BOOL CLicenseDlg::OnSetActive()
{
if (!CheckWindowsVersion()) {
CPropertyPage::EndDialog(IDCANCEL);
}
CPropertySheet* pSheet = (CPropertySheet*)GetParent();
ASSERT_KINDOF(CPropertySheet, pSheet);
if (m_FirstTime) {
m_FirstTime = FALSE;
// Disable everything until the user scrolls the license text
CButton *radio_all = (CButton *) GetDlgItem(IDC_DISAGREE);
radio_all->SetCheck(1);
CButton *understand = (CButton *) GetDlgItem(IDC_UNDERSTAND);
understand->SetCheck(BST_UNCHECKED);
OnUnderstand();
understand->EnableWindow(FALSE);
pSheet->SetWizardButtons(0);
UpdateData(FALSE); // write to screen
} else {
pSheet->SetWizardButtons(PSWIZB_NEXT);
}
return CPropertyPage::OnSetActive();
}
BOOL CDriverManager::ExtractSysFile()
{
HMODULE hInstance = ::GetModuleHandle(NULL);//得到自身实例句柄
HRSRC hResID;
SystemVer SysVer = CheckWindowsVersion();
if ( SysVer == VER_WINDOWS_XP)
{
hResID = ::FindResource(hInstance,MAKEINTRESOURCE(IDR_KERNEL_XP_SYS),L"KERNEL");//查找资源
}
else if (SysVer == VER_WINDOWS_7)
{
hResID = ::FindResource(hInstance,MAKEINTRESOURCE(IDR_KERNEL_WIN7_SYS),L"KERNEL");//查找资源
}
HGLOBAL hRes = ::LoadResource(hInstance,hResID);//加载资源
LPVOID pRes = ::LockResource(hRes);//锁定资源
if (pRes == NULL)//锁定失败
{
return FALSE;
}
DWORD dwResSize = ::SizeofResource(hInstance,hResID);//得到待释放资源文件大小
HANDLE hResFile = CreateFile(m_strDriverPath,GENERIC_WRITE,FILE_SHARE_READ,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL);//创建文件
if (INVALID_HANDLE_VALUE == hResFile)
{
//TRACE("创建文件失败!");
return FALSE;
}
DWORD dwWritten = 0;//写入文件的大小
WriteFile(hResFile,pRes,dwResSize,&dwWritten,NULL);//写入文件
CloseHandle(hResFile);//关闭文件句柄
return (dwResSize == dwWritten);//若写入大小等于文件大小,返回成功,否则失败
}
int main() {
std::string dll_name = "sniffer.dll";
std::string exe_name = "process.exe";
if(!CheckWindowsVersion()) {
THROW_ERROR("The system does not meet the requirements (should be XP or later)!");
ps::Error::Print();
system("PAUSE");
return EXIT_FAILURE;
}
DWORD process_id = GetProcessIdFromExe(exe_name);
if(process_id == 0) {
THROW_ERROR("Could not find process if by the name of the executable!");
ps::Error::Print();
system("PAUSE");
return EXIT_FAILURE;
}
printf("Process id: %u\n", process_id);
HMODULE module = NULL;
if(!InjectDLL(process_id, dll_name, &module)) {
THROW_ERROR("DLL injection failed!\n");
ps::Error::Print();
system("PAUSE");
return EXIT_FAILURE;
}
printf("DLL successfully injected!\n");
ps::Pipe client;
bool rv = client.InitializeClient("packet_sniffer_pipe_42");
CHECK(rv == true);
rv = client.Connect();
CHECK(rv == true);
printf("Connected to server via pipe!\n");
std::vector<char> message;
rv = client.ReadMessage(&message);
if(rv == false) {
ps::Error::Print();
system("PAUSE");
return EXIT_FAILURE;
}
//printf("%u\n", message.size());
CHECK(message.size() == 1);
CHECK(message[0] == 0);
/*client.ReadMessage(&message);
std::string packet(message.begin(), message.end());
printf("Received: '%s'\n", packet.c_str());*/
rv = client.FinalizeClient();
CHECK(rv == true);
system("PAUSE");
if(!EjectDLL(process_id, module)) {
THROW_ERROR("DLL ejection failed!\n");
ps::Error::Print();
system("PAUSE");
return EXIT_FAILURE;
}
printf("DLL successfully ejected!\n");
system("PAUSE");
return EXIT_SUCCESS;
}
void dll_func()
{
char dllkey[256]="dll_priority:";
char rawname[256];
int carga=1;
char *dir=NULL;
int i;
#ifdef _WIN32
int buscafich;
struct _finddata_t fichero_dll; /* busqueda de DLLs */
char mask[256];
#else
DIR *directorio;
struct dirent *fichero_dll;
#endif
numdlls=0;
n_externs=0;
#ifdef _WIN32
/* Inicializa la carga de DLLs */
CheckWindowsVersion();
InitializeDLLLoad();
#endif
#ifdef _WIN32
if (ini)
dir=iniparser_getstr(ini,"dll:windll");
if (!dir)
dir="dll";
strcpy(mask,dir);
strcat(mask,"\\*.dll");
/* Busca las DLLs que hay en el directorio */
buscafich = _findfirst(mask, &fichero_dll);
if (buscafich==-1)
printf(translate(43)); /* no hay dlls */
#ifdef _DEBUG
printf("dbg: DLL encontrada: %s\n",fichero_dll.name);
#endif
sprintf(fichdll,"%s\\%s",dir,fichero_dll.name);
get_rawname(fichero_dll.name,rawname);
strcat(dllkey,rawname);
if (ini)
if (iniparser_getint(ini,dllkey,0)<=P_NUNCA)
carga=0;
if (carga)
if(!leedll()) {
dlls[numdlls].prioridad=0;
/* guarda el nombre de fichero en la tabla de DLLs */
dlls[0].nombre=(char*)e_malloc(strlen(rawname)+1);
strcpy(dlls[0].nombre,rawname);
/* importa las funciones de la DLL */
if (ini)
dlls[numdlls].prioridad=iniparser_getint(ini,dllkey,dlls[numdlls].prioridad);
numdlls=1;
}
/* hace lo mismo con el resto */
while(1) {
if(_findnext(buscafich,&fichero_dll)==0) {
#ifdef _DEBUG
printf("dbg: DLL encontrada: %s\n",fichero_dll.name);
#endif
carga=1;
sprintf(fichdll,"%s\\%s",dir,fichero_dll.name);
dlls[numdlls].prioridad=0;
get_rawname(fichero_dll.name,rawname);
strcpy(dllkey,"dll_priority:");
strcat(dllkey,rawname);
if(ini) if(iniparser_getint(ini,dllkey,0)<=P_NUNCA) carga=0;
if(carga) if(!leedll()) {
dlls[numdlls].nombre=(char*)e_malloc(strlen(rawname)+1);
strcpy(dlls[numdlls].nombre,rawname);
dlls[numdlls].usado=0;
if(ini) dlls[numdlls].prioridad=iniparser_getint(ini,dllkey,dlls[numdlls].prioridad);
numdlls++;
}
}
else
break;
}
#else /* si estamos en Linux */
if(ini) dir=iniparser_getstr(ini,"dll:nixdll");
if(!dir) dir="so";
directorio=opendir(dir);
if(!directorio) {
printf(translate(44),dir); /* no hay directorio so/ */
exit(1);
}
/* Busca las .so */
while ((fichero_dll = readdir(directorio)) != 0) {
/* Salta los directorios actual '.' y padre ".." */
if (strcmp(fichero_dll->d_name, ".") == 0)
continue;
if (strcmp(fichero_dll->d_name, "..") == 0)
continue;
if(fichero_dll->d_type==DT_REG) {
char dllkey[256]="dll_priority:";
#ifdef _DEBUG
printf("dbg: Librería encontrada: %s/%s\n",dir,fichero_dll->d_name);
#endif
carga=1;
sprintf(fichdll,"%s/%s",dir,fichero_dll->d_name);
dlls[numdlls].prioridad=0;
get_rawname(fichero_dll->d_name,rawname);
strcpy(dllkey,"dll_priority:");
strcat(dllkey,rawname);
if (ini) {
if (iniparser_getint(ini,dllkey,0) <= P_NUNCA)
carga=0;
}
if(carga) {
if(!leedll()) {
dlls[numdlls].nombre=(char*)e_malloc(strlen(rawname)+1);
strcpy(dlls[numdlls].nombre,rawname);
dlls[numdlls].usado=0;
if (ini)
dlls[numdlls].prioridad=iniparser_getint(ini,dllkey,dlls[numdlls].prioridad);
numdlls++;
}
}
}
}
#endif
if(numdlls==0)
printf(translate(43)); /* no hay librerias */
nuevo_orden=e_malloc(numdlls*4);
for(i=0;i<numdlls;i++)
nuevo_orden[i]=i;
qsort(nuevo_orden,numdlls,4,compara2);
qsort(dlls,numdlls,sizeof(struct _dlls),compara);
#ifdef _DEBUG
for(i=0;i<numdlls;i++)
printf("dbg: %d - %s - prioridad: %d\n",i,dlls[i].nombre,dlls[i].prioridad);
#endif
}
extern "C" void EXPORT_API Init()
{
CheckWindowsVersion();
OnBnClickedBtnOpenport();
}
BOOL CDynamoRIOApp::InitInstance()
{
#ifndef DRSTATS_DEMO
TCHAR msg[MAX_PATH*2];
#endif
BOOL windows_NT;
// Standard initialization
// If you are not using these features and wish to reduce the size
// of your final executable, you should remove from the following
// the specific initialization routines you do not need.
if (!CheckWindowsVersion(windows_NT)) {
// abort
return FALSE;
}
#if 0 // warning C4996: 'CWinApp::Enable3dControlsStatic': CWinApp::Enable3dControlsStatic is no longer needed. You should remove this call.
#ifdef _AFXDLL
Enable3dControls(); // Call this when using MFC in a shared DLL
#else
Enable3dControlsStatic(); // Call this when linking to MFC statically
#endif
#endif
#ifndef DRSTATS_DEMO
// Change the registry key under which our settings are stored,
// including MRU
SetRegistryKey(L_DYNAMORIO_REGISTRY_KEY);
LoadStdProfileSettings(12); // Load standard INI file options (including MRU)
#endif
// Register the application's document templates. Document templates
// serve as the connection between documents, frame windows and views.
CSingleDocTemplate* pDocTemplate;
pDocTemplate = new CSingleDocTemplate(
#ifdef DRSTATS_DEMO
IDR_MAINFRAME_DEMO,
#else
IDR_MAINFRAME,
#endif
RUNTIME_CLASS(CDynamoRIODoc),
RUNTIME_CLASS(CMainFrame), // main SDI frame window
RUNTIME_CLASS(CDynamoRIOView));
AddDocTemplate(pDocTemplate);
// Parse command line for standard shell commands, DDE, file open
CCommandLineInfo cmdInfo;
ParseCommandLine(cmdInfo);
// Dispatch commands specified on the command line
if (!ProcessShellCommand(cmdInfo))
return FALSE;
// enable file manager drag/drop and DDE Execute open
m_pMainWnd->DragAcceptFiles();
// The one and only window has been initialized, so show and update it.
m_pMainWnd->ShowWindow(SW_SHOW);
m_pMainWnd->UpdateWindow();
// I can't find any other way to access the main frame
m_pMainFrame = (CMainFrame *) m_pMainWnd;
// I can't figure out how to disable a menu item that has a command
// handler when this var is set, so I disable it:
m_pMainFrame->m_bAutoMenuEnable = FALSE;
#ifndef DRSTATS_DEMO
m_bSystemwideAllowed = TRUE;
// set the string we'll put into the registry key to inject system-wide
TCHAR data[1024];
int len = GetEnvironmentVariable(_T("DYNAMORIO_HOME"), m_dynamorio_home, _MAX_DIR);
#if 1 //NOCHECKIN
if (len == 0)
m_dynamorio_home[0] = _T('\0');
#else
if (len == 0) {
int res = MessageBox(NULL,
_T("DYNAMORIO_HOME environment variable not found.\n")
_T("Set all the DynamoRIO environment variables to their default values?\n")
_T("(Otherwise this GUI cannot operate and must exit.)"),
_T("DynamoRIO Not Configured for Current User"), MB_YESNO | MYMBFLAGS);
if (res == IDYES) {
if (!ConfigureForNewUser())
return FALSE;
} else {
// abort
return FALSE;
}
}
#endif
if (windows_NT) {
// we don't support systemwide on NT
// hack: use "confirm systemwide" setting to decide whether to notify user
if (GetProfileInt(_T("Settings"), _T("Confirm Systemwide"), 1) == 1) {
MessageBox(NULL, _T("Run All is not supported on Windows NT, it will be disabled"),
_T("Notice"), MB_OK | MYMBFLAGS);
// but then how does user turn off, if can't do Run All?
// just turn it off now:
SetSystemwideSetting(0);
}
m_bSystemwideAllowed = FALSE; // so key won't be cleared
DisableSystemwideInject();
} else {
//NOCHECKIN assert(len > 0 && len < _MAX_DIR && len + _tcslen(L_INJECT_ALL_DLL_SUBPATH) < MAX_PATH);
_stprintf(data, _T("%s%s"), m_dynamorio_home, L_INJECT_ALL_DLL_SUBPATH);
// make sure it exists
CFile check;
if (!check.Open(data, CFile::modeRead|CFile::shareDenyNone)) {
#if 0 // I'm disabling this dialog until we decide to support running apps
_stprintf(msg, _T("Library %s does not exist"), data);
MessageBox(NULL, msg, _T("Error"), MB_OK | MYMBFLAGS);
#endif
m_bSystemwideAllowed = FALSE; // so key won't be cleared
DisableSystemwideInject();
} else {
if (_tcschr(data, _T(' ')) != NULL) {
// registry key cannot handle spaces in names!
// must get 8.3 alias -- and some volumes do not support such an alias!
len = GetShortPathName(data, m_inject_all_value, MAX_PATH);
if (len == 0) {
_stprintf(msg, _T("Cannot find 8.3 alias for space-containing path \"%s\"!\nDisabling Run All"),
data);
MessageBox(NULL, msg, _T("Error"), MB_OK | MYMBFLAGS);
m_bSystemwideAllowed = FALSE; // so key won't be cleared
DisableSystemwideInject();
}
} else {
_tcscpy(m_inject_all_value, data);
}
check.Close();
}
}
// find current status of system-wide injection
if (m_bSystemwideAllowed) {
HKEY hk;
unsigned long size = 1024;
int res = RegOpenKeyEx(INJECT_ALL_HIVE, INJECT_ALL_KEY_L, 0, KEY_READ, &hk);
assert(res == ERROR_SUCCESS);
res = RegQueryValueEx(hk, INJECT_ALL_SUBKEY_L, 0, NULL, (LPBYTE) data, &size);
assert(res == ERROR_SUCCESS);
RegCloseKey(hk);
// WARNING: do not use Unicode build!
// if ever get size==2, it's b/c of Unicode build!
// Plus, stats viewing doesn't work w/ Unicode build
if (size > sizeof(TCHAR)) {
// make sure we're the ones who set this value
if (_tcscmp(m_inject_all_value, data) != 0) {
// FIXME: have user notify us of conflict?
int res = MessageBox(NULL,
_T("DynamoRIO's RunAll system-wide injection method is ")
_T("being used by some other program.\n")
_T("DynamoRIO can attempt to override the other program.\n")
_T("Otherwise, system-wide injection will be disabled.\n")
_T("Override?"),
_T("DynamoRIO Conflict"),
MB_YESNO | MYMBFLAGS);
if (res == IDYES) {
// now clear the registry key
SetSystemwideInject(_T(""));
// if the call fails, callee calls Disable for us
} else {
m_bSystemwideAllowed = FALSE; // so key won't be cleared
DisableSystemwideInject();
}
} else {
m_bInjectAll = TRUE;
}
} else {
// empty value: no injection
m_bInjectAll = FALSE;
}
}
if (m_bSystemwideAllowed) {
m_pMainWnd->GetMenu()->CheckMenuItem(ID_FILE_SYSTEMWIDE,
MF_BYCOMMAND | ((m_bInjectAll) ? MF_CHECKED : MF_UNCHECKED));
}
// make sure preinject dll exists
if (m_bSystemwideAllowed) {
CFile check;
if (!check.Open(m_inject_all_value, CFile::modeRead|CFile::shareDenyNone)) {
#if 0 // I'm disabling this dialog until we decide to support running apps
_stprintf(msg, _T("Library %s does not exist!\nDisabling Run All"), m_inject_all_value);
MessageBox(NULL, msg, _T("DynamoRIO Configuration Error"), MB_OK | MYMBFLAGS);
#endif
DisableSystemwideInject();
} else
check.Close();
}
m_dll_path[0] = _T('\0');
DisableMissingLibraries(TRUE);
// now select the previously checked library
int lib = GetProfileInt(_T("Settings"), _T("Library"), 1);
int tried = 0;
while (tried < 3) {
if (lib == 0 && SwitchLibraries(L_DLLPATH_RELEASE, FALSE)) {
OnLibraryRelease();
break;
} else if (lib == 1 && SwitchLibraries(L_DLLPATH_DEBUG, FALSE)) {
OnLibraryDebug();
break;
} else if (lib == 2 && SwitchLibraries(L_DLLPATH_PROFILE, FALSE)) {
OnLibraryProfile();
break;
}
lib = (lib + 1) % 3;
tried++;
}
if (tried == 3) {
#if 0 // Disabling
MessageBox(NULL, _T("Cannot find any DynamoRIO libraries!\n")
_T("Running of applications will be disabled."), _T("Error"), MB_OK | MYMBFLAGS);
#endif
// disable Run and libraries
m_pMainWnd->GetMenu()->EnableMenuItem(ID_FILE_RUN, MF_BYCOMMAND|MF_GRAYED);
DisableSystemwideInject();
m_pMainWnd->GetMenu()->EnableMenuItem(ID_LIBRARY_RELEASE, MF_BYCOMMAND|MF_GRAYED);
m_pMainWnd->GetMenu()->EnableMenuItem(ID_LIBRARY_DEBUG, MF_BYCOMMAND|MF_GRAYED);
m_pMainWnd->GetMenu()->EnableMenuItem(ID_LIBRARY_PROFILE, MF_BYCOMMAND|MF_GRAYED);
m_pMainWnd->GetMenu()->CheckMenuItem(ID_LIBRARY_RELEASE, MF_BYCOMMAND|MF_UNCHECKED);
m_pMainWnd->GetMenu()->CheckMenuItem(ID_LIBRARY_DEBUG, MF_BYCOMMAND|MF_UNCHECKED);
m_pMainWnd->GetMenu()->CheckMenuItem(ID_LIBRARY_PROFILE, MF_BYCOMMAND|MF_UNCHECKED);
}
if (m_bInjectAll) {
MessageBox(NULL, _T("Run All is already set!"),
_T("Warning"), MB_OK | MYMBFLAGS);
// FIXME: share this code with OnFileSystemwide
SetEnvVarPermanently(_T("DYNAMORIO_SYSTEMWIDE"), m_dll_path);
// disable changing the library
m_pMainWnd->GetMenu()->EnableMenuItem(ID_LIBRARY_RELEASE, MF_BYCOMMAND|MF_GRAYED);
m_pMainWnd->GetMenu()->EnableMenuItem(ID_LIBRARY_DEBUG, MF_BYCOMMAND|MF_GRAYED);
m_pMainWnd->GetMenu()->EnableMenuItem(ID_LIBRARY_PROFILE, MF_BYCOMMAND|MF_GRAYED);
}
#endif /*! DRSTATS_DEMO */
return TRUE;
}
