clean up more code/rename vars

This commit is contained in:
Akash Mozumdar 2018-05-13 15:33:36 -04:00
parent 38a57eb480
commit c7a79e6064
5 changed files with 34 additions and 165 deletions

View File

@ -249,8 +249,8 @@ int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine
if (OpenHost()) if (OpenHost())
{ {
SetUnhandledExceptionFilter(UnhandledExcept); SetUnhandledExceptionFilter(UnhandledExcept);
Host_GetHookManager(&man); GetHostHookManager(&man);
Host_GetSettings(&setman); GetHostSettings(&setman);
setman->splittingInterval = 200; setman->splittingInterval = 200;
MonitorFlag = true; MonitorFlag = true;
pfman = new ProfileManager(); pfman = new ProfileManager();

View File

@ -249,8 +249,8 @@ int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine
if (OpenHost()) if (OpenHost())
{ {
SetUnhandledExceptionFilter(UnhandledExcept); SetUnhandledExceptionFilter(UnhandledExcept);
Host_GetHookManager(&man); GetHostHookManager(&man);
Host_GetSettings(&setman); GetHostSettings(&setman);
setman->splittingInterval = 200; setman->splittingInterval = 200;
MonitorFlag = true; MonitorFlag = true;
pfman = new ProfileManager(); pfman = new ProfileManager();

View File

@ -65,12 +65,6 @@ namespace
CloseHandle(processToken); CloseHandle(processToken);
} }
bool sendCommand(HANDLE commandPipe, HostCommandType command)
{
DWORD unused;
return commandPipe && WriteFile(commandPipe, &command, sizeof(command), &unused, nullptr);
}
} // unnamed namespace } // unnamed namespace
void CreateNewPipe(); void CreateNewPipe();
@ -229,89 +223,32 @@ IHFSERVICE bool IHFAPI InjectProcessById(DWORD processId, DWORD timeout)
return success; return success;
} }
// jichi 7/16/2014: Test if process is valid before creating remote threads IHFSERVICE bool IHFAPI DetachProcessById(DWORD pid)
// See: http://msdn.microsoft.com/en-us/library/ms687032.aspx
static bool isProcessTerminated(HANDLE processHandle)
{
return WAIT_OBJECT_0 == ::WaitForSingleObject(processHandle, 0);
}
IHFSERVICE bool IHFAPI DetachProcessById(DWORD pid) // Todo: clean this up
{ {
ITH_SYNC_HOOK; ITH_SYNC_HOOK;
DWORD command = HOST_COMMAND_DETACH, unused;
//man->LockHookman(); HANDLE commandPipe = man->GetCmdHandleByPID(pid);
ProcessRecord *pr = man->GetProcessRecord(pid); return commandPipe && WriteFile(commandPipe, &command, sizeof(command), &unused, nullptr);
HANDLE hCmd = man->GetCmdHandleByPID(pid);
if (pr == 0 || hCmd == 0)
return false;
HANDLE hProc;
//hProc = pr->process_handle; //This handle may be closed(thus invalid) during the detach process.
NtDuplicateObject(NtCurrentProcess(), pr->process_handle,
NtCurrentProcess(), &hProc, 0, 0, DUPLICATE_SAME_ACCESS); // Make a copy of the process handle.
HANDLE hModule = (HANDLE)pr->module_register;
if (!hModule) {
DOUT("process module not found");
return false;
} }
// jichi 7/15/2014: Process already closed IHFSERVICE void IHFAPI GetHostHookManager(HookManager** hookman)
if (isProcessTerminated(hProc)) { {
DOUT("process has terminated"); if (::running)
return false;
}
// jichi 10/19/2014: Disable the second dll
//engine = pr->engine_register;
//engine &= ~0xff;
DOUT("send detach command");
bool ret = sendCommand(hCmd, HOST_COMMAND_DETACH);
// jichi 7/15/2014: Process already closed
//if (isProcessTerminated(hProc)) {
// DOUT("process has terminated");
// return false;
//}
//WinDbg::ejectDll(hModule, 0, hProc); // eject in case module has not loaded yet
//cmdq->AddRequest(sp, pid);
////#ifdef ITH_WINE // Nt series crash on wine
//// hThread = IthCreateThread(FreeLibrary, engine, hProc);
////#else
// hThread = IthCreateThread(LdrUnloadDll, engine, hProc);
////#endif // ITH_WINE
// if (hThread == 0 || hThread == INVALID_HANDLE_VALUE)
// return FALSE;
// // jichi 10/22/2013: Timeout might crash vnrsrv
// //const LONGLONG timeout = HOOK_TIMEOUT;
// //NtWaitForSingleObject(hThread, 0, (PLARGE_INTEGER)&timeout);
// NtWaitForSingleObject(hThread, 0, nullptr);
// NtClose(hThread);
NtClose(hProc);
return ret;
}
IHFSERVICE DWORD IHFAPI Host_GetHookManager(HookManager** hookman)
{ {
if (::running) {
*hookman = man; *hookman = man;
return 0;
} }
else
return 1;
} }
IHFSERVICE bool IHFAPI Host_GetSettings(Settings **p) IHFSERVICE void IHFAPI GetHostSettings(Settings **p)
{
if (::running)
{ {
if (::running) {
*p = settings; *p = settings;
return true;
} }
else
return false;
} }
// I don't understand the following operations, so I'm making minimal changes in cleanup -Artikash 11 May 2018
IHFSERVICE DWORD IHFAPI Host_InsertHook(DWORD pid, HookParam *hp, LPCSTR name) IHFSERVICE DWORD IHFAPI Host_InsertHook(DWORD pid, HookParam *hp, LPCSTR name)
{ {
ITH_SYNC_HOOK; ITH_SYNC_HOOK;
@ -334,34 +271,14 @@ IHFSERVICE DWORD IHFAPI Host_InsertHook(DWORD pid, HookParam *hp, LPCSTR name)
} }
s.name_buffer[len] = 0; s.name_buffer[len] = 0;
IO_STATUS_BLOCK ios; IO_STATUS_BLOCK ios;
NtWriteFile(hCmd, 0,0,0, &ios, &s, IHS_SIZE, 0, 0); DWORD unused;
WriteFile(hCmd, &s, IHS_SIZE, &unused, nullptr);
//memcpy(&sp.hp,hp,sizeof(HookParam)); //memcpy(&sp.hp,hp,sizeof(HookParam));
//cmdq->AddRequest(sp, pid); //cmdq->AddRequest(sp, pid);
return 0; return 0;
} }
IHFSERVICE DWORD IHFAPI Host_ModifyHook(DWORD pid, HookParam *hp)
{
ITH_SYNC_HOOK;
HANDLE hCmd = GetCmdHandleByPID(pid);
if (hCmd == 0)
return -1;
HANDLE hModify = IthCreateEvent(ITH_MODIFYHOOK_EVENT);
SendParam sp;
sp.type = HOST_COMMAND_MODIFY_HOOK;
sp.hp = *hp;
IO_STATUS_BLOCK ios;
if (NT_SUCCESS(NtWriteFile(hCmd, 0,0,0, &ios, &sp, sizeof(SendParam), 0, 0)))
// jichi 9/28/2013: no wait timeout
//const LONGLONG timeout = HOOK_TIMEOUT;
NtWaitForSingleObject(hModify, 0, nullptr);
NtClose(hModify);
man->RemoveSingleHook(pid, sp.hp.address);
return 0;
}
IHFSERVICE DWORD IHFAPI Host_RemoveHook(DWORD pid, DWORD addr) IHFSERVICE DWORD IHFAPI Host_RemoveHook(DWORD pid, DWORD addr)
{ {
ITH_SYNC_HOOK; ITH_SYNC_HOOK;
@ -370,18 +287,19 @@ IHFSERVICE DWORD IHFAPI Host_RemoveHook(DWORD pid, DWORD addr)
hCmd = GetCmdHandleByPID(pid); hCmd = GetCmdHandleByPID(pid);
if (hCmd == 0) if (hCmd == 0)
return -1; return -1;
hRemoved = IthCreateEvent(ITH_REMOVEHOOK_EVENT); hRemoved = CreateEventW(nullptr, TRUE, FALSE, ITH_REMOVEHOOK_EVENT);
SendParam sp = {}; SendParam sp = {};
IO_STATUS_BLOCK ios; IO_STATUS_BLOCK ios;
sp.type = HOST_COMMAND_REMOVE_HOOK; sp.type = HOST_COMMAND_REMOVE_HOOK;
sp.hp.address = addr; sp.hp.address = addr;
//cmdq -> AddRequest(sp, pid); //cmdq -> AddRequest(sp, pid);
NtWriteFile(hCmd, 0,0,0, &ios, &sp, sizeof(SendParam),0,0); DWORD unused;
WriteFile(hCmd, &sp, sizeof(sp), &unused, nullptr);
// jichi 10/22/2013: Timeout might crash vnrsrv // jichi 10/22/2013: Timeout might crash vnrsrv
//const LONGLONG timeout = HOOK_TIMEOUT; //const LONGLONG timeout = HOOK_TIMEOUT;
//NtWaitForSingleObject(hRemoved, 0, (PLARGE_INTEGER)&timeout); //NtWaitForSingleObject(hRemoved, 0, (PLARGE_INTEGER)&timeout);
NtWaitForSingleObject(hRemoved, 0, nullptr); WaitForSingleObject(hRemoved, MAXDWORD);
NtClose(hRemoved); CloseHandle(hRemoved);
man -> RemoveSingleHook(pid, sp.hp.address); man -> RemoveSingleHook(pid, sp.hp.address);
return 0; return 0;
} }

View File

@ -17,8 +17,8 @@ IHFSERVICE void IHFAPI Host_Destroy();
IHFSERVICE void IHFAPI StartHost(); IHFSERVICE void IHFAPI StartHost();
IHFSERVICE bool IHFAPI OpenHost(); IHFSERVICE bool IHFAPI OpenHost();
IHFSERVICE void IHFAPI CloseHost(); IHFSERVICE void IHFAPI CloseHost();
IHFSERVICE DWORD IHFAPI Host_GetHookManager(HookManager **hookman); IHFSERVICE void IHFAPI GetHostHookManager(HookManager **hookman);
IHFSERVICE bool IHFAPI Host_GetSettings(Settings **settings); IHFSERVICE void IHFAPI GetHostSettings(Settings **settings);
IHFSERVICE DWORD IHFAPI Host_GetPIDByName(LPCWSTR pwcTarget); IHFSERVICE DWORD IHFAPI Host_GetPIDByName(LPCWSTR pwcTarget);
IHFSERVICE bool IHFAPI InjectProcessById(DWORD pid, DWORD timeout = 5000); IHFSERVICE bool IHFAPI InjectProcessById(DWORD pid, DWORD timeout = 5000);
IHFSERVICE bool IHFAPI DetachProcessById(DWORD pid); IHFSERVICE bool IHFAPI DetachProcessById(DWORD pid);

View File

@ -75,60 +75,11 @@ extern HANDLE pipeExistsEvent;
void CreateNewPipe() void CreateNewPipe()
{ {
static DWORD acl[7] = {
0x1C0002,
1,
0x140000,
GENERIC_READ | GENERIC_WRITE | SYNCHRONIZE,
0x101,
0x1000000,
0};
static SECURITY_DESCRIPTOR sd = {1, 0, 4, 0, 0, 0, (PACL)acl};
HANDLE hTextPipe, hCmdPipe, hThread; HANDLE hTextPipe, hCmdPipe, hThread;
IO_STATUS_BLOCK ios;
UNICODE_STRING us;
OBJECT_ATTRIBUTES oa = {sizeof(oa), 0, &us, OBJ_CASE_INSENSITIVE, &sd, 0}; hTextPipe = CreateNamedPipeW(ITH_TEXT_PIPE, PIPE_ACCESS_INBOUND, PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE, PIPE_UNLIMITED_INSTANCES, 0x1000, 0x1000, MAXDWORD, NULL);
LARGE_INTEGER time = {-500000, -1}; hCmdPipe = CreateNamedPipeW(ITH_COMMAND_PIPE, PIPE_ACCESS_OUTBOUND, 0, PIPE_UNLIMITED_INSTANCES, 0x1000, 0x1000, MAXDWORD, NULL);
hThread = CreateThread(nullptr, 0, RecvThread, hTextPipe, 0, nullptr);
RtlInitUnicodeString(&us, recv_pipe);
if (!NT_SUCCESS(NtCreateNamedPipeFile(
&hTextPipe,
GENERIC_READ | SYNCHRONIZE,
&oa,
&ios,
FILE_SHARE_WRITE,
FILE_OPEN_IF,
FILE_SYNCHRONOUS_IO_NONALERT,
1, 1, 0, -1,
0x1000,
0x1000,
&time))) {
//ConsoleOutput(ErrorCreatePipe);
DOUT("failed to create recv pipe");
return;
}
RtlInitUnicodeString(&us, command_pipe);
if (!NT_SUCCESS(NtCreateNamedPipeFile(
&hCmdPipe,
GENERIC_WRITE | SYNCHRONIZE,
&oa,
&ios,
FILE_SHARE_READ,
FILE_OPEN_IF,
FILE_SYNCHRONOUS_IO_NONALERT,
1, 1, 0, -1,
0x1000,
0x1000,
&time))) {
//ConsoleOutput(ErrorCreatePipe);
DOUT("failed to create cmd pipe");
return;
}
hThread = IthCreateThread(RecvThread, (DWORD)hTextPipe);
man->RegisterPipe(hTextPipe, hCmdPipe, hThread); man->RegisterPipe(hTextPipe, hCmdPipe, hThread);
} }