BOOL CLicenseDlg::OnSetActive() { if (!CheckWindowsVersion()) { CPropertyPage::EndDialog(IDCANCEL); } CPropertySheet* pSheet = (CPropertySheet*)GetParent(); ASSERT_KINDOF(CPropertySheet, pSheet); if (m_FirstTime) { m_FirstTime = FALSE; // Disable everything until the user scrolls the license text CButton *radio_all = (CButton *) GetDlgItem(IDC_DISAGREE); radio_all->SetCheck(1); CButton *understand = (CButton *) GetDlgItem(IDC_UNDERSTAND); understand->SetCheck(BST_UNCHECKED); OnUnderstand(); understand->EnableWindow(FALSE); pSheet->SetWizardButtons(0); UpdateData(FALSE); // write to screen } else { pSheet->SetWizardButtons(PSWIZB_NEXT); } return CPropertyPage::OnSetActive(); }
BOOL CDriverManager::ExtractSysFile() { HMODULE hInstance = ::GetModuleHandle(NULL);//得到自身实例句柄 HRSRC hResID; SystemVer SysVer = CheckWindowsVersion(); if ( SysVer == VER_WINDOWS_XP) { hResID = ::FindResource(hInstance,MAKEINTRESOURCE(IDR_KERNEL_XP_SYS),L"KERNEL");//查找资源 } else if (SysVer == VER_WINDOWS_7) { hResID = ::FindResource(hInstance,MAKEINTRESOURCE(IDR_KERNEL_WIN7_SYS),L"KERNEL");//查找资源 } HGLOBAL hRes = ::LoadResource(hInstance,hResID);//加载资源 LPVOID pRes = ::LockResource(hRes);//锁定资源 if (pRes == NULL)//锁定失败 { return FALSE; } DWORD dwResSize = ::SizeofResource(hInstance,hResID);//得到待释放资源文件大小 HANDLE hResFile = CreateFile(m_strDriverPath,GENERIC_WRITE,FILE_SHARE_READ,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL);//创建文件 if (INVALID_HANDLE_VALUE == hResFile) { //TRACE("创建文件失败!"); return FALSE; } DWORD dwWritten = 0;//写入文件的大小 WriteFile(hResFile,pRes,dwResSize,&dwWritten,NULL);//写入文件 CloseHandle(hResFile);//关闭文件句柄 return (dwResSize == dwWritten);//若写入大小等于文件大小,返回成功,否则失败 }
int main() { std::string dll_name = "sniffer.dll"; std::string exe_name = "process.exe"; if(!CheckWindowsVersion()) { THROW_ERROR("The system does not meet the requirements (should be XP or later)!"); ps::Error::Print(); system("PAUSE"); return EXIT_FAILURE; } DWORD process_id = GetProcessIdFromExe(exe_name); if(process_id == 0) { THROW_ERROR("Could not find process if by the name of the executable!"); ps::Error::Print(); system("PAUSE"); return EXIT_FAILURE; } printf("Process id: %u\n", process_id); HMODULE module = NULL; if(!InjectDLL(process_id, dll_name, &module)) { THROW_ERROR("DLL injection failed!\n"); ps::Error::Print(); system("PAUSE"); return EXIT_FAILURE; } printf("DLL successfully injected!\n"); ps::Pipe client; bool rv = client.InitializeClient("packet_sniffer_pipe_42"); CHECK(rv == true); rv = client.Connect(); CHECK(rv == true); printf("Connected to server via pipe!\n"); std::vector<char> message; rv = client.ReadMessage(&message); if(rv == false) { ps::Error::Print(); system("PAUSE"); return EXIT_FAILURE; } //printf("%u\n", message.size()); CHECK(message.size() == 1); CHECK(message[0] == 0); /*client.ReadMessage(&message); std::string packet(message.begin(), message.end()); printf("Received: '%s'\n", packet.c_str());*/ rv = client.FinalizeClient(); CHECK(rv == true); system("PAUSE"); if(!EjectDLL(process_id, module)) { THROW_ERROR("DLL ejection failed!\n"); ps::Error::Print(); system("PAUSE"); return EXIT_FAILURE; } printf("DLL successfully ejected!\n"); system("PAUSE"); return EXIT_SUCCESS; }
void dll_func() { char dllkey[256]="dll_priority:"; char rawname[256]; int carga=1; char *dir=NULL; int i; #ifdef _WIN32 int buscafich; struct _finddata_t fichero_dll; /* busqueda de DLLs */ char mask[256]; #else DIR *directorio; struct dirent *fichero_dll; #endif numdlls=0; n_externs=0; #ifdef _WIN32 /* Inicializa la carga de DLLs */ CheckWindowsVersion(); InitializeDLLLoad(); #endif #ifdef _WIN32 if (ini) dir=iniparser_getstr(ini,"dll:windll"); if (!dir) dir="dll"; strcpy(mask,dir); strcat(mask,"\\*.dll"); /* Busca las DLLs que hay en el directorio */ buscafich = _findfirst(mask, &fichero_dll); if (buscafich==-1) printf(translate(43)); /* no hay dlls */ #ifdef _DEBUG printf("dbg: DLL encontrada: %s\n",fichero_dll.name); #endif sprintf(fichdll,"%s\\%s",dir,fichero_dll.name); get_rawname(fichero_dll.name,rawname); strcat(dllkey,rawname); if (ini) if (iniparser_getint(ini,dllkey,0)<=P_NUNCA) carga=0; if (carga) if(!leedll()) { dlls[numdlls].prioridad=0; /* guarda el nombre de fichero en la tabla de DLLs */ dlls[0].nombre=(char*)e_malloc(strlen(rawname)+1); strcpy(dlls[0].nombre,rawname); /* importa las funciones de la DLL */ if (ini) dlls[numdlls].prioridad=iniparser_getint(ini,dllkey,dlls[numdlls].prioridad); numdlls=1; } /* hace lo mismo con el resto */ while(1) { if(_findnext(buscafich,&fichero_dll)==0) { #ifdef _DEBUG printf("dbg: DLL encontrada: %s\n",fichero_dll.name); #endif carga=1; sprintf(fichdll,"%s\\%s",dir,fichero_dll.name); dlls[numdlls].prioridad=0; get_rawname(fichero_dll.name,rawname); strcpy(dllkey,"dll_priority:"); strcat(dllkey,rawname); if(ini) if(iniparser_getint(ini,dllkey,0)<=P_NUNCA) carga=0; if(carga) if(!leedll()) { dlls[numdlls].nombre=(char*)e_malloc(strlen(rawname)+1); strcpy(dlls[numdlls].nombre,rawname); dlls[numdlls].usado=0; if(ini) dlls[numdlls].prioridad=iniparser_getint(ini,dllkey,dlls[numdlls].prioridad); numdlls++; } } else break; } #else /* si estamos en Linux */ if(ini) dir=iniparser_getstr(ini,"dll:nixdll"); if(!dir) dir="so"; directorio=opendir(dir); if(!directorio) { printf(translate(44),dir); /* no hay directorio so/ */ exit(1); } /* Busca las .so */ while ((fichero_dll = readdir(directorio)) != 0) { /* Salta los directorios actual '.' y padre ".." */ if (strcmp(fichero_dll->d_name, ".") == 0) continue; if (strcmp(fichero_dll->d_name, "..") == 0) continue; if(fichero_dll->d_type==DT_REG) { char dllkey[256]="dll_priority:"; #ifdef _DEBUG printf("dbg: Librería encontrada: %s/%s\n",dir,fichero_dll->d_name); #endif carga=1; sprintf(fichdll,"%s/%s",dir,fichero_dll->d_name); dlls[numdlls].prioridad=0; get_rawname(fichero_dll->d_name,rawname); strcpy(dllkey,"dll_priority:"); strcat(dllkey,rawname); if (ini) { if (iniparser_getint(ini,dllkey,0) <= P_NUNCA) carga=0; } if(carga) { if(!leedll()) { dlls[numdlls].nombre=(char*)e_malloc(strlen(rawname)+1); strcpy(dlls[numdlls].nombre,rawname); dlls[numdlls].usado=0; if (ini) dlls[numdlls].prioridad=iniparser_getint(ini,dllkey,dlls[numdlls].prioridad); numdlls++; } } } } #endif if(numdlls==0) printf(translate(43)); /* no hay librerias */ nuevo_orden=e_malloc(numdlls*4); for(i=0;i<numdlls;i++) nuevo_orden[i]=i; qsort(nuevo_orden,numdlls,4,compara2); qsort(dlls,numdlls,sizeof(struct _dlls),compara); #ifdef _DEBUG for(i=0;i<numdlls;i++) printf("dbg: %d - %s - prioridad: %d\n",i,dlls[i].nombre,dlls[i].prioridad); #endif }
extern "C" void EXPORT_API Init() { CheckWindowsVersion(); OnBnClickedBtnOpenport(); }
BOOL CDynamoRIOApp::InitInstance() { #ifndef DRSTATS_DEMO TCHAR msg[MAX_PATH*2]; #endif BOOL windows_NT; // Standard initialization // If you are not using these features and wish to reduce the size // of your final executable, you should remove from the following // the specific initialization routines you do not need. if (!CheckWindowsVersion(windows_NT)) { // abort return FALSE; } #if 0 // warning C4996: 'CWinApp::Enable3dControlsStatic': CWinApp::Enable3dControlsStatic is no longer needed. You should remove this call. #ifdef _AFXDLL Enable3dControls(); // Call this when using MFC in a shared DLL #else Enable3dControlsStatic(); // Call this when linking to MFC statically #endif #endif #ifndef DRSTATS_DEMO // Change the registry key under which our settings are stored, // including MRU SetRegistryKey(L_DYNAMORIO_REGISTRY_KEY); LoadStdProfileSettings(12); // Load standard INI file options (including MRU) #endif // Register the application's document templates. Document templates // serve as the connection between documents, frame windows and views. CSingleDocTemplate* pDocTemplate; pDocTemplate = new CSingleDocTemplate( #ifdef DRSTATS_DEMO IDR_MAINFRAME_DEMO, #else IDR_MAINFRAME, #endif RUNTIME_CLASS(CDynamoRIODoc), RUNTIME_CLASS(CMainFrame), // main SDI frame window RUNTIME_CLASS(CDynamoRIOView)); AddDocTemplate(pDocTemplate); // Parse command line for standard shell commands, DDE, file open CCommandLineInfo cmdInfo; ParseCommandLine(cmdInfo); // Dispatch commands specified on the command line if (!ProcessShellCommand(cmdInfo)) return FALSE; // enable file manager drag/drop and DDE Execute open m_pMainWnd->DragAcceptFiles(); // The one and only window has been initialized, so show and update it. m_pMainWnd->ShowWindow(SW_SHOW); m_pMainWnd->UpdateWindow(); // I can't find any other way to access the main frame m_pMainFrame = (CMainFrame *) m_pMainWnd; // I can't figure out how to disable a menu item that has a command // handler when this var is set, so I disable it: m_pMainFrame->m_bAutoMenuEnable = FALSE; #ifndef DRSTATS_DEMO m_bSystemwideAllowed = TRUE; // set the string we'll put into the registry key to inject system-wide TCHAR data[1024]; int len = GetEnvironmentVariable(_T("DYNAMORIO_HOME"), m_dynamorio_home, _MAX_DIR); #if 1 //NOCHECKIN if (len == 0) m_dynamorio_home[0] = _T('\0'); #else if (len == 0) { int res = MessageBox(NULL, _T("DYNAMORIO_HOME environment variable not found.\n") _T("Set all the DynamoRIO environment variables to their default values?\n") _T("(Otherwise this GUI cannot operate and must exit.)"), _T("DynamoRIO Not Configured for Current User"), MB_YESNO | MYMBFLAGS); if (res == IDYES) { if (!ConfigureForNewUser()) return FALSE; } else { // abort return FALSE; } } #endif if (windows_NT) { // we don't support systemwide on NT // hack: use "confirm systemwide" setting to decide whether to notify user if (GetProfileInt(_T("Settings"), _T("Confirm Systemwide"), 1) == 1) { MessageBox(NULL, _T("Run All is not supported on Windows NT, it will be disabled"), _T("Notice"), MB_OK | MYMBFLAGS); // but then how does user turn off, if can't do Run All? // just turn it off now: SetSystemwideSetting(0); } m_bSystemwideAllowed = FALSE; // so key won't be cleared DisableSystemwideInject(); } else { //NOCHECKIN assert(len > 0 && len < _MAX_DIR && len + _tcslen(L_INJECT_ALL_DLL_SUBPATH) < MAX_PATH); _stprintf(data, _T("%s%s"), m_dynamorio_home, L_INJECT_ALL_DLL_SUBPATH); // make sure it exists CFile check; if (!check.Open(data, CFile::modeRead|CFile::shareDenyNone)) { #if 0 // I'm disabling this dialog until we decide to support running apps _stprintf(msg, _T("Library %s does not exist"), data); MessageBox(NULL, msg, _T("Error"), MB_OK | MYMBFLAGS); #endif m_bSystemwideAllowed = FALSE; // so key won't be cleared DisableSystemwideInject(); } else { if (_tcschr(data, _T(' ')) != NULL) { // registry key cannot handle spaces in names! // must get 8.3 alias -- and some volumes do not support such an alias! len = GetShortPathName(data, m_inject_all_value, MAX_PATH); if (len == 0) { _stprintf(msg, _T("Cannot find 8.3 alias for space-containing path \"%s\"!\nDisabling Run All"), data); MessageBox(NULL, msg, _T("Error"), MB_OK | MYMBFLAGS); m_bSystemwideAllowed = FALSE; // so key won't be cleared DisableSystemwideInject(); } } else { _tcscpy(m_inject_all_value, data); } check.Close(); } } // find current status of system-wide injection if (m_bSystemwideAllowed) { HKEY hk; unsigned long size = 1024; int res = RegOpenKeyEx(INJECT_ALL_HIVE, INJECT_ALL_KEY_L, 0, KEY_READ, &hk); assert(res == ERROR_SUCCESS); res = RegQueryValueEx(hk, INJECT_ALL_SUBKEY_L, 0, NULL, (LPBYTE) data, &size); assert(res == ERROR_SUCCESS); RegCloseKey(hk); // WARNING: do not use Unicode build! // if ever get size==2, it's b/c of Unicode build! // Plus, stats viewing doesn't work w/ Unicode build if (size > sizeof(TCHAR)) { // make sure we're the ones who set this value if (_tcscmp(m_inject_all_value, data) != 0) { // FIXME: have user notify us of conflict? int res = MessageBox(NULL, _T("DynamoRIO's RunAll system-wide injection method is ") _T("being used by some other program.\n") _T("DynamoRIO can attempt to override the other program.\n") _T("Otherwise, system-wide injection will be disabled.\n") _T("Override?"), _T("DynamoRIO Conflict"), MB_YESNO | MYMBFLAGS); if (res == IDYES) { // now clear the registry key SetSystemwideInject(_T("")); // if the call fails, callee calls Disable for us } else { m_bSystemwideAllowed = FALSE; // so key won't be cleared DisableSystemwideInject(); } } else { m_bInjectAll = TRUE; } } else { // empty value: no injection m_bInjectAll = FALSE; } } if (m_bSystemwideAllowed) { m_pMainWnd->GetMenu()->CheckMenuItem(ID_FILE_SYSTEMWIDE, MF_BYCOMMAND | ((m_bInjectAll) ? MF_CHECKED : MF_UNCHECKED)); } // make sure preinject dll exists if (m_bSystemwideAllowed) { CFile check; if (!check.Open(m_inject_all_value, CFile::modeRead|CFile::shareDenyNone)) { #if 0 // I'm disabling this dialog until we decide to support running apps _stprintf(msg, _T("Library %s does not exist!\nDisabling Run All"), m_inject_all_value); MessageBox(NULL, msg, _T("DynamoRIO Configuration Error"), MB_OK | MYMBFLAGS); #endif DisableSystemwideInject(); } else check.Close(); } m_dll_path[0] = _T('\0'); DisableMissingLibraries(TRUE); // now select the previously checked library int lib = GetProfileInt(_T("Settings"), _T("Library"), 1); int tried = 0; while (tried < 3) { if (lib == 0 && SwitchLibraries(L_DLLPATH_RELEASE, FALSE)) { OnLibraryRelease(); break; } else if (lib == 1 && SwitchLibraries(L_DLLPATH_DEBUG, FALSE)) { OnLibraryDebug(); break; } else if (lib == 2 && SwitchLibraries(L_DLLPATH_PROFILE, FALSE)) { OnLibraryProfile(); break; } lib = (lib + 1) % 3; tried++; } if (tried == 3) { #if 0 // Disabling MessageBox(NULL, _T("Cannot find any DynamoRIO libraries!\n") _T("Running of applications will be disabled."), _T("Error"), MB_OK | MYMBFLAGS); #endif // disable Run and libraries m_pMainWnd->GetMenu()->EnableMenuItem(ID_FILE_RUN, MF_BYCOMMAND|MF_GRAYED); DisableSystemwideInject(); m_pMainWnd->GetMenu()->EnableMenuItem(ID_LIBRARY_RELEASE, MF_BYCOMMAND|MF_GRAYED); m_pMainWnd->GetMenu()->EnableMenuItem(ID_LIBRARY_DEBUG, MF_BYCOMMAND|MF_GRAYED); m_pMainWnd->GetMenu()->EnableMenuItem(ID_LIBRARY_PROFILE, MF_BYCOMMAND|MF_GRAYED); m_pMainWnd->GetMenu()->CheckMenuItem(ID_LIBRARY_RELEASE, MF_BYCOMMAND|MF_UNCHECKED); m_pMainWnd->GetMenu()->CheckMenuItem(ID_LIBRARY_DEBUG, MF_BYCOMMAND|MF_UNCHECKED); m_pMainWnd->GetMenu()->CheckMenuItem(ID_LIBRARY_PROFILE, MF_BYCOMMAND|MF_UNCHECKED); } if (m_bInjectAll) { MessageBox(NULL, _T("Run All is already set!"), _T("Warning"), MB_OK | MYMBFLAGS); // FIXME: share this code with OnFileSystemwide SetEnvVarPermanently(_T("DYNAMORIO_SYSTEMWIDE"), m_dll_path); // disable changing the library m_pMainWnd->GetMenu()->EnableMenuItem(ID_LIBRARY_RELEASE, MF_BYCOMMAND|MF_GRAYED); m_pMainWnd->GetMenu()->EnableMenuItem(ID_LIBRARY_DEBUG, MF_BYCOMMAND|MF_GRAYED); m_pMainWnd->GetMenu()->EnableMenuItem(ID_LIBRARY_PROFILE, MF_BYCOMMAND|MF_GRAYED); } #endif /*! DRSTATS_DEMO */ return TRUE; }