static VOID GetPageEx(PHANDLE_CONTEXT Ctx, HINTERNET hFile, DWORD_PTR dwContext)
{
INTERNET_BUFFERS Buffers = {0};
LPVOID pMem = hAlloc(MAX_CONTENT_BUFFER_SIZE);
if (pMem)
{
Buffers.dwStructSize = sizeof(INTERNET_BUFFERS);
Buffers.lpvBuffer = pMem;
do
{
Buffers.dwBufferLength = MAX_CONTENT_BUFFER_SIZE;
if (InternetReadFileEx(hFile, &Buffers, IRF_SYNC | IRF_NO_WAIT, dwContext))
{
ASSERT(Buffers.dwBufferLength <= MAX_CONTENT_BUFFER_SIZE);
ASSERT(Buffers.dwBufferTotal <= MAX_CONTENT_BUFFER_SIZE);
if (Buffers.dwBufferLength == 0)
{
Ctx->Status = LOADING_COMPLETE;
break;
}
else
CoInvoke(Ctx->pStream, Write, pMem, Buffers.dwBufferLength, NULL);
} // if (InternetReadFileEx(
else
{
if (GetLastError() != ERROR_IO_PENDING)
Ctx->Status = ERROR_WHILE_LOADING;
break;
} // else // if (InternetReadFileEx(
}while (TRUE);
hFree(pMem);
} // if (pMem)
}
unsigned int _stdcall EP_FillerThread(void* _pContext)
{
CPs_BufferFillerContext* pContext = (CPs_BufferFillerContext*)_pContext;
HINTERNET hInternet;
HINTERNET hURLStream;
DWORD dwTimeout;
BOOL bStreamComplete = FALSE;
INTERNET_BUFFERS internetbuffer;
BYTE bReadBuffer[CIC_READCHUNKSIZE];
CP_CHECKOBJECT(pContext);
PostMessage(pContext->m_hWndNotify, CPNM_SETSTREAMINGSTATE, (WPARAM)TRUE, (LPARAM)0);
// Check that we can open this file
hInternet = InternetOpen("CoolPlayer",
INTERNET_OPEN_TYPE_PRECONFIG,
NULL, NULL, 0L);
if (hInternet == NULL)
{
pContext->m_pCircleBuffer->SetComplete(pContext->m_pCircleBuffer);
CP_TRACE0("EP_FillerThread::NoInternetOpen");
return 0;
}
dwTimeout = 2000;
InternetSetOption(hInternet, INTERNET_OPTION_CONNECT_TIMEOUT, &dwTimeout, sizeof(dwTimeout));
hURLStream = InternetOpenUrl(hInternet,
pContext->m_pcFlexiURL,
NULL,
0,
INTERNET_FLAG_NO_CACHE_WRITE
| INTERNET_FLAG_PRAGMA_NOCACHE,
0);
if (hURLStream == NULL)
{
InternetCloseHandle(hInternet);
pContext->m_pCircleBuffer->SetComplete(pContext->m_pCircleBuffer);
CP_TRACE1("EP_FillerThread::NoOpenURL %s", pContext->m_pcFlexiURL);
return 0;
}
// Setup the internet buffer
internetbuffer.dwStructSize = sizeof(internetbuffer);
internetbuffer.Next = NULL;
internetbuffer.lpcszHeader = NULL;
internetbuffer.lpvBuffer = bReadBuffer;
internetbuffer.dwBufferLength = CIC_READCHUNKSIZE;
// Perform reading
while (pContext->m_bTerminate == FALSE && bStreamComplete == FALSE)
{
BOOL bReadResult;
// Is our circle buffer full?
if (pContext->m_pCircleBuffer->GetFreeSize(pContext->m_pCircleBuffer) < CIC_READCHUNKSIZE)
{
Sleep(20);
continue;
}
// Read in another chunk - if we don't get any data that's ok - we would rather poll the
// buffers than just hang on the socket (so the stream can be shutdown if needed)
internetbuffer.dwBufferLength = CIC_READCHUNKSIZE;
bReadResult = InternetReadFileEx(hURLStream, &internetbuffer, IRF_NO_WAIT, 0);
if (bReadResult == FALSE)
bStreamComplete = TRUE;
if (internetbuffer.dwBufferLength)
{
pContext->m_pCircleBuffer->Write(pContext->m_pCircleBuffer,
internetbuffer.lpvBuffer,
internetbuffer.dwBufferLength);
PostMessage(pContext->m_hWndNotify,
CPNM_SETSTREAMINGSTATE,
(WPARAM)TRUE,
(LPARAM)(pContext->m_pCircleBuffer->GetUsedSize(pContext->m_pCircleBuffer)*100) / CIC_STREAMBUFFERSIZE);
}
else
Sleep(20);
}
InternetCloseHandle(hURLStream);
InternetCloseHandle(hInternet);
pContext->m_pCircleBuffer->SetComplete(pContext->m_pCircleBuffer);
PostMessage(pContext->m_hWndNotify, CPNM_SETSTREAMINGSTATE, (WPARAM)FALSE, (LPARAM)0);
CP_TRACE0("EP_FillerThread normal shutdown");
return 0;
}
//------------------------------------------------------------------------------
void GetSHA256Info(VIRUSTOTAL_STR *vts)
{
//init connexion
HINTERNET M_connexion = 0;
if (!use_other_proxy)M_connexion = InternetOpen("",/*INTERNET_OPEN_TYPE_DIRECT*/INTERNET_OPEN_TYPE_PRECONFIG, NULL, NULL, INTERNET_FLAG_NO_CACHE_WRITE);
else M_connexion = InternetOpen("",/*INTERNET_OPEN_TYPE_DIRECT*/INTERNET_OPEN_TYPE_PROXY, proxy_ch_auth, NULL, 0);
if (M_connexion==NULL)M_connexion = InternetOpen("",INTERNET_OPEN_TYPE_DIRECT, NULL, NULL, INTERNET_FLAG_NO_CACHE_WRITE);
if (M_connexion==NULL)return;
HINTERNET M_session = InternetConnect(M_connexion, "www.virustotal.com",443,"","",INTERNET_SERVICE_HTTP,0,0);
if (M_session==NULL)
{
InternetCloseHandle(M_connexion);
return;
}
char request[MAX_PATH] = "/file/upload/?sha256=";
strncat(request,vts->sha256,MAX_PATH);
strncat(request,"\0",MAX_PATH);
//connexion
HINTERNET M_requete = HttpOpenRequest(M_session,"GET",request,NULL,"https://www.virustotal.com/",NULL,
INTERNET_FLAG_NO_CACHE_WRITE|INTERNET_FLAG_SECURE
|INTERNET_FLAG_IGNORE_CERT_CN_INVALID|INTERNET_FLAG_IGNORE_CERT_DATE_INVALID,0);
if (use_proxy_advanced_settings)
{
InternetSetOption(M_requete,INTERNET_OPTION_PROXY_USERNAME,proxy_ch_user,sizeof(proxy_ch_user));
InternetSetOption(M_requete,INTERNET_OPTION_PROXY_PASSWORD,proxy_ch_password,sizeof(proxy_ch_password));
}
//Création du paramètre
char cookie[MAX_PATH]="Cookie: csrftoken=";
strncat(cookie,vts->token,MAX_PATH);
strncat(cookie,"\0",MAX_PATH);
if (M_requete==NULL)
{
InternetCloseHandle(M_session);
InternetCloseHandle(M_connexion);
return;
}else if (HttpSendRequest(M_requete, cookie, strlen(cookie), NULL, 0))
{
INTERNET_BUFFERS ib;
ib.dwStructSize = sizeof(INTERNET_BUFFERS);
ib.lpcszHeader = NULL;
ib.dwHeadersLength = 0;
ib.dwHeadersTotal = 0;
ib.dwOffsetLow = 0;
ib.dwOffsetHigh = 0;
char resultat[16000];
ib.lpvBuffer = resultat;
ib.dwBufferLength = 16000-1;
ib.dwBufferTotal = 16000-1;
if(InternetReadFileEx(M_requete,&ib,IRF_NO_WAIT,0))
{
if (strlen(resultat)>20)
{
//"file_exists": true
char *c = resultat;
while (*c && (*c != ',' || *(c+1)!=' '|| *(c+2)!='"' || *(c+3)!='f'|| *(c+4)!='i'))c++;
if (*c == ',' && *(c+1)== ' '&& *(c+2)== '"' && *(c+3)== 'f'&& *(c+4)== 'i')
{
c+=strlen(", \"file_exists\": "); //17
if (*c == 't')
{
vts->exist = TRUE;
}else vts->exist = FALSE;
}else vts->exist = FALSE;
//lecture + convertion : , "last_analysis_date": "
c = resultat;
while (*c && (*c != ',' || *(c+1)!=' '|| *(c+2)!='"' || *(c+3)!='l'|| *(c+4)!='a'|| *(c+17)!='d'))c++;
if (*c == ',' && *(c+1)==' ' && *(c+2)=='"' && *(c+3)=='l' && *(c+4)=='a' && *(c+17)=='d')
{
c+=strlen(", \"last_analysis_date\": \""); //25
//test si une date ou non !!!
if (*c == 'u')strncpy(vts->last_analysis_date,"NULL",5);
else
{
strncpy(vts->last_analysis_date,c,19);
vts->last_analysis_date[4]='/';
vts->last_analysis_date[7]='/';
vts->last_analysis_date[10]='-';
vts->last_analysis_date[19]=0;
}
}
//lecture : detection_ratio
c = resultat;
while (*c && (*c != '['))c++;
if (*c == '[')
{
c++;
if (*(c+1) == ',')
{
snprintf(vts->detection_ratio,19,"0%s",c);
}else strncpy(vts->detection_ratio,c,19);
//recherche de la fin
c = vts->detection_ratio;
while (*c && *c!=']')c++;
*c=0;
}
}else vts->exist = -2;
}
InternetCloseHandle(M_requete);
}
//close
InternetCloseHandle(M_session);
InternetCloseHandle(M_connexion);
}
HRESULT CHttpDownloader::ReadData(_bstr_t &strBuffer)
{
HRESULT hr = E_FAIL;
IStream *pStream = NULL;
INTERNET_BUFFERS ib ={0};
ULONG ulWritten;
BOOL bResult;
DWORD dwErr;
TCHAR buf[32];
DWORD dwBufferLength;
TCHAR *szNULL = _T("\x0");
// Get file size
dwBufferLength = 32*sizeof(TCHAR);
if(::HttpQueryInfo(m_hRequest, HTTP_QUERY_CONTENT_LENGTH, buf, &dwBufferLength, NULL))
{
m_dwTotalSize = _tcstoul(buf, &szNULL, 10);
if(m_hWnd != NULL && m_nMessage != 0)
::PostMessage(m_hWnd, m_nMessage, m_dwDownloaded, m_dwTotalSize);
}
//Check MD5 hash
if(m_request.md5 != NULL && _tcslen(m_request.md5) >= 22)
{
dwBufferLength = 32*sizeof(TCHAR);
if(::HttpQueryInfo(m_hRequest, HTTP_QUERY_CONTENT_MD5, buf, &dwBufferLength, NULL))
{
if(0 == _tcsnicmp(m_request.md5, buf, 22))
{
if(m_hWnd != NULL && m_nMessage != 0)
::PostMessage(m_hWnd, m_nMessage, m_dwTotalSize, m_dwTotalSize);
}
return S_OK;
}
}
hr = CreateStreamOnHGlobal(NULL, TRUE, &pStream);
if(FAILED(hr))
{
return hr;
}
ib.lpcszHeader = NULL;
ib.dwHeadersLength = NULL;
ib.lpvBuffer = new TCHAR[COMMAND_BUFF_SIZE_PART];
ib.dwBufferLength = COMMAND_BUFF_SIZE_PART;
ib.dwStructSize = sizeof(ib);
do
{
ib.dwBufferLength = COMMAND_BUFF_SIZE_PART;
if(m_longAbort > 0)
{
hr = E_ABORT;
break;
}
m_context.op = HTTP_DOWNLOADER_OP_READ_DATA;
bResult = InternetReadFileEx(m_hRequest, &ib, IRF_ASYNC | IRF_USE_CONTEXT, (DWORD)&m_context);
dwErr = GetLastError();
if(!bResult && dwErr == 997) // Overlapped I/O operation is in progress.
{
bResult = WaitForComplete(m_dwTimeout);
if(bResult)
continue;
}
if(bResult)
{
if(ib.dwBufferLength)
{
hr = pStream->Write(ib.lpvBuffer, ib.dwBufferLength, &ulWritten);
if(FAILED(hr))
{
strBuffer = _T("Cannot write to stream");
break;
}
m_dwDownloaded += ib.dwBufferLength;
if(m_hWnd != NULL && m_nMessage != 0)
::PostMessage(m_hWnd, m_nMessage, m_dwDownloaded, m_dwTotalSize);
}
}
else
{
hr = E_FAIL;
break;
}
// Sleep(1);
} while(ib.dwBufferLength);
if(ib.lpvBuffer)
{
delete[] ib.lpvBuffer;
ib.lpvBuffer = NULL;
}
if(SUCCEEDED(hr) && pStream)
{
m_pStream = pStream;
return hr;
}
else
{
if(pStream)
pStream->Release();
pStream = NULL;
}
return hr;
}
//------------------------------------------------------------------------------
DWORD WINAPI UpdateRtCA_Thread(LPVOID lParam)
{
update_thread_start = 1;
//get current date
time_t date;
time(&date);
struct tm *today = localtime(&date);
//get date
char date_today[DATE_SIZE_MAX]="";
strftime(date_today, DATE_SIZE_MAX,"%Y/%m/%d %H:%M:%S",today);
//---------------------------
//update malware database
//http://www.selectrealsecurity.com/public-block-lists
SendMessage(hstatus_bar,SB_SETTEXT,0, (LPARAM)cps[TXT_UPDATE_START].c);
//init database ?
//sqlite3_exec(db_scan,"DELETE from malware_dns_list;", NULL, NULL, NULL);
//ddl malware file https://easylist-downloads.adblockplus.org/malwaredomains_full.txt
//init SSL connexion
HINTERNET M_connexion = 0;
if (!use_other_proxy)M_connexion = InternetOpen("",/*INTERNET_OPEN_TYPE_DIRECT*/INTERNET_OPEN_TYPE_PRECONFIG, NULL, NULL, INTERNET_FLAG_NO_CACHE_WRITE);
else M_connexion = InternetOpen("",/*INTERNET_OPEN_TYPE_DIRECT*/INTERNET_OPEN_TYPE_PROXY, proxy_ch_auth, NULL, 0);
if (M_connexion==NULL)M_connexion = InternetOpen("",INTERNET_OPEN_TYPE_DIRECT, NULL, NULL, INTERNET_FLAG_NO_CACHE_WRITE);
if (M_connexion==NULL)return 0;
if(!SQLITE_FULL_SPEED)sqlite3_exec(db_scan,"BEGIN TRANSACTION;", NULL, NULL, NULL);
//---------------------------
HINTERNET M_session = InternetConnect(M_connexion, "easylist-downloads.adblockplus.org",443,"","",INTERNET_SERVICE_HTTP,0,0);
if (M_session!=NULL)
{
//connexion
HINTERNET M_requete = HttpOpenRequest(M_session,"GET","/malwaredomains_full.txt",NULL,"https://easylist-downloads.adblockplus.org",NULL,
INTERNET_FLAG_NO_CACHE_WRITE|INTERNET_FLAG_SECURE
|INTERNET_FLAG_IGNORE_CERT_CN_INVALID|INTERNET_FLAG_IGNORE_CERT_DATE_INVALID,0);
if (use_proxy_advanced_settings)
{
InternetSetOption(M_requete,INTERNET_OPTION_PROXY_USERNAME,proxy_ch_user,sizeof(proxy_ch_user));
InternetSetOption(M_requete,INTERNET_OPTION_PROXY_PASSWORD,proxy_ch_password,sizeof(proxy_ch_password));
}
if (HttpSendRequest(M_requete, NULL, 0, NULL, 0))
{
char *res = malloc(DIXM); //10MO
memset(res,0,DIXM);
if (res != NULL)
{
INTERNET_BUFFERS ib;
ib.dwStructSize = sizeof(INTERNET_BUFFERS);
ib.lpcszHeader = NULL;
ib.dwHeadersLength = 0;
ib.dwHeadersTotal = 0;
ib.dwOffsetLow = 0;
ib.dwOffsetHigh = 0;
ib.lpvBuffer = res;
ib.dwBufferLength = DIXM-1;
ib.dwBufferTotal = DIXM-1;
if(InternetReadFileEx(M_requete,&ib,IRF_NO_WAIT,0))
{
if (strlen(res)>0)
{
//working with file and update
char request[MAX_LINE_SIZE], domain[MAX_PATH], *c = res, *d;
do
{
//get data by line
if (*c++ == '|')
{
if (*c++ == '|')
{
d = domain;
while (*c && *c!='^' && (d-domain < MAX_PATH)) *d++ = *c++;
*d = 0;
if (strlen(domain)>=DNS_MALWARE_MIN_SIZE)
{
snprintf(request,MAX_LINE_SIZE,"INSERT INTO malware_dns_list (domain,description,update_time) "
"VALUES(\"%s\",\"https://easylist-downloads.adblockplus.org/malwaredomains_full.txt\",\"%s\");",domain,date_today);
//MessageBox(NULL,"OK",request,MB_OK|MB_TOPMOST);
sqlite3_exec(db_scan,request, NULL, NULL, NULL);
SendMessage(hstatus_bar,SB_SETTEXT,1, (LPARAM)domain);
}
//next
while (*c && *c != '\n')c++;
}else while (*c && *c != '\n')c++;
}else while (*c && *c != '\n')c++;
if (*c == '\n')c++;
}while (*c);
}
}
free(res);
}
}
SendMessage(hstatus_bar,SB_SETTEXT,1, (LPARAM)"OK : https://easylist-downloads.adblockplus.org/malwaredomains_full.txt");
}
//---------------------------
//http://malc0de.com/bl/BOOT
M_session = InternetConnect(M_connexion, "malc0de.com",80,"","",INTERNET_SERVICE_HTTP,0,0);
if (M_session!=NULL)
{
//connexion
HINTERNET M_requete = HttpOpenRequest(M_session,"GET","/bl/BOOT",NULL,"http://malc0de.com",NULL,
INTERNET_FLAG_NO_CACHE_WRITE,0);
if (use_proxy_advanced_settings)
{
InternetSetOption(M_requete,INTERNET_OPTION_PROXY_USERNAME,proxy_ch_user,sizeof(proxy_ch_user));
InternetSetOption(M_requete,INTERNET_OPTION_PROXY_PASSWORD,proxy_ch_password,sizeof(proxy_ch_password));
}
if (HttpSendRequest(M_requete, NULL, 0, NULL, 0))
{
char *res = malloc(DIXM); //10MO
memset(res,0,DIXM);
if (res != NULL)
{
INTERNET_BUFFERS ib;
ib.dwStructSize = sizeof(INTERNET_BUFFERS);
ib.lpcszHeader = NULL;
ib.dwHeadersLength = 0;
ib.dwHeadersTotal = 0;
ib.dwOffsetLow = 0;
ib.dwOffsetHigh = 0;
ib.lpvBuffer = res;
ib.dwBufferLength = DIXM-1;
ib.dwBufferTotal = DIXM-1;
if(InternetReadFileEx(M_requete,&ib,IRF_NO_WAIT,0))
{
if (strlen(res)>323)//bypass 323 first caracts
{
//working with file and update
char request[MAX_LINE_SIZE], domain[MAX_PATH], *c = res+323, *d;
do
{
//get data by line
//PRIMARY duote.com.cn blockeddomain.hosts
while(*c && *c!=' ')c++;
if (*c==' ')
{
c++;
d = domain;
while ((d-domain < MAX_PATH) && *c && *c!=' ') *d++ = *c++;
*d = 0;
if (strlen(domain)>=DNS_MALWARE_MIN_SIZE)
{
snprintf(request,MAX_LINE_SIZE,"INSERT INTO malware_dns_list (domain,description,update_time) "
"VALUES(\"%s\",\"http://malc0de.com/bl/BOOT\",\"%s\");",domain,date_today);
sqlite3_exec(db_scan,request, NULL, NULL, NULL);
SendMessage(hstatus_bar,SB_SETTEXT,1, (LPARAM)domain);
}
//next line
while (*c && *c != '\n')c++;
if (*c == '\n')c++;
}else break;
}while (*c);
}
}
free(res);
}
}
SendMessage(hstatus_bar,SB_SETTEXT,1, (LPARAM)"OK : http://malc0de.com/bl/BOOT");
}
//---------------------------
//http://www.malwaredomainlist.com/hostslist/hosts.txt
M_session = InternetConnect(M_connexion, "www.malwaredomainlist.com",80,"","",INTERNET_SERVICE_HTTP,0,0);
if (M_session!=NULL)
{
//connexion
HINTERNET M_requete = HttpOpenRequest(M_session,"GET","/hostslist/hosts.txt",NULL,"http://www.malwaredomainlist.com",NULL,
INTERNET_FLAG_NO_CACHE_WRITE,0);
if (use_proxy_advanced_settings)
{
InternetSetOption(M_requete,INTERNET_OPTION_PROXY_USERNAME,proxy_ch_user,sizeof(proxy_ch_user));
InternetSetOption(M_requete,INTERNET_OPTION_PROXY_PASSWORD,proxy_ch_password,sizeof(proxy_ch_password));
}
if (HttpSendRequest(M_requete, NULL, 0, NULL, 0))
{
char *res = malloc(DIXM); //10MO
memset(res,0,DIXM);
if (res != NULL)
{
INTERNET_BUFFERS ib;
ib.dwStructSize = sizeof(INTERNET_BUFFERS);
ib.lpcszHeader = NULL;
ib.dwHeadersLength = 0;
ib.dwHeadersTotal = 0;
ib.dwOffsetLow = 0;
ib.dwOffsetHigh = 0;
ib.lpvBuffer = res;
ib.dwBufferLength = DIXM-1;
ib.dwBufferTotal = DIXM-1;
if(InternetReadFileEx(M_requete,&ib,IRF_NO_WAIT,0))
{
DWORD sz = strlen(res);
if (sz>207) //bypass 206 first caracts
{
//working with file and update
char request[MAX_LINE_SIZE], domain[MAX_PATH], *c = res+206, *d;
do
{
//get data by line
//127.0.0.1 0koryu0.easter.ne.jp
d = domain;
while ((d-domain < MAX_PATH) && *c && *c!='\r' && *c!='\n') *d++ = *c++;
*d = 0;
if (strlen(domain)>=DNS_MALWARE_MIN_SIZE)
{
snprintf(request,MAX_LINE_SIZE,"INSERT INTO malware_dns_list (domain,description,update_time) "
"VALUES(\"%s\",\"http://www.malwaredomainlist.com/hostslist/hosts.txt\",\"%s\");",domain,date_today);
sqlite3_exec(db_scan,request, NULL, NULL, NULL);
SendMessage(hstatus_bar,SB_SETTEXT,1, (LPARAM)domain);
}
//next datas
while (*c && *c != ' ')c++;
if (*c == ' ')c++;
if (*c == ' ')c++;
}while (*c);
}
}
free(res);
}
}
SendMessage(hstatus_bar,SB_SETTEXT,1, (LPARAM)"OK : http://www.malwaredomainlist.com/hostslist/hosts.txt");
}
//---------------------------
InternetCloseHandle(M_connexion);
SendMessage(hstatus_bar,SB_SETTEXT,0, (LPARAM)cps[TXT_UPDATE_END].c);
SendMessage(hstatus_bar,SB_SETTEXT,1, (LPARAM)"");
if(!SQLITE_FULL_SPEED)sqlite3_exec(db_scan,"END TRANSACTION;", NULL, NULL, NULL);
update_thread_start = 0;
return 0;
}
