////////////////////////////////////////////////////////////////////////////////// // // argv[1] must be one of the following flags: // '/p' -> argv[3] is the HardwareId and argv[4] is the full path to the INF // Call UpdateDriverForPlugAndPlayDevices to install drivers on a PnP // device. Also check if any of the devices are currently phantoms and // if so mark them for reinstall so they will get their drivers installed // when they are reconnected to the machine. // // '/i' -> argv[3] is the full path to the INF. // This preforms an INF install only by calling SetupCopyOEMInf. // // '/r' -> argv[3] is the HardwareId and argv[4] is the full path to the INF // This option is used for root enumerated devices. This api will first check // if there is a root enumerated device that matches the given HardwareId. If // there is then it will simply update the drivers on that device by calling // UpdateDriverForPlugAndPlayDevices. If it is not present yet it will create // the root enumerated device first and then call UpdateDriverForPlugAndPlayDevices // to install the drivers on it. // '/s' -> argv[3] is the full path to the service binary to install or update. // This option is used to install the xensvc service or to update its // configuration. // '/d' -> arg[3] is the full path to the INF file and argv[4] is the service section // to install from the INF file. // This option is used to install a driver service from a specified INF file. // ////////////////////////////////////////////////////////////////////////////////// int _cdecl main(int argc, char *argv[]) { int res = 0; BOOL DelayInstall = FALSE; HWND hWnd = NULL; if (argc < 2) { MessageBox(hWnd, "Invalid number of parameters passed in", "Error", MB_OK); return 1; } hWnd = (HWND)(ULONG_PTR)atoi(argv[2]); if (!lstrcmpi(argv[1], "/p")) { DelayInstall = (BOOL)atoi(argv[5]); res = InstallPnPDriver(hWnd, argv[3], argv[4], DelayInstall, FALSE); } else if (!lstrcmpi(argv[1], "/u")) { DelayInstall = (BOOL)atoi(argv[5]); res = InstallPnPDriver(hWnd, argv[3], argv[4], DelayInstall, TRUE); } else if (!lstrcmpi(argv[1], "/r")) { res = InstallRootEnumeratedDriver(hWnd, argv[3], argv[4]); } else if (!lstrcmpi(argv[1], "/i")) { res = InstallINF(hWnd, argv[3]); } else if (!lstrcmpi(argv[1], "/s")) { res = ServiceInstall(hWnd, argv[3]); } else if (!lstrcmpi(argv[1], "/d")) { res = PreInstallFromInf(hWnd, argv[3], argv[4], argv[5]); }else { MessageBox(hWnd, "Invalid device install type passed in", "Error", MB_OK); return 1; } return res; }
SaneWinMain( argc, argv ) { // doesn't matter... if( argc > (1) && StrCaseCmp( argv[1], WIDE("install") ) == 0 ) { ServiceInstall( GetProgramName() ); return 0; } if( argc > (1) && StrCaseCmp( argv[1], WIDE("uninstall") ) == 0 ) { ServiceUninstall( GetProgramName() ); return 0; } if( LoadPrivateFunction( WIDE("sack.msgsvr.service.plugin"), NULL ) ) { SetupService( (TEXTSTR)GetProgramName(), Start ); } else lprintf( WIDE("Failed to load message core service.\n") ); return 0; }
int main(int argc, char ** argv) { int ret = 0; struct a6o_report report = {0}; PVOID OldValue = NULL; if (argc >= 2 && strncmp(argv[1],"--conf",6) == 0 ) { // TODO :: https://msdn.microsoft.com/fr-fr/library/windows/desktop/ms724072%28v=vs.85%29.aspx //conf_poc_windows( ); return 0; } // Only for test purposes (command line) if (argc >= 2 && strncmp(argv[1], "--disable_rt", 12) == 0) { //disable_onaccess( ); return EXIT_SUCCESS; } if (argc >= 2 && strncmp(argv[1], "--notify", 8) == 0) { a6o_notify_set_handler((a6o_notify_handler_t)send_notif); a6o_notify(NOTIF_INFO,"Service started!"); a6o_notify(NOTIF_WARNING,"Malware detected :: [%s]","TrojanFake"); a6o_notify(NOTIF_ERROR,"An error occured during scan !!"); return EXIT_SUCCESS; } // Only for test purposes (command line) complete test = GUI + driver. if ( argc >=2 && strncmp(argv[1],"--testGUI",9) == 0 ){ DisplayBanner(); a6o_notify_set_handler((a6o_notify_handler_t)send_notif); if (Wow64DisableWow64FsRedirection(&OldValue) == FALSE) { return -1; } /* (FD) added to get all log messages */ a6o_log_set_handler(ARMADITO_LOG_LEVEL_DEBUG, a6o_log_default_handler, NULL); ret = LaunchCmdLineService(GUI_ONLY); if (Wow64RevertWow64FsRedirection(OldValue) == FALSE ){ // Failure to re-enable redirection should be considered // a criticial failure and execution aborted. return -2; } if (ret < 0) { return EXIT_FAILURE; } return EXIT_SUCCESS; } // Only for test purposes (command line) complete test = GUI + driver. if ( argc >=2 && strncmp(argv[1],"--test",6) == 0 ){ DisplayBanner( ); a6o_notify_set_handler((a6o_notify_handler_t)send_notif); ret = LaunchCmdLineService(SVC_MODE); if (ret < 0) { return EXIT_FAILURE; } return EXIT_SUCCESS; } // Only for test purposes (command line) if ( argc >=2 && strncmp(argv[1],"--register",10) == 0 ){ #if 0 ret = register_av( ); if (ret < 0) { return EXIT_FAILURE; } #endif return EXIT_SUCCESS; } // Only for test purposes (command line) if ( argc >=2 && strncmp(argv[1],"--crypt",7) == 0 ){ #if 0 if (argv[2] == NULL) { printf("[-] Error :: --crypt option :: missing parameter [filename]\n"); return EXIT_FAILURE; } ret = verify_file_signature(argv[2],SIGNATURE_FILE); if (ret < 0) { return EXIT_FAILURE; } #endif return EXIT_SUCCESS; } // Only for test purposes (command line) if ( argc >=3 && strncmp(argv[1],"--quarantine",11) == 0 ){ #if 0 ret = MoveFileInQuarantine(argv[2], report); if (ret < 0) { return EXIT_FAILURE; } #endif return EXIT_SUCCESS; } if ( argc >=2 && strncmp(argv[1],"--quarantine",11) == 0 ){ #if 0 ret = EnumQuarantine(); if (ret < 0) { return EXIT_FAILURE; } #endif return EXIT_SUCCESS; } if ( argc >=2 && strncmp(argv[1],"--restore",9) == 0 ){ #if 0 ret = ui_restore_quarantine_file(argv[1]); if (ret < 0) { return EXIT_FAILURE; } #endif return EXIT_SUCCESS; } if ( argc >=3 && strncmp(argv[1],"--restore",9) == 0 ){ #if 0 ret = RestoreFileFromQuarantine(argv[2]); if (ret < 0) { return EXIT_FAILURE; } #endif return EXIT_SUCCESS; } if ( argc >=2 && strncmp(argv[1],"--updatedb",10) == 0 ){ DisplayBanner( ); update_modules_db(NULL); return EXIT_SUCCESS; } if ( argc >=2 && strncmp(argv[1],"--info",6) == 0 ){ if (get_av_info() < 0) { return EXIT_FAILURE; } return EXIT_SUCCESS; } if (argc >= 2 && strncmp(argv[1], "--installboot", 13) == 0){ DisplayBanner(); ret = ServiceInstall(SERVICE_AUTO_START); if (ret < 0) { return EXIT_FAILURE; } return EXIT_SUCCESS; } // command line parameter "--install", install the service. if ( argc >=2 && strncmp(argv[1],"--install",9) == 0 ){ DisplayBanner( ); ret = ServiceInstall(SERVICE_DEMAND_START); if (ret < 0) { return EXIT_FAILURE; } return EXIT_SUCCESS; } // command line parameter "--uninstall", uninstall the service. if ( argc >=2 && strncmp(argv[1],"--uninstall",11) == 0 ){ DisplayBanner( ); ret = ServiceRemove( ); return EXIT_SUCCESS; } // command line parameter "--remove", delete the service. if ( argc >=2 && strncmp(argv[1],"--stop",6) == 0 ){ ServiceStop(); return EXIT_SUCCESS; } if ( argc >=2 && strncmp(argv[1],"--start",7) == 0 ){ ServiceLaunch( ); return EXIT_SUCCESS; } if ( argc >=2 && strncmp(argv[1],"--pause",7) == 0 ){ ServicePause( ); return EXIT_SUCCESS; } if ( argc >=2 && strncmp(argv[1],"--continue",10) == 0 ){ ServiceContinue( ); return EXIT_SUCCESS; } //ServiceLaunchAction( ); // put this part in ServiceLaunchAction function. SERVICE_TABLE_ENTRY DispatchTable[] = { { SVCNAME, (LPSERVICE_MAIN_FUNCTION) ServiceMain }, { NULL, NULL } }; // This call returs when the service has stopped. if (!StartServiceCtrlDispatcher(DispatchTable)) { //SvcReportEvent(TEXT("StartServiceCtrlDispatcher")); //printf("[i] StartServiceCtrlDispatcher :: %d\n",GetLastError()); } return EXIT_SUCCESS; }
SaneWinMain( argc, argv ) { { #ifndef BUILD_SERVICE #ifndef LOAD_LIBNAME if( argc > 1 ) { hModule = LoadFunction( libname = argv[1], NULL ); if( hModule ) arg_offset++; } #endif if( !hModule ) { #ifdef LOAD_LIBNAME hModule = LoadFunction( libname = _WIDE(LOAD_LIBNAME), NULL ); if( !hModule ) { #ifndef UNDER_CE lprintf( WIDE("error: (%")_32fs WIDE(")%s") , GetLastError() , strerror(GetLastError()) ); #endif return 0; } else arg_offset = 0; #else lprintf( WIDE("strerror(This is NOT right... what's the GetStrError?): (%ld)%s") , GetLastError() , strerror(GetLastError()) ); return 0; #endif } #endif my_argc = argc; my_argv = argv; #ifdef BUILD_SERVICE { // look through command line, and while -L options exist, use thsoe to load more libraries // then pass the final remainer to the proc (if used) #ifdef _WIN32 for( ; arg_offset < argc; arg_offset++ ) { if( StrCaseCmp( argv[arg_offset], WIDE("install") ) == 0 ) { ServiceInstall( GetProgramName() ); return 0; } if( StrCaseCmp( argv[arg_offset], WIDE("uninstall") ) == 0 ) { ServiceUninstall( GetProgramName() ); return 0; } } // need to do this before windows are created? #ifdef BUILD_SERVICE_THREAD xlprintf(2400)( WIDE("Go To Service. %s"), GetProgramName() ); SetupServiceThread( (TEXTSTR)GetProgramName(), DoStart2, 0 ); #else xlprintf(2400)( WIDE("Go To Service. %s"), GetProgramName() ); SetupService( (TEXTSTR)GetProgramName(), DoStart2 ); #endif #endif } #endif #ifndef BUILD_SERVICE { Main = (MainFunction)LoadFunction( libname, WIDE( "_Main" ) ); if( !Main ) Main = (MainFunction)LoadFunction( libname, WIDE( "Main" ) ); if( !Main ) Main = (MainFunction)LoadFunction( libname, WIDE( "Main_" ) ); if( Main ) { Main( argc-arg_offset, argv+arg_offset, MODE ); } else { Begin = (BeginFunction)LoadFunction( libname, WIDE( "_Begin" ) ); if( !Begin ) Begin = (BeginFunction)LoadFunction( libname, WIDE( "Begin" ) ); if( !Begin ) Begin = (BeginFunction)LoadFunction( libname, WIDE( "Begin_" ) ); if( Begin ) { int xlen, ofs, arg; for( arg = arg_offset, xlen = 0; arg < argc; arg++, xlen += snprintf( NULL, 0, WIDE( "%s%s" ), arg?WIDE( " " ):WIDE( "" ), argv[arg] ) ); x = (TEXTCHAR*)malloc( ++xlen ); for( arg = arg_offset, ofs = 0; arg < argc; arg++, ofs += snprintf( (TEXTCHAR*)x + ofs, xlen - ofs, WIDE( "%s%s" ), arg?WIDE( " " ):WIDE( "" ), argv[arg] ) ); Begin( x, MODE ); // pass console defined in Makefile free( x ); } else { Start = (StartFunction)LoadFunction( libname, WIDE( "_Start" ) ); if( !Start ) Start = (StartFunction)LoadFunction( libname, WIDE( "Start" ) ); if( !Start ) Start = (StartFunction)LoadFunction( libname, WIDE( "Start_" ) ); if( Start ) { Start( ); } } } } #endif } return 0; }