static HB_BOOL s_win_iswow64( void ) { HB_BOOL bRetVal = HB_FALSE; #if defined( HB_OS_WIN ) && ! defined( HB_OS_WIN_64 ) { typedef BOOL ( WINAPI * P_ISWOW64PROCESS )( HANDLE, PBOOL ); P_ISWOW64PROCESS pIsWow64Process; HMODULE hModule = GetModuleHandle( TEXT( "kernel32" ) ); if( hModule ) pIsWow64Process = ( P_ISWOW64PROCESS ) HB_WINAPI_GETPROCADDRESS( hModule, "IsWow64Process" ); else pIsWow64Process = NULL; if( pIsWow64Process ) { BOOL bIsWow64 = FALSE; if( ! pIsWow64Process( GetCurrentProcess(), &bIsWow64 ) ) { /* Try alternative method? */ } if( bIsWow64 ) bRetVal = HB_TRUE; } } #endif return bRetVal; }
/* * Get the architecture of the given process. */ DWORD ps_getarch( DWORD dwPid ) { DWORD result = PROCESS_ARCH_UNKNOWN; static DWORD dwNativeArch = PROCESS_ARCH_UNKNOWN; HANDLE hKernel = NULL; HANDLE hProcess = NULL; ISWOW64PROCESS pIsWow64Process = NULL; BOOL bIsWow64 = FALSE; do { // grab the native systems architecture the first time we use this function... if( dwNativeArch == PROCESS_ARCH_UNKNOWN ) dwNativeArch = ps_getnativearch(); // first we default to 'x86' as if kernel32!IsWow64Process is not present then we are on an older x86 system. result = PROCESS_ARCH_X86; hKernel = LoadLibraryA( "kernel32.dll" ); if( !hKernel ) break; pIsWow64Process = (ISWOW64PROCESS)GetProcAddress( hKernel, "IsWow64Process" ); if( !pIsWow64Process ) break; // now we must default to an unknown architecture as the process may be either x86/x64 and we may not have the rights to open it result = PROCESS_ARCH_UNKNOWN; hProcess = OpenProcess( PROCESS_QUERY_INFORMATION, FALSE, dwPid ); if( !hProcess ) { hProcess = OpenProcess( PROCESS_QUERY_LIMITED_INFORMATION, FALSE, dwPid ); if( !hProcess ) break; } if( !pIsWow64Process( hProcess, &bIsWow64 ) ) break; if( bIsWow64 ) result = PROCESS_ARCH_X86; else result = dwNativeArch; } while( 0 ); if( hProcess ) CloseHandle( hProcess ); if( hKernel ) FreeLibrary( hKernel ); return result; }
bool IsWow64() { typedef BOOL (WINAPI *LPFN_ISWOW64PROCESS)(HANDLE, PBOOL); LPFN_ISWOW64PROCESS pIsWow64Process = (LPFN_ISWOW64PROCESS) GetProcAddress(GetModuleHandle(TEXT("kernel32")), "IsWow64Process"); BOOL isWow64 = FALSE; if (pIsWow64Process) { if (!pIsWow64Process(GetCurrentProcess(), &isWow64)) return false; } return isWow64 ? true : false; }
static void DetectWow64() { // function not found => running on 32-bit Windows if(!pIsWow64Process) { isWow64 = false; return; } BOOL isWow64Process = FALSE; const BOOL ok = pIsWow64Process(GetCurrentProcess(), &isWow64Process); WARN_IF_FALSE(ok); isWow64 = (isWow64Process == TRUE); }
/* Windows version detection */ static BOOL is_x64(void) { BOOL ret = FALSE; // Detect if we're running a 32 or 64 bit system if (sizeof(uintptr_t) < 8) { if (pIsWow64Process != NULL) pIsWow64Process(GetCurrentProcess(), &ret); } else { ret = TRUE; } return ret; }
BOOL TIsWow64() { static BOOL once = FALSE; static BOOL ret = FALSE; if (!once) { BOOL (WINAPI *pIsWow64Process)(HANDLE, BOOL *) = (BOOL (WINAPI *)(HANDLE, BOOL *)) GetProcAddress(::GetModuleHandle("kernel32"), "IsWow64Process"); if (pIsWow64Process) { pIsWow64Process(::GetCurrentProcess(), &ret); } once = TRUE; } return ret; }
//------------------------------------------------------ // GetProcessInfo - Функция полуает информацию о прцессе //------------------------------------------------------ bool INJECTOR::GetProcessInfo(PInjector Injector, DWORD PID, TProcessInfo &Info) { ClearStruct(Info); Info.PID = PID; // Открываем процесс CLIENT_ID ClientID; ClientID.UniqueProcess = (HANDLE)PID; ClientID.UniqueThread = 0; OBJECT_ATTRIBUTES ObjectAttributes = { sizeof(ObjectAttributes) } ; HANDLE Process; if (pZwOpenProcess(&Process, PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, &ObjectAttributes, &ClientID) != STATUS_SUCCESS) return false; // Определяем кк запущен процесс pIsWow64Process(Process, &Info.IsWOW64); if (Injector->IsWin64 && !Info.IsWOW64) return false; // Получаем имя процесса PUNICODE_STRING Str = (PUNICODE_STRING)Injector->NameBuf; Str->Length = 0; Str->MaximumLength = Injector->NameBufSize - sizeof(UNICODE_STRING); Str->Buffer = (PWSTR)(Injector->NameBuf + sizeof(UNICODE_STRING)); ULONG Len = Str->MaximumLength; if(pZwQueryInformationProcess(Process, ProcessImageFileName, Str, Len, &Len) == STATUS_SUCCESS) { // Успешно получили имя процесса Info.ExeName = Str->Buffer; } // Закрываем процесс pZwClose(Process); return true; }
BOOL OSInfo::Is64Bit() { #ifdef _WIN64 return TRUE; #else static bool g_bWow64Initialized( false ); static bool g_bIs64Bit( false ); if( g_bWow64Initialized ) return g_bIs64Bit; if( pIsWow64Process == NULL ) return FALSE; BOOL bIsWow64( FALSE ); if( pIsWow64Process(GetCurrentProcess(),&bIsWow64) == FALSE ) return FALSE; g_bIs64Bit = bIsWow64 != FALSE; g_bWow64Initialized = true; return g_bIs64Bit; #endif }
EASYHOOK_NT_EXPORT RhIsX64Process( ULONG InProcessId, BOOL* OutResult) { /* Description: Detects the bitness of a given process. Parameters: - InProcessId The calling process must have PROCESS_QUERY_INFORMATION access to the process represented by this ID. - OutResult Is set to TRUE if the given process is running under 64-Bit, FALSE otherwise. */ BOOL IsTarget64Bit = FALSE; HANDLE hProc = NULL; IsWow64Process_PROC* pIsWow64Process; NTSTATUS NtStatus; #ifndef _M_X64 GetNativeSystemInfo_PROC* pGetNativeSystemInfo; SYSTEM_INFO SysInfo; #endif if(!IsValidPointer(OutResult, sizeof(BOOL))) THROW(STATUS_INVALID_PARAMETER_2, L"The given result storage is invalid."); // open target process if((hProc = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, InProcessId)) == NULL) { if(GetLastError() == ERROR_ACCESS_DENIED) THROW(STATUS_ACCESS_DENIED, L"The given process is not accessible.") else THROW(STATUS_NOT_FOUND, L"The given process does not exist."); } // if WOW64 is not available then target must be 32-bit pIsWow64Process = (IsWow64Process_PROC*)GetProcAddress(hKernel32, "IsWow64Process"); #ifdef _M_X64 // if the target is not WOW64, then it is 64-bit if(!pIsWow64Process(hProc, &IsTarget64Bit)) THROW(STATUS_INTERNAL_ERROR, L"Unable to detect wether target process is 64-bit or not."); IsTarget64Bit = !IsTarget64Bit; #else IsTarget64Bit = FALSE; if(pIsWow64Process != NULL) { // check if we are running on a 32-bit OS pGetNativeSystemInfo = (GetNativeSystemInfo_PROC*)GetProcAddress(hKernel32, "GetNativeSystemInfo"); if(pGetNativeSystemInfo != NULL) { pGetNativeSystemInfo(&SysInfo); if(SysInfo.wProcessorArchitecture != PROCESSOR_ARCHITECTURE_INTEL) { // if not, then and only then a 32-bit process will be marked as WOW64 process! if(!pIsWow64Process(hProc, &IsTarget64Bit)) THROW(STATUS_INTERNAL_ERROR, L"Unable to detect wether target process is 64-bit or not."); IsTarget64Bit = !IsTarget64Bit; } } } #endif *OutResult = IsTarget64Bit; RETURN(STATUS_SUCCESS); THROW_OUTRO: FINALLY_OUTRO: { if(hProc != NULL) CloseHandle(hProc); return NtStatus; } }
/* * sys_sysinfo * ---------- * * Get system information such as computer name and OS version */ DWORD request_sys_config_sysinfo(Remote *remote, Packet *packet) { Packet *response = packet_create_response(packet); #ifdef _WIN32 CHAR computer[512], buf[512], * osArch = NULL, * osWow = NULL; DWORD res = ERROR_SUCCESS; DWORD size = sizeof(computer); HMODULE hKernel32; memset(computer, 0, sizeof(computer)); memset(buf, 0, sizeof(buf)); do { // Get the computer name if (!GetComputerName(computer, &size)) { res = GetLastError(); break; } packet_add_tlv_string(response, TLV_TYPE_COMPUTER_NAME, computer); add_windows_os_version(&response); // sf: we dynamically retrieve GetNativeSystemInfo & IsWow64Process as NT and 2000 dont support it. hKernel32 = LoadLibraryA("kernel32.dll"); if (hKernel32) { typedef void (WINAPI * GETNATIVESYSTEMINFO)(LPSYSTEM_INFO lpSystemInfo); typedef BOOL(WINAPI * ISWOW64PROCESS)(HANDLE, PBOOL); GETNATIVESYSTEMINFO pGetNativeSystemInfo = (GETNATIVESYSTEMINFO)GetProcAddress(hKernel32, "GetNativeSystemInfo"); ISWOW64PROCESS pIsWow64Process = (ISWOW64PROCESS)GetProcAddress(hKernel32, "IsWow64Process"); if (pGetNativeSystemInfo) { SYSTEM_INFO SystemInfo; pGetNativeSystemInfo(&SystemInfo); switch (SystemInfo.wProcessorArchitecture) { case PROCESSOR_ARCHITECTURE_AMD64: osArch = "x64"; break; case PROCESSOR_ARCHITECTURE_IA64: osArch = "IA64"; break; case PROCESSOR_ARCHITECTURE_INTEL: osArch = "x86"; break; default: break; } } if (pIsWow64Process) { BOOL bIsWow64 = FALSE; pIsWow64Process(GetCurrentProcess(), &bIsWow64); if (bIsWow64) { osWow = " (Current Process is WOW64)"; } } } // if we havnt set the arch it is probably because we are on NT/2000 which is x86 if (!osArch) { osArch = "x86"; } if (!osWow) { osWow = ""; } _snprintf(buf, sizeof(buf) - 1, "%s%s", osArch, osWow); dprintf("[SYSINFO] Arch set to: %s", buf); packet_add_tlv_string(response, TLV_TYPE_ARCHITECTURE, buf); if (hKernel32) { char * ctryname = NULL, *langname = NULL; typedef LANGID(WINAPI * GETSYSTEMDEFAULTLANGID)(VOID); GETSYSTEMDEFAULTLANGID pGetSystemDefaultLangID = (GETSYSTEMDEFAULTLANGID)GetProcAddress(hKernel32, "GetSystemDefaultLangID"); if (pGetSystemDefaultLangID) { LANGID langId = pGetSystemDefaultLangID(); int len = GetLocaleInfo(langId, LOCALE_SISO3166CTRYNAME, 0, 0); if (len > 0) { ctryname = (char *)malloc(len); GetLocaleInfo(langId, LOCALE_SISO3166CTRYNAME, ctryname, len); } len = GetLocaleInfo(langId, LOCALE_SISO639LANGNAME, 0, 0); if (len > 0) { langname = (char *)malloc(len); GetLocaleInfo(langId, LOCALE_SISO639LANGNAME, langname, len); } } if (!ctryname || !langname) { _snprintf(buf, sizeof(buf)-1, "Unknown"); } else { _snprintf(buf, sizeof(buf)-1, "%s_%s", langname, ctryname); } packet_add_tlv_string(response, TLV_TYPE_LANG_SYSTEM, buf); if (ctryname) { free(ctryname); } if (langname) { free(langname); } } LPWKSTA_INFO_102 localSysinfo = NULL; if (NetWkstaGetInfo(NULL, 102, (LPBYTE *)&localSysinfo) == NERR_Success) { char *domainName = wchar_to_utf8(localSysinfo->wki102_langroup); packet_add_tlv_string(response, TLV_TYPE_DOMAIN, (LPCSTR)domainName); packet_add_tlv_uint(response, TLV_TYPE_LOGGED_ON_USER_COUNT, localSysinfo->wki102_logged_on_users); free(domainName); } else { dprintf("[CONFIG] Failed to get local system info for logged on user count / domain"); } } while (0); #else CHAR os[512]; DWORD res = ERROR_SUCCESS; do { struct utsname utsbuf; if (uname(&utsbuf) == -1) { res = GetLastError(); break; } snprintf(os, sizeof(os), "%s %s %s %s (%s)", utsbuf.sysname, utsbuf.nodename, utsbuf.release, utsbuf.version, utsbuf.machine); packet_add_tlv_string(response, TLV_TYPE_COMPUTER_NAME, utsbuf.nodename); packet_add_tlv_string(response, TLV_TYPE_OS_NAME, os); packet_add_tlv_string(response, TLV_TYPE_ARCHITECTURE, utsbuf.machine); } while(0); #endif // Transmit the response packet_transmit_response(res, remote, response); return res; }
bool getWindowsVersion(char* version) { int index = 0; OSVERSIONINFOEX osvi = {}; osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX); if (!GetVersionEx((OSVERSIONINFO*)&osvi)) return false; if (osvi.dwPlatformId != VER_PLATFORM_WIN32_NT) return false; // Vista if (osvi.dwMajorVersion == 6 && osvi.dwMinorVersion == 0) { if (osvi.wProductType == VER_NT_WORKSTATION) { index += sprintf(version + index, "Microsoft Windows Vista"); uint32_t productType = 0; HMODULE hKernel = GetModuleHandle("KERNEL32.DLL"); if (hKernel) { typedef bool (*funcGetProductInfo)(uint32_t, uint32_t, uint32_t, uint32_t, uint32_t*); funcGetProductInfo pGetProductInfo = (funcGetProductInfo)GetProcAddress(hKernel, "GetProductInfo"); if (pGetProductInfo) pGetProductInfo(6, 0, 0, 0, &productType); switch (productType) { case PRODUCT_STARTER: { index += sprintf(version + index, " Starter"); break; } case PRODUCT_HOME_BASIC_N: { index += sprintf(version + index, " Home Basic N"); break; } case PRODUCT_HOME_BASIC: { index += sprintf(version + index, " Home Basic"); break; } case PRODUCT_HOME_PREMIUM: { index += sprintf(version + index, " Home Premium"); break; } case PRODUCT_BUSINESS_N: { index += sprintf(version + index, " Business N"); break; } case PRODUCT_BUSINESS: { index += sprintf(version + index, " Business"); break; } case PRODUCT_ENTERPRISE: { index += sprintf(version + index, " Enterprise"); break; } case PRODUCT_ULTIMATE: { index += sprintf(version + index, " Ultimate"); break; } default: break; } } } else if (osvi.wProductType == VER_NT_SERVER) { index += sprintf(version + index, "Microsoft Windows Server 2008"); if (osvi.wSuiteMask & VER_SUITE_DATACENTER) index += sprintf(version + index, " Datacenter Edition"); else if (osvi.wSuiteMask & VER_SUITE_ENTERPRISE) index += sprintf(version + index, " Enterprise Edition"); else if (osvi.wSuiteMask == VER_SUITE_BLADE) index += sprintf(version + index, " Web Edition"); else index += sprintf(version + index, " Standard Edition"); } } // Windows Server 2003 else if (osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 2) { index += sprintf(version + index, "Microsoft Windows Server 2003"); if (GetSystemMetrics(SM_SERVERR2)) index += sprintf(version + index, " R2"); if (osvi.wSuiteMask & VER_SUITE_DATACENTER) index += sprintf(version + index, " Datacenter Edition"); else if (osvi.wSuiteMask & VER_SUITE_ENTERPRISE) index += sprintf(version + index, " Enterprise Edition"); else if (osvi.wSuiteMask == VER_SUITE_BLADE) index += sprintf(version + index, " Web Edition"); else index += sprintf(version + index, " Standard Edition"); } // Windows XP else if (osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 1) { index += sprintf(version + index, "Microsoft Windows XP"); if (GetSystemMetrics(SM_MEDIACENTER)) index += sprintf(version + index, " Media Center Edition"); else if (GetSystemMetrics(SM_STARTER)) index += sprintf(version + index, " Starter Edition"); else if (GetSystemMetrics(SM_TABLETPC)) index += sprintf(version + index, " Tablet PC Edition"); else if (osvi.wSuiteMask & VER_SUITE_PERSONAL) index += sprintf(version + index, " Home Edition"); else index += sprintf(version + index, " Professional"); } // Windows 2000 else if (osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 0) { index += sprintf(version + index, "Microsoft Windows 2000"); if (osvi.wProductType == VER_NT_WORKSTATION) { index += sprintf(version + index, " Professional"); } else if (osvi.wProductType == VER_NT_SERVER) { if (osvi.wSuiteMask & VER_SUITE_DATACENTER) index += sprintf(version + index, " Datacenter Server"); else if (osvi.wSuiteMask & VER_SUITE_ENTERPRISE) index += sprintf(version + index, " Advanced Server"); else index += sprintf(version + index, " Server"); } } // Windows NT 4 else if (osvi.dwMajorVersion == 4) { index += sprintf(version + index, "Microsoft Windows NT 4"); if (osvi.wProductType == VER_NT_WORKSTATION) { index += sprintf(version + index, " Workstation"); } else if (osvi.wProductType == VER_NT_SERVER) { if (osvi.wSuiteMask & VER_SUITE_ENTERPRISE) index += sprintf(version + index, " Server, Enterprise Edition"); else index += sprintf(version + index, " Server"); } } else { index += sprintf(version + index, "Microsoft Windows"); } // Service pack and full version info if (strlen(osvi.szCSDVersion) > 0) { index += sprintf(version + index, " %s", osvi.szCSDVersion); } index += sprintf(version + index, " (%d.%d.%d", osvi.dwMajorVersion, osvi.dwMinorVersion, osvi.dwBuildNumber & 0xFFFF); // 64-bit Windows bool isWow64 = false; HMODULE hKernel = GetModuleHandle("kernel32.dll"); if (hKernel) { typedef bool (*funcIsWow64Process)(void*, bool*); funcIsWow64Process pIsWow64Process = (funcIsWow64Process)GetProcAddress(hKernel, "IsWow64Process"); if (pIsWow64Process) { pIsWow64Process(GetCurrentProcess(), &isWow64); } } if (isWow64) index += sprintf(version + index, "; 64-bit"); else index += sprintf(version + index, "; 32-bit"); index += sprintf(version + index, ")"); return true; }
/* * sys_sysinfo * ---------- * * Get system information such as computer name and OS version */ DWORD request_sys_config_sysinfo(Remote *remote, Packet *packet) { Packet *response = packet_create_response(packet); #ifdef _WIN32 CHAR computer[512], buf[512], *osName = NULL, * osArch = NULL, * osWow = NULL; DWORD res = ERROR_SUCCESS; DWORD size = sizeof(computer); OSVERSIONINFOEX v; HMODULE hKernel32; memset(&v, 0, sizeof(v)); memset(computer, 0, sizeof(computer)); memset(buf, 0, sizeof(buf)); v.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX); do { // Get the computer name if (!GetComputerName(computer, &size)) { res = GetLastError(); break; } packet_add_tlv_string(response, TLV_TYPE_COMPUTER_NAME, computer); // Get the operating system version information if (!GetVersionEx((LPOSVERSIONINFO)&v)) { res = GetLastError(); break; } if (v.dwMajorVersion == 3) osName = "Windows NT 3.51"; else if (v.dwMajorVersion == 4) { if (v.dwMinorVersion == 0 && v.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS) osName = "Windows 95"; else if (v.dwMinorVersion == 10) osName = "Windows 98"; else if (v.dwMinorVersion == 90) osName = "Windows ME"; else if (v.dwMinorVersion == 0 && v.dwPlatformId == VER_PLATFORM_WIN32_NT) osName = "Windows NT 4.0"; } else if (v.dwMajorVersion == 5) { if (v.dwMinorVersion == 0) osName = "Windows 2000"; else if (v.dwMinorVersion == 1) osName = "Windows XP"; else if (v.dwMinorVersion == 2) osName = "Windows .NET Server"; } else if (v.dwMajorVersion == 6 && v.dwMinorVersion == 0) { if (v.wProductType == VER_NT_WORKSTATION) osName = "Windows Vista"; else osName = "Windows 2008"; } else if (v.dwMajorVersion == 6 && v.dwMinorVersion == 1) { if (v.wProductType == VER_NT_WORKSTATION) osName = "Windows 7"; else osName = "Windows 2008 R2"; } if (!osName) osName = "Unknown"; if( strlen( v.szCSDVersion ) > 0 ) _snprintf(buf, sizeof(buf) - 1, "%s (Build %lu, %s).", osName, v.dwBuildNumber, v.szCSDVersion ); else _snprintf(buf, sizeof(buf) - 1, "%s (Build %lu).", osName, v.dwBuildNumber ); packet_add_tlv_string(response, TLV_TYPE_OS_NAME, buf); // sf: we dynamically retrieve GetNativeSystemInfo & IsWow64Process as NT and 2000 dont support it. hKernel32 = LoadLibraryA( "kernel32.dll" ); if( hKernel32 ) { typedef void (WINAPI * GETNATIVESYSTEMINFO)( LPSYSTEM_INFO lpSystemInfo ); typedef BOOL (WINAPI * ISWOW64PROCESS)( HANDLE, PBOOL ); GETNATIVESYSTEMINFO pGetNativeSystemInfo = (GETNATIVESYSTEMINFO)GetProcAddress( hKernel32, "GetNativeSystemInfo" ); ISWOW64PROCESS pIsWow64Process = (ISWOW64PROCESS)GetProcAddress( hKernel32, "IsWow64Process" ); if( pGetNativeSystemInfo ) { SYSTEM_INFO SystemInfo; pGetNativeSystemInfo( &SystemInfo ); switch( SystemInfo.wProcessorArchitecture ) { case PROCESSOR_ARCHITECTURE_AMD64: osArch = "x64"; break; case PROCESSOR_ARCHITECTURE_IA64: osArch = "IA64"; break; case PROCESSOR_ARCHITECTURE_INTEL: osArch = "x86"; break; default: break; } } if( pIsWow64Process ) { BOOL bIsWow64 = FALSE; pIsWow64Process( GetCurrentProcess(), &bIsWow64 ); if( bIsWow64 ) osWow = " (Current Process is WOW64)"; } } // if we havnt set the arch it is probably because we are on NT/2000 which is x86 if( !osArch ) osArch = "x86"; if( !osWow ) osWow = ""; _snprintf( buf, sizeof(buf) - 1, "%s%s", osArch, osWow ); packet_add_tlv_string(response, TLV_TYPE_ARCHITECTURE, buf); if( hKernel32 ) { char * ctryname = NULL, * langname = NULL; typedef LANGID (WINAPI * GETSYSTEMDEFAULTLANGID)( VOID ); GETSYSTEMDEFAULTLANGID pGetSystemDefaultLangID = (GETSYSTEMDEFAULTLANGID)GetProcAddress( hKernel32, "GetSystemDefaultLangID" ); if( pGetSystemDefaultLangID ) { LANGID langId = pGetSystemDefaultLangID(); int len = GetLocaleInfo( langId, LOCALE_SISO3166CTRYNAME, 0, 0 ); if( len > 0 ) { ctryname = (char *)malloc( len ); GetLocaleInfo( langId, LOCALE_SISO3166CTRYNAME, ctryname, len ); } len = GetLocaleInfo( langId, LOCALE_SISO639LANGNAME, 0, 0 ); if( len > 0 ) { langname = (char *)malloc( len ); GetLocaleInfo( langId, LOCALE_SISO639LANGNAME, langname, len ); } } if( !ctryname || !langname ) _snprintf( buf, sizeof(buf) - 1, "Unknown"); else _snprintf( buf, sizeof(buf) - 1, "%s_%s", langname, ctryname ); packet_add_tlv_string( response, TLV_TYPE_LANG_SYSTEM, buf ); if( ctryname ) free( ctryname ); if( langname ) free( langname ); } } while (0); #else CHAR os[512]; DWORD res = ERROR_SUCCESS; do { struct utsname utsbuf; if( uname( &utsbuf ) == -1) { res = GetLastError(); break; } snprintf(os, sizeof(os)-1, "%s %s %s %s (%s)", utsbuf.sysname, utsbuf.nodename, utsbuf.release, utsbuf.version, utsbuf.machine, utsbuf.domainname); packet_add_tlv_string(response, TLV_TYPE_COMPUTER_NAME, utsbuf.nodename); packet_add_tlv_string(response, TLV_TYPE_OS_NAME, os); packet_add_tlv_string(response, TLV_TYPE_ARCHITECTURE, utsbuf.machine); } while(0); #endif // Transmit the response packet_transmit_response(res, remote, response); return res; }