C++ (Cpp) pIsWow64Processの例

コード例 #1

0

ファイルを表示

static HB_BOOL s_win_iswow64( void )
{
   HB_BOOL bRetVal = HB_FALSE;

   #if defined( HB_OS_WIN ) && ! defined( HB_OS_WIN_64 )
   {
      typedef BOOL ( WINAPI * P_ISWOW64PROCESS )( HANDLE, PBOOL );

      P_ISWOW64PROCESS pIsWow64Process;

      HMODULE hModule = GetModuleHandle( TEXT( "kernel32" ) );

      if( hModule )
         pIsWow64Process = ( P_ISWOW64PROCESS ) HB_WINAPI_GETPROCADDRESS( hModule, "IsWow64Process" );
      else
         pIsWow64Process = NULL;

      if( pIsWow64Process )
      {
         BOOL bIsWow64 = FALSE;

         if( ! pIsWow64Process( GetCurrentProcess(), &bIsWow64 ) )
         {
            /* Try alternative method? */
         }

         if( bIsWow64 )
            bRetVal = HB_TRUE;
      }
   }
   #endif

   return bRetVal;
}

コード例 #2

0

ファイルを表示

ファイル: ps.c プロジェクト: wrtcoder/wifi-arsenal

/*
 * Get the architecture of the given process.
 */
DWORD ps_getarch( DWORD dwPid )
{
    DWORD result                   = PROCESS_ARCH_UNKNOWN;
    static DWORD dwNativeArch      = PROCESS_ARCH_UNKNOWN;
    HANDLE hKernel                 = NULL;
    HANDLE hProcess                = NULL;
    ISWOW64PROCESS pIsWow64Process = NULL;
    BOOL bIsWow64                  = FALSE;

    do
    {
        // grab the native systems architecture the first time we use this function...
        if( dwNativeArch == PROCESS_ARCH_UNKNOWN )
            dwNativeArch = ps_getnativearch();

        // first we default to 'x86' as if kernel32!IsWow64Process is not present then we are on an older x86 system.
        result = PROCESS_ARCH_X86;

        hKernel = LoadLibraryA( "kernel32.dll" );
        if( !hKernel )
            break;

        pIsWow64Process = (ISWOW64PROCESS)GetProcAddress( hKernel, "IsWow64Process" );
        if( !pIsWow64Process )
            break;

        // now we must default to an unknown architecture as the process may be either x86/x64 and we may not have the rights to open it
        result = PROCESS_ARCH_UNKNOWN;

        hProcess = OpenProcess( PROCESS_QUERY_INFORMATION, FALSE, dwPid );
        if( !hProcess )
        {
            hProcess = OpenProcess( PROCESS_QUERY_LIMITED_INFORMATION, FALSE, dwPid );
            if( !hProcess )
                break;
        }

        if( !pIsWow64Process( hProcess, &bIsWow64 ) )
            break;

        if( bIsWow64 )
            result = PROCESS_ARCH_X86;
        else
            result = dwNativeArch;

    } while( 0 );

    if( hProcess )
        CloseHandle( hProcess );

    if( hKernel )
        FreeLibrary( hKernel );

    return result;
}

コード例 #3

0

ファイルを表示

ファイル: OsVersion.cpp プロジェクト: pampersrocker/G-CVSNT

bool IsWow64()
{
    typedef BOOL (WINAPI *LPFN_ISWOW64PROCESS)(HANDLE, PBOOL);
    
    LPFN_ISWOW64PROCESS pIsWow64Process = (LPFN_ISWOW64PROCESS) GetProcAddress(GetModuleHandle(TEXT("kernel32")), "IsWow64Process");
    BOOL isWow64 = FALSE;
    if (pIsWow64Process)
    {
        if (!pIsWow64Process(GetCurrentProcess(), &isWow64))
            return false;
    }
    return isWow64 ? true : false;
}

コード例 #4

0

ファイルを表示

ファイル: wutil.cpp プロジェクト: Gallaecio/0ad

static void DetectWow64()
{
	// function not found => running on 32-bit Windows
	if(!pIsWow64Process)
	{
		isWow64 = false;
		return;
	}

	BOOL isWow64Process = FALSE;
	const BOOL ok = pIsWow64Process(GetCurrentProcess(), &isWow64Process);
	WARN_IF_FALSE(ok);
	isWow64 = (isWow64Process == TRUE);
}

コード例 #5

0

ファイルを表示

ファイル: windows_nt_common.c プロジェクト: Gluckyiyi/libusb

/* Windows version detection */
static BOOL is_x64(void)
{
	BOOL ret = FALSE;

	// Detect if we're running a 32 or 64 bit system
	if (sizeof(uintptr_t) < 8) {
		if (pIsWow64Process != NULL)
			pIsWow64Process(GetCurrentProcess(), &ret);
	} else {
		ret = TRUE;
	}

	return ret;
}

コード例 #6

0

ファイルを表示

ファイル: tmisc.cpp プロジェクト: nianhuaxpj/ipmsg

BOOL TIsWow64()
{
	static BOOL	once = FALSE;
	static BOOL	ret = FALSE;

	if (!once) {
		BOOL (WINAPI *pIsWow64Process)(HANDLE, BOOL *) = (BOOL (WINAPI *)(HANDLE, BOOL *))
				GetProcAddress(::GetModuleHandle("kernel32"), "IsWow64Process");
		if (pIsWow64Process) {
			pIsWow64Process(::GetCurrentProcess(), &ret);
		}
		once = TRUE;
	}
    return ret;
}

コード例 #7

0

ファイルを表示

ファイル: AppInjector.cpp プロジェクト: 0x00dec0de/Carberp

//------------------------------------------------------
// GetProcessInfo - Функция полуает информацию о прцессе
//------------------------------------------------------
bool INJECTOR::GetProcessInfo(PInjector Injector, DWORD PID, TProcessInfo &Info)
{
	ClearStruct(Info);
	Info.PID = PID;
	// Открываем процесс
	CLIENT_ID ClientID;
	ClientID.UniqueProcess = (HANDLE)PID;
	ClientID.UniqueThread  = 0;

	OBJECT_ATTRIBUTES ObjectAttributes = { sizeof(ObjectAttributes) } ;

	HANDLE Process;
	if (pZwOpenProcess(&Process,  PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, &ObjectAttributes, &ClientID) != STATUS_SUCCESS)
		return false;

	// Определяем кк запущен процесс
	pIsWow64Process(Process, &Info.IsWOW64);

	if (Injector->IsWin64 && !Info.IsWOW64)
		return false;

	// Получаем имя процесса
	PUNICODE_STRING Str = (PUNICODE_STRING)Injector->NameBuf;
	Str->Length = 0;
	Str->MaximumLength = Injector->NameBufSize - sizeof(UNICODE_STRING);
	Str->Buffer        = (PWSTR)(Injector->NameBuf + sizeof(UNICODE_STRING));
	ULONG Len = Str->MaximumLength;

	if(pZwQueryInformationProcess(Process, ProcessImageFileName, Str, Len, &Len) == STATUS_SUCCESS)
	{
		// Успешно получили имя процесса
		Info.ExeName = Str->Buffer;
	}


	// Закрываем процесс
	pZwClose(Process);
    return true;
}

コード例 #8

0

ファイルを表示

ファイル: Utility.cpp プロジェクト: ohio813/BDArkit

BOOL OSInfo::Is64Bit()
{
#ifdef _WIN64
	return TRUE;
#else
	static bool g_bWow64Initialized( false );
	static bool g_bIs64Bit( false );

	if( g_bWow64Initialized )
		return g_bIs64Bit;

	if( pIsWow64Process == NULL )
		return FALSE;

	BOOL bIsWow64( FALSE );
	if( pIsWow64Process(GetCurrentProcess(),&bIsWow64) == FALSE )
		return FALSE;

	g_bIs64Bit = bIsWow64 != FALSE;
	g_bWow64Initialized = true;
	return g_bIs64Bit;
#endif
}

コード例 #9

0

ファイルを表示

ファイル: thread.c プロジェクト: chulup/Easyhook

EASYHOOK_NT_EXPORT RhIsX64Process(
            ULONG InProcessId,
            BOOL* OutResult)
{
/*
Description:

    Detects the bitness of a given process.

Parameters:

    - InProcessId

        The calling process must have PROCESS_QUERY_INFORMATION access
        to the process represented by this ID.

    - OutResult

        Is set to TRUE if the given process is running under 64-Bit,
        FALSE otherwise.
*/
	BOOL			            IsTarget64Bit = FALSE;
	HANDLE			            hProc = NULL;
    IsWow64Process_PROC*        pIsWow64Process;
    NTSTATUS            NtStatus;

#ifndef _M_X64
    GetNativeSystemInfo_PROC*   pGetNativeSystemInfo;
    SYSTEM_INFO		            SysInfo;
#endif

    if(!IsValidPointer(OutResult, sizeof(BOOL)))
        THROW(STATUS_INVALID_PARAMETER_2, L"The given result storage is invalid.");

	// open target process
	if((hProc = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, InProcessId)) == NULL)
	{
		if(GetLastError() == ERROR_ACCESS_DENIED)
			THROW(STATUS_ACCESS_DENIED, L"The given process is not accessible.")
		else
			THROW(STATUS_NOT_FOUND, L"The given process does not exist.");
	}

	// if WOW64 is not available then target must be 32-bit
	pIsWow64Process = (IsWow64Process_PROC*)GetProcAddress(hKernel32, "IsWow64Process");

#ifdef _M_X64
	// if the target is not WOW64, then it is 64-bit
	if(!pIsWow64Process(hProc, &IsTarget64Bit))
		THROW(STATUS_INTERNAL_ERROR, L"Unable to detect wether target process is 64-bit or not.");

	IsTarget64Bit = !IsTarget64Bit;

#else

	IsTarget64Bit = FALSE;

	if(pIsWow64Process != NULL)
	{
		// check if we are running on a 32-bit OS
		pGetNativeSystemInfo = (GetNativeSystemInfo_PROC*)GetProcAddress(hKernel32, "GetNativeSystemInfo");

		if(pGetNativeSystemInfo != NULL)
		{
			pGetNativeSystemInfo(&SysInfo);

			if(SysInfo.wProcessorArchitecture != PROCESSOR_ARCHITECTURE_INTEL)
			{
				// if not, then and only then a 32-bit process will be marked as WOW64 process!
				if(!pIsWow64Process(hProc, &IsTarget64Bit))
					THROW(STATUS_INTERNAL_ERROR, L"Unable to detect wether target process is 64-bit or not.");

				IsTarget64Bit = !IsTarget64Bit;
			}
		}
	}
#endif

	*OutResult = IsTarget64Bit;

    RETURN(STATUS_SUCCESS);

THROW_OUTRO:
FINALLY_OUTRO:
    {
		if(hProc != NULL)
			CloseHandle(hProc);

        return NtStatus;
	}
}

コード例 #10

0

ファイルを表示

ファイル: config.c プロジェクト: hdm/metasploit-payloads

/*
 * sys_sysinfo
 * ----------
 *
 * Get system information such as computer name and OS version
 */
DWORD request_sys_config_sysinfo(Remote *remote, Packet *packet)
{
	Packet *response = packet_create_response(packet);
#ifdef _WIN32
	CHAR computer[512], buf[512], * osArch = NULL, * osWow = NULL;
	DWORD res = ERROR_SUCCESS;
	DWORD size = sizeof(computer);
	HMODULE hKernel32;

	memset(computer, 0, sizeof(computer));
	memset(buf, 0, sizeof(buf));

	do
	{
		// Get the computer name
		if (!GetComputerName(computer, &size))
		{
			res = GetLastError();
			break;
		}

		packet_add_tlv_string(response, TLV_TYPE_COMPUTER_NAME, computer);
		add_windows_os_version(&response);

		// sf: we dynamically retrieve GetNativeSystemInfo & IsWow64Process as NT and 2000 dont support it.
		hKernel32 = LoadLibraryA("kernel32.dll");
		if (hKernel32)
		{
			typedef void (WINAPI * GETNATIVESYSTEMINFO)(LPSYSTEM_INFO lpSystemInfo);
			typedef BOOL(WINAPI * ISWOW64PROCESS)(HANDLE, PBOOL);
			GETNATIVESYSTEMINFO pGetNativeSystemInfo = (GETNATIVESYSTEMINFO)GetProcAddress(hKernel32, "GetNativeSystemInfo");
			ISWOW64PROCESS pIsWow64Process = (ISWOW64PROCESS)GetProcAddress(hKernel32, "IsWow64Process");
			if (pGetNativeSystemInfo)
			{
				SYSTEM_INFO SystemInfo;
				pGetNativeSystemInfo(&SystemInfo);
				switch (SystemInfo.wProcessorArchitecture)
				{
				case PROCESSOR_ARCHITECTURE_AMD64:
					osArch = "x64";
					break;
				case PROCESSOR_ARCHITECTURE_IA64:
					osArch = "IA64";
					break;
				case PROCESSOR_ARCHITECTURE_INTEL:
					osArch = "x86";
					break;
				default:
					break;
				}
			}
			if (pIsWow64Process)
			{
				BOOL bIsWow64 = FALSE;
				pIsWow64Process(GetCurrentProcess(), &bIsWow64);
				if (bIsWow64)
				{
					osWow = " (Current Process is WOW64)";
				}
			}
		}
		// if we havnt set the arch it is probably because we are on NT/2000 which is x86
		if (!osArch)
		{
			osArch = "x86";
		}

		if (!osWow)
		{
			osWow = "";
		}

		_snprintf(buf, sizeof(buf) - 1, "%s%s", osArch, osWow);
		dprintf("[SYSINFO] Arch set to: %s", buf);
		packet_add_tlv_string(response, TLV_TYPE_ARCHITECTURE, buf);

		if (hKernel32)
		{
			char * ctryname = NULL, *langname = NULL;
			typedef LANGID(WINAPI * GETSYSTEMDEFAULTLANGID)(VOID);
			GETSYSTEMDEFAULTLANGID pGetSystemDefaultLangID = (GETSYSTEMDEFAULTLANGID)GetProcAddress(hKernel32, "GetSystemDefaultLangID");
			if (pGetSystemDefaultLangID)
			{
				LANGID langId = pGetSystemDefaultLangID();

				int len = GetLocaleInfo(langId, LOCALE_SISO3166CTRYNAME, 0, 0);
				if (len > 0)
				{
					ctryname = (char *)malloc(len);
					GetLocaleInfo(langId, LOCALE_SISO3166CTRYNAME, ctryname, len);
				}

				len = GetLocaleInfo(langId, LOCALE_SISO639LANGNAME, 0, 0);
				if (len > 0)
				{
					langname = (char *)malloc(len);
					GetLocaleInfo(langId, LOCALE_SISO639LANGNAME, langname, len);
				}
			}

			if (!ctryname || !langname)
			{
				_snprintf(buf, sizeof(buf)-1, "Unknown");
			}
			else
			{
				_snprintf(buf, sizeof(buf)-1, "%s_%s", langname, ctryname);
			}

			packet_add_tlv_string(response, TLV_TYPE_LANG_SYSTEM, buf);

			if (ctryname)
			{
				free(ctryname);
			}

			if (langname)
			{
				free(langname);
			}
		}

		LPWKSTA_INFO_102 localSysinfo = NULL;

		if (NetWkstaGetInfo(NULL, 102, (LPBYTE *)&localSysinfo) == NERR_Success)
		{
			char *domainName = wchar_to_utf8(localSysinfo->wki102_langroup);
			packet_add_tlv_string(response, TLV_TYPE_DOMAIN, (LPCSTR)domainName);
			packet_add_tlv_uint(response, TLV_TYPE_LOGGED_ON_USER_COUNT, localSysinfo->wki102_logged_on_users);
			free(domainName);
		}
		else
		{
			dprintf("[CONFIG] Failed to get local system info for logged on user count / domain");
		}
	} while (0);
#else
	CHAR os[512];

	DWORD res = ERROR_SUCCESS;

	do {
		struct utsname utsbuf;
		if (uname(&utsbuf) == -1) {
			res = GetLastError();
			break;
		}

		snprintf(os, sizeof(os), "%s %s %s %s (%s)",
			utsbuf.sysname, utsbuf.nodename, utsbuf.release,
			utsbuf.version, utsbuf.machine);

		packet_add_tlv_string(response, TLV_TYPE_COMPUTER_NAME, utsbuf.nodename);
		packet_add_tlv_string(response, TLV_TYPE_OS_NAME, os);
		packet_add_tlv_string(response, TLV_TYPE_ARCHITECTURE, utsbuf.machine);

	} while(0);

#endif
	// Transmit the response
	packet_transmit_response(res, remote, response);

	return res;
}

コード例 #11

0

ファイルを表示

ファイル: ADM_win32.cpp プロジェクト: BackupTheBerlios/avidemux-svn

bool getWindowsVersion(char* version)
{
	int index = 0;
	OSVERSIONINFOEX osvi = {};

	osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX);

	if (!GetVersionEx((OSVERSIONINFO*)&osvi))
		return false;

	if (osvi.dwPlatformId != VER_PLATFORM_WIN32_NT)
		return false;
// Vista
	if (osvi.dwMajorVersion == 6 && osvi.dwMinorVersion == 0)
	{
		if (osvi.wProductType == VER_NT_WORKSTATION)
		{
			index += sprintf(version + index, "Microsoft Windows Vista");

			uint32_t productType = 0;

			HMODULE hKernel = GetModuleHandle("KERNEL32.DLL");

			if (hKernel)
			{
				typedef bool (*funcGetProductInfo)(uint32_t, uint32_t, uint32_t, uint32_t, uint32_t*);
				funcGetProductInfo pGetProductInfo = (funcGetProductInfo)GetProcAddress(hKernel, "GetProductInfo"); 

				if (pGetProductInfo)
					pGetProductInfo(6, 0, 0, 0, &productType);
	  
				switch (productType)
				{
				case PRODUCT_STARTER:
				{
					index += sprintf(version + index, " Starter");
					break;
				}
				case PRODUCT_HOME_BASIC_N:
				{
					index += sprintf(version + index, " Home Basic N");
					break;
				}
				case PRODUCT_HOME_BASIC:
				{
					index += sprintf(version + index, " Home Basic");
					break;
				}
				case PRODUCT_HOME_PREMIUM:
				{
					index += sprintf(version + index, " Home Premium");
					break;
				}
				case PRODUCT_BUSINESS_N:
				{
					index += sprintf(version + index, " Business N");
					break;
				}
				case PRODUCT_BUSINESS:
				{
					index += sprintf(version + index, " Business");
					break;
				}
				case PRODUCT_ENTERPRISE:
				{
					index += sprintf(version + index, " Enterprise");
					break;
				}
				case PRODUCT_ULTIMATE:
				{
					index += sprintf(version + index, " Ultimate");
					break;
				}
				default:
					break;
				}
			}
		}
		else if (osvi.wProductType == VER_NT_SERVER)
		{
			index += sprintf(version + index, "Microsoft Windows Server 2008");

			if (osvi.wSuiteMask & VER_SUITE_DATACENTER)
				index += sprintf(version + index, " Datacenter Edition");
			else if (osvi.wSuiteMask & VER_SUITE_ENTERPRISE)
				index += sprintf(version + index, " Enterprise Edition");
			else if (osvi.wSuiteMask == VER_SUITE_BLADE)
				index += sprintf(version + index, " Web Edition");
			else
				index += sprintf(version + index, " Standard Edition");
		}
	}
// Windows Server 2003
	else if (osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 2)
	{
		index += sprintf(version + index, "Microsoft Windows Server 2003");

		if (GetSystemMetrics(SM_SERVERR2))
			index += sprintf(version + index, " R2");

		if (osvi.wSuiteMask & VER_SUITE_DATACENTER)
			index += sprintf(version + index, " Datacenter Edition");
		else if (osvi.wSuiteMask & VER_SUITE_ENTERPRISE)
			index += sprintf(version + index, " Enterprise Edition");
		else if (osvi.wSuiteMask == VER_SUITE_BLADE)
			index += sprintf(version + index, " Web Edition");
		else
			index += sprintf(version + index, " Standard Edition");
	}
// Windows XP
	else if (osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 1)
	{
		index += sprintf(version + index, "Microsoft Windows XP");

		if (GetSystemMetrics(SM_MEDIACENTER))
			index += sprintf(version + index, " Media Center Edition");
		else if (GetSystemMetrics(SM_STARTER))
			index += sprintf(version + index, " Starter Edition");
		else if (GetSystemMetrics(SM_TABLETPC))
			index += sprintf(version + index, " Tablet PC Edition");
		else if (osvi.wSuiteMask & VER_SUITE_PERSONAL)
			index += sprintf(version + index, " Home Edition");
		else
			index += sprintf(version + index, " Professional");
	}
// Windows 2000
	else if (osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 0)
	{
		index += sprintf(version + index, "Microsoft Windows 2000");

		if (osvi.wProductType == VER_NT_WORKSTATION)
		{
			index += sprintf(version + index, " Professional");
		}
		else if (osvi.wProductType == VER_NT_SERVER)
		{
			if (osvi.wSuiteMask & VER_SUITE_DATACENTER)
				index += sprintf(version + index, " Datacenter Server");
			else if (osvi.wSuiteMask & VER_SUITE_ENTERPRISE)
				index += sprintf(version + index, " Advanced Server");
			else
				index += sprintf(version + index, " Server");
		}
	}
// Windows NT 4
	else if (osvi.dwMajorVersion == 4)
	{
		index += sprintf(version + index, "Microsoft Windows NT 4");

		if (osvi.wProductType == VER_NT_WORKSTATION)
		{
			index += sprintf(version + index, " Workstation");
		}
		else if (osvi.wProductType == VER_NT_SERVER)
		{
			if (osvi.wSuiteMask & VER_SUITE_ENTERPRISE)
				index += sprintf(version + index, " Server, Enterprise Edition");
			else
				index += sprintf(version + index, " Server");
		}
	}
	else
	{
		index += sprintf(version + index, "Microsoft Windows");
	}

// Service pack and full version info
	if (strlen(osvi.szCSDVersion) > 0)
	{
		index += sprintf(version + index, " %s", osvi.szCSDVersion);
	}

	index += sprintf(version + index, " (%d.%d.%d", osvi.dwMajorVersion, osvi.dwMinorVersion, osvi.dwBuildNumber & 0xFFFF);

// 64-bit Windows
	bool isWow64 = false;
	HMODULE hKernel = GetModuleHandle("kernel32.dll");

	if (hKernel)
	{
		typedef bool (*funcIsWow64Process)(void*, bool*);  

	    funcIsWow64Process pIsWow64Process = (funcIsWow64Process)GetProcAddress(hKernel, "IsWow64Process"); 

	    if (pIsWow64Process)
	    {
			pIsWow64Process(GetCurrentProcess(), &isWow64);
		}
	}

	if (isWow64)
		index += sprintf(version + index, "; 64-bit");
	else
		index += sprintf(version + index, "; 32-bit");

	index += sprintf(version + index, ")");
	
	return true;
}

コード例 #12

0

ファイルを表示

ファイル: config.c プロジェクト: 2uro/metasploit-4.-.-

/*
 * sys_sysinfo
 * ----------
 *
 * Get system information such as computer name and OS version
 */
DWORD request_sys_config_sysinfo(Remote *remote, Packet *packet)
{
	Packet *response = packet_create_response(packet);
#ifdef _WIN32
	CHAR computer[512], buf[512], *osName = NULL, * osArch = NULL, * osWow = NULL;
	DWORD res = ERROR_SUCCESS;
	DWORD size = sizeof(computer);
	OSVERSIONINFOEX v;
	HMODULE hKernel32;

	memset(&v, 0, sizeof(v));
	memset(computer, 0, sizeof(computer));
	memset(buf, 0, sizeof(buf));

	v.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX);

	do
	{
		// Get the computer name
		if (!GetComputerName(computer, &size))
		{
			res = GetLastError();
			break;
		}

		packet_add_tlv_string(response, TLV_TYPE_COMPUTER_NAME, computer);

		// Get the operating system version information
		if (!GetVersionEx((LPOSVERSIONINFO)&v))
		{
			res = GetLastError();
			break;
		}

		if (v.dwMajorVersion == 3)
			osName = "Windows NT 3.51";
		else if (v.dwMajorVersion == 4)
		{
			if (v.dwMinorVersion == 0 && v.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS)
				osName = "Windows 95";
			else if (v.dwMinorVersion == 10)
				osName = "Windows 98";
			else if (v.dwMinorVersion == 90)
				osName = "Windows ME";
			else if (v.dwMinorVersion == 0 && v.dwPlatformId == VER_PLATFORM_WIN32_NT)
				osName = "Windows NT 4.0";
		}
		else if (v.dwMajorVersion == 5)
		{
			if (v.dwMinorVersion == 0)
				osName = "Windows 2000";
			else if (v.dwMinorVersion == 1)
				osName = "Windows XP";
			else if (v.dwMinorVersion == 2)
				osName = "Windows .NET Server";
		}
		else if (v.dwMajorVersion == 6 && v.dwMinorVersion == 0)
		{
			if (v.wProductType == VER_NT_WORKSTATION)
				osName = "Windows Vista";
			else 
				osName = "Windows 2008";
		}
		else if (v.dwMajorVersion == 6 && v.dwMinorVersion == 1)
		{
			if (v.wProductType == VER_NT_WORKSTATION)
				osName = "Windows 7";
			else 
				osName = "Windows 2008 R2";
		}
		
		if (!osName)
			osName = "Unknown";
		
		if( strlen( v.szCSDVersion ) > 0 )
			_snprintf(buf, sizeof(buf) - 1, "%s (Build %lu, %s).", osName, v.dwBuildNumber, v.szCSDVersion );
		else
			_snprintf(buf, sizeof(buf) - 1, "%s (Build %lu).", osName, v.dwBuildNumber );

		packet_add_tlv_string(response, TLV_TYPE_OS_NAME, buf);

		// sf: we dynamically retrieve GetNativeSystemInfo & IsWow64Process as NT and 2000 dont support it.
		hKernel32 = LoadLibraryA( "kernel32.dll" );
		if( hKernel32 )
		{
			typedef void (WINAPI * GETNATIVESYSTEMINFO)( LPSYSTEM_INFO lpSystemInfo );
			typedef BOOL (WINAPI * ISWOW64PROCESS)( HANDLE, PBOOL );
			GETNATIVESYSTEMINFO pGetNativeSystemInfo = (GETNATIVESYSTEMINFO)GetProcAddress( hKernel32, "GetNativeSystemInfo" );
			ISWOW64PROCESS pIsWow64Process = (ISWOW64PROCESS)GetProcAddress( hKernel32, "IsWow64Process" );
			if( pGetNativeSystemInfo )
			{
				SYSTEM_INFO SystemInfo;
				pGetNativeSystemInfo( &SystemInfo );
				switch( SystemInfo.wProcessorArchitecture )
				{
					case PROCESSOR_ARCHITECTURE_AMD64:
						osArch = "x64";
						break;
					case PROCESSOR_ARCHITECTURE_IA64:
						osArch = "IA64";
						break;
					case PROCESSOR_ARCHITECTURE_INTEL:
						osArch = "x86";
						break;
					default:
						break;
				}
			}
			if( pIsWow64Process )
			{
				BOOL bIsWow64 = FALSE;
				pIsWow64Process( GetCurrentProcess(), &bIsWow64 );
				if( bIsWow64 )
					osWow = " (Current Process is WOW64)";
			}
		}
		// if we havnt set the arch it is probably because we are on NT/2000 which is x86
		if( !osArch )
			osArch = "x86";

		if( !osWow )
			osWow = "";

		_snprintf( buf, sizeof(buf) - 1, "%s%s", osArch, osWow );
		packet_add_tlv_string(response, TLV_TYPE_ARCHITECTURE, buf);

		if( hKernel32 )
		{
			char * ctryname = NULL, * langname = NULL;
			typedef LANGID (WINAPI * GETSYSTEMDEFAULTLANGID)( VOID );
			GETSYSTEMDEFAULTLANGID pGetSystemDefaultLangID = (GETSYSTEMDEFAULTLANGID)GetProcAddress( hKernel32, "GetSystemDefaultLangID" );
			if( pGetSystemDefaultLangID )
			{
				LANGID langId = pGetSystemDefaultLangID();

				int len = GetLocaleInfo( langId, LOCALE_SISO3166CTRYNAME, 0, 0 );
				if( len > 0 )
				{
					ctryname = (char *)malloc( len );
					GetLocaleInfo( langId, LOCALE_SISO3166CTRYNAME, ctryname, len ); 
				}
				
				len = GetLocaleInfo( langId, LOCALE_SISO639LANGNAME, 0, 0 );
				if( len > 0 )
				{
					langname = (char *)malloc( len );
					GetLocaleInfo( langId, LOCALE_SISO639LANGNAME, langname, len ); 
				}
			}

			if( !ctryname || !langname )
				_snprintf( buf, sizeof(buf) - 1, "Unknown");
			else
				_snprintf( buf, sizeof(buf) - 1, "%s_%s", langname, ctryname );
				
			packet_add_tlv_string( response, TLV_TYPE_LANG_SYSTEM, buf );

			if( ctryname )
				free( ctryname );

			if( langname )
				free( langname );
		}

			
	} while (0);
#else
	CHAR os[512];

	DWORD res = ERROR_SUCCESS;

	do {
		struct utsname utsbuf;
		if( uname( &utsbuf ) == -1) {
			res = GetLastError();
			break;
		}

		snprintf(os, sizeof(os)-1, "%s %s %s %s (%s)", utsbuf.sysname, utsbuf.nodename, utsbuf.release, utsbuf.version, utsbuf.machine, utsbuf.domainname);

		packet_add_tlv_string(response, TLV_TYPE_COMPUTER_NAME, utsbuf.nodename);
		packet_add_tlv_string(response, TLV_TYPE_OS_NAME, os);
		packet_add_tlv_string(response, TLV_TYPE_ARCHITECTURE, utsbuf.machine);

	} while(0);

#endif
	// Transmit the response
	packet_transmit_response(res, remote, response);

	return res;
}