/* FIXME: Convert to the new macros */ HANDLE NTAPI OpenFileMappingW(IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN LPCWSTR lpName) { NTSTATUS Status; HANDLE SectionHandle; OBJECT_ATTRIBUTES ObjectAttributes; UNICODE_STRING UnicodeName; /* We need a name */ if (!lpName) { /* Otherwise, fail */ SetLastError(ERROR_INVALID_PARAMETER); return NULL; } /* Convert attributes */ RtlInitUnicodeString(&UnicodeName, lpName); InitializeObjectAttributes(&ObjectAttributes, &UnicodeName, (bInheritHandle ? OBJ_INHERIT : 0), BaseGetNamedObjectDirectory(), NULL); /* Convert COPY to READ */ if (dwDesiredAccess == FILE_MAP_COPY) { /* Fixup copy */ dwDesiredAccess = SECTION_MAP_READ; } else if (dwDesiredAccess & FILE_MAP_EXECUTE) { /* Fixup execute */ dwDesiredAccess = (dwDesiredAccess & ~FILE_MAP_EXECUTE) | SECTION_MAP_EXECUTE; } /* Open the section */ Status = NtOpenSection(&SectionHandle, dwDesiredAccess, &ObjectAttributes); if (!NT_SUCCESS(Status)) { /* We failed */ BaseSetLastNTError(Status); return NULL; } /* Otherwise, return the handle */ return SectionHandle; }
/* * Converts lpSecurityAttributes + Object Name into ObjectAttributes. */ POBJECT_ATTRIBUTES WINAPI BaseFormatObjectAttributes(OUT POBJECT_ATTRIBUTES ObjectAttributes, IN PSECURITY_ATTRIBUTES SecurityAttributes OPTIONAL, IN PUNICODE_STRING ObjectName) { ULONG Attributes; HANDLE RootDirectory; PVOID SecurityDescriptor; DPRINT("BaseFormatObjectAttributes. Security: %p, Name: %p\n", SecurityAttributes, ObjectName); /* Get the attributes if present */ if (SecurityAttributes) { Attributes = SecurityAttributes->bInheritHandle ? OBJ_INHERIT : 0; SecurityDescriptor = SecurityAttributes->lpSecurityDescriptor; } else { if (!ObjectName) return NULL; Attributes = 0; SecurityDescriptor = NULL; } if (ObjectName) { Attributes |= OBJ_OPENIF; RootDirectory = BaseGetNamedObjectDirectory(); } else { RootDirectory = NULL; } /* Create the Object Attributes */ InitializeObjectAttributes(ObjectAttributes, ObjectName, Attributes, RootDirectory, SecurityDescriptor); DPRINT("Attributes: %lx, RootDirectory: %p, SecurityDescriptor: %p\n", Attributes, RootDirectory, SecurityDescriptor); return ObjectAttributes; }
HANDLE OpenEvent( WCHAR* EventName ) { UNICODE_STRING eventName; OBJECT_ATTRIBUTES objAttrib; HANDLE eventHandle; UnicodeString_Init(&eventName, EventName); objAttrib.Length = sizeof(OBJECT_ATTRIBUTES); objAttrib.RootDirectory = BaseGetNamedObjectDirectory(); objAttrib.ObjectName = &eventName; objAttrib.Attributes = 0; objAttrib.SecurityDescriptor = NULL; objAttrib.SecurityQualityOfService = NULL; NtOpenEvent(&eventHandle, SYNCHRONIZE, &objAttrib); return eventHandle; }
HANDLE APIENTRY OpenFileMappingW( DWORD dwDesiredAccess, BOOL bInheritHandle, LPCWSTR lpName ) { OBJECT_ATTRIBUTES Obja; UNICODE_STRING ObjectName; NTSTATUS Status; HANDLE Object; if ( !lpName ) { BaseSetLastNTError(STATUS_INVALID_PARAMETER); return NULL; } RtlInitUnicodeString(&ObjectName,lpName); InitializeObjectAttributes( &Obja, &ObjectName, (bInheritHandle ? OBJ_INHERIT : 0), BaseGetNamedObjectDirectory(), NULL ); if ( dwDesiredAccess == FILE_MAP_COPY ) { dwDesiredAccess = FILE_MAP_READ; } Status = NtOpenSection( &Object, dwDesiredAccess, &Obja ); if ( !NT_SUCCESS(Status) ) { BaseSetLastNTError(Status); return NULL; } return Object; }
HANDLE WINAPI OpenWaitableTimerW( DWORD dwDesiredAccess, BOOL bInheritHandle, LPCWSTR lpTimerName ) { OBJECT_ATTRIBUTES Obja; UNICODE_STRING ObjectName; NTSTATUS Status; HANDLE Object; if ( !lpTimerName ) { BaseSetLastNTError(STATUS_INVALID_PARAMETER); return NULL; } RtlInitUnicodeString(&ObjectName,lpTimerName); InitializeObjectAttributes( &Obja, &ObjectName, (bInheritHandle ? OBJ_INHERIT : 0), BaseGetNamedObjectDirectory(), NULL ); Status = NtOpenTimer( &Object, dwDesiredAccess, &Obja ); if ( !NT_SUCCESS(Status) ) { BaseSetLastNTError(Status); return NULL; } return Object; }
/* * @implemented */ HANDLE WINAPI CreateMemoryResourceNotification(IN MEMORY_RESOURCE_NOTIFICATION_TYPE NotificationType) { UNICODE_STRING EventName; OBJECT_ATTRIBUTES ObjectAttributes; HANDLE hEvent; NTSTATUS Status; if (NotificationType > HighMemoryResourceNotification) { SetLastError(ERROR_INVALID_PARAMETER); return NULL; } RtlInitUnicodeString(&EventName, NotificationType ? L"\\KernelObjects\\HighMemoryCondition" : L"\\KernelObjects\\LowMemoryCondition"); InitializeObjectAttributes(&ObjectAttributes, &EventName, 0, BaseGetNamedObjectDirectory(), NULL); Status = NtOpenEvent(&hEvent, EVENT_QUERY_STATE | SYNCHRONIZE, &ObjectAttributes); if (!NT_SUCCESS(Status)) { BaseSetLastNTError(Status); return NULL; } return hEvent; }
INT32 __stdcall start( ) { HANDLE sectionHandle, *hMutex; HANDLE eventHandle; HANDLE threadHandle; DWORD sectionSize; MSG messages; OBJECT_ATTRIBUTES objAttrib = {0}; PTEB threadEnvironmentBlock; UNICODE_STRING eventSource; LDR_DATA_TABLE_ENTRY *module; SECTION_BASIC_INFORMATION sectionInfo; LARGE_INTEGER newSectionSize; InitializeCRT(); threadEnvironmentBlock = NtCurrentTeb(); PushProcessId = threadEnvironmentBlock->ClientId.UniqueProcess; PushHeapHandle = threadEnvironmentBlock->ProcessEnvironmentBlock->ProcessHeap; PushSessionId = threadEnvironmentBlock->ProcessEnvironmentBlock->SessionId; // Check if already running hMutex = CreateMutexW(0, FALSE, L"PushOneInstance"); if (threadEnvironmentBlock->LastErrorValue == ERROR_ALREADY_EXISTS || threadEnvironmentBlock->LastErrorValue == ERROR_ACCESS_DENIED) { MessageBoxW(0, L"Only one instance!", 0,0); ExitProcess(0); } //create image event eventHandle = NULL; UnicodeString_Init(&eventSource, L"Global\\" PUSH_IMAGE_EVENT_NAME); objAttrib.Length = sizeof(OBJECT_ATTRIBUTES); objAttrib.RootDirectory = BaseGetNamedObjectDirectory(); objAttrib.ObjectName = &eventSource; objAttrib.Attributes = OBJ_OPENIF; objAttrib.SecurityDescriptor = NULL; objAttrib.SecurityQualityOfService = NULL; NtCreateEvent(&eventHandle, EVENT_ALL_ACCESS, &objAttrib, NotificationEvent, FALSE); // populate file name and path module = (LDR_DATA_TABLE_ENTRY*)threadEnvironmentBlock->ProcessEnvironmentBlock->Ldr->InLoadOrderModuleList.Flink; Memory_Copy(PushFilePath, module->FullDllName.Buffer, module->FullDllName.Length); PushFilePath[module->FullDllName.Length] = L'\0'; // Start Driver. Driver_Extract(); PushDriverLoaded = Driver_Load(); //initialize instance PushInstance = Module_GetHandle(L"Push.exe"); // Create interface MwCreateMainWindow(); // Create section. sectionSize = sizeof(PUSH_SHARED_MEMORY) + OSD_GetSize(); PushSharedMemory = (PUSH_SHARED_MEMORY*)Memory_MapViewOfSection(PUSH_SECTION_NAME, sectionSize, §ionHandle); if (!PushSharedMemory) { Log(L"Could not create shared memory"); return 0; } Log(L"Created section of size %i bytes", sectionSize); //zero struct Memory_Clear(PushSharedMemory, sizeof(PUSH_SHARED_MEMORY)); //initialize window handle used by overlay //PushSharedMemory->WindowHandle = PushMainWindow->Handle; //initialize default font properties for overlay String_Copy(PushSharedMemory->FontName, L"Verdana"); PushSharedMemory->FontBold = TRUE; if (File_Exists(PUSH_SETTINGS_FILE)) { wchar_t *buffer; wchar_t marker; // Check if file is UTF-16LE. buffer = (WCHAR*) File_Load(PUSH_SETTINGS_FILE, NULL); marker = buffer[0]; Memory_Free(buffer); if (marker == 0xFEFF) //is UTF-LE. { // Init settings from ini file. buffer = Memory_Allocate(100 * sizeof(WCHAR)); Ini_GetString(L"Settings", L"FrameLimit", NULL, buffer, 5, L".\\" PUSH_SETTINGS_FILE); PushSharedMemory->FrameLimit = _wtoi(buffer); if (Ini_ReadBoolean(L"Settings", L"ThreadOptimization", FALSE, L".\\" PUSH_SETTINGS_FILE)) PushSharedMemory->ThreadOptimization = TRUE; if (Ini_ReadBoolean(L"Settings", L"KeepFps", FALSE, L".\\" PUSH_SETTINGS_FILE)) PushSharedMemory->KeepFps = TRUE; Ini_GetString(L"Settings", L"OverlayInterface", NULL, buffer, 5, L".\\" PUSH_SETTINGS_FILE); if (String_Compare(buffer, L"PURE") == 0) PushOverlayInterface = OVERLAY_INTERFACE_PURE; else if (String_Compare(buffer, L"RTSS") == 0) PushOverlayInterface = OVERLAY_INTERFACE_RTSS; Ini_GetString(L"Settings", L"KeyboardHookType", L"AUTO", buffer, 10, L".\\" PUSH_SETTINGS_FILE); if (String_Compare(buffer, L"AUTO") == 0) { PushSharedMemory->KeyboardHookType = KEYBOARD_HOOK_AUTO; } else if (String_Compare(buffer, L"SUBCLASS") == 0) { PushSharedMemory->KeyboardHookType = KEYBOARD_HOOK_SUBCLASS; } else if (String_Compare(buffer, L"MESSAGE") == 0) { PushSharedMemory->KeyboardHookType = KEYBOARD_HOOK_MESSAGE; } else if (String_Compare(buffer, L"KEYBOARD") == 0) { PushSharedMemory->KeyboardHookType = KEYBOARD_HOOK_KEYBOARD; } else if (String_Compare(buffer, L"DETOURS") == 0) { PushSharedMemory->KeyboardHookType = KEYBOARD_HOOK_DETOURS; } else if (String_Compare(buffer, L"RAW") == 0) { PushSharedMemory->KeyboardHookType = KEYBOARD_HOOK_RAW; } else { PushSharedMemory->KeyboardHookType = KEYBOARD_HOOK_AUTO; } Ini_GetString(L"Settings", L"EngineClockMax", NULL, buffer, 5, L".\\" PUSH_SETTINGS_FILE); PushSharedMemory->HarwareInformation.DisplayDevice.EngineOverclock = _wtoi(buffer); Ini_GetString(L"Settings", L"MemoryClockMax", NULL, buffer, 5, L".\\" PUSH_SETTINGS_FILE); PushSharedMemory->HarwareInformation.DisplayDevice.MemoryOverclock = _wtoi(buffer); Ini_GetString(L"Settings", L"ControllerTimeout", NULL, buffer, 5, L".\\" PUSH_SETTINGS_FILE); PushSharedMemory->ControllerTimeout = _wtoi(buffer); Ini_GetString(L"Settings", L"FontName", L"Verdana", buffer, 100, L".\\" PUSH_SETTINGS_FILE); String_Copy(PushSharedMemory->FontName, buffer); Memory_Free(buffer); if (Ini_ReadBoolean(L"Settings", L"FontBold", FALSE, L".\\" PUSH_SETTINGS_FILE)) PushSharedMemory->FontBold = TRUE; } else { MessageBoxW( NULL, L"Settings file not UTF-16LE! " L"Resave the file as \"Unicode\" or Push won't read it!", L"Bad Settings file", NULL ); } } if (!PushDriverLoaded) { wchar_t driverPath[260]; Resource_Extract(L"DRIVERALT", L"WinRing0x64.sys"); GetDriverPath(L"WinRing0x64.sys", driverPath); Wr0DriverLoaded = Wr0Initialize(driverPath); } //initialize HWInfo GetHardwareInfo(); //initialize OSD items NtQuerySection( sectionHandle, SectionBasicInformation, §ionInfo, sizeof(SECTION_BASIC_INFORMATION), NULL ); newSectionSize.QuadPart = OSD_Initialize() + sizeof(PUSH_SHARED_MEMORY); if (newSectionSize.QuadPart > sectionInfo.MaximumSize.QuadPart) { Log(L"Shared memory too small!"); } //Check for controllers/gamepads/bluetooth adapters //EnumerateDevices(); // Check for running games Process_EnumProcesses(ProcessEnum); // Activate process monitoring if (PushDriverLoaded) { PushToggleProcessMonitoring(TRUE); } else { HANDLE overlayLib = NULL; void* prcAddress = 0; Resource_Extract(L"OVERLAY32", PUSH_LIB_NAME_32); overlayLib = Module_Load(L"overlay32.dll"); prcAddress = Module_GetProcedureAddress(overlayLib, "InstallOverlayHook"); if (prcAddress) { InstallOverlayHook = (TYPE_InstallOverlayHook)prcAddress; InstallOverlayHook(); } } g_szPrevGame[5] = '\0'; NtCreateThreadEx( &PushMonitorThreadHandle, THREAD_ALL_ACCESS, NULL, NtCurrentProcess(), &MonitorThread, NULL, NoThreadFlags, 0, 0, 0, NULL ); NtCreateThreadEx( &threadHandle, THREAD_ALL_ACCESS, NULL, NtCurrentProcess(), &PipeThread, NULL, NoThreadFlags, 0, 0, 0, NULL ); // Handle messages while(GetMessageW(&messages, 0,0,0)) { TranslateMessage(&messages); DispatchMessageW(&messages); } ExitProcess(0); return 0; }