noury/mirror-ac
1
0
Fork 0
mirror of https://github.com/donnaskiez/ac.git synced 2024-11-21 22:24:08 +01:00
Code Issues Projects Releases Packages Wiki Activity

WOO!

Browse source
This commit is contained in:
lhodges1 2023-09-09 04:41:11 +10:00
parent 5eab151a2a
commit 3c401a108d
17 changed files with 182 additions and 187 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
server/Database/Report.cs
View file

@ -1,5 +1,5 @@
using Microsoft.Extensions.Logging;
using server.Types.Reports;
using server.Types.ClientReport;
using System;
using System.Collections.Generic;
using System.Linq;

53
server/Helper.cs
View file

@ -1,4 +1,4 @@
using System;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.InteropServices;
@ -10,24 +10,41 @@ using System.Threading.Tasks;
namespace server
{
public class Helper
{
unsafe public static T BytesToStructure<T>(ref byte[] buffer)
{
int typeSize = Marshal.SizeOf(typeof(T));
IntPtr ptr = Marshal.AllocHGlobal(typeSize);
public class Helper
{
unsafe public static T BytesToStructure<T>(ref byte[] buffer, int offset)
{
//int typeSize = Marshal.SizeOf(typeof(T));
int typeSize = buffer.Length - offset;
IntPtr ptr = Marshal.AllocHGlobal(typeSize);
try
{
Marshal.Copy(buffer, 0, ptr, typeSize);
return (T)Marshal.PtrToStructure(ptr, typeof(T));
}
finally
{
Marshal.FreeHGlobal(ptr);
}
}
}
try
{
Marshal.Copy(buffer, offset, ptr, typeSize);
return (T)Marshal.PtrToStructure(ptr, typeof(T));
}
finally
{
Marshal.FreeHGlobal(ptr);
}
}
unsafe public static string FixedUnsafeBufferToSafeString(ref byte[] buffer, int bufferSize, int offset, int stringSize)
{
if (stringSize > bufferSize)
return null;
char[] stringBuffer = new char[stringSize];
for (int i = 0; i < stringSize; i++)
{
stringBuffer[i] = (char)buffer[offset + i];
}
return new string(stringBuffer);
}
}
}
#pragma warning restore CS8600

101
server/Message.cs
View file

@ -7,10 +7,10 @@ using System.Text;
using System.Threading.Tasks;
using Serilog;
using server;
using service;
using System.Net;
using System.Net.Sockets;
using server.Types.Reports;
using server.Types.ClientReport;
using server.Types.ClientSend;
using System.Runtime.InteropServices;
namespace server
@ -25,23 +25,25 @@ namespace server
private enum MESSAGE_TYPE
{
MESSAGE_TYPE_REPORT = 1,
MESSAGE_TYPE_SEND = 2,
MESSAGE_TYPE_RECEIVE = 3
MESSAGE_TYPE_CLIENT_REPORT = 1,
MESSAGE_TYPE_CLIENT_SEND = 2,
MESSAGE_TYPE_CLIENT_REQUEST = 3
}
[StructLayout(LayoutKind.Sequential)]
public unsafe struct PACKET_HEADER
private enum CLIENT_SEND_REQUEST_ID
{
SYSTEM_INFORMATION = 10
}
public struct PACKET_HEADER
{
public int message_type;
public Int64 steam64_id;
public fixed char motherboard_serial_number[32];
public fixed char device_drive_0_serial[32];
};
struct REPORT_PACKET_HEADER
struct PACKET_REQUEST_HEADER
{
public int reportId;
public int RequestId;
}
public Message(NetworkStream networkStream, byte[] buffer, int bufferSize, ILogger logger)
@ -52,53 +54,35 @@ namespace server
_logger = logger;
_header = this.GetMessageHeader();
char[] string_1 = new char[32];
char[] string_2 = new char[32];
unsafe
{
for (int i = 0; i < 32; i++)
{
string_1[i] = (char)_buffer[16+i];
}
for (int i=0;i<32;i++)
{
string_2[i] = (char)_buffer[16 + 32 + i];
}
}
string test1 = new string(string_1);
string test2 = new string(string_2);
_logger.Information("SteamID: {0:x}, MoboSerial: {2:x}, DriveSerial: {3:x}, Message type: {1:x}",
_header.steam64_id,
_header.message_type,
string_1,
string_2
);
switch (_header.message_type)
{
case (int)MESSAGE_TYPE.MESSAGE_TYPE_REPORT:
int reportId = GetReportType().reportId;
case (int)MESSAGE_TYPE.MESSAGE_TYPE_CLIENT_REPORT:
int reportId = GetPacketRequestId().RequestId;
this.HandleReportMessage(reportId);
break;
case (int)MESSAGE_TYPE.MESSAGE_TYPE_CLIENT_SEND:
int requestId = GetPacketRequestId().RequestId;
this.HandleClientSendMessage(requestId);
break;
default:
_logger.Information("This message type is not accepted at the moment.");
break;
}
}
private PACKET_HEADER GetMessageHeader()
{
return Helper.BytesToStructure<PACKET_HEADER>(ref _buffer, 0);
}
unsafe private REPORT_PACKET_HEADER GetReportType()
unsafe private PACKET_REQUEST_HEADER GetPacketRequestId()
{
return Helper.BytesToStructure<REPORT_PACKET_HEADER>(ref _buffer, 80);
return Helper.BytesToStructure<PACKET_REQUEST_HEADER>(ref _buffer, sizeof(PACKET_HEADER));
}
unsafe private CLIENT_SEND_PACKET_HEADER GetClientSendPacketHeader()
{
return Helper.BytesToStructure<CLIENT_SEND_PACKET_HEADER>(ref _buffer, sizeof(PACKET_HEADER));
}
unsafe private void HandleReportMessage(int reportId)
@ -106,7 +90,7 @@ namespace server
_logger.Information("Report id: {0}", reportId);
OPEN_HANDLE_FAILURE_REPORT openHandleFailure =
Helper.BytesToStructure<Types.Reports.OPEN_HANDLE_FAILURE_REPORT>(ref _buffer, 80);
Helper.BytesToStructure<OPEN_HANDLE_FAILURE_REPORT>(ref _buffer, sizeof(PACKET_HEADER));
_logger.Information("Report code: {0}, ProcessID: {1:x}, ThreadId: {2:x}, DesiredAccess{3:x}",
openHandleFailure.ReportCode,
@ -115,5 +99,34 @@ namespace server
openHandleFailure.DesiredAccess);
}
private void HandleClientSendMessage(int clientSendId)
{
CLIENT_SEND_PACKET_HEADER header = GetClientSendPacketHeader();
_logger.Information("RequestId: {0}, PacketSize: {1}", header.RequestId, header.PacketSize);
switch (header.RequestId)
{
case (int)CLIENT_SEND_REQUEST_ID.SYSTEM_INFORMATION:
this.HandleClientSendHardwareInformation();
break;
}
}
unsafe private void HandleClientSendHardwareInformation()
{
_logger.Information("Handling client send hardware information");
string moboSerial = Helper.FixedUnsafeBufferToSafeString(
ref _buffer, _bufferSize, sizeof(PACKET_HEADER) + sizeof(CLIENT_SEND_PACKET_HEADER), 32);
string driveSerial = Helper.FixedUnsafeBufferToSafeString(
ref _buffer, _bufferSize, sizeof(PACKET_HEADER) + sizeof(CLIENT_SEND_PACKET_HEADER) + 32, 32);
_logger.Information("Mobo Serial: {0}, drive serial: {1}", moboSerial, driveSerial);
}
}
}

2
server/Program.cs
View file

@ -14,7 +14,7 @@ namespace server
using var logger = new LoggerConfiguration()
.WriteTo.Console()
.CreateLogger();
DatabaseConnection database = new DatabaseConnection();
database.Open();

23
server/Server.cs
View file

@ -15,8 +15,6 @@ namespace server
private TcpListener _tcpListener;
private ILogger _logger;
private const int MAX_BUFFER_SIZE = 8192;
public Server(ILogger logger)
{
_ipEndPoint = new IPEndPoint(IPAddress.Any, 8888);
@ -33,15 +31,26 @@ namespace server
while (true)
{
using TcpClient _client = await _tcpListener.AcceptTcpClientAsync();
NetworkStream _stream = _client.GetStream();
byte[] buffer = new byte[MAX_BUFFER_SIZE];
int bufferSize = 0;
NetworkStream _stream = _client.GetStream();
NetworkStream clientStreamReference = _stream;
bufferSize = _stream.Read(buffer, 0, MAX_BUFFER_SIZE);
byte[] buffer = new byte[2048];
int bytesRead = 0;
ThreadPool.QueueUserWorkItem(state => DispatchMessage(state, clientStreamReference, buffer, bufferSize) );
using (MemoryStream stream = new MemoryStream())
{
while (_stream.DataAvailable)
{
bytesRead = _stream.Read(buffer, 0, buffer.Length);
stream.Write(buffer, 0, bytesRead);
}
byte[] message = stream.ToArray();
ThreadPool.QueueUserWorkItem(state => DispatchMessage(state, clientStreamReference, message, message.Length));
}
}
}

23
server/Types.cs
View file

@ -1,4 +1,5 @@
using Serilog;
using Org.BouncyCastle.Utilities;
using Serilog;
using System;
using System.Collections.Generic;
using System.Linq;
@ -11,19 +12,23 @@ namespace server
{
namespace Types
{
namespace Receive
namespace ClientSend
{
struct PIPE_PACKET_SEND_EXTENSION_HEADER
struct CLIENT_SEND_PACKET_HEADER
{
public int request_id;
public int current_packet_number;
public int total_incoming_packet_count;
public uint packet_size;
public uint total_incoming_packet_size;
public int RequestId;
public int PacketSize;
};
[StructLayout(LayoutKind.Sequential)]
public unsafe struct PACKET_CLIENT_HARDWARE_INFORMATION
{
public fixed char MotherboardSerialNumber[32];
public fixed char DeviceDriver0Serial[32];
}
}
namespace Reports
namespace ClientReport
{
[StructLayout(LayoutKind.Sequential)]
public unsafe struct MODULE_VERIFICATION_CHECKSUM_FAILURE

8
server/server.csproj
View file

@ -8,14 +8,6 @@
<AllowUnsafeBlocks>True</AllowUnsafeBlocks>
</PropertyGroup>
<ItemGroup>
<Compile Remove="Helper.cs" />
</ItemGroup>
<ItemGroup>
<None Include="Helper.cs" />
</ItemGroup>
<ItemGroup>
<PackageReference Include="MySql.Data" Version="8.1.0" />
<PackageReference Include="Serilog" Version="3.0.1" />

2
service/Message.cs
View file

@ -19,7 +19,7 @@ namespace service
_buffer = buffer;
}
public void SendMessageToServer()
public void DispatchMessage()
{
Client client = new Client(_buffer, _bufferSize);
client.SendMessageToServer();

2
service/Worker.cs
View file

@ -64,7 +64,7 @@ namespace service
_logger.LogInformation("Message received at pipe server with size: {0}", numBytesRead);
Message message = new Message(_buffer, numBytesRead);
message.SendMessageToServer();
message.DispatchMessage();
}
}
catch (Exception ex)

90
user/client.cpp
View file

@ -12,17 +12,6 @@ global::Client::Client( std::shared_ptr<global::ThreadPool> ThreadPool, LPTSTR P
this->pipe = std::make_shared<global::Pipe>( PipeName );
}
global::Client::~Client()
{
delete system_information;
}
void global::Client::UpdateSystemInformation(global::headers::SYSTEM_INFORMATION* SystemInformation)
{
this->system_information = new global::headers::SYSTEM_INFORMATION;
memcpy( this->system_information, SystemInformation, sizeof( global::headers::SYSTEM_INFORMATION ) );
}
/*
* Request an item from the server
*/
@ -38,59 +27,42 @@ void global::Client::ServerSend(PVOID Buffer, SIZE_T Size, INT RequestId )
{
mutex.lock();
global::headers::PIPE_PACKET_HEADER header;
header.message_type = SERVER_SEND_PACKET_ID;
header.message_type = MESSAGE_TYPE_CLIENT_SEND;
header.steam64_id = TEST_STEAM_64_ID;
memcpy( &header.system_information, &this->system_information, sizeof( global::headers::SYSTEM_INFORMATION ) );
memcpy( this->send_buffer, &header, sizeof( global::headers::PIPE_PACKET_HEADER ) );
SIZE_T total_header_size = sizeof( global::headers::CLIENT_SEND_PACKET_HEADER ) + sizeof( global::headers::PIPE_PACKET_HEADER );
LONG total_size_of_headers = sizeof( global::headers::PIPE_PACKET_HEADER ) + sizeof( global::headers::PIPE_PACKET_SEND_EXTENSION_HEADER );
if ( Size > ( SEND_BUFFER_SIZE - total_size_of_headers ) )
if ( Size + total_header_size > MAX_CLIENT_SEND_PACKET_SIZE )
{
INT total_packets = std::ceil( Size / ( SEND_BUFFER_SIZE - total_size_of_headers ) );
LONG remaining_bytes = Size + total_packets * total_size_of_headers;
for ( INT count = 0; count < total_packets + 1; count++ )
{
global::headers::PIPE_PACKET_SEND_EXTENSION_HEADER header_extension;
header_extension.request_id = RequestId;
header_extension.total_incoming_packet_count = total_packets + 1;
header_extension.total_incoming_packet_size = Size + total_packets * total_size_of_headers;
header_extension.current_packet_number = count;
header_extension.packet_size = count == total_packets ? remaining_bytes : SEND_BUFFER_SIZE;
LOG_INFO( "current packet number: %lx, packet size: %lx", header_extension.current_packet_number, header_extension.packet_size );
memcpy( PVOID( ( UINT64 )this->send_buffer + sizeof( global::headers::PIPE_PACKET_HEADER ) ),
&header_extension, sizeof(global::headers::PIPE_PACKET_SEND_EXTENSION_HEADER));
memcpy(
PVOID( ( UINT64 )this->send_buffer + total_size_of_headers ), Buffer,
( UINT64 )header_extension.packet_size - total_size_of_headers
);
this->pipe->WriteToPipe( this->send_buffer, header_extension.packet_size );
LOG_INFO( "remainiong bytes: %lx", remaining_bytes );
remaining_bytes = remaining_bytes - header_extension.packet_size;
}
}
else
{
global::headers::PIPE_PACKET_SEND_EXTENSION_HEADER header_extension;
header_extension.request_id = RequestId;
header_extension.total_incoming_packet_count = 1;
header_extension.total_incoming_packet_size = Size + total_size_of_headers;
header_extension.current_packet_number = 1;
header_extension.packet_size = Size + total_size_of_headers;
memcpy( PVOID( ( UINT64 )this->send_buffer + sizeof( global::headers::PIPE_PACKET_HEADER ) ),
&header_extension, sizeof( global::headers::PIPE_PACKET_SEND_EXTENSION_HEADER ) );
this->pipe->WriteToPipe( this->send_buffer, header_extension.packet_size );
LOG_ERROR( "Packet is too large to send" );
mutex.unlock();
return;
}
RtlZeroMemory( this->send_buffer, SEND_BUFFER_SIZE );
PVOID send_buffer = malloc( total_header_size + Size );
if ( send_buffer == nullptr )
{
mutex.unlock();
return;
}
RtlZeroMemory( send_buffer, total_header_size + Size );
memcpy( send_buffer, &header, sizeof( global::headers::PIPE_PACKET_HEADER ) );
global::headers::CLIENT_SEND_PACKET_HEADER header_extension;
header_extension.request_id = RequestId;
header_extension.packet_size = Size + total_header_size;
memcpy( PVOID( ( UINT64 )send_buffer + sizeof( global::headers::PIPE_PACKET_HEADER ) ),
&header_extension, sizeof( global::headers::CLIENT_SEND_PACKET_HEADER ) );
memcpy(PVOID((UINT64)send_buffer + total_header_size), Buffer, Size);
this->pipe->WriteToPipe( send_buffer, header_extension.packet_size );
mutex.unlock();
free( send_buffer );
}

16
user/client.h
View file

@ -39,7 +39,11 @@ enum REPORT_CODES
HANDLE_OPERATION = 70
};
#define SERVER_SEND_MODULE_INTEGRITY_CHECK 10
#define CLIENT_REQUEST_MODULE_INTEGRITY_CHECK 10
#define CLIENT_SEND_SYSTEM_INFORMATION 10
#define MAX_CLIENT_SEND_PACKET_SIZE 60000
enum SERVER_SEND_CODES
{
@ -53,15 +57,12 @@ namespace global
std::shared_ptr<global::ThreadPool> thread_pool;
std::shared_ptr<global::Pipe> pipe;
std::mutex mutex;
global::headers::SYSTEM_INFORMATION* system_information;
byte report_buffer[ REPORT_BUFFER_SIZE ];
byte send_buffer[ SEND_BUFFER_SIZE ];
public:
Client( std::shared_ptr<global::ThreadPool> ThreadPool, LPTSTR PipeName );
~Client();
void UpdateSystemInformation( global::headers::SYSTEM_INFORMATION* SystemInformation );
@ -72,12 +73,10 @@ namespace global
mutex.lock();
global::headers::PIPE_PACKET_HEADER header;
header.message_type = REPORT_PACKET_ID;
header.message_type = MESSAGE_TYPE_CLIENT_REPORT;
header.steam64_id = TEST_STEAM_64_ID;
memcpy( &header.system_information.drive_0_serial, &this->system_information->drive_0_serial, sizeof(this->system_information->drive_0_serial) );
memcpy( &header.system_information.motherboard_serial, &this->system_information->motherboard_serial, sizeof( this->system_information->motherboard_serial ) );
memcpy( &this->report_buffer, &header, sizeof( global::headers::PIPE_PACKET_HEADER ) );
memcpy( PVOID( ( UINT64 )this->report_buffer + sizeof( global::headers::PIPE_PACKET_HEADER ) ), Report, sizeof( T ) );
this->pipe->WriteToPipe( this->report_buffer, sizeof(T) + sizeof( global::headers::PIPE_PACKET_HEADER ) );
RtlZeroMemory( this->report_buffer, REPORT_BUFFER_SIZE );
@ -86,7 +85,6 @@ namespace global
}
void ServerReceive();
void ServerSend( PVOID Buffer, SIZE_T Size, INT RequestId );
};

19
user/km/driver.cpp
View file

@ -370,7 +370,7 @@ VOID kernelmode::Driver::RequestModuleExecutableRegions()
LOG_INFO( "bytes returned: %lx", bytes_returned );
this->report_interface->ServerSend( buffer, bytes_returned, SERVER_SEND_MODULE_INTEGRITY_CHECK );
this->report_interface->ServerSend( buffer, bytes_returned, CLIENT_REQUEST_MODULE_INTEGRITY_CHECK );
end:
free( buffer );
@ -399,7 +399,7 @@ VOID kernelmode::Driver::ScanForUnlinkedProcess()
return;
}
this->report_interface->ServerSend( &report, bytes_returned, SERVER_SEND_MODULE_INTEGRITY_CHECK );
this->report_interface->ServerSend( &report, bytes_returned, CLIENT_REQUEST_MODULE_INTEGRITY_CHECK );
}
VOID kernelmode::Driver::PerformIntegrityCheck()
@ -489,7 +489,7 @@ VOID kernelmode::Driver::ValidateKPRCBThreads()
if ( bytes_returned == NULL )
return;
this->report_interface->ServerSend( &report, bytes_returned, SERVER_SEND_MODULE_INTEGRITY_CHECK );
this->report_interface->ServerSend( &report, bytes_returned, CLIENT_REQUEST_MODULE_INTEGRITY_CHECK );
}
VOID kernelmode::Driver::CheckForAttachedThreads()
@ -595,12 +595,12 @@ end:
CloseHandle( process_modules_handle );
}
VOID kernelmode::Driver::RequestHardwareInformation( global::headers::SYSTEM_INFORMATION* SystemInformation )
VOID kernelmode::Driver::SendClientHardwareInformation()
{
BOOLEAN status;
global::headers::SYSTEM_INFORMATION system_information;
DWORD bytes_returned;
std::cout << "HELLO?>?" << std::endl;
status = DeviceIoControl(
this->driver_handle,
IOCTL_REQUEST_HARDWARE_INFORMATION,
@ -618,9 +618,8 @@ VOID kernelmode::Driver::RequestHardwareInformation( global::headers::SYSTEM_INF
return;
}
memcpy(
SystemInformation,
&system_information,
sizeof( global::headers::SYSTEM_INFORMATION )
);
std::cout << system_information.motherboard_serial << " " << system_information.drive_0_serial << std::endl;
this->report_interface->ServerSend(
&system_information, sizeof( global::headers::SYSTEM_INFORMATION ), CLIENT_SEND_SYSTEM_INFORMATION );
}

2
user/km/driver.h
View file

@ -56,7 +56,7 @@ namespace kernelmode
VOID PerformIntegrityCheck();
VOID CheckForAttachedThreads();
VOID VerifyProcessLoadedModuleExecutableRegions();
VOID RequestHardwareInformation( global::headers::SYSTEM_INFORMATION* SystemInformation );
VOID SendClientHardwareInformation();
};
struct DRIVER_INITIATION_INFORMATION

4
user/km/kmanager.cpp
View file

@ -56,7 +56,7 @@ VOID kernelmode::KManager::ValidateProcessModules()
this->thread_pool->QueueJob( [ this ]() { this->driver_interface->VerifyProcessLoadedModuleExecutableRegions(); } );
}
VOID kernelmode::KManager::RequestHardwareInformation(global::headers::SYSTEM_INFORMATION* SystemInformation)
VOID kernelmode::KManager::SendClientHardwareInformation()
{
this->thread_pool->QueueJob( [ this, SystemInformation ]() { this->driver_interface->RequestHardwareInformation(SystemInformation); } );
this->thread_pool->QueueJob( [ this ]() { this->driver_interface->SendClientHardwareInformation(); } );
}

2
user/km/kmanager.h
View file

@ -27,7 +27,7 @@ namespace kernelmode
VOID PerformIntegrityCheck();
VOID CheckForAttachedThreads();
VOID ValidateProcessModules();
VOID RequestHardwareInformation( global::headers::SYSTEM_INFORMATION* SystemInformation );
VOID SendClientHardwareInformation();
};
}

8
user/main.cpp
View file

@ -29,13 +29,7 @@ DWORD WINAPI Init(HINSTANCE hinstDLL)
kernelmode::KManager kmanager( driver_name, thread_pool, client_interface);
global::headers::SYSTEM_INFORMATION system_information;
kmanager.RequestHardwareInformation( &system_information );
LOG_INFO( "drive serial dioctl: %s", system_information.drive_0_serial );
LOG_INFO( "mobo serial dioctl: %s", system_information.motherboard_serial );
client_interface->UpdateSystemInformation( &system_information );
kmanager.SendClientHardwareInformation();
while ( !GetAsyncKeyState( VK_DELETE ) )
{

12
user/pipe.h
View file

@ -3,9 +3,9 @@
#include <Windows.h>
#define REPORT_PACKET_ID 1
#define SERVER_REQUEST_PACKET_ID 2
#define SERVER_SEND_PACKET_ID 3
#define MESSAGE_TYPE_CLIENT_REPORT 1
#define MESSAGE_TYPE_CLIENT_SEND 2
#define MESSAGE_TYPE_CLIENT_REQUEST 3
#define MOTHERBOARD_SERIAL_CODE_LENGTH 32
#define DEVICE_DRIVE_0_SERIAL_CODE_LENGTH 32
@ -36,7 +36,6 @@ namespace global
{
INT message_type;
UINT64 steam64_id;
SYSTEM_INFORMATION system_information;
};
struct PIPE_PACKET_REQUEST_EXTENSION_HEADER
@ -44,13 +43,10 @@ namespace global
INT request_id;
};
struct PIPE_PACKET_SEND_EXTENSION_HEADER
struct CLIENT_SEND_PACKET_HEADER
{
INT request_id;
INT current_packet_number;
INT total_incoming_packet_count;
LONG packet_size;
LONG total_incoming_packet_size;
};
}