attach all processes in given name

This commit is contained in:
Akash Mozumdar 2018-09-09 22:37:48 -04:00
parent 7d49166dc4
commit a455869837
5 changed files with 16 additions and 20 deletions

View File

@ -89,15 +89,15 @@ namespace
HANDLE hostPipe = CreateNamedPipeW(ITH_COMMAND_PIPE, PIPE_ACCESS_OUTBOUND, PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE, PIPE_UNLIMITED_INSTANCES, PIPE_BUFFER_SIZE, PIPE_BUFFER_SIZE, MAXDWORD, NULL); HANDLE hostPipe = CreateNamedPipeW(ITH_COMMAND_PIPE, PIPE_ACCESS_OUTBOUND, PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE, PIPE_UNLIMITED_INSTANCES, PIPE_BUFFER_SIZE, PIPE_BUFFER_SIZE, MAXDWORD, NULL);
ConnectNamedPipe(hookPipe, nullptr); ConnectNamedPipe(hookPipe, nullptr);
// jichi 9/27/2013: why recursion?
// Artikash 5/20/2018: Easy way to create a new pipe for another process
StartPipe();
BYTE buffer[PIPE_BUFFER_SIZE + 1] = {}; BYTE buffer[PIPE_BUFFER_SIZE + 1] = {};
DWORD bytesRead, processId; DWORD bytesRead, processId;
ReadFile(hookPipe, &processId, sizeof(processId), &bytesRead, nullptr); ReadFile(hookPipe, &processId, sizeof(processId), &bytesRead, nullptr);
RegisterProcess(processId, hostPipe); RegisterProcess(processId, hostPipe);
// jichi 9/27/2013: why recursion?
// Artikash 5/20/2018: Easy way to create a new pipe for another process
StartPipe();
while (ReadFile(hookPipe, buffer, PIPE_BUFFER_SIZE, &bytesRead, nullptr)) while (ReadFile(hookPipe, buffer, PIPE_BUFFER_SIZE, &bytesRead, nullptr))
switch (*(int*)buffer) switch (*(int*)buffer)
{ {

View File

@ -175,22 +175,17 @@ QVector<HookParam> MainWindow::GetAllHooks(DWORD processId)
void MainWindow::on_attachButton_clicked() void MainWindow::on_attachButton_clicked()
{ {
std::unordered_map<std::wstring, DWORD> allProcesses = GetAllProcesses(); QMultiHash<QString, DWORD> allProcesses = GetAllProcesses();
QStringList processList; QStringList processList(allProcesses.uniqueKeys());
for (auto i : allProcesses)
processList.push_back(QString::fromStdWString(i.first));
processList.sort(Qt::CaseInsensitive); processList.sort(Qt::CaseInsensitive);
bool ok; bool ok;
QString process = QInputDialog::getItem(this, "Select Process", QString process = QInputDialog::getItem(this, "Select Process",
"If you don't see the process you want to inject, try running with admin rights\r\nYou can just type in the process id if you know it", "If you don't see the process you want to inject, try running with admin rights\r\nYou can also type in the process id if you know it",
processList, 0, true, &ok); processList, 0, true, &ok);
if (!ok) return; if (!ok) return;
if (process.toInt()) if (process.toInt()) ok &= Host::InjectProcess(process.toInt());
{ else for (auto i : allProcesses.values(process)) ok &= Host::InjectProcess(i);
if (Host::InjectProcess(process.toInt())) return; if (!ok) Host::AddConsoleOutput(L"failed to attach");
}
else if (Host::InjectProcess(allProcesses[process.toStdWString()])) return;
Host::AddConsoleOutput(L"failed to attach");
} }
void MainWindow::on_detachButton_clicked() void MainWindow::on_detachButton_clicked()

View File

@ -18,15 +18,15 @@ QString GetModuleName(DWORD processId, HMODULE module)
return fullName.remove(0, fullName.lastIndexOf("\\") + 1); return fullName.remove(0, fullName.lastIndexOf("\\") + 1);
} }
std::unordered_map<std::wstring, DWORD> GetAllProcesses() QMultiHash<QString, DWORD> GetAllProcesses()
{ {
DWORD allProcessIds[0x1000]; DWORD allProcessIds[0x1000];
DWORD spaceUsed; DWORD spaceUsed;
std::unordered_map<std::wstring, DWORD> ret; QMultiHash<QString, DWORD> ret;
if (!EnumProcesses(allProcessIds, sizeof(allProcessIds), &spaceUsed)) return ret; if (!EnumProcesses(allProcessIds, sizeof(allProcessIds), &spaceUsed)) return ret;
for (int i = 0; i < spaceUsed / sizeof(DWORD); ++i) for (int i = 0; i < spaceUsed / sizeof(DWORD); ++i)
if (GetModuleName(allProcessIds[i]).size()) if (GetModuleName(allProcessIds[i]).size())
ret[GetModuleName(allProcessIds[i]).toStdWString()] = allProcessIds[i]; ret.insert(GetModuleName(allProcessIds[i]), allProcessIds[i]);
return ret; return ret;
} }

View File

@ -3,11 +3,12 @@
#include "qtcommon.h" #include "qtcommon.h"
#include "types.h" #include "types.h"
#include <QHash>
#include <optional> #include <optional>
QString GetFullModuleName(DWORD processId, HMODULE module = NULL); QString GetFullModuleName(DWORD processId, HMODULE module = NULL);
QString GetModuleName(DWORD processId, HMODULE module = NULL); QString GetModuleName(DWORD processId, HMODULE module = NULL);
std::unordered_map<std::wstring, DWORD> GetAllProcesses(); QMultiHash<QString, DWORD> GetAllProcesses();
std::optional<HookParam> ParseCode(QString HCode); std::optional<HookParam> ParseCode(QString HCode);
QString GenerateCode(HookParam hp, DWORD processId); QString GenerateCode(HookParam hp, DWORD processId);

View File

@ -36,7 +36,7 @@ void CreatePipe()
{ {
::hookPipe = CreateFileW(ITH_TEXT_PIPE, GENERIC_WRITE, FILE_SHARE_READ, nullptr, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, nullptr); ::hookPipe = CreateFileW(ITH_TEXT_PIPE, GENERIC_WRITE, FILE_SHARE_READ, nullptr, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, nullptr);
} }
if (hostPipe == INVALID_HANDLE_VALUE) if (::hookPipe != INVALID_HANDLE_VALUE && hostPipe == INVALID_HANDLE_VALUE)
{ {
hostPipe = CreateFileW(ITH_COMMAND_PIPE, GENERIC_READ | FILE_WRITE_ATTRIBUTES, FILE_SHARE_READ, nullptr, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, nullptr); hostPipe = CreateFileW(ITH_COMMAND_PIPE, GENERIC_READ | FILE_WRITE_ATTRIBUTES, FILE_SHARE_READ, nullptr, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, nullptr);
DWORD mode = PIPE_READMODE_MESSAGE; DWORD mode = PIPE_READMODE_MESSAGE;