static int accept_dotted_usernames(void) { HKEY parmKey; DWORD code, len; DWORD value = 1; code = RegOpenKeyEx(HKEY_CURRENT_USER, AFSREG_USER_OPENAFS_SUBKEY, 0, (is_wow64()?KEY_WOW64_64KEY:0)|KEY_QUERY_VALUE, &parmKey); if (code == ERROR_SUCCESS) { len = sizeof(value); code = RegQueryValueEx(parmKey, "AcceptDottedPrincipalNames", NULL, NULL, (BYTE *) &value, &len); RegCloseKey(parmKey); } if (code != ERROR_SUCCESS) { code = RegOpenKeyEx(HKEY_LOCAL_MACHINE, AFSREG_CLT_OPENAFS_SUBKEY, 0, (is_wow64()?KEY_WOW64_64KEY:0)|KEY_QUERY_VALUE, &parmKey); if (code == ERROR_SUCCESS) { len = sizeof(value); code = RegQueryValueEx(parmKey, "AcceptDottedPrincipalNames", NULL, NULL, (BYTE *) &value, &len); RegCloseKey (parmKey); } } return value; }
bool is_system32b() { //is the current application 32 bit? if (!is_compiled_32b()) { return false; } //check if it is running under WoW if (is_wow64()) { return false; } return true; }
void get_system_info( SYSTEM_INFO* info ) { if( !info ) { return; } ::memset( info, 0, sizeof( *info ) ); if( is_wow64() == false ) { ::GetSystemInfo( info ); } else { #if _WIN32_WINNT >= 0x0501 ::GetNativeSystemInfo( info ); #else ::GetSystemInfo( info ); #endif } }
int WINAPI wWinMain( HINSTANCE hinst, HINSTANCE hprev, LPWSTR cmd_line, int cmd_show ) { int rlt; int ver; int app_start = on_app_start( cmd_line ); #ifdef LOG_FILE _log( L"%0.8X app start", app_start ); #endif if ( app_start == ST_NEED_EXIT ) { return 0; } if ( _ui_init(hinst) == 0 ) { __error_s( HWND_DESKTOP, L"Error GUI initialization", ST_OK ); return 0; } if ( is_admin( ) != ST_OK ) { __error_s( HWND_DESKTOP, L"Admin Privileges Required", ST_OK ); return 0; } #ifdef _M_IX86 if ( is_wow64( ) != 0 ) { __error_s( HWND_DESKTOP, L"Please use x64 version of DiskCryptor", ST_OK ); return 0; } #endif if ( dc_is_old_runned( ) != 0 ) { __error_s( HWND_DESKTOP, L"DiskCryptor 0.1-0.4 installed, please completely uninstall it before use this version.", ST_OK ); return 0; } #ifdef LOG_FILE _log( L"%0.8X driver status", dc_driver_status( ) ); #endif if ( dc_is_driver_works( ) == FALSE ) { if ( ( rlt = _drv_action(DA_INSTAL, 0) ) != NO_ERROR ) { __error_s( HWND_DESKTOP, NULL, rlt ); } return 0; } if ( ( rlt = dc_open_device( ) ) != ST_OK ) { __error_s( HWND_DESKTOP, L"Can not open DC device", rlt ); return 0; } ver = dc_get_version( ); #ifdef LOG_FILE _log( L"%0.8X dc version", ver ); #endif if ( ver < DC_DRIVER_VER ) { if ( ( rlt = _drv_action(DA_UPDATE, ver) ) != NO_ERROR ) { __error_s( HWND_DESKTOP, NULL, rlt ); } return 0; } if ( ver > DC_DRIVER_VER ) { __msg_i( HWND_DESKTOP, L"DiskCryptor driver v%d detected\n" L"Please use last program version", ver ); return 0; } { HWND h_find; WNDCLASS wc = { 0 }; wc.lpszClassName = DC_CLASS; wc.lpfnWndProc = &_class_dlg_proc; wc.cbWndExtra = DLGWINDOWEXTRA; wc.hIcon = LoadIcon(hinst, MAKEINTRESOURCE(IDI_ICON_TRAY)); dlg_class = RegisterClass(&wc); #ifdef LOG_FILE _log( L"%0.8X register class", dlg_class ); #endif h_find = FindWindow(DC_CLASS, NULL); #ifdef LOG_FILE _log( L"%0.8X find window", h_find ); #endif if ( h_find != NULL ) { ShowWindow( h_find, SW_SHOW ); SetForegroundWindow( h_find ); #ifdef LOG_FILE _log( L"show window [ %0.8X ] return", h_find ); #endif return 0; } } if ( ( rlt = rnd_init( ) ) != ST_OK ) { __error_s( HWND_DESKTOP, L"Can not initialize RNG", rlt ); return 0; } if ( (rlt = dc_load_config(&__config) == NO_ERROR ? ST_OK : ST_ERROR) != ST_OK ) { __error_s( HWND_DESKTOP, L"Error get config", rlt ); return 0; } InitializeCriticalSection( &crit_sect ); #ifdef LOG_FILE _log( L"initialize critical section" ); #endif _init_list_head( &__drives ); _init_list_head( &__action ); _init_keyfiles_list( ); #ifdef LOG_FILE _log( L"init keyfiles list" ); #endif { HWND h_dialog; MSG msg; __hacc = LoadAccelerators( hinst, MAKEINTRESOURCE(IDR_MAIN_ACCEL) ); #ifdef LOG_FILE _log( L"before create dialog" ); #endif h_dialog = CreateDialog( GetModuleHandleA(NULL), MAKEINTRESOURCE(IDD_MAIN_DLG), HWND_DESKTOP, _main_dialog_proc ); #ifdef LOG_FILE _log( L"%0.8X create dialog", h_dialog ); #endif rlt = ShowWindow( h_dialog, app_start == ST_AUTORUNNED ? SW_HIDE : SW_SHOW ); #ifdef LOG_FILE _log( L"%0.8X show window", rlt ); #endif while ( GetMessage( &msg, NULL, 0, 0 ) ) { if ( !TranslateAccelerator( h_dialog, __hacc, &msg ) ) { TranslateMessage( &msg ); DispatchMessage( &msg ); } } DestroyAcceleratorTable( __hacc ); } return TRUE; }
BOOL pw_callback(process_info_t *pi, void **param) { char *resstr; char reschar; int res; WCHAR buf[MAX_CMDLINE]; DWORD version; BOOL under_dr; WCHAR qual_name[MAX_CMDLINE]; if (exe) generate_process_name(pi, qual_name, BUFFER_SIZE_ELEMENTS(qual_name)); if ( (pid && pi->ProcessID == pid) || (exe && (!wcsicmp(wexe, pi->ProcessName) || !wcsicmp(wexe, qual_name))) || listall || listdr) { version = -1; res = under_dynamorio_ex(pi->ProcessID, &version); switch (res) { case DLL_PROFILE : resstr=NAME" profile"; reschar='P'; break; case DLL_RELEASE : resstr=NAME" release"; reschar='R'; break; case DLL_DEBUG : resstr=NAME" debug"; reschar='D'; break; case DLL_CUSTOM : resstr=NAME" custom"; reschar='C'; break; case DLL_NONE : resstr="native"; reschar='N'; break; case DLL_UNKNOWN : default : resstr="<error>"; reschar='?'; } under_dr = !(res == DLL_NONE || res == DLL_UNKNOWN); if (!listdr || under_dr) { if (!nopid && !showmem) { if (onlypid) fprintf(fp, "%d\n", (DWORD) pi->ProcessID); else fprintf(fp, "PID %d, ", (DWORD) pi->ProcessID); } if (!showmem && !onlypid) { WCHAR qual_name[MAX_CMDLINE]; WCHAR *name_to_use = pi->ProcessName; #ifdef X64 HANDLE hproc = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, (DWORD) pi->ProcessID); if (is_wow64(hproc)) { if (!no32) fprintf(fp, "32-bit, "); /* FIXME: currently x64 process can't see 32-bit * drmarker */ resstr="<unknown>"; } CloseHandle(hproc); #endif if (!noqnames) { generate_process_name(pi, qual_name, BUFFER_SIZE_ELEMENTS(qual_name)); name_to_use = qual_name; } fprintf(fp, "Process %S, ", name_to_use); if (version == -1 || !showbuild) fprintf(fp, "running %s\n", resstr); else fprintf(fp, "running %s (build %d)\n", resstr, version); } if (cmdline) { res = get_process_cmdline(pi->ProcessID, buf, BUFFER_SIZE_ELEMENTS(buf)); NULL_TERMINATE_BUFFER(buf); if (res == ERROR_SUCCESS) { fprintf(fp, "\tCmdline: %S\n", buf); } else fprintf(fp, "\t<Cmdline err %d>\n", res); } if (qname) { WCHAR cmdline[MAX_CMDLINE]; res = get_process_cmdline(pi->ProcessID, cmdline, BUFFER_SIZE_ELEMENTS(cmdline)); NULL_TERMINATE_BUFFER(cmdline); if (res == ERROR_SUCCESS) { if (!get_commandline_qualifier(cmdline, buf, BUFFER_SIZE_ELEMENTS(buf), !strip)) buf[0] = L'\0'; /* no args */ NULL_TERMINATE_BUFFER(buf); } if (res == ERROR_SUCCESS) fprintf(fp, "\tQname: %S%s%S\n", pi->ProcessName, buf[0] == L'\0' ? "" : "-", buf); else fprintf(fp, "\t<Qname err %d>\n", res); } if (under_dr && hotp) { hotp_policy_status_table_t *status_tbl = NULL; res = get_hotp_status(pi->ProcessID, &status_tbl); if (res == ERROR_SUCCESS) { uint j; hotp_policy_status_t *cur; fprintf(fp, "\tHotpatching:\n", res); for (j = 0; j < status_tbl->num_policies; j++) { char status_buf[MAX_PATH]; cur = &(status_tbl->policy_status_array[j]); if (get_status_string(status_buf, MAX_PATH, cur->inject_status, cur->mode)) fprintf(fp, "\t Patch %s: %s\n", cur->policy_id, status_buf); } } else if (res == ERROR_DRMARKER_ERROR) { fprintf(fp, "\tHot Patching Not Enabled\n", res); } else { fprintf(fp, "\t<Hotpatch Query Error %d>\n", res); } } if (under_dr && showstats) { dr_statistics_t *stats = get_dynamorio_stats(pi->ProcessID); if (stats != NULL) { uint i; fprintf(fp, "\t%.*s\n", BUFFER_SIZE_ELEMENTS(stats->process_name), stats->process_name); for (i = 0; i < stats->num_stats; i++) { fprintf(fp, "\t%*.*s :%9d\n", BUFFER_SIZE_ELEMENTS(stats->stats[i].name), BUFFER_SIZE_ELEMENTS(stats->stats[i].name), stats->stats[i].name, stats->stats[i].value); } } free_dynamorio_stats(stats); } if (showmem) { print_mem_stats(pi, reschar, version); } count++; } } return TRUE; }