public virtual Report Report { get; set; }
|
||||
public int ReportNumber { get; set; }
|
||||
public ulong PageBaseAddress { get; set; }
|
||||
public long AllocationProtection { get; set; }
|
||||
public long AllocationState { get; set; }
|
||||
public long AllocationType { get; set; }
|
||||
}
|
||||
|
||||
public class ReportTypePatternScan
|
||||
{
|
||||
public virtual Report Report { get; set; }
|
||||
public int ReportNumber { get; set; }
|
||||
public int SignatureId { get; set; }
|
||||
public ulong Address { get; set; }
|
||||
}
|
||||
|
||||
public class ReportTypeNmiCallback
|
||||
{
|
||||
public virtual Report Report { get; set; }
|
||||
public int ReportNumber { get; set; }
|
||||
public int WereNmisDisabled { get; set; }
|
||||
public ulong KThreadAddress { get; set; }
|
||||
public ulong InvalidRip { get; set; }
|
||||
}
|
||||
|
||||
public class ReportTypeSystemModuleValidation
|
||||
{
|
||||
public virtual Report Report { get; set; }
|
||||
public int ReportNumber { get; set; }
|
||||
public int ReportType { get; set; }
|
||||
public long DriverBaseAddress { get; set; }
|
||||
public long DriverSize { get; set; }
|
||||
public string ModuleName { get; set; }
|
||||
}
|
||||
|
||||
public class ReportTypeHiddenSystemThread
|
||||
{
|
||||
public virtual Report Report { get; set; }
|
||||
public int ReportNumber { get; set; }
|
||||
public int FoundInKThreadList { get; set; }
|
||||
public int FoundInPspCidTable { get; set; }
|
||||
public long ThreadAddress { get; set; }
|
||||
public int ThreadId { get; set; }
|
||||
public byte[] ThreadStructure { get; set; }
|
||||
}
|
||||
|
||||
public class ReportTypeAttachProcess
|
||||
{
|
||||
public virtual Report Report { get; set; }
|
||||
public int ReportNumber { get; set; }
|
||||
public int ThreadId { get; set; }
|
||||
public long ThreadAddress { get; set; }
|
||||
}
|
||||
|
||||
public class ReportTypeInvalidProcessAllocation
|
||||
{
|
||||
public virtual Report Report { get; set; }
|
||||
public int ReportNumber { get; set; }
|
||||
public byte[] ProcessStructure { get; set; }
|
||||
}
|
||||
|
||||
public class ReportTypeProcessModuleIntegrityCheck
|
||||
{
|
||||
public virtual Report Report { get; set; }
|
||||
public int ReportNumber { get; set; }
|
||||
public long ModuleBaseAddress { get; set; }
|
||||
public int ModuleSize { get; set; }
|
||||
public string ModuleName { get; set; }
|
||||
}
|
||||
}
|
|
@ -1,290 +0,0 @@
|
|||
using Google.Protobuf.Reflection;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using MySql.EntityFrameworkCore.Extensions;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Reflection.Emit;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace server.Database.Model
|
||||
{
|
||||
public class ModelContext : DbContext
|
||||
{
|
||||
public DbSet<User> Users { get; set; }
|
||||
public DbSet<HardwareConfiguration> HardwareConfiguration { get; set; }
|
||||
public DbSet<Report> Reports { get; set; }
|
||||
public DbSet<ReportTypeIllegalHandleOperation> ReportTypeIllegalHandleOperation { get; set; }
|
||||
public DbSet<ReportTypeStartAddress> ReportTypeStartAddress { get; set; }
|
||||
public DbSet<ReportTypePageProtection> ReportTypePageProtection { get; set; }
|
||||
public DbSet<ReportTypePatternScan> ReportTypePatternScan { get; set; }
|
||||
public DbSet<ReportTypeNmiCallback> ReportTypeNmiCallback { get; set; }
|
||||
public DbSet<ReportTypeSystemModuleValidation> ReportTypeSystemModuleValidation { get; set; }
|
||||
public DbSet<ReportTypeHiddenSystemThread> ReportTypeHiddenSystemThread { get; set; }
|
||||
public DbSet<ReportTypeAttachProcess> ReportTypeAttachProcess { get; set; }
|
||||
public DbSet<ReportTypeInvalidProcessAllocation> ReportTypeInvalidProcessAllocation { get; set; }
|
||||
public DbSet<ReportTypeProcessModuleIntegrityCheck> ReportTypeProcessModuleIntegrityCheck { get; set; }
|
||||
|
||||
protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
|
||||
{
|
||||
optionsBuilder.UseMySQL("server=localhost;userid=root;password=root;database=ac_db");
|
||||
}
|
||||
|
||||
protected override void OnModelCreating(ModelBuilder modelBuilder)
|
||||
{
|
||||
base.OnModelCreating(modelBuilder);
|
||||
|
||||
modelBuilder.Entity<User>(entity =>
|
||||
{
|
||||
entity.HasKey(e => e.UserId);
|
||||
|
||||
entity.Property(e => e.UserId)
|
||||
.UseMySQLAutoIncrementColumn(entity.Property(e => e.UserId).Metadata.Name);
|
||||
|
||||
entity.Property(e => e.Steam64Id)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.IsBanned)
|
||||
.HasDefaultValue(false);
|
||||
});
|
||||
|
||||
modelBuilder.Entity<HardwareConfiguration>(entity =>
|
||||
{
|
||||
entity.HasKey(e => e.HardwareId);
|
||||
|
||||
entity.Property(e => e.HardwareId)
|
||||
.UseMySQLAutoIncrementColumn(entity.Property(e => e.HardwareId).Metadata.Name);
|
||||
|
||||
entity.Property(e => e.IsBanned)
|
||||
.HasDefaultValue(false);
|
||||
|
||||
entity.Property(e => e.MotherboardSerial)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.DeviceDrive0Serial)
|
||||
.IsRequired();
|
||||
|
||||
entity.HasOne(d => d.User)
|
||||
.WithMany(f => f.HardwareConfigurations);
|
||||
});
|
||||
|
||||
modelBuilder.Entity<Report>(entity =>
|
||||
{
|
||||
entity.HasKey(e => e.ReportId);
|
||||
|
||||
entity.Property(e => e.ReportId)
|
||||
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportId).Metadata.Name);
|
||||
|
||||
entity.HasOne(d => d.User)
|
||||
.WithMany(e => e.Reports);
|
||||
|
||||
entity.Property(e => e.ReportCode)
|
||||
.IsRequired();
|
||||
});
|
||||
|
||||
modelBuilder.Entity<ReportTypeIllegalHandleOperation>(entity =>
|
||||
{
|
||||
entity.HasKey(e => e.ReportNumber);
|
||||
|
||||
entity.Property(e => e.ReportNumber)
|
||||
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
|
||||
|
||||
entity.Property(e => e.IsKernelHandle)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.ProcessId)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.ThreadId)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.DesiredAccess)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.ProcessName)
|
||||
.IsRequired();
|
||||
|
||||
entity.HasOne(d => d.Report)
|
||||
.WithMany(f => f.ReportTypeIllegalHandleOperations);
|
||||
});
|
||||
|
||||
modelBuilder.Entity<ReportTypeStartAddress>(entity =>
|
||||
{
|
||||
entity.HasKey(e => e.ReportNumber);
|
||||
|
||||
entity.Property(e => e.ReportNumber)
|
||||
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
|
||||
|
||||
entity.Property(e => e.ThreadId)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.ThreadStartAddress)
|
||||
.IsRequired();
|
||||
|
||||
entity.HasOne(d => d.Report)
|
||||
.WithMany(f => f.ReportTypeStartAddresses);
|
||||
});
|
||||
|
||||
modelBuilder.Entity<ReportTypePageProtection>(entity =>
|
||||
{
|
||||
entity.HasKey(e => e.ReportNumber);
|
||||
|
||||
entity.Property(e => e.ReportNumber)
|
||||
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
|
||||
|
||||
entity.Property(e => e.AllocationProtection)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.AllocationState)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.AllocationType)
|
||||
.IsRequired();
|
||||
|
||||
entity.HasOne(d => d.Report)
|
||||
.WithMany(f => f.ReportTypePageProtections);
|
||||
});
|
||||
|
||||
modelBuilder.Entity<ReportTypePatternScan>(entity =>
|
||||
{
|
||||
entity.HasKey(e => e.ReportNumber);
|
||||
|
||||
entity.Property(e => e.ReportNumber)
|
||||
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
|
||||
|
||||
entity.Property(e => e.SignatureId)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.Address)
|
||||
.IsRequired();
|
||||
|
||||
entity.HasOne(d => d.Report)
|
||||
.WithMany(f => f.ReportTypePatternScans);
|
||||
});
|
||||
|
||||
modelBuilder.Entity<ReportTypeNmiCallback>(entity =>
|
||||
{
|
||||
entity.HasKey(e => e.ReportNumber);
|
||||
|
||||
entity.Property(e => e.ReportNumber)
|
||||
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
|
||||
|
||||
entity.Property(e => e.WereNmisDisabled)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.KThreadAddress)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.InvalidRip)
|
||||
.IsRequired();
|
||||
|
||||
entity.HasOne(d => d.Report)
|
||||
.WithMany(f => f.ReportTypeNmiCallbacks);
|
||||
});
|
||||
|
||||
modelBuilder.Entity<ReportTypeSystemModuleValidation>(entity =>
|
||||
{
|
||||
entity.HasKey(e => e.ReportNumber);
|
||||
|
||||
entity.Property(e => e.ReportNumber)
|
||||
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
|
||||
|
||||
entity.Property(e => e.ReportType)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.DriverBaseAddress)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.DriverSize)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.ModuleName)
|
||||
.IsRequired();
|
||||
|
||||
entity.HasOne(d => d.Report)
|
||||
.WithMany(f => f.ReportTypeSystemModuleValidations);
|
||||
});
|
||||
|
||||
modelBuilder.Entity<ReportTypeHiddenSystemThread>(entity =>
|
||||
{
|
||||
entity.HasKey(e => e.ReportNumber);
|
||||
|
||||
entity.Property(e => e.ReportNumber)
|
||||
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
|
||||
|
||||
entity.Property(e => e.FoundInKThreadList)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.FoundInPspCidTable)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.ThreadAddress)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.ThreadId)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.ThreadStructure)
|
||||
.IsRequired();
|
||||
|
||||
entity.HasOne(d => d.Report)
|
||||
.WithMany(f => f.ReportTypeHiddenSystemThreads);
|
||||
});
|
||||
|
||||
modelBuilder.Entity<ReportTypeAttachProcess>(entity =>
|
||||
{
|
||||
entity.HasKey(e => e.ReportNumber);
|
||||
|
||||
entity.Property(e => e.ReportNumber)
|
||||
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
|
||||
|
||||
entity.Property(e => e.ThreadId)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.ThreadAddress)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.ThreadAddress)
|
||||
.IsRequired();
|
||||
|
||||
entity.HasOne(d => d.Report)
|
||||
.WithMany(f => f.ReportTypeAttachProcesses);
|
||||
});
|
||||
|
||||
modelBuilder.Entity<ReportTypeInvalidProcessAllocation>(entity =>
|
||||
{
|
||||
entity.HasKey(e => e.ReportNumber);
|
||||
|
||||
entity.Property(e => e.ReportNumber)
|
||||
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
|
||||
|
||||
entity.Property(e => e.ProcessStructure)
|
||||
.IsRequired();
|
||||
|
||||
entity.HasOne(d => d.Report)
|
||||
.WithMany(f => f.ReportTypeInvalidProcessAllocations);
|
||||
});
|
||||
|
||||
modelBuilder.Entity<ReportTypeProcessModuleIntegrityCheck>(entity =>
|
||||
{
|
||||
entity.HasKey(e => e.ReportNumber);
|
||||
|
||||
entity.Property(e => e.ReportNumber)
|
||||
.UseMySQLAutoIncrementColumn(entity.Property(e => e.ReportNumber).Metadata.Name);
|
||||
|
||||
entity.Property(e => e.ModuleBaseAddress)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.ModuleSize)
|
||||
.IsRequired();
|
||||
|
||||
entity.Property(e => e.ModuleName)
|
||||
.IsRequired();
|
||||
|
||||
entity.HasOne(d => d.Report)
|
||||
.WithMany(f => f.ReportTypeProcessModuleIntegrityChecks);
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,89 +0,0 @@
|
|||
using Microsoft.AspNetCore.Mvc.Infrastructure;
|
||||
using Serilog;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Runtime.InteropServices;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
#pragma warning disable CS8600
|
||||
#pragma warning disable CS8603
|
||||
|
||||
namespace server
|
||||
{
|
||||
public class Helper
|
||||
{
|
||||
unsafe public static T BytesToStructure<T>(byte[] buffer, int offset)
|
||||
{
|
||||
int typeSize = Marshal.SizeOf(typeof(T));
|
||||
|
||||
if (buffer.Length == 0)
|
||||
return default(T);
|
||||
|
||||
IntPtr ptr = Marshal.AllocHGlobal(typeSize);
|
||||
|
||||
try
|
||||
{
|
||||
Marshal.Copy(buffer, offset, ptr, typeSize);
|
||||
T result = (T)Marshal.PtrToStructure(ptr, typeof(T));
|
||||
Marshal.FreeHGlobal(ptr);
|
||||
return result;
|
||||
}
|
||||
catch(Exception ex)
|
||||
{
|
||||
Log.Information(ex.Message);
|
||||
return default(T);
|
||||
}
|
||||
}
|
||||
|
||||
unsafe public static byte[] StructureToBytes<T>(ref T structure)
|
||||
{
|
||||
int typeSize = Marshal.SizeOf(typeof(T));
|
||||
byte[] buffer = new byte[typeSize];
|
||||
IntPtr ptr = Marshal.AllocHGlobal(typeSize);
|
||||
|
||||
try
|
||||
{
|
||||
Marshal.StructureToPtr(structure, ptr, true);
|
||||
Marshal.Copy(ptr, buffer, 0, typeSize);
|
||||
Marshal.FreeHGlobal(ptr);
|
||||
return buffer;
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
Log.Information(ex.Message);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
unsafe public static string FixedUnsafeBufferToSafeString(ref byte[] buffer, int bufferSize, int offset, int stringSize)
|
||||
{
|
||||
if (stringSize > bufferSize)
|
||||
return null;
|
||||
|
||||
char[] stringBuffer = new char[stringSize];
|
||||
|
||||
for (int i = 0; i < stringSize; i++)
|
||||
{
|
||||
stringBuffer[i] = (char)buffer[offset + i];
|
||||
}
|
||||
|
||||
return new string(stringBuffer);
|
||||
}
|
||||
|
||||
unsafe public static void CopyMemory(ref byte[] source, ref byte[] destination, int size, int offset)
|
||||
{
|
||||
if (size > destination.Length)
|
||||
return;
|
||||
|
||||
for (int i=0; i < size; i++)
|
||||
{
|
||||
destination[i] = source[i + offset];
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#pragma warning restore CS8600
|
||||
#pragma warning restore CS8603
|
|
@ -1,607 +0,0 @@
|
|||
using Serilog;
|
||||
using server.Database.Entity;
|
||||
using server.Database.Entity.Report;
|
||||
using server.Database.Entity.Report.Types;
|
||||
using server.Database.Model;
|
||||
using server.Types.ClientReport;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Drawing.Printing;
|
||||
using System.Linq;
|
||||
using System.Runtime.InteropServices;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
using static server.Message.MessageHandler;
|
||||
|
||||
namespace server.Message
|
||||
{
|
||||
public class ClientReport : IClientMessage
|
||||
{
|
||||
private readonly ILogger _logger;
|
||||
private byte[] _buffer;
|
||||
private int _bufferSize;
|
||||
private int _bytesRead;
|
||||
private PACKET_HEADER _packetHeader;
|
||||
CLIENT_REPORT_PACKET_HEADER _currentReportHeader;
|
||||
private CLIENT_REPORT_PACKET_RESPONSE _responsePacket;
|
||||
|
||||
private enum CLIENT_SEND_REPORT_ID
|
||||
{
|
||||
PROCESS_MODULE_VERIFICATION = 10,
|
||||
START_ADDRESS_VERIFICATION = 20,
|
||||
PAGE_PROTECTION_VERIFICATION = 30,
|
||||
PATTERN_SCAN_FAILURE = 40,
|
||||
NMI_CALLBACK_FAILURE = 50,
|
||||
MODULE_VALIDATION_FAILURE = 60,
|
||||
ILLEGAL_HANDLE_OPERATION = 70,
|
||||
INVALID_PROCESS_ALLOCATION = 80,
|
||||
HIDDEN_SYSTEM_THREAD = 90,
|
||||
ILLEGAL_ATTACH_PROCESS = 100
|
||||
}
|
||||
|
||||
private struct CLIENT_REPORT_PACKET_HEADER
|
||||
{
|
||||
public int reportCode;
|
||||
}
|
||||
|
||||
private struct CLIENT_REPORT_PACKET_RESPONSE
|
||||
{
|
||||
public int success;
|
||||
}
|
||||
|
||||
public ClientReport(ILogger logger, byte[] buffer, int bufferSize, PACKET_HEADER packetHeader)
|
||||
{
|
||||
this._logger = logger;
|
||||
this._buffer = buffer;
|
||||
this._bufferSize = bufferSize;
|
||||
this._packetHeader = packetHeader;
|
||||
this._bytesRead = 0;
|
||||
this._responsePacket = new CLIENT_REPORT_PACKET_RESPONSE();
|
||||
this.GetPacketHeader();
|
||||
|
||||
_logger.Information("buffer size: {0}", bufferSize);
|
||||
}
|
||||
|
||||
unsafe public void GetPacketHeader()
|
||||
{
|
||||
this._currentReportHeader =
|
||||
Helper.BytesToStructure<CLIENT_REPORT_PACKET_HEADER>(this._buffer, Marshal.SizeOf(typeof(PACKET_HEADER)) + this._bytesRead);
|
||||
}
|
||||
|
||||
public byte[] GetResponsePacket()
|
||||
{
|
||||
return Helper.StructureToBytes<CLIENT_REPORT_PACKET_RESPONSE>(ref this._responsePacket);
|
||||
}
|
||||
|
||||
private void SetResponsePacketData(int success)
|
||||
{
|
||||
this._responsePacket.success = success;
|
||||
}
|
||||
|
||||
unsafe public bool HandleMessage()
|
||||
{
|
||||
if (this._currentReportHeader.reportCode == 0)
|
||||
{
|
||||
_logger.Error("Failed to get the report packet code");
|
||||
SetResponsePacketData(1);
|
||||
return false;
|
||||
}
|
||||
|
||||
while (this._bytesRead < this._bufferSize)
|
||||
{
|
||||
this.GetPacketHeader();
|
||||
|
||||
_logger.Information("Report code: {0}", this._currentReportHeader.reportCode);
|
||||
|
||||
switch (this._currentReportHeader.reportCode)
|
||||
{
|
||||
case (int)CLIENT_SEND_REPORT_ID.PROCESS_MODULE_VERIFICATION:
|
||||
_logger.Information("REPORT CODE: MODULE_VERIFICATION");
|
||||
break;
|
||||
case (int)CLIENT_SEND_REPORT_ID.START_ADDRESS_VERIFICATION:
|
||||
|
||||
_logger.Information("REPORT CODE: START_ADDRESS_VERIFICATION");
|
||||
|
||||
HandleReportStartAddressVerification(this._bytesRead);
|
||||
|
||||
this._bytesRead += Marshal.SizeOf(typeof(PROCESS_THREAD_START_FAILURE)) +
|
||||
Marshal.SizeOf(typeof(PACKET_HEADER));
|
||||
|
||||
break;
|
||||
|
||||
case (int)CLIENT_SEND_REPORT_ID.PAGE_PROTECTION_VERIFICATION:
|
||||
|
||||
_logger.Information("REPORT CODE: PAGE_PROTECTION_VERIFICATION");
|
||||
|
||||
HandleReportPageProtection(this._bytesRead);
|
||||
|
||||
this._bytesRead += Marshal.SizeOf(typeof(PAGE_PROTECTION_FAILURE)) +
|
||||
Marshal.SizeOf(typeof(PACKET_HEADER));
|
||||
|
||||
break;
|
||||
|
||||
case (int)CLIENT_SEND_REPORT_ID.PATTERN_SCAN_FAILURE:
|
||||
|
||||
_logger.Information("REPORT_PATTERN_SCAN_FAILURE");
|
||||
|
||||
HandleReportPatternScan(this._bytesRead);
|
||||
|
||||
this._bytesRead += Marshal.SizeOf(typeof(PATTERN_SCAN_FAILURE)) +
|
||||
Marshal.SizeOf(typeof(PACKET_HEADER));
|
||||
|
||||
|
||||
break;
|
||||
|
||||
case (int)CLIENT_SEND_REPORT_ID.NMI_CALLBACK_FAILURE:
|
||||
|
||||
_logger.Information("REPORT_NMI_CALLBACK_FAILURE");
|
||||
|
||||
HandleReportNmiCallback(this._bytesRead);
|
||||
|
||||
this._bytesRead += Marshal.SizeOf(typeof(NMI_CALLBACK_FAILURE)) +
|
||||
Marshal.SizeOf(typeof(PACKET_HEADER));
|
||||
|
||||
|
||||
break;
|
||||
|
||||
case (int)CLIENT_SEND_REPORT_ID.MODULE_VALIDATION_FAILURE:
|
||||
|
||||
_logger.Information("REPORT_MODULE_VALIDATION_FAILURE");
|
||||
|
||||
HandleReportSystemModuleValidation(this._bytesRead);
|
||||
|
||||
this._bytesRead += Marshal.SizeOf(typeof(MODULE_VALIDATION_FAILURE)) +
|
||||
Marshal.SizeOf(typeof(PACKET_HEADER));
|
||||
|
||||
break;
|
||||
|
||||
case (int)CLIENT_SEND_REPORT_ID.ILLEGAL_HANDLE_OPERATION:
|
||||
|
||||
_logger.Information("REPORT_ILLEGAL_HANDLE_OPERATION");
|
||||
|
||||
HandleReportIllegalHandleOperation(this._bytesRead);
|
||||
|
||||
this._bytesRead += Marshal.SizeOf(typeof(OPEN_HANDLE_FAILURE)) +
|
||||
Marshal.SizeOf(typeof(PACKET_HEADER));
|
||||
|
||||
break;
|
||||
|
||||
case (int)CLIENT_SEND_REPORT_ID.INVALID_PROCESS_ALLOCATION:
|
||||
|
||||
_logger.Information("REPORT_INVALID_PROCESS_ALLOCATION");
|
||||
|
||||
HandleReportInvalidProcessAllocation(this._bytesRead);
|
||||
|
||||
this._bytesRead += Marshal.SizeOf(typeof(INVALID_PROCESS_ALLOCATION_FAILURE)) +
|
||||
Marshal.SizeOf(typeof(PACKET_HEADER));
|
||||
|
||||
break;
|
||||
|
||||
case (int)CLIENT_SEND_REPORT_ID.HIDDEN_SYSTEM_THREAD:
|
||||
|
||||
_logger.Information("REPORT_HIDDEN_SYSTEM_THREAD");
|
||||
|
||||
HandleReportHiddenSystemThread(this._bytesRead);
|
||||
|
||||
this._bytesRead += Marshal.SizeOf(typeof(HIDDEN_SYSTEM_THREAD_FAILURE)) +
|
||||
Marshal.SizeOf(typeof(PACKET_HEADER));
|
||||
|
||||
break;
|
||||
|
||||
case (int)CLIENT_SEND_REPORT_ID.ILLEGAL_ATTACH_PROCESS:
|
||||
|
||||
_logger.Information("REPORT_ILLEGAL_ATTACH_PROCESS");
|
||||
|
||||
HandleReportAttachProcess(this._bytesRead);
|
||||
|
||||
this._bytesRead += Marshal.SizeOf(typeof(ATTACH_PROCESS_FAILURE)) +
|
||||
Marshal.SizeOf(typeof(PACKET_HEADER));
|
||||
|
||||
|
||||
break;
|
||||
|
||||
default:
|
||||
_logger.Information("Report code not handled yet");
|
||||
SetResponsePacketData(0);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
SetResponsePacketData(1);
|
||||
return true;
|
||||
}
|
||||
|
||||
unsafe public void HandleReportIllegalHandleOperation(int offset)
|
||||
{
|
||||
OPEN_HANDLE_FAILURE report =
|
||||
Helper.BytesToStructure<OPEN_HANDLE_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
|
||||
|
||||
if (report.IsKernelHandle == 0 &&
|
||||
report.ProcessId == 0 &&
|
||||
report.DesiredAccess == 0)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
_logger.Information("ProcessName: {0}, ProcessID: {1:x}, ThreadId: {2:x}, DesiredAccess{3:x}",
|
||||
report.ProcessName,
|
||||
report.ProcessId,
|
||||
report.ThreadId,
|
||||
report.DesiredAccess);
|
||||
|
||||
using (var context = new ModelContext())
|
||||
{
|
||||
/*
|
||||
* This doesn't seem to be the most optimal way to do this, but it works..
|
||||
* Maybe look into it further at somepoint..
|
||||
*/
|
||||
UserEntity user = new UserEntity(context);
|
||||
|
||||
var newReport = new ReportEntity(context)
|
||||
{
|
||||
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
|
||||
ReportCode = (int)CLIENT_SEND_REPORT_ID.ILLEGAL_HANDLE_OPERATION
|
||||
};
|
||||
|
||||
newReport.InsertReport();
|
||||
|
||||
var reportTypeIllegalHandleOperation = new ReportTypeIllegalHandleOperationEntity(context)
|
||||
{
|
||||
Report = newReport,
|
||||
IsKernelHandle = report.IsKernelHandle,
|
||||
ProcessId = report.ProcessId,
|
||||
ThreadId = report.ThreadId,
|
||||
DesiredAccess = report.DesiredAccess,
|
||||
ProcessName = report.ProcessName
|
||||
};
|
||||
|
||||
reportTypeIllegalHandleOperation.InsertReport();
|
||||
|
||||
context.SaveChanges();
|
||||
}
|
||||
}
|
||||
|
||||
unsafe public void HandleReportStartAddressVerification(int offset)
|
||||
{
|
||||
PROCESS_THREAD_START_FAILURE report =
|
||||
Helper.BytesToStructure<PROCESS_THREAD_START_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
|
||||
|
||||
if (report.ThreadId == 0 &&
|
||||
report.StartAddress == 0)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
_logger.Information("ThreadId: {0}, ThreadStartAddress: {1:x}",
|
||||
report.ThreadId,
|
||||
report.StartAddress);
|
||||
|
||||
using (var context = new ModelContext())
|
||||
{
|
||||
UserEntity user = new UserEntity(context);
|
||||
|
||||
var newReport = new ReportEntity(context)
|
||||
{
|
||||
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
|
||||
ReportCode = (int)CLIENT_SEND_REPORT_ID.START_ADDRESS_VERIFICATION
|
||||
};
|
||||
|
||||
newReport.InsertReport();
|
||||
|
||||
var reportTypeStartAddress = new StartAddressEntity(context)
|
||||
{
|
||||
Report = newReport,
|
||||
ThreadId = report.ThreadId,
|
||||
ThreadStartAddress = report.StartAddress
|
||||
};
|
||||
|
||||
reportTypeStartAddress.InsertReport();
|
||||
|
||||
context.SaveChanges();
|
||||
}
|
||||
}
|
||||
|
||||
unsafe public void HandleReportPageProtection(int offset)
|
||||
{
|
||||
PAGE_PROTECTION_FAILURE report =
|
||||
Helper.BytesToStructure<PAGE_PROTECTION_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
|
||||
|
||||
if (report.AllocationProtection == 0 &&
|
||||
report.PageBaseAddress == 0 &&
|
||||
report.AllocationState == 0 &&
|
||||
report.AllocationType == 0 )
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
_logger.Information("Page base address: {0:x}, allocation protection: {1:x}, allocation state: {2:x}, allocationtype: {3:x}",
|
||||
report.PageBaseAddress,
|
||||
report.AllocationProtection,
|
||||
report.AllocationState,
|
||||
report.AllocationType);
|
||||
|
||||
using (var context = new ModelContext())
|
||||
{
|
||||
UserEntity user = new UserEntity(context);
|
||||
|
||||
var newReport = new ReportEntity(context)
|
||||
{
|
||||
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
|
||||
ReportCode = (int)CLIENT_SEND_REPORT_ID.PAGE_PROTECTION_VERIFICATION
|
||||
};
|
||||
|
||||
newReport.InsertReport();
|
||||
|
||||
var reportTypePageProtection = new PageProtectionEntity(context)
|
||||
{
|
||||
Report = newReport,
|
||||
PageBaseAddress = report.PageBaseAddress,
|
||||
AllocationProtection = report.AllocationProtection,
|
||||
AllocationState = report.AllocationState,
|
||||
AllocationType = report.AllocationType
|
||||
};
|
||||
|
||||
reportTypePageProtection.InsertReport();
|
||||
|
||||
context.SaveChanges();
|
||||
}
|
||||
}
|
||||
|
||||
unsafe public void HandleReportPatternScan(int offset)
|
||||
{
|
||||
PATTERN_SCAN_FAILURE report =
|
||||
Helper.BytesToStructure<PATTERN_SCAN_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
|
||||
|
||||
if (report.Address == 0 &&
|
||||
report.SignatureId == 0)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
_logger.Information("signature id: {0}, address: {1:x}",
|
||||
report.SignatureId,
|
||||
report.Address);
|
||||
|
||||
using (var context = new ModelContext())
|
||||
{
|
||||
UserEntity user = new UserEntity(context);
|
||||
|
||||
var newReport = new ReportEntity(context)
|
||||
{
|
||||
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
|
||||
ReportCode = (int)CLIENT_SEND_REPORT_ID.PATTERN_SCAN_FAILURE
|
||||
};
|
||||
|
||||
newReport.InsertReport();
|
||||
|
||||
var reportTypePatternScan = new PatternScanEntity(context)
|
||||
{
|
||||
Report = newReport,
|
||||
SignatureId = report.SignatureId,
|
||||
Address = report.Address
|
||||
};
|
||||
|
||||
reportTypePatternScan.InsertReport();
|
||||
|
||||
context.SaveChanges();
|
||||
}
|
||||
}
|
||||
|
||||
unsafe public void HandleReportNmiCallback(int offset)
|
||||
{
|
||||
NMI_CALLBACK_FAILURE report =
|
||||
Helper.BytesToStructure<NMI_CALLBACK_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
|
||||
|
||||
if (report.InvalidRip == 0 &&
|
||||
report.WereNmisDisabled == 0 &&
|
||||
report.KThreadAddress == 0)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
_logger.Information("were nmis disabled: {0}, kthread: {1:x}, invalid rip: {2:x}",
|
||||
report.WereNmisDisabled,
|
||||
report.KThreadAddress,
|
||||
report.InvalidRip);
|
||||
|
||||
using (var context = new ModelContext())
|
||||
{
|
||||
UserEntity user = new UserEntity(context);
|
||||
|
||||
var newReport = new ReportEntity(context)
|
||||
{
|
||||
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
|
||||
ReportCode = (int)CLIENT_SEND_REPORT_ID.NMI_CALLBACK_FAILURE
|
||||
};
|
||||
|
||||
newReport.InsertReport();
|
||||
|
||||
var reportTypeNmiCallback = new NmiCallbackEntity(context)
|
||||
{
|
||||
Report = newReport,
|
||||
WereNmisDisabled = report.WereNmisDisabled,
|
||||
KThreadAddress = report.KThreadAddress,
|
||||
InvalidRip = report.InvalidRip
|
||||
};
|
||||
|
||||
reportTypeNmiCallback.InsertReport();
|
||||
|
||||
context.SaveChanges();
|
||||
}
|
||||
}
|
||||
|
||||
unsafe public void HandleReportSystemModuleValidation(int offset)
|
||||
{
|
||||
MODULE_VALIDATION_FAILURE report =
|
||||
Helper.BytesToStructure<MODULE_VALIDATION_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
|
||||
|
||||
if (report.ReportType == 0 &&
|
||||
report.ReportCode == 0 &&
|
||||
report.DriverSize == 0 &&
|
||||
report.DriverBaseAddress == 0)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
_logger.Information("report type: {0}, driver base: {1:x}, size: {2}, module name: {3}",
|
||||
report.ReportType,
|
||||
report.DriverBaseAddress,
|
||||
report.DriverSize,
|
||||
report.ModuleName);
|
||||
|
||||
using (var context = new ModelContext())
|
||||
{
|
||||
UserEntity user = new UserEntity(context);
|
||||
|
||||
var newReport = new ReportEntity(context)
|
||||
{
|
||||
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
|
||||
ReportCode = (int)CLIENT_SEND_REPORT_ID.MODULE_VALIDATION_FAILURE
|
||||
};
|
||||
|
||||
newReport.InsertReport();
|
||||
|
||||
var reportTypeSystemModuleValidation = new SystemModuleValidationEntity(context)
|
||||
{
|
||||
Report = newReport,
|
||||
ReportType = report.ReportType,
|
||||
DriverBaseAddress = report.DriverBaseAddress,
|
||||
DriverSize = report.DriverSize,
|
||||
ModuleName = report.ModuleName
|
||||
};
|
||||
|
||||
reportTypeSystemModuleValidation.InsertReport();
|
||||
|
||||
context.SaveChanges();
|
||||
}
|
||||
}
|
||||
|
||||
unsafe public void HandleReportHiddenSystemThread(int offset)
|
||||
{
|
||||
HIDDEN_SYSTEM_THREAD_FAILURE report =
|
||||
Helper.BytesToStructure<HIDDEN_SYSTEM_THREAD_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
|
||||
|
||||
/* todo: some weird reference bug here */
|
||||
|
||||
if (report.FoundInPspCidTable == 0 &&
|
||||
report.FoundInKThreadList == 0 &&
|
||||
report.ThreadId == 0 &&
|
||||
report.ThreadAddress == 0)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
_logger.Information("found in kthread list: {0}, found in pspcidtable: {1}, thread address: {2:x}, thread id: {3:x}",
|
||||
report.FoundInKThreadList,
|
||||
report.FoundInPspCidTable,
|
||||
report.ThreadAddress,
|
||||
report.ThreadId);
|
||||
|
||||
using (var context = new ModelContext())
|
||||
{
|
||||
UserEntity user = new UserEntity(context);
|
||||
|
||||
var newReport = new ReportEntity(context)
|
||||
{
|
||||
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
|
||||
ReportCode = (int)CLIENT_SEND_REPORT_ID.HIDDEN_SYSTEM_THREAD
|
||||
};
|
||||
|
||||
newReport.InsertReport();
|
||||
|
||||
var reportTypeHiddenSystemThread = new HiddenSystemThreadEntity(context)
|
||||
{
|
||||
Report = newReport,
|
||||
FoundInKThreadList = report.FoundInKThreadList,
|
||||
FoundInPspCidTable = report.FoundInPspCidTable,
|
||||
ThreadAddress = report.ThreadAddress,
|
||||
ThreadId = report.ThreadId,
|
||||
ThreadStructure = report.ThreadStructure
|
||||
};
|
||||
|
||||
reportTypeHiddenSystemThread.InsertReport();
|
||||
|
||||
context.SaveChanges();
|
||||
}
|
||||
}
|
||||
|
||||
unsafe public void HandleReportAttachProcess(int offset)
|
||||
{
|
||||
ATTACH_PROCESS_FAILURE report =
|
||||
Helper.BytesToStructure<ATTACH_PROCESS_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
|
||||
|
||||
if (report.ThreadAddress == 0 &&
|
||||
report.ThreadId == 0)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
_logger.Information("thread id: {0:x}, thread address: {1:x}",
|
||||
report.ThreadId,
|
||||
report.ThreadAddress);
|
||||
|
||||
using (var context = new ModelContext())
|
||||
{
|
||||
UserEntity user = new UserEntity(context);
|
||||
|
||||
var newReport = new ReportEntity(context)
|
||||
{
|
||||
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
|
||||
ReportCode = (int)CLIENT_SEND_REPORT_ID.ILLEGAL_ATTACH_PROCESS
|
||||
};
|
||||
|
||||
newReport.InsertReport();
|
||||
|
||||
var reportTypeAttachProcess = new AttachProcessEntity(context)
|
||||
{
|
||||
Report = newReport,
|
||||
ThreadId = report.ThreadId,
|
||||
ThreadAddress = report.ThreadAddress,
|
||||
};
|
||||
|
||||
reportTypeAttachProcess.InsertReport();
|
||||
|
||||
context.SaveChanges();
|
||||
}
|
||||
}
|
||||
|
||||
unsafe public void HandleReportInvalidProcessAllocation(int offset)
|
||||
{
|
||||
INVALID_PROCESS_ALLOCATION_FAILURE report =
|
||||
Helper.BytesToStructure<INVALID_PROCESS_ALLOCATION_FAILURE>(_buffer, sizeof(PACKET_HEADER) + offset);
|
||||
|
||||
if (report.Equals(null)) { return; }
|
||||
|
||||
if (report.ReportCode == 0 &&
|
||||
report.ProcessStructure.Length == 0)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
_logger.Information("received invalid process allocation structure");
|
||||
|
||||
using (var context = new ModelContext())
|
||||
{
|
||||
UserEntity user = new UserEntity(context);
|
||||
|
||||
var newReport = new ReportEntity(context)
|
||||
{
|
||||
User = user.GetUserBySteamId(this._packetHeader.steam64_id),
|
||||
ReportCode = (int)CLIENT_SEND_REPORT_ID.INVALID_PROCESS_ALLOCATION
|
||||
};
|
||||
|
||||
newReport.InsertReport();
|
||||
|
||||
var reportTypeInvalidProcessAllocation = new InvalidProcessAllocationEntity(context)
|
||||
{
|
||||
Report = newReport,
|
||||
ProcessStructure = report.ProcessStructure
|
||||
};
|
||||
|
||||
reportTypeInvalidProcessAllocation.InsertReport();
|
||||
|
||||
context.SaveChanges();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,53 +0,0 @@
|
|||
using Serilog;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Runtime.InteropServices;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
using static server.Message.MessageHandler;
|
||||
|
||||
namespace server.Message
|
||||
{
|
||||
public class ClientRequest : IClientMessage
|
||||
{
|
||||
private readonly ILogger _logger;
|
||||
private byte[] _buffer;
|
||||
private int _bufferSize;
|
||||
private CLIENT_REQUEST_HEADER _header;
|
||||
|
||||
private enum CLIENT_REQUEST_ID
|
||||
{
|
||||
BLACKLISTED_SIGNATURES = 10,
|
||||
WINDOWS_VERSION_STRUCTURE_OFFSETS = 20
|
||||
}
|
||||
|
||||
private struct CLIENT_REQUEST_HEADER
|
||||
{
|
||||
public int RequestId;
|
||||
}
|
||||
|
||||
public ClientRequest(ILogger logger, ref byte[] buffer, int bufferSize)
|
||||
{
|
||||
this._logger = logger;
|
||||
this._buffer = buffer;
|
||||
this._bufferSize = bufferSize;
|
||||
}
|
||||
|
||||
public bool HandleMessage()
|
||||
{
|
||||
throw new NotImplementedException();
|
||||
}
|
||||
|
||||
public unsafe void GetPacketHeader()
|
||||
{
|
||||
this._header =
|
||||
Helper.BytesToStructure<CLIENT_REQUEST_HEADER>(this._buffer, Marshal.SizeOf(typeof(PACKET_HEADER)));
|
||||
}
|
||||
|
||||
public byte[] GetResponsePacket()
|
||||
{
|
||||
throw new NotImplementedException();
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,157 +0,0 @@
|
|||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Reflection.PortableExecutable;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
using Serilog;
|
||||
using server.Database.Entity;
|
||||
using server.Database.Model;
|
||||
using server.Types.ClientSend;
|
||||
using static server.Message.MessageHandler;
|
||||
|
||||
namespace server.Message
|
||||
{
|
||||
public class ClientSend : IClientMessage
|
||||
{
|
||||
private readonly ILogger _logger;
|
||||
private byte[] _buffer;
|
||||
private int _bufferSize;
|
||||
private int _sendId;
|
||||
private PACKET_HEADER _packetHeader;
|
||||
private CLIENT_SEND_PACKET_HEADER _clientSendPacketHeader;
|
||||
private CLIENT_SEND_PACKET_RESPONSE _responsePacket;
|
||||
|
||||
private enum CLIENT_SEND_REQUEST_ID
|
||||
{
|
||||
SYSTEM_INFORMATION = 10
|
||||
}
|
||||
|
||||
private struct CLIENT_SEND_PACKET_HEADER
|
||||
{
|
||||
public int RequestId;
|
||||
public int PacketSize;
|
||||
};
|
||||
|
||||
private struct CLIENT_SEND_PACKET_RESPONSE
|
||||
{
|
||||
public int RequestId;
|
||||
public int CanUserProceed;
|
||||
public int reason;
|
||||
}
|
||||
|
||||
public ClientSend(ILogger logger, ref byte[] buffer, int bufferSize, PACKET_HEADER packetHeader)
|
||||
{
|
||||
this._logger = logger;
|
||||
this._buffer = buffer;
|
||||
this._bufferSize = bufferSize;
|
||||
this._packetHeader = packetHeader;
|
||||
this._responsePacket = new CLIENT_SEND_PACKET_RESPONSE();
|
||||
this.GetPacketHeader();
|
||||
}
|
||||
|
||||
unsafe public void GetPacketHeader()
|
||||
{
|
||||
this._clientSendPacketHeader =
|
||||
Helper.BytesToStructure<CLIENT_SEND_PACKET_HEADER>(_buffer, sizeof(PACKET_HEADER));
|
||||
}
|
||||
|
||||
public byte[] GetResponsePacket()
|
||||
{
|
||||
return Helper.StructureToBytes<CLIENT_SEND_PACKET_RESPONSE>(ref this._responsePacket);
|
||||
}
|
||||
|
||||
public bool HandleMessage()
|
||||
{
|
||||
if (this._clientSendPacketHeader.RequestId == 0)
|
||||
{
|
||||
_logger.Error("Failed to get the client send report code");
|
||||
return false;
|
||||
}
|
||||
|
||||
switch (this._clientSendPacketHeader.RequestId)
|
||||
{
|
||||
case (int)CLIENT_SEND_REQUEST_ID.SYSTEM_INFORMATION:
|
||||
HandleClientSendHardwareInformation(this._clientSendPacketHeader);
|
||||
break;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
unsafe private void HandleClientSendHardwareInformation(CLIENT_SEND_PACKET_HEADER sendPacketHeader)
|
||||
{
|
||||
_logger.Information("Handling client send hardware information");
|
||||
|
||||
PACKET_CLIENT_HARDWARE_INFORMATION info =
|
||||
Helper.BytesToStructure<PACKET_CLIENT_HARDWARE_INFORMATION>(
|
||||
_buffer, sizeof(PACKET_HEADER) + sizeof(CLIENT_SEND_PACKET_HEADER));
|
||||
|
||||
_logger.Information("SteamId: {0}, Mobo Serial: {1}, drive serial: {2}",
|
||||
this._packetHeader.steam64_id,
|
||||
info.MotherboardSerialNumber,
|
||||
info.DeviceDriver0Serial);
|
||||
|
||||
using (var context = new ModelContext())
|
||||
{
|
||||
context.Database.EnsureCreated();
|
||||
|
||||
var user = new UserEntity(context)
|
||||
{
|
||||
Steam64Id = this._packetHeader.steam64_id
|
||||
};
|
||||
|
||||
var hardwareConfiguration = new HardwareConfigurationEntity(context)
|
||||
{
|
||||
DeviceDrive0Serial = info.DeviceDriver0Serial,
|
||||
MotherboardSerial = info.MotherboardSerialNumber,
|
||||
};
|
||||
|
||||
if (user.CheckIfUserExists())
|
||||
{
|
||||
if (user.CheckIfUserIsBanned())
|
||||
{
|
||||
_logger.Information("User is banned, updating response packet to halt client.");
|
||||
SetResponsePacketData(0, sendPacketHeader.RequestId, (int)USER_BAN_REASONS.USER_BAN);
|
||||
return;
|
||||
}
|
||||
|
||||
hardwareConfiguration.User = user.GetUserBySteamId(this._packetHeader.steam64_id);
|
||||
}
|
||||
else
|
||||
{
|
||||
_logger.Information("User does not exist in database, creating new user.");
|
||||
user.InsertUser();
|
||||
hardwareConfiguration.User = user;
|
||||
}
|
||||
|
||||
if (hardwareConfiguration.CheckIfHardwareIsBanned())
|
||||
{
|
||||
_logger.Information("User is hardware banned, updating response packet to halt client.");
|
||||
SetResponsePacketData(0, sendPacketHeader.RequestId, (int)USER_BAN_REASONS.HARDWARE_BAN);
|
||||
return;
|
||||
}
|
||||
|
||||
if (user.CheckIfUsersHardwareExists())
|
||||
{
|
||||
_logger.Information("Users hardware already references the user.");
|
||||
SetResponsePacketData(1, sendPacketHeader.RequestId, 0);
|
||||
return;
|
||||
}
|
||||
|
||||
_logger.Information("Users hardware does not existing, inserting hardware.");
|
||||
hardwareConfiguration.InsertHardwareConfiguration();
|
||||
SetResponsePacketData(1, sendPacketHeader.RequestId, 0);
|
||||
|
||||
context.SaveChanges();
|
||||
}
|
||||
}
|
||||
|
||||
private void SetResponsePacketData(int canUserProceed, int requestId, int reason)
|
||||
{
|
||||
this._responsePacket.CanUserProceed = canUserProceed;
|
||||
this._responsePacket.RequestId = requestId;
|
||||
this._responsePacket.reason = reason;
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,28 +0,0 @@
|
|||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace server.Message
|
||||
{
|
||||
public interface IClientMessage
|
||||
{
|
||||
/// <summary>
|
||||
/// Implements a function that returns the packet header for the type of client
|
||||
/// message it is handling. Is an unsafe function because we are taking the
|
||||
/// size of struct which makes c# unhappy.
|
||||
/// </summary>
|
||||
unsafe void GetPacketHeader();
|
||||
/// <summary>
|
||||
/// Function which implements the core logic to handle a message received from
|
||||
/// the client. Should take care of all major actions when handling the message.
|
||||
/// </summary>
|
||||
bool HandleMessage();
|
||||
/// <summary>
|
||||
/// Function that returns the response packet in the form of a byte array.
|
||||
/// </summary>
|
||||
byte[] GetResponsePacket();
|
||||
|
||||
}
|
||||
}
|
|
@ -1,108 +0,0 @@
|
|||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Reflection.Metadata.Ecma335;
|
||||
using System.Runtime.CompilerServices;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
using Serilog;
|
||||
using System.Net;
|
||||
using System.Net.Sockets;
|
||||
using server.Types.ClientReport;
|
||||
using server.Types.ClientSend;
|
||||
using System.Runtime.InteropServices;
|
||||
using server.Database.Model;
|
||||
using server.Database.Entity;
|
||||
using Org.BouncyCastle.Asn1.BC;
|
||||
using Org.BouncyCastle.Asn1.Ocsp;
|
||||
|
||||
namespace server.Message
|
||||
{
|
||||
public class MessageHandler
|
||||
{
|
||||
private byte[] _buffer;
|
||||
private int _bufferSize;
|
||||
private ILogger _logger;
|
||||
private PACKET_HEADER _header;
|
||||
private NetworkStream _networkStream;
|
||||
private TcpClient _tcpClient;
|
||||
|
||||
private enum MESSAGE_TYPE
|
||||
{
|
||||
MESSAGE_TYPE_CLIENT_REPORT = 1,
|
||||
MESSAGE_TYPE_CLIENT_SEND = 2,
|
||||
MESSAGE_TYPE_CLIENT_REQUEST = 3
|
||||
}
|
||||
|
||||
public struct PACKET_HEADER
|
||||
{
|
||||
public int message_type;
|
||||
public ulong steam64_id;
|
||||
};
|
||||
|
||||
private struct PACKET_REQUEST_HEADER
|
||||
{
|
||||
public int RequestId;
|
||||
}
|
||||
|
||||
public MessageHandler(TcpClient client, byte[] buffer, int bufferSize, ILogger logger)
|
||||
{
|
||||
_tcpClient = client;
|
||||
_networkStream = client.GetStream();
|
||||
_buffer = buffer;
|
||||
_bufferSize = bufferSize;
|
||||
_logger = logger;
|
||||
_header = GetMessageHeader();
|
||||
|
||||
switch (_header.message_type)
|
||||
{
|
||||
case (int)MESSAGE_TYPE.MESSAGE_TYPE_CLIENT_REPORT:
|
||||
HandleClientSendReport();
|
||||
break;
|
||||
case (int)MESSAGE_TYPE.MESSAGE_TYPE_CLIENT_SEND:
|
||||
HandleClientSendMessage();
|
||||
break;
|
||||
default:
|
||||
_logger.Information("This message type is not accepted at the moment.");
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
private void HandleClientSendReport()
|
||||
{
|
||||
ClientReport report = new ClientReport(_logger, _buffer, _bufferSize, _header);
|
||||
|
||||
if (report.HandleMessage())
|
||||
{
|
||||
byte[] reponsePacket = report.GetResponsePacket();
|
||||
this.SendResponsePacketToClient(reponsePacket);
|
||||
return;
|
||||
}
|
||||
|
||||
_logger.Warning("Failed to handle client sent report");
|
||||
}
|
||||
|
||||
private void HandleClientSendMessage()
|
||||
{
|
||||
ClientSend send = new ClientSend(_logger, ref _buffer, _bufferSize, _header);
|
||||
|
||||
if (send.HandleMessage())
|
||||
{
|
||||
byte[] responsePacket = send.GetResponsePacket();
|
||||
this.SendResponsePacketToClient(responsePacket);
|
||||
return;
|
||||
}
|
||||
|
||||
_logger.Warning("Failed to handle client send message");
|
||||
}
|
||||
private PACKET_HEADER GetMessageHeader()
|
||||
{
|
||||
return Helper.BytesToStructure<PACKET_HEADER>(_buffer, 0);
|
||||
}
|
||||
|
||||
private void SendResponsePacketToClient(byte[] responsePacket)
|
||||
{
|
||||
_networkStream.Write(responsePacket, 0, responsePacket.Length);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,25 +0,0 @@
|
|||
using Serilog;
|
||||
using server.Database;
|
||||
using server.Database.Entity;
|
||||
using server.Database.Model;
|
||||
using System.Configuration;
|
||||
using System.Net;
|
||||
using System.Net.Sockets;
|
||||
using System.Reflection.Metadata.Ecma335;
|
||||
using System.Text;
|
||||
|
||||
namespace server
|
||||
{
|
||||
public class Program
|
||||
{
|
||||
public static async Task Main(string[] args)
|
||||
{
|
||||
using var logger = new LoggerConfiguration()
|
||||
.WriteTo.Console()
|
||||
.CreateLogger();
|
||||
|
||||
Server server = new Server(logger);
|
||||
await server.Listen();
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,72 +0,0 @@
|
|||
using System.IO;
|
||||
using System;
|
||||
using System.Net;
|
||||
using System.Net.Sockets;
|
||||
using System.Reflection.Metadata.Ecma335;
|
||||
using System.Text;
|
||||
using Serilog;
|
||||
using server.Message;
|
||||
using Microsoft.EntityFrameworkCore.Metadata.Conventions;
|
||||
using K4os.Compression.LZ4.Streams.Adapters;
|
||||
|
||||
namespace server
|
||||
{
|
||||
public class Server
|
||||
{
|
||||
private IPEndPoint _ipEndPoint;
|
||||
private TcpListener _tcpListener;
|
||||
private ILogger _logger;
|
||||
|
||||
public Server(ILogger logger)
|
||||
{
|
||||
_ipEndPoint = new IPEndPoint(IPAddress.Any, 8888);
|
||||
_tcpListener = new TcpListener(_ipEndPoint);
|
||||
_logger = logger;
|
||||
}
|
||||
|
||||
public async Task Listen()
|
||||
{
|
||||
_tcpListener.Start();
|
||||
|
||||
_logger.Information("Listening for incoming connections...");
|
||||
|
||||
while (true)
|
||||
{
|
||||
TcpClient client = await _tcpListener.AcceptTcpClientAsync();
|
||||
|
||||
NetworkStream _stream = client.GetStream();
|
||||
TcpClient clientReference = client;
|
||||
|
||||
byte[] buffer = new byte[2048];
|
||||
int bytesRead = 0;
|
||||
|
||||
using (MemoryStream stream = new MemoryStream())
|
||||
{
|
||||
while (_stream.DataAvailable)
|
||||
{
|
||||
bytesRead = _stream.Read(buffer, 0, buffer.Length);
|
||||
|
||||
_logger.Information("bytes read: {0}", bytesRead);
|
||||
|
||||
stream.Write(buffer, 0, bytesRead);
|
||||
}
|
||||
|
||||
byte[] message = stream.ToArray();
|
||||
|
||||
if (message.Length == 0)
|
||||
{
|
||||
_logger.Error("Null message received at server");
|
||||
continue;
|
||||
}
|
||||
|
||||
ThreadPool.QueueUserWorkItem(state => DispatchMessage(state, clientReference, message, message.Length));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private void DispatchMessage(Object? stateInfo, TcpClient client, byte[] buffer, int bufferSize)
|
||||
{
|
||||
MessageHandler message = new MessageHandler(client, buffer, bufferSize, _logger);
|
||||
}
|
||||
}
|
||||
}
|
134
server/Types.cs
134
server/Types.cs
|
@ -1,134 +0,0 @@
|
|||
using Org.BouncyCastle.Utilities;
|
||||
using Serilog;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Numerics;
|
||||
using System.Runtime.InteropServices;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace server
|
||||
{
|
||||
namespace Types
|
||||
{
|
||||
namespace ClientSend
|
||||
{
|
||||
struct CLIENT_SEND_PACKET_HEADER
|
||||
{
|
||||
public int RequestId;
|
||||
public int PacketSize;
|
||||
};
|
||||
|
||||
public enum USER_BAN_REASONS
|
||||
{
|
||||
HARDWARE_BAN = 10,
|
||||
USER_BAN = 20
|
||||
}
|
||||
|
||||
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Ansi)]
|
||||
public unsafe struct PACKET_CLIENT_HARDWARE_INFORMATION
|
||||
{
|
||||
[MarshalAs(UnmanagedType.ByValTStr, SizeConst = 64)]
|
||||
public string MotherboardSerialNumber;
|
||||
[MarshalAs(UnmanagedType.ByValTStr, SizeConst = 64)]
|
||||
public string DeviceDriver0Serial;
|
||||
}
|
||||
}
|
||||
|
||||
namespace ClientReport
|
||||
{
|
||||
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Ansi)]
|
||||
public unsafe struct PROCESS_MODULE_INTEGRITY_CHECK_FAILURE
|
||||
{
|
||||
public int ReportCode;
|
||||
public UInt64 ModuleBaseAddress;
|
||||
public int ModuleSize;
|
||||
[MarshalAs(UnmanagedType.ByValTStr, SizeConst = 256)]
|
||||
public string ModuleName;
|
||||
}
|
||||
|
||||
public struct PROCESS_THREAD_START_FAILURE
|
||||
{
|
||||
public int ReportCode;
|
||||
public int ThreadId;
|
||||
public long StartAddress;
|
||||
}
|
||||
|
||||
public struct PAGE_PROTECTION_FAILURE
|
||||
{
|
||||
public int ReportCode;
|
||||
public UInt64 PageBaseAddress;
|
||||
public long AllocationProtection;
|
||||
public long AllocationState;
|
||||
public long AllocationType;
|
||||
}
|
||||
|
||||
public struct PATTERN_SCAN_FAILURE
|
||||
{
|
||||
public int ReportCode;
|
||||
public int SignatureId;
|
||||
public UInt64 Address;
|
||||
}
|
||||
|
||||
public struct NMI_CALLBACK_FAILURE
|
||||
{
|
||||
public int ReportCode;
|
||||
public int WereNmisDisabled;
|
||||
public UInt64 KThreadAddress;
|
||||
public UInt64 InvalidRip;
|
||||
}
|
||||
|
||||
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Ansi)]
|
||||
public unsafe struct MODULE_VALIDATION_FAILURE
|
||||
{
|
||||
public int ReportCode;
|
||||
public int ReportType;
|
||||
public long DriverBaseAddress;
|
||||
public long DriverSize;
|
||||
[MarshalAs(UnmanagedType.ByValTStr, SizeConst = 128)]
|
||||
public string ModuleName;
|
||||
}
|
||||
|
||||
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Ansi)]
|
||||
public unsafe struct OPEN_HANDLE_FAILURE
|
||||
{
|
||||
public int ReportCode;
|
||||
public int IsKernelHandle;
|
||||
public uint ProcessId;
|
||||
public uint ThreadId;
|
||||
public uint DesiredAccess;
|
||||
[MarshalAs(UnmanagedType.ByValTStr, SizeConst = 64)]
|
||||
public string ProcessName;
|
||||
|
||||
}
|
||||
|
||||
[StructLayout(LayoutKind.Sequential)]
|
||||
public unsafe struct INVALID_PROCESS_ALLOCATION_FAILURE
|
||||
{
|
||||
public int ReportCode;
|
||||
[MarshalAs(UnmanagedType.ByValArray, SizeConst = 4096)]
|
||||
public byte[] ProcessStructure;
|
||||
}
|
||||
|
||||
[StructLayout(LayoutKind.Sequential)]
|
||||
public struct HIDDEN_SYSTEM_THREAD_FAILURE
|
||||
{
|
||||
public int ReportCode;
|
||||
public int FoundInKThreadList;
|
||||
public int FoundInPspCidTable;
|
||||
public long ThreadAddress;
|
||||
public int ThreadId;
|
||||
[MarshalAs(UnmanagedType.ByValArray, SizeConst = 4096)]
|
||||
public byte[] ThreadStructure;
|
||||
}
|
||||
|
||||
public struct ATTACH_PROCESS_FAILURE
|
||||
{
|
||||
public int ReportCode;
|
||||
public int ThreadId;
|
||||
public long ThreadAddress;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
7
server/main.go
Normal file
7
server/main.go
Normal file
|
@ -0,0 +1,7 @@
|
|||
package main
|
||||
|
||||
import "fmt"
|
||||
|
||||
func main() {
|
||||
fmt.Println("Hello, World!")
|
||||
}
|
|
@ -1,25 +0,0 @@
|
|||
<Project Sdk="Microsoft.NET.Sdk">
|
||||
|
||||
<PropertyGroup>
|
||||
<OutputType>Exe</OutputType>
|
||||
<TargetFramework>net7.0</TargetFramework>
|
||||
<ImplicitUsings>enable</ImplicitUsings>
|
||||
<Nullable>enable</Nullable>
|
||||
<AllowUnsafeBlocks>True</AllowUnsafeBlocks>
|
||||
<Configurations>Debug;Release;Release - No Server;Release - No Server - Win11</Configurations>
|
||||
</PropertyGroup>
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="7.0.10" />
|
||||
<PackageReference Include="MySql.Data" Version="8.1.0" />
|
||||
<PackageReference Include="MySql.EntityFrameworkCore" Version="7.0.5" />
|
||||
<PackageReference Include="Serilog" Version="3.0.1" />
|
||||
<PackageReference Include="Serilog.Sinks.Console" Version="4.1.0" />
|
||||
<PackageReference Include="Serilog.Sinks.File" Version="5.0.0" />
|
||||
</ItemGroup>
|
||||
|
||||
<ItemGroup>
|
||||
<ProjectReference Include="..\service\service.csproj" />
|
||||
</ItemGroup>
|
||||
|
||||
</Project>
|
|
@ -1,65 +0,0 @@
|
|||
using Microsoft.AspNetCore.Authentication.OAuth.Claims;
|
||||
using System.Net;
|
||||
using System.Net.Sockets;
|
||||
using System.Text;
|
||||
using Serilog;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using System.Linq.Expressions;
|
||||
|
||||
namespace service
|
||||
{
|
||||
public class Client
|
||||
{
|
||||
private readonly Serilog.ILogger _logger;
|
||||
private IPEndPoint _ipEndPoint;
|
||||
private TcpClient _tcpClient;
|
||||
private NetworkStream _stream;
|
||||
private byte[] _buffer;
|
||||
private int _bufferSize;
|
||||
|
||||
public Client(ref byte[] buffer, int bufferSize, Serilog.ILogger logger)
|
||||
{
|
||||
_logger = logger;
|
||||
_ipEndPoint = new IPEndPoint(IPAddress.Parse("127.0.0.1"), 8888);
|
||||
_tcpClient = new TcpClient();
|
||||
_tcpClient.Connect(_ipEndPoint);
|
||||
_stream = _tcpClient.GetStream();
|
||||
_buffer = buffer;
|
||||
_bufferSize = bufferSize;
|
||||
}
|
||||
|
||||
public void SendMessageToServer()
|
||||
{
|
||||
try
|
||||
{
|
||||
_stream.Write(_buffer, 0, _bufferSize);
|
||||
}
|
||||
catch(Exception ex)
|
||||
{
|
||||
_logger.Error("{0}", ex.Message);
|
||||
}
|
||||
}
|
||||
|
||||
public byte[]? GetResponseFromServer()
|
||||
{
|
||||
byte[] buffer = new byte[1024];
|
||||
|
||||
try
|
||||
{
|
||||
using (MemoryStream memoryStream = new MemoryStream())
|
||||
{
|
||||
int bytesRead = _stream.Read(buffer, 0, 1024);
|
||||
|
||||
memoryStream.Write(buffer, 0, bytesRead);
|
||||
|
||||
return memoryStream.ToArray();
|
||||
}
|
||||
}
|
||||
catch(Exception ex)
|
||||
{
|
||||
_logger.Error("{0}", ex.Message);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,27 +0,0 @@
|
|||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.Hosting;
|
||||
using Serilog;
|
||||
|
||||
namespace service
|
||||
{
|
||||
public class Program
|
||||
{
|
||||
public static void Main(string[] args)
|
||||
{
|
||||
CreateHostBuilder(args).Build().Run();
|
||||
}
|
||||
|
||||
public static IHostBuilder CreateHostBuilder(string[] args) =>
|
||||
Host.CreateDefaultBuilder(args)
|
||||
.UseWindowsService()
|
||||
.ConfigureServices((hostContext, services) =>
|
||||
{
|
||||
services.AddHostedService<Worker>();
|
||||
})
|
||||
.UseSerilog((context, configuration) =>
|
||||
{
|
||||
var config = context.Configuration;
|
||||
configuration.ReadFrom.Configuration(config);
|
||||
});
|
||||
}
|
||||
}
|
|
@ -1,11 +0,0 @@
|
|||
{
|
||||
"profiles": {
|
||||
"service": {
|
||||
"commandName": "Project",
|
||||
"dotnetRunMessages": true,
|
||||
"environmentVariables": {
|
||||
"DOTNET_ENVIRONMENT": "Development"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,110 +0,0 @@
|
|||
using System.IO.Pipes;
|
||||
using System.Runtime.CompilerServices;
|
||||
using System.Runtime.InteropServices;
|
||||
using System;
|
||||
using System.Reflection.PortableExecutable;
|
||||
using System.Net.Sockets;
|
||||
using System.Net;
|
||||
using System.Net.Http;
|
||||
using Serilog;
|
||||
|
||||
#pragma warning disable CS1998 // Async method lacks 'await' operators and will run synchronously
|
||||
#pragma warning disable CS8600
|
||||
#pragma warning disable CS8603
|
||||
|
||||
namespace service
|
||||
{
|
||||
public class Worker : BackgroundService
|
||||
{
|
||||
private readonly Serilog.ILogger _logger;
|
||||
private NamedPipeServerStream _pipeServer;
|
||||
private byte[] _buffer;
|
||||
private int _bufferSize;
|
||||
private static int MAX_BUFFER_SIZE = 8192;
|
||||
|
||||
private static int OK_RESPONSE_SIZE = 4;
|
||||
|
||||
public Worker(Serilog.ILogger logger)
|
||||
{
|
||||
_logger = logger;
|
||||
|
||||
_pipeServer = new NamedPipeServerStream(
|
||||
"DonnaACPipe",
|
||||
PipeDirection.InOut,
|
||||
1,
|
||||
0,
|
||||
PipeOptions.Asynchronous,
|
||||
MAX_BUFFER_SIZE,
|
||||
MAX_BUFFER_SIZE);
|
||||
|
||||
_bufferSize = MAX_BUFFER_SIZE;
|
||||
_buffer = new byte[_bufferSize];
|
||||
}
|
||||
|
||||
protected override async Task ExecuteAsync(CancellationToken stoppingToken)
|
||||
{
|
||||
_logger.Information("Windows service starting, waiting for client to connect");
|
||||
|
||||
// to do: verify whos connecting
|
||||
_pipeServer.WaitForConnection();
|
||||
|
||||
_logger.Information("Client connected to the pipe server");
|
||||
|
||||
while (!stoppingToken.IsCancellationRequested)
|
||||
{
|
||||
try
|
||||
{
|
||||
int numBytesRead = _pipeServer.Read(_buffer, 0, _bufferSize);
|
||||
|
||||
if (numBytesRead > 0)
|
||||
{
|
||||
_logger.Information("Message received at pipe server with size: {0}", numBytesRead);
|
||||
|
||||
Client message = new Client(ref _buffer, numBytesRead, _logger);
|
||||
|
||||
message.SendMessageToServer();
|
||||
|
||||
ThreadPool.QueueUserWorkItem(state => RelayResponseMessage(ref message));
|
||||
}
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
_logger.Error("Reading buffer from pipe failed with message: {0}", ex.Message);
|
||||
}
|
||||
|
||||
Array.Clear(_buffer, 0, _bufferSize);
|
||||
}
|
||||
}
|
||||
|
||||
private void RelayResponseMessage(ref Client message)
|
||||
{
|
||||
byte[] responseMessage = message.GetResponseFromServer();
|
||||
|
||||
if (responseMessage == null)
|
||||
{
|
||||
_logger.Warning("Response message is null");
|
||||
return;
|
||||
}
|
||||
|
||||
_logger.Information("Sending response message to client with size: {0}", responseMessage.Length);
|
||||
|
||||
_pipeServer.Write(responseMessage, 0, responseMessage.Length);
|
||||
}
|
||||
|
||||
[DllImport("kernel32.dll", SetLastError = true)]
|
||||
internal static extern bool GetNamedPipeClientProcessId(IntPtr Pipe, out uint ClientProcessId);
|
||||
public static uint GetNamedPipeClientProcId(NamedPipeServerStream PipeServer)
|
||||
{
|
||||
UInt32 procId;
|
||||
IntPtr pipeHandle = PipeServer.SafePipeHandle.DangerousGetHandle();
|
||||
|
||||
if (GetNamedPipeClientProcessId(pipeHandle, out procId))
|
||||
return procId;
|
||||
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
#pragma warning restore CS1998 // Async method lacks 'await' operators and will run synchronously
|
||||
#pragma warning restore CS8600
|
||||
#pragma warning restore CS8603
|
|
@ -1,8 +0,0 @@
|
|||
{
|
||||
"Logging": {
|
||||
"LogLevel": {
|
||||
"Default": "Information",
|
||||
"Microsoft.Hosting.Lifetime": "Information"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,21 +0,0 @@
|
|||
{
|
||||
"AllowedHosts": "*",
|
||||
"Serilog": {
|
||||
"MinimumLevel": "Debug",
|
||||
"Override": {
|
||||
"Microsoft.AspNetCore": "Warning"
|
||||
},
|
||||
"WriteTo": [
|
||||
{
|
||||
"Name": "Console"
|
||||
},
|
||||
{
|
||||
"Name": "File",
|
||||
"Args": {
|
||||
"path": "bin/logs.txt",
|
||||
"rollingInterval": "Day"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
|
@ -1,42 +0,0 @@
|
|||
using Serilog;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Runtime.InteropServices;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
#pragma warning disable CS8600
|
||||
#pragma warning disable CS8603
|
||||
|
||||
namespace service
|
||||
{
|
||||
public class Helper
|
||||
{
|
||||
unsafe public static T BytesToStructure<T>(byte[] buffer, int offset)
|
||||
{
|
||||
int typeSize = Marshal.SizeOf(typeof(T));
|
||||
|
||||
if (buffer.Length == 0)
|
||||
return default(T);
|
||||
|
||||
IntPtr ptr = Marshal.AllocHGlobal(typeSize);
|
||||
|
||||
try
|
||||
{
|
||||
Marshal.Copy(buffer, offset, ptr, typeSize);
|
||||
T result = (T)Marshal.PtrToStructure(ptr, typeof(T));
|
||||
Marshal.FreeHGlobal(ptr);
|
||||
return result;
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
Log.Information(ex.Message);
|
||||
return default(T);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#pragma warning restore CS8600
|
||||
#pragma warning restore CS8603
|
|
@ -1,22 +0,0 @@
|
|||
<Project Sdk="Microsoft.NET.Sdk.Worker">
|
||||
|
||||
<PropertyGroup>
|
||||
<TargetFramework>net7.0</TargetFramework>
|
||||
<Nullable>enable</Nullable>
|
||||
<ImplicitUsings>enable</ImplicitUsings>
|
||||
<UserSecretsId>dotnet-service-ab667d6f-8728-45a8-a87c-ae511852674a</UserSecretsId>
|
||||
<AllowUnsafeBlocks>true</AllowUnsafeBlocks>
|
||||
<Configurations>Debug;Release;Release - No Server;Release - No Server - Win11</Configurations>
|
||||
</PropertyGroup>
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="Microsoft.AspNetCore.Hosting.Abstractions" Version="2.1.1" />
|
||||
<PackageReference Include="Microsoft.Extensions.Hosting" Version="7.0.1" />
|
||||
<PackageReference Include="Microsoft.Extensions.Hosting.WindowsServices" Version="7.0.1" />
|
||||
<PackageReference Include="Serilog" Version="3.0.1" />
|
||||
<PackageReference Include="Serilog.AspNetCore" Version="7.0.0" />
|
||||
<PackageReference Include="Serilog.Extensions.Hosting" Version="7.0.0" />
|
||||
<PackageReference Include="Serilog.Settings.Configuration" Version="7.0.0" />
|
||||
<PackageReference Include="Serilog.Sinks.File" Version="5.0.0" />
|
||||
</ItemGroup>
|
||||
</Project>
|
|
@ -1,38 +0,0 @@
|
|||
#pragma once
|
||||
|
||||
#include <string>
|
||||
#include <iostream>
|
||||
|
||||
#include <Windows.h>
|
||||
|
||||
class DriverInterface
|
||||
{
|
||||
HANDLE driver_handle;
|
||||
|
||||
bool validate_process_name()
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
public:
|
||||
DriverInterface(std::string& process_name)
|
||||
{
|
||||
this->driver_handle = CreateFileW(
|
||||
L"donna-ac-test",
|
||||
GENERIC_WRITE | GENERIC_READ | GENERIC_EXECUTE,
|
||||
0,
|
||||
0,
|
||||
OPEN_EXISTING,
|
||||
FILE_ATTRIBUTE_SYSTEM | FILE_FLAG_OVERLAPPED,
|
||||
0
|
||||
);
|
||||
|
||||
if (this->driver_handle == INVALID_HANDLE_VALUE)
|
||||
{
|
||||
std::cerr << "Failed to open handle to driver" << std::endl;
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
};
|
|
@ -1,57 +0,0 @@
|
|||
#include <iostream>
|
||||
#include <string>
|
||||
#include <vector>
|
||||
#include <string_view>
|
||||
|
||||
#include <Windows.h>
|
||||
#include <tlhelp32.h>
|
||||
|
||||
std::wstring cstr_to_wstr(std::string cstr)
|
||||
{
|
||||
return std::wstring(cstr.begin(), cstr.end());
|
||||
}
|
||||
|
||||
DWORD get_proc_id_by_name(const std::string& process_name)
|
||||
{
|
||||
PROCESSENTRY32 entry = { 0 };
|
||||
entry.dwSize = sizeof(PROCESSENTRY32);
|
||||
|
||||
HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
|
||||
|
||||
while (Process32Next(snapshot, &entry))
|
||||
{
|
||||
if (entry.szExeFile == cstr_to_wstr(process_name))
|
||||
{
|
||||
return entry.th32ProcessID;
|
||||
}
|
||||
}
|
||||
|
||||
CloseHandle(snapshot);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int main(int argc, char* argv[])
|
||||
{
|
||||
if (argc < 2)
|
||||
{
|
||||
std::cerr << "Please enter a valid Process Name";
|
||||
return EXIT_FAILURE;
|
||||
}
|
||||
|
||||
const std::vector<std::string_view> args(argv + 1, argv + argc);
|
||||
|
||||
std::string process_name = std::string(args[0].data());
|
||||
|
||||
DWORD proc_id = get_proc_id_by_name(process_name);
|
||||
|
||||
if (!proc_id)
|
||||
{
|
||||
std::cerr << "Process does not exist, please enter a valid running process name." << std::endl;
|
||||
return EXIT_FAILURE;
|
||||
}
|
||||
|
||||
|
||||
|
||||
return EXIT_SUCCESS;
|
||||
}
|
|
@ -1,201 +0,0 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<ItemGroup Label="ProjectConfigurations">
|
||||
<ProjectConfiguration Include="Debug|Win32">
|
||||
<Configuration>Debug</Configuration>
|
||||
<Platform>Win32</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Release - No Server|Win32">
|
||||
<Configuration>Release - No Server</Configuration>
|
||||
<Platform>Win32</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Release - No Server|x64">
|
||||
<Configuration>Release - No Server</Configuration>
|
||||
<Platform>x64</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Release|Win32">
|
||||
<Configuration>Release</Configuration>
|
||||
<Platform>Win32</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Debug|x64">
|
||||
<Configuration>Debug</Configuration>
|
||||
<Platform>x64</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Release|x64">
|
||||
<Configuration>Release</Configuration>
|
||||
<Platform>x64</Platform>
|
||||
</ProjectConfiguration>
|
||||
</ItemGroup>
|
||||
<PropertyGroup Label="Globals">
|
||||
<VCProjectVersion>17.0</VCProjectVersion>
|
||||
<Keyword>Win32Proj</Keyword>
|
||||
<ProjectGuid>{bb9e4b6e-81e3-4d39-8928-0ba3f947c479}</ProjectGuid>
|
||||
<RootNamespace>testcli</RootNamespace>
|
||||
<WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
|
||||
</PropertyGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
|
||||
<ConfigurationType>Application</ConfigurationType>
|
||||
<UseDebugLibraries>true</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
|
||||
<ConfigurationType>Application</ConfigurationType>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<WholeProgramOptimization>true</WholeProgramOptimization>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|Win32'" Label="Configuration">
|
||||
<ConfigurationType>Application</ConfigurationType>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<WholeProgramOptimization>true</WholeProgramOptimization>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
|
||||
<ConfigurationType>Application</ConfigurationType>
|
||||
<UseDebugLibraries>true</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
|
||||
<ConfigurationType>Application</ConfigurationType>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<WholeProgramOptimization>true</WholeProgramOptimization>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|x64'" Label="Configuration">
|
||||
<ConfigurationType>Application</ConfigurationType>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<WholeProgramOptimization>true</WholeProgramOptimization>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
|
||||
<ImportGroup Label="ExtensionSettings">
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="Shared">
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
|
||||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
|
||||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|Win32'" Label="PropertySheets">
|
||||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|x64'" Label="PropertySheets">
|
||||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<PropertyGroup Label="UserMacros" />
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>Console</SubSystem>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<FunctionLevelLinking>true</FunctionLevelLinking>
|
||||
<IntrinsicFunctions>true</IntrinsicFunctions>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>Console</SubSystem>
|
||||
<EnableCOMDATFolding>true</EnableCOMDATFolding>
|
||||
<OptimizeReferences>true</OptimizeReferences>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|Win32'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<FunctionLevelLinking>true</FunctionLevelLinking>
|
||||
<IntrinsicFunctions>true</IntrinsicFunctions>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>Console</SubSystem>
|
||||
<EnableCOMDATFolding>true</EnableCOMDATFolding>
|
||||
<OptimizeReferences>true</OptimizeReferences>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<LanguageStandard>stdcpp17</LanguageStandard>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>Console</SubSystem>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<FunctionLevelLinking>true</FunctionLevelLinking>
|
||||
<IntrinsicFunctions>true</IntrinsicFunctions>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<LanguageStandard>stdcpp17</LanguageStandard>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>Console</SubSystem>
|
||||
<EnableCOMDATFolding>true</EnableCOMDATFolding>
|
||||
<OptimizeReferences>true</OptimizeReferences>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|x64'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<FunctionLevelLinking>true</FunctionLevelLinking>
|
||||
<IntrinsicFunctions>true</IntrinsicFunctions>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<LanguageStandard>stdcpp17</LanguageStandard>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>Console</SubSystem>
|
||||
<EnableCOMDATFolding>true</EnableCOMDATFolding>
|
||||
<OptimizeReferences>true</OptimizeReferences>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="main.cpp" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="driver.h" />
|
||||
</ItemGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
<ImportGroup Label="ExtensionTargets">
|
||||
</ImportGroup>
|
||||
</Project>
|
|
@ -1,27 +0,0 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<ItemGroup>
|
||||
<Filter Include="Source Files">
|
||||
<UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
|
||||
<Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
|
||||
</Filter>
|
||||
<Filter Include="Header Files">
|
||||
<UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
|
||||
<Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
|
||||
</Filter>
|
||||
<Filter Include="Resource Files">
|
||||
<UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
|
||||
<Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
|
||||
</Filter>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="main.cpp">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="driver.h">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
</ItemGroup>
|
||||
</Project>
|
|
@ -1,11 +0,0 @@
|
|||
#include <ntifs.h>
|
||||
|
||||
#define STATIC static
|
||||
#define VOID void
|
||||
|
||||
typedef UINT32 uint32_t;
|
||||
typedef UINT64 uint64_t;
|
||||
typedef UINT16 uint16_t;
|
||||
|
||||
#define DEBUG_LOG(fmt, ...) ImpDbgPrintEx(DPFLTR_IHVDRIVER_ID, 0, "[+] " fmt "\n", ##__VA_ARGS__)
|
||||
#define DEBUG_ERROR(fmt, ...) ImpDbgPrintEx(DPFLTR_IHVDRIVER_ID, 0, "[-] " fmt "\n", ##__VA_ARGS__)
|
|
@ -1,3 +0,0 @@
|
|||
#pragma once
|
||||
|
||||
#include "common.hpp"
|
|
@ -1,9 +0,0 @@
|
|||
#include "common.hpp"
|
||||
|
||||
namespace framework
|
||||
{
|
||||
class state
|
||||
{
|
||||
|
||||
};
|
||||
}
|
|
@ -1,67 +0,0 @@
|
|||
#include "driver.hpp"
|
||||
|
||||
UNICODE_STRING DRIVER_NAME = RTL_CONSTANT_STRING(L"donna-ac-test");
|
||||
UNICODE_STRING DRIVER_LINK = RTL_CONSTANT_STRING(L"donna-ac-test-link");
|
||||
|
||||
#define IOCTL_RUN_NMI_CALLBACKS \
|
||||
CTL_CODE(FILE_DEVICE_UNKNOWN, 0x20001, METHOD_BUFFERED, FILE_ANY_ACCESS)
|
||||
|
||||
NTSTATUS
|
||||
DeviceControl(_In_ PDEVICE_OBJECT DeviceObject, _Inout_ PIRP Irp) {
|
||||
UNREFERENCED_PARAMETER(DeviceObject);
|
||||
|
||||
NTSTATUS status = STATUS_SUCCESS;
|
||||
PIO_STACK_LOCATION stack_location = IoGetCurrentIrpStackLocation(Irp);
|
||||
|
||||
switch (stack_location->Parameters.DeviceIoControl.IoControlCode) {}
|
||||
end:
|
||||
Irp->IoStatus.Status = status;
|
||||
IoCompleteRequest(Irp, IO_NO_INCREMENT);
|
||||
return status;
|
||||
}
|
||||
|
||||
NTSTATUS
|
||||
DeviceClose(_In_ PDEVICE_OBJECT DeviceObject, _Inout_ PIRP Irp) {
|
||||
UNREFERENCED_PARAMETER(DeviceObject);
|
||||
IoCompleteRequest(Irp, IO_NO_INCREMENT);
|
||||
return Irp->IoStatus.Status;
|
||||
}
|
||||
|
||||
NTSTATUS
|
||||
DeviceCreate(_In_ PDEVICE_OBJECT DeviceObject, _Inout_ PIRP Irp) {
|
||||
UNREFERENCED_PARAMETER(DeviceObject);
|
||||
IoCompleteRequest(Irp, IO_NO_INCREMENT);
|
||||
return Irp->IoStatus.Status;
|
||||
}
|
||||
|
||||
STATIC
|
||||
VOID DriverUnload(_In_ PDRIVER_OBJECT DriverObject) {
|
||||
IoDeleteDevice(DriverObject->DeviceObject);
|
||||
}
|
||||
|
||||
extern "C" NTSTATUS DriverEntry(_In_ PDRIVER_OBJECT DriverObject,
|
||||
_In_ PUNICODE_STRING RegistryPath) {
|
||||
NTSTATUS status;
|
||||
|
||||
status = IoCreateDevice(DriverObject, NULL, &DRIVER_NAME, FILE_DEVICE_UNKNOWN,
|
||||
FILE_DEVICE_SECURE_OPEN, FALSE,
|
||||
&DriverObject->DeviceObject);
|
||||
|
||||
if (!NT_SUCCESS(status)) {
|
||||
return STATUS_FAILED_DRIVER_ENTRY;
|
||||
}
|
||||
|
||||
status = IoCreateSymbolicLink(&DRIVER_LINK, &DRIVER_NAME);
|
||||
|
||||
if (!NT_SUCCESS(status)) {
|
||||
IoDeleteDevice(DriverObject->DeviceObject);
|
||||
return STATUS_FAILED_DRIVER_ENTRY;
|
||||
}
|
||||
|
||||
DriverObject->MajorFunction[IRP_MJ_CREATE] = DeviceCreate;
|
||||
DriverObject->MajorFunction[IRP_MJ_CLOSE] = DeviceClose;
|
||||
DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = DeviceControl;
|
||||
DriverObject->DriverUnload = DriverUnload;
|
||||
|
||||
return STATUS_SUCCESS;
|
||||
}
|
|
@ -1,7 +0,0 @@
|
|||
#include "patch.hpp"
|
||||
|
||||
namespace framework {
|
||||
patch::patch(char *image_name) {}
|
||||
|
||||
patch::~patch() {}
|
||||
} // namespace framework
|
|
@ -1,17 +0,0 @@
|
|||
#include "common.hpp"
|
||||
|
||||
namespace framework {
|
||||
class patch
|
||||
{
|
||||
private:
|
||||
char* image_name;
|
||||
void* image_base;
|
||||
void* patch_address;
|
||||
void* original_bytes;
|
||||
unsigned long patch_size;
|
||||
|
||||
public:
|
||||
patch(char* image_name);
|
||||
~patch();
|
||||
};
|
||||
}
|
|
@ -1,77 +0,0 @@
|
|||
;
|
||||
; testdrv.inf
|
||||
;
|
||||
|
||||
[Version]
|
||||
Signature="$WINDOWS NT$"
|
||||
Class=System ; TODO: specify appropriate Class
|
||||
ClassGuid={4d36e97d-e325-11ce-bfc1-08002be10318} ; TODO: specify appropriate ClassGuid
|
||||
Provider=%ManufacturerName%
|
||||
CatalogFile=testdrv.cat
|
||||
DriverVer= ; TODO: set DriverVer in stampinf property pages
|
||||
PnpLockdown=1
|
||||
|
||||
[DestinationDirs]
|
||||
DefaultDestDir = 12
|
||||
testdrv_Device_CoInstaller_CopyFiles = 11
|
||||
|
||||
[SourceDisksNames]
|
||||
1 = %DiskName%,,,""
|
||||
|
||||
[SourceDisksFiles]
|
||||
testdrv.sys = 1,,
|
||||
WdfCoInstaller$KMDFCOINSTALLERVERSION$.dll=1 ; make sure the number matches with SourceDisksNames
|
||||
|
||||
;*****************************************
|
||||
; Install Section
|
||||
;*****************************************
|
||||
|
||||
[Manufacturer]
|
||||
%ManufacturerName%=Standard,NT$ARCH$
|
||||
|
||||
[Standard.NT$ARCH$]
|
||||
%testdrv.DeviceDesc%=testdrv_Device, Root\testdrv ; TODO: edit hw-id
|
||||
|
||||
[testdrv_Device.NT]
|
||||
CopyFiles=Drivers_Dir
|
||||
|
||||
[Drivers_Dir]
|
||||
testdrv.sys
|
||||
|
||||
;-------------- Service installation
|
||||
[testdrv_Device.NT.Services]
|
||||
AddService = testdrv,%SPSVCINST_ASSOCSERVICE%, testdrv_Service_Inst
|
||||
|
||||
; -------------- testdrv driver install sections
|
||||
[testdrv_Service_Inst]
|
||||
DisplayName = %testdrv.SVCDESC%
|
||||
ServiceType = 1 ; SERVICE_KERNEL_DRIVER
|
||||
StartType = 3 ; SERVICE_DEMAND_START
|
||||
ErrorControl = 1 ; SERVICE_ERROR_NORMAL
|
||||
ServiceBinary = %12%\testdrv.sys
|
||||
|
||||
;
|
||||
;--- testdrv_Device Coinstaller installation ------
|
||||
;
|
||||
|
||||
[testdrv_Device.NT.CoInstallers]
|
||||
AddReg=testdrv_Device_CoInstaller_AddReg
|
||||
CopyFiles=testdrv_Device_CoInstaller_CopyFiles
|
||||
|
||||
[testdrv_Device_CoInstaller_AddReg]
|
||||
HKR,,CoInstallers32,0x00010000, "WdfCoInstaller$KMDFCOINSTALLERVERSION$.dll,WdfCoInstaller"
|
||||
|
||||
[testdrv_Device_CoInstaller_CopyFiles]
|
||||
WdfCoInstaller$KMDFCOINSTALLERVERSION$.dll
|
||||
|
||||
[testdrv_Device.NT.Wdf]
|
||||
KmdfService = testdrv, testdrv_wdfsect
|
||||
[testdrv_wdfsect]
|
||||
KmdfLibraryVersion = $KMDFVERSION$
|
||||
|
||||
[Strings]
|
||||
SPSVCINST_ASSOCSERVICE= 0x00000002
|
||||
ManufacturerName="<Your manufacturer name>" ;TODO: Replace with your manufacturer name
|
||||
DiskName = "testdrv Installation Disk"
|
||||
testdrv.DeviceDesc = "testdrv Device"
|
||||
testdrv.SVCDESC = "testdrv Service"
|
|
@ -1,221 +0,0 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<ItemGroup Label="ProjectConfigurations">
|
||||
<ProjectConfiguration Include="Debug|x64">
|
||||
<Configuration>Debug</Configuration>
|
||||
<Platform>x64</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Release - No Server - Win11|ARM64">
|
||||
<Configuration>Release - No Server - Win11</Configuration>
|
||||
<Platform>ARM64</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Release - No Server - Win11|x64">
|
||||
<Configuration>Release - No Server - Win11</Configuration>
|
||||
<Platform>x64</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Release - No Server|ARM64">
|
||||
<Configuration>Release - No Server</Configuration>
|
||||
<Platform>ARM64</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Release - No Server|x64">
|
||||
<Configuration>Release - No Server</Configuration>
|
||||
<Platform>x64</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Release|x64">
|
||||
<Configuration>Release</Configuration>
|
||||
<Platform>x64</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Debug|ARM64">
|
||||
<Configuration>Debug</Configuration>
|
||||
<Platform>ARM64</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Release|ARM64">
|
||||
<Configuration>Release</Configuration>
|
||||
<Platform>ARM64</Platform>
|
||||
</ProjectConfiguration>
|
||||
</ItemGroup>
|
||||
<PropertyGroup Label="Globals">
|
||||
<ProjectGuid>{3CE9C9B1-1FB1-4770-ABBB-EE4E6AA949B0}</ProjectGuid>
|
||||
<TemplateGuid>{1bc93793-694f-48fe-9372-81e2b05556fd}</TemplateGuid>
|
||||
<TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
|
||||
<MinimumVisualStudioVersion>12.0</MinimumVisualStudioVersion>
|
||||
<Configuration>Debug</Configuration>
|
||||
<Platform Condition="'$(Platform)' == ''">x64</Platform>
|
||||
<RootNamespace>testdrv</RootNamespace>
|
||||
<WindowsTargetPlatformVersion>$(LatestTargetPlatformVersion)</WindowsTargetPlatformVersion>
|
||||
</PropertyGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
|
||||
<TargetVersion>Windows10</TargetVersion>
|
||||
<UseDebugLibraries>true</UseDebugLibraries>
|
||||
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
|
||||
<ConfigurationType>Driver</ConfigurationType>
|
||||
<DriverType>KMDF</DriverType>
|
||||
<DriverTargetPlatform>Universal</DriverTargetPlatform>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
|
||||
<TargetVersion>Windows10</TargetVersion>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
|
||||
<ConfigurationType>Driver</ConfigurationType>
|
||||
<DriverType>KMDF</DriverType>
|
||||
<DriverTargetPlatform>Universal</DriverTargetPlatform>
|
||||
<Driver_SpectreMitigation>false</Driver_SpectreMitigation>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|x64'" Label="Configuration">
|
||||
<TargetVersion>Windows10</TargetVersion>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
|
||||
<ConfigurationType>Driver</ConfigurationType>
|
||||
<DriverType>KMDF</DriverType>
|
||||
<DriverTargetPlatform>Universal</DriverTargetPlatform>
|
||||
<Driver_SpectreMitigation>false</Driver_SpectreMitigation>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server - Win11|x64'" Label="Configuration">
|
||||
<TargetVersion>Windows10</TargetVersion>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
|
||||
<ConfigurationType>Driver</ConfigurationType>
|
||||
<DriverType>KMDF</DriverType>
|
||||
<DriverTargetPlatform>Universal</DriverTargetPlatform>
|
||||
<Driver_SpectreMitigation>false</Driver_SpectreMitigation>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'" Label="Configuration">
|
||||
<TargetVersion>Windows10</TargetVersion>
|
||||
<UseDebugLibraries>true</UseDebugLibraries>
|
||||
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
|
||||
<ConfigurationType>Driver</ConfigurationType>
|
||||
<DriverType>KMDF</DriverType>
|
||||
<DriverTargetPlatform>Universal</DriverTargetPlatform>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'" Label="Configuration">
|
||||
<TargetVersion>Windows10</TargetVersion>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
|
||||
<ConfigurationType>Driver</ConfigurationType>
|
||||
<DriverType>KMDF</DriverType>
|
||||
<DriverTargetPlatform>Universal</DriverTargetPlatform>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|ARM64'" Label="Configuration">
|
||||
<TargetVersion>Windows10</TargetVersion>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
|
||||
<ConfigurationType>Driver</ConfigurationType>
|
||||
<DriverType>KMDF</DriverType>
|
||||
<DriverTargetPlatform>Universal</DriverTargetPlatform>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server - Win11|ARM64'" Label="Configuration">
|
||||
<TargetVersion>Windows10</TargetVersion>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
|
||||
<ConfigurationType>Driver</ConfigurationType>
|
||||
<DriverType>KMDF</DriverType>
|
||||
<DriverTargetPlatform>Universal</DriverTargetPlatform>
|
||||
</PropertyGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
|
||||
<ImportGroup Label="ExtensionSettings">
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="PropertySheets">
|
||||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<PropertyGroup Label="UserMacros" />
|
||||
<PropertyGroup />
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
|
||||
<Inf2CatUseLocalTime>true</Inf2CatUseLocalTime>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|x64'">
|
||||
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
|
||||
<Inf2CatUseLocalTime>true</Inf2CatUseLocalTime>
|
||||
<OutDir>$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server - Win11|x64'">
|
||||
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
|
||||
<Inf2CatUseLocalTime>true</Inf2CatUseLocalTime>
|
||||
<OutDir>$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">
|
||||
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">
|
||||
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|ARM64'">
|
||||
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server - Win11|ARM64'">
|
||||
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
|
||||
</PropertyGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<DriverSign>
|
||||
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
|
||||
</DriverSign>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<DriverSign>
|
||||
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
|
||||
</DriverSign>
|
||||
<ClCompile>
|
||||
<TreatWarningAsError>false</TreatWarningAsError>
|
||||
<LanguageStandard>stdcpp20</LanguageStandard>
|
||||
</ClCompile>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|x64'">
|
||||
<DriverSign>
|
||||
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
|
||||
</DriverSign>
|
||||
<ClCompile>
|
||||
<TreatWarningAsError>false</TreatWarningAsError>
|
||||
</ClCompile>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server - Win11|x64'">
|
||||
<DriverSign>
|
||||
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
|
||||
</DriverSign>
|
||||
<ClCompile>
|
||||
<TreatWarningAsError>false</TreatWarningAsError>
|
||||
</ClCompile>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">
|
||||
<DriverSign>
|
||||
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
|
||||
</DriverSign>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server|ARM64'">
|
||||
<DriverSign>
|
||||
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
|
||||
</DriverSign>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release - No Server - Win11|ARM64'">
|
||||
<DriverSign>
|
||||
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
|
||||
</DriverSign>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">
|
||||
<DriverSign>
|
||||
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
|
||||
</DriverSign>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemGroup>
|
||||
<Inf Include="testdrv.inf" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<FilesToPackage Include="$(TargetPath)" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="main.cpp" />
|
||||
<ClCompile Include="patch.cpp" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="common.hpp" />
|
||||
<ClInclude Include="driver.hpp" />
|
||||
<ClInclude Include="framework.hpp" />
|
||||
<ClInclude Include="patch.hpp" />
|
||||
</ItemGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
<ImportGroup Label="ExtensionTargets">
|
||||
</ImportGroup>
|
||||
</Project>
|
|
@ -1,48 +0,0 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<ItemGroup>
|
||||
<Filter Include="Source Files">
|
||||
<UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
|
||||
<Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
|
||||
</Filter>
|
||||
<Filter Include="Header Files">
|
||||
<UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
|
||||
<Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
|
||||
</Filter>
|
||||
<Filter Include="Resource Files">
|
||||
<UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
|
||||
<Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
|
||||
</Filter>
|
||||
<Filter Include="Driver Files">
|
||||
<UniqueIdentifier>{8E41214B-6785-4CFE-B992-037D68949A14}</UniqueIdentifier>
|
||||
<Extensions>inf;inv;inx;mof;mc;</Extensions>
|
||||
</Filter>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<Inf Include="testdrv.inf">
|
||||
<Filter>Driver Files</Filter>
|
||||
</Inf>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="main.cpp">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="patch.cpp">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="driver.hpp">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="framework.hpp">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="common.hpp">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="patch.hpp">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
</ItemGroup>
|
||||
</Project>
|
Loading…
Reference in a new issue