HANDLE StartPatcherThread( unsigned PID, DWORD *pPatcherThreadID = NULL) { EnableDebugPrivilege(); if (GetRemoteModuleHandle64Aware(PID, _T("VBoxDD.dll"))) { //We are inside VirtualBox #ifdef _WIN64 if (GetRemoteModuleHandle64Aware(PID, _T("kdclient64.dll"))) #else if (GetRemoteModuleHandle64Aware(PID, _T("kdclient.dll"))) #endif return 0; if (!s_bUserWarnedAboutVBox) { s_bUserWarnedAboutVBox = true; MessageBox(0, _T("VirtualKD cannot patch VirtualBox on-the-fly.\r\nPlease register the VirtualKD device for VirtualBox by running \"regsvr32 VBoxKD64.dll\". If this does not help, close all instances of VirtualBox and terminate VBoxSVC.exe and try again."), _T("VirtualKD"), MB_ICONWARNING | MB_TASKMODAL); } return INVALID_HANDLE_VALUE; } RemoteDllLoader ldr(g_hThisDll, false); if (ldr.FindLibraryInProcess(PID)) return NULL; return ldr.InitiateDLLLoading(PID, pPatcherThreadID); }
bool IsVMSessionPatched( unsigned PID ) { #ifndef _WIN64 if (IsRundll64Required(PID)) { return (Call64BitKDCLIENT(kIsSessionPatched, PID) == 1); } #endif if (GetRemoteModuleHandle64Aware(PID, _T("VBoxKD.dll")) || GetRemoteModuleHandle64Aware(PID, _T("VBoxKD64.dll"))) return true; RemoteDllLoader ldr(g_hThisDll, false); return (ldr.FindLibraryInProcess(PID, true) != 0); }
HANDLE StartUnpatcherThread( unsigned PID, DWORD *pPatcherThreadID = NULL) { if (GetRemoteModuleHandle64Aware(PID, _T("VBoxDD0.dll"))) return INVALID_HANDLE_VALUE; EnableDebugPrivilege(); RemoteDllLoader ldr(g_hThisDll, false); if (!ldr.FindLibraryInProcess(PID)) return NULL; return ldr.InitiateDLLUnloading(PID, true, pPatcherThreadID); }
HANDLE StartPatcherThread( unsigned PID, DWORD *pPatcherThreadID = NULL) { EnableDebugPrivilege(); if (GetRemoteModuleHandle64Aware(PID, _T("VBoxDD0.dll"))) return 0; if (GetRemoteModuleHandle64Aware(PID, _T("VBoxDD.dll"))) { if (!s_bUserWarnedAboutVBox) { s_bUserWarnedAboutVBox = true; MessageBox(0, _T("VirtualKD cannot patch VirtualBox on-the-fly.\r\nPlease, shut down all your VMs, rename VBoxDD.dll\t\nto VBoxDD0.dll and copy VBoxDD.dll from VirtualKD\t\npackage to VirtualBox directory."), _T("VirtualKD"), MB_ICONWARNING | MB_TASKMODAL); } return INVALID_HANDLE_VALUE; } RemoteDllLoader ldr(g_hThisDll, false); if (ldr.FindLibraryInProcess(PID)) return NULL; return ldr.InitiateDLLLoading(PID, pPatcherThreadID); }