clean up a lot of code

This commit is contained in:
Akash Mozumdar 2018-07-12 13:59:05 -04:00
parent 423ee9efac
commit 758e729f30
11 changed files with 32 additions and 158 deletions

View File

@ -170,7 +170,7 @@ DWORD WINAPI InjectThread(LPVOID lpThreadParameter)
for (auto hp = pf->Hooks().begin(); hp != pf->Hooks().end(); ++hp) for (auto hp = pf->Hooks().begin(); hp != pf->Hooks().end(); ++hp)
{ {
std::string name = toMultiByteString((*hp)->Name()); std::string name = toMultiByteString((*hp)->Name());
Host_InsertHook(pid, const_cast<HookParam*>(&(*hp)->HP()), name.c_str()); InsertHook(pid, const_cast<HookParam*>(&(*hp)->HP()), name);
} }
} }
return status; return status;

View File

@ -41,7 +41,7 @@ DWORD ProcessCommand(const std::wstring& cmd, DWORD pid)
{ {
HookParam hp = {}; HookParam hp = {};
if (Parse(m[1].str(), hp)) if (Parse(m[1].str(), hp))
Host_InsertHook(pid, &hp); InsertHook(pid, &hp);
} }
else if (regex_match(cmd, m, wregex(L":(?:h|help)", wregex::icase))) else if (regex_match(cmd, m, wregex(L":(?:h|help)", wregex::icase)))
{ {

View File

@ -200,13 +200,6 @@ void HookManager::RegisterProcess(DWORD pid, HANDLE hostPipe)
record->hookman_map = MapViewOfFile(record->hookman_section, FILE_MAP_READ, 0, 0, HOOK_SECTION_SIZE / 2); // jichi 1/16/2015: Changed to half to hook section size record->hookman_map = MapViewOfFile(record->hookman_section, FILE_MAP_READ, 0, 0, HOOK_SECTION_SIZE / 2); // jichi 1/16/2015: Changed to half to hook section size
record->process_handle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid); record->process_handle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid);
record->hookman_mutex = OpenMutexW(MUTEX_ALL_ACCESS, FALSE, (ITH_HOOKMAN_MUTEX_ + std::to_wstring(pid)).c_str()); record->hookman_mutex = OpenMutexW(MUTEX_ALL_ACCESS, FALSE, (ITH_HOOKMAN_MUTEX_ + std::to_wstring(pid)).c_str());
//if (NT_SUCCESS(NtOpenProcess(&hProc,
// PROCESS_QUERY_INFORMATION|
// PROCESS_CREATE_THREAD|
// PROCESS_VM_READ|
// PROCESS_VM_WRITE|
// PROCESS_VM_OPERATION,
// &oa,&id)))
if (attach) if (attach)
attach(pid); attach(pid);
@ -216,8 +209,6 @@ void HookManager::RegisterProcess(DWORD pid, HANDLE hostPipe)
void HookManager::UnRegisterProcess(DWORD pid) void HookManager::UnRegisterProcess(DWORD pid)
{ {
HM_LOCK; HM_LOCK;
//ConsoleOutput("vnrhost:UnRegisterProcess: lock");
//EnterCriticalSection(&hmcs);
ProcessRecord pr = *processRecordsByIds[pid]; ProcessRecord pr = *processRecordsByIds[pid];
CloseHandle(pr.hookman_mutex); CloseHandle(pr.hookman_mutex);
@ -225,76 +216,19 @@ void HookManager::UnRegisterProcess(DWORD pid)
CloseHandle(pr.process_handle); CloseHandle(pr.process_handle);
CloseHandle(pr.hookman_section); CloseHandle(pr.hookman_section);
processRecordsByIds.erase(pid); processRecordsByIds.erase(pid);
//CloseHandle(text_pipes[i]);
//CloseHandle(cmd_pipes[i]);
//CloseHandle(recv_threads[i]);
//CloseHandle(record[i].hookman_mutex);
////if (::ith_has_section)
//NtUnmapViewOfSection(NtCurrentProcess(), record[i].hookman_map);
////else
//// delete[] record[i].hookman_map;
//CloseHandle(record[i].process_handle);
//CloseHandle(record[i].hookman_section);
//for (; i < MAX_REGISTER; i++) {
// record[i] = record[i+1];
// text_pipes[i] = text_pipes[i+1];
// cmd_pipes[i] = cmd_pipes[i+1];
// recv_threads[i] = recv_threads[i+1];
// if (text_pipes[i] == 0)
// break;
//}
//register_count--;
//if (current_pid == pid)
// current_pid = register_count ? record[0].pid_register : 0;
RemoveProcessContext(pid); RemoveProcessContext(pid);
//pid_map->Clear(pid>>2);
//if (register_count == 1)
// NtSetEvent(destroy_event, 0);
//LeaveCriticalSection(&hmcs);
//ConsoleOutput("vnrhost:UnRegisterProcess: unlock");
if (detach) if (detach)
detach(pid); detach(pid);
} }
// jichi 9/28/2013: I do not need this
//void HookManager::SetName(DWORD type)
//{
// WCHAR c;
// if (type & PRINT_DWORD)
// c = L'H';
// else if (type & USING_UNICODE) {
// if (type & STRING_LAST_CHAR)
// c = L'L';
// else if (type & USING_STRING)
// c = L'Q';
// else
// c = L'W';
// } else {
// if (type & USING_STRING)
// c = L'S';
// else if (type & BIG_ENDIAN)
// c = L'A';
// else
// c = L'B';
// }
// //swprintf(user_entry,L"UserHook%c",c);
//}
void HookManager::DispatchText(DWORD pid, const BYTE *text, DWORD hook, DWORD retn, DWORD spl, int len) void HookManager::DispatchText(DWORD pid, const BYTE *text, DWORD hook, DWORD retn, DWORD spl, int len)
{ {
// jichi 20/27/2013: When PID is zero, the text comes from console, which I don't need // jichi 20/27/2013: When PID is zero, the text comes from console, which I don't need
if (!text || !pid || len <= 0) if (!text || !pid || len <= 0)
return; return;
HM_LOCK; HM_LOCK;
//bool flag=false;
ThreadParameter tp = {pid, hook, retn, spl}; ThreadParameter tp = {pid, hook, retn, spl};
//ConsoleOutput("vnrhost:DispatchText: lock");
//EnterCriticalSection(&hmcs);
TextThread *it; TextThread *it;
if (!(it = threadTable[tp])) if (!(it = threadTable[tp]))
{ {
@ -313,45 +247,30 @@ void HookManager::AddConsoleOutput(LPCWSTR text)
{ {
int len = wcslen(text) * 2; int len = wcslen(text) * 2;
TextThread *console = threadTable[{0, -1UL, -1UL, -1UL}]; TextThread *console = threadTable[{0, -1UL, -1UL, -1UL}];
//EnterCriticalSection(&hmcs);
console->AddSentence(std::wstring(text)); console->AddSentence(std::wstring(text));
//LeaveCriticalSection(&hmcs);
} }
} }
void HookManager::ClearCurrent() void HookManager::ClearCurrent()
{ {
HM_LOCK; HM_LOCK;
//ConsoleOutput("vnrhost:ClearCurrent: lock");
//EnterCriticalSection(&hmcs);
if (current) { if (current) {
current->Reset(); current->Reset();
if (reset) if (reset)
reset(current); reset(current);
} }
//current->ResetEditText();
//LeaveCriticalSection(&hmcs);
//ConsoleOutput("vnrhost:ClearCurrent: unlock");
} }
ProcessRecord *HookManager::GetProcessRecord(DWORD pid) ProcessRecord *HookManager::GetProcessRecord(DWORD pid)
{ {
HM_LOCK; HM_LOCK;
//EnterCriticalSection(&hmcs);
return processRecordsByIds[pid]; return processRecordsByIds[pid];
//ProcessRecord *pr = i < MAX_REGISTER ? record + i : nullptr;
//LeaveCriticalSection(&hmcs);
//return pr;
} }
HANDLE HookManager::GetHostPipeByPID(DWORD pid) HANDLE HookManager::GetCommandPipe(DWORD pid)
{ {
HM_LOCK; HM_LOCK;
//EnterCriticalSection(&hmcs);
return processRecordsByIds[pid] ? processRecordsByIds[pid]->hostPipe : nullptr; return processRecordsByIds[pid] ? processRecordsByIds[pid]->hostPipe : nullptr;
//HANDLE h = i < MAX_REGISTER ? cmd_pipes[i] : 0;
//LeaveCriticalSection(&hmcs);
//return h;
} }
MK_BASIC_TYPE(DWORD) MK_BASIC_TYPE(DWORD)

View File

@ -62,7 +62,7 @@ public:
void UnRegisterProcess(DWORD pid); void UnRegisterProcess(DWORD pid);
//void SetName(DWORD); //void SetName(DWORD);
HANDLE GetHostPipeByPID(DWORD pid); HANDLE GetCommandPipe(DWORD pid);
ThreadEventCallback RegisterThreadCreateCallback(ThreadEventCallback cf) ThreadEventCallback RegisterThreadCreateCallback(ThreadEventCallback cf)
{ return (ThreadEventCallback)_InterlockedExchange((long*)&create,(long)cf); } { return (ThreadEventCallback)_InterlockedExchange((long*)&create,(long)cf); }

View File

@ -82,15 +82,6 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID unused)
return true; return true;
} }
enum { IHS_SIZE = 0x80 };
enum { IHS_BUFF_SIZE = IHS_SIZE - sizeof(HookParam) };
struct InsertHookStruct
{
SendParam sp;
BYTE name_buffer[IHS_SIZE];
};
IHFSERVICE bool IHFAPI OpenHost() IHFSERVICE bool IHFAPI OpenHost()
{ {
bool success; bool success;
@ -208,9 +199,8 @@ IHFSERVICE bool IHFAPI InjectProcessById(DWORD processId, DWORD timeout)
IHFSERVICE bool IHFAPI DetachProcessById(DWORD processId) IHFSERVICE bool IHFAPI DetachProcessById(DWORD processId)
{ {
ITH_SYNC_HOOK;
DWORD command = HOST_COMMAND_DETACH; DWORD command = HOST_COMMAND_DETACH;
return WriteFile(man->GetHostPipeByPID(processId), &command, sizeof(command), nullptr, nullptr); return WriteFile(man->GetCommandPipe(processId), &command, sizeof(command), nullptr, nullptr);
} }
IHFSERVICE void IHFAPI GetHostHookManager(HookManager** hookman) IHFSERVICE void IHFAPI GetHostHookManager(HookManager** hookman)
@ -229,60 +219,36 @@ IHFSERVICE void IHFAPI GetHostSettings(Settings **p)
} }
} }
// Artikash 5/11/2018: I don't understand the following operations, so I'm making minimal changes in cleanup IHFSERVICE DWORD IHFAPI InsertHook(DWORD pid, HookParam *hp, std::string name)
IHFSERVICE DWORD IHFAPI Host_InsertHook(DWORD pid, HookParam *hp, LPCSTR name)
{ {
ITH_SYNC_HOOK; HANDLE commandPipe = man->GetCommandPipe(pid);
if (commandPipe == nullptr)
HANDLE hCmd = man->GetHostPipeByPID(pid);
if (hCmd == 0)
return -1; return -1;
InsertHookStruct s; BYTE buffer[PIPE_BUFFER_SIZE] = {};
s.sp.type = HOST_COMMAND_NEW_HOOK; *(DWORD*)buffer = HOST_COMMAND_NEW_HOOK;
s.sp.hp = *hp; memcpy(buffer + 4, hp, sizeof(HookParam));
size_t len; if (name.size()) strcpy((char*)buffer + 4 + sizeof(HookParam), name.c_str());
if (name)
len = ::strlen(name);
else
len = 0;
if (len) {
if (len >= IHS_BUFF_SIZE) len = IHS_BUFF_SIZE - 1;
memcpy(s.name_buffer, name, len);
}
s.name_buffer[len] = 0;
IO_STATUS_BLOCK ios;
DWORD unused;
WriteFile(hCmd, &s, IHS_SIZE, &unused, nullptr);
//memcpy(&sp.hp,hp,sizeof(HookParam)); WriteFile(commandPipe, buffer, 4 + sizeof(HookParam) + name.size(), nullptr, nullptr);
//cmdq->AddRequest(sp, pid);
return 0; return 0;
} }
IHFSERVICE DWORD IHFAPI Host_RemoveHook(DWORD pid, DWORD addr) IHFSERVICE DWORD IHFAPI Host_RemoveHook(DWORD pid, DWORD addr)
{ {
ITH_SYNC_HOOK; HANDLE commandPipe = man->GetCommandPipe(pid);
if (commandPipe == nullptr)
HANDLE hRemoved,hCmd; return -1;
hCmd = man->GetHostPipeByPID(pid);
if (hCmd == 0) HANDLE hookRemovalEvent = CreateEventW(nullptr, TRUE, FALSE, ITH_REMOVEHOOK_EVENT);
return -1; BYTE buffer[8];
hRemoved = CreateEventW(nullptr, TRUE, FALSE, ITH_REMOVEHOOK_EVENT); *(DWORD*)buffer = HOST_COMMAND_REMOVE_HOOK;
SendParam sp = {}; *(DWORD*)(buffer + 4) = addr;
IO_STATUS_BLOCK ios;
sp.type = HOST_COMMAND_REMOVE_HOOK; WriteFile(commandPipe, buffer, 8, nullptr, nullptr);
sp.hp.address = addr; WaitForSingleObject(hookRemovalEvent, 1000);
//cmdq -> AddRequest(sp, pid); CloseHandle(hookRemovalEvent);
DWORD unused; man->RemoveSingleHook(pid, addr);
WriteFile(hCmd, &sp, sizeof(sp), &unused, nullptr);
// jichi 10/22/2013: Timeout might crash vnrsrv
//const LONGLONG timeout = HOOK_TIMEOUT;
//NtWaitForSingleObject(hRemoved, 0, (PLARGE_INTEGER)&timeout);
WaitForSingleObject(hRemoved, MAXDWORD);
CloseHandle(hRemoved);
man -> RemoveSingleHook(pid, sp.hp.address);
return 0; return 0;
} }

View File

@ -7,6 +7,7 @@
//#include "host/settings.h" //#include "host/settings.h"
#include "config.h" #include "config.h"
#include "host/hookman.h" #include "host/hookman.h"
#include <string>
struct Settings; struct Settings;
struct HookParam; struct HookParam;
@ -23,7 +24,7 @@ IHFSERVICE DWORD IHFAPI Host_GetPIDByName(LPCWSTR pwcTarget);
IHFSERVICE bool IHFAPI InjectProcessById(DWORD pid, DWORD timeout = 5000); IHFSERVICE bool IHFAPI InjectProcessById(DWORD pid, DWORD timeout = 5000);
IHFSERVICE bool IHFAPI DetachProcessById(DWORD pid); IHFSERVICE bool IHFAPI DetachProcessById(DWORD pid);
IHFSERVICE bool IHFAPI Host_HijackProcess(DWORD pid); IHFSERVICE bool IHFAPI Host_HijackProcess(DWORD pid);
IHFSERVICE DWORD IHFAPI Host_InsertHook(DWORD pid, HookParam *hp, LPCSTR name = nullptr); IHFSERVICE DWORD IHFAPI InsertHook(DWORD pid, HookParam *hp, std::string name = "");
IHFSERVICE DWORD IHFAPI Host_ModifyHook(DWORD pid, HookParam *hp); IHFSERVICE DWORD IHFAPI Host_ModifyHook(DWORD pid, HookParam *hp);
IHFSERVICE DWORD IHFAPI Host_RemoveHook(DWORD pid, DWORD addr); IHFSERVICE DWORD IHFAPI Host_RemoveHook(DWORD pid, DWORD addr);
IHFSERVICE DWORD IHFAPI Host_AddLink(DWORD from, DWORD to); IHFSERVICE DWORD IHFAPI Host_AddLink(DWORD from, DWORD to);

View File

@ -36,7 +36,7 @@ DWORD WINAPI CmdThread(LPVOID lpThreadParameter);
DWORD GetCurrentPID(); DWORD GetCurrentPID();
//DWORD GetProcessIDByPath(LPWSTR str); //DWORD GetProcessIDByPath(LPWSTR str);
HANDLE GetHostPipeByPID(DWORD pid); HANDLE GetCommandPipe(DWORD pid);
//DWORD Inject(HANDLE hProc); //DWORD Inject(HANDLE hProc);
//DWORD InjectByPID(DWORD pid); //DWORD InjectByPID(DWORD pid);
//DWORD PIDByName(LPWSTR target); //DWORD PIDByName(LPWSTR target);

View File

@ -9,14 +9,6 @@
#include <string> #include <string>
#include <vector> #include <vector>
struct RepeatCountNode {
short repeat;
short count;
RepeatCountNode *next;
//RepeatCountNode() : repeat(0), count(0), next(nullptr) {}
};
struct ThreadParameter { struct ThreadParameter {
DWORD pid; // jichi: 5/11/2014: The process ID DWORD pid; // jichi: 5/11/2014: The process ID
DWORD hook; // Artikash 6/6/2018: The start address of the hook DWORD hook; // Artikash 6/6/2018: The start address of the hook
@ -40,8 +32,6 @@ struct ThreadParameter {
#define REPEAT_NEWLINE 0x40000 #define REPEAT_NEWLINE 0x40000
class TextThread; class TextThread;
typedef void (* ConsoleCallback)(LPCSTR text);
typedef void (* ConsoleWCallback)(LPCWSTR text);
typedef DWORD (* ThreadOutputFilterCallback)(TextThread *,const BYTE *, DWORD, DWORD); typedef DWORD (* ThreadOutputFilterCallback)(TextThread *,const BYTE *, DWORD, DWORD);
typedef DWORD (* ThreadEventCallback)(TextThread *); typedef DWORD (* ThreadEventCallback)(TextThread *);
@ -76,7 +66,7 @@ private:
ThreadParameter tp; ThreadParameter tp;
std::vector<char> sentenceBuffer; std::vector<char> sentenceBuffer;
WORD thread_number; unsigned int thread_number;
ThreadOutputFilterCallback output; ThreadOutputFilterCallback output;
DWORD status; DWORD status;
}; };

View File

@ -18,8 +18,6 @@ template<class T, int default_size>
class MyVector class MyVector
{ {
public: public:
int Used() const { return used; }
T *Storage() const { return storage; }
void LockVector() { EnterCriticalSection(&cs_store); } void LockVector() { EnterCriticalSection(&cs_store); }
void UnlockVector() { LeaveCriticalSection(&cs_store); } void UnlockVector() { LeaveCriticalSection(&cs_store); }
MyVector() : size(default_size), used(0) MyVector() : size(default_size), used(0)

View File

@ -164,7 +164,7 @@ DWORD NewHook(const HookParam &hp, LPCSTR name, DWORD flag)
} }
ConsoleOutput("vnrcli:NewHook: try inserting hook:"); ConsoleOutput("vnrcli:NewHook: try inserting hook:");
ConsoleOutput(name); ConsoleOutput(str);
// jichi 7/13/2014: This function would raise when too many hooks added // jichi 7/13/2014: This function would raise when too many hooks added
::hookman[current].InitHook(hp, str, flag & 0xffff); ::hookman[current].InitHook(hp, str, flag & 0xffff);

View File

@ -25,7 +25,7 @@ DWORD WINAPI PipeManager(LPVOID unused)
while (::running) while (::running)
{ {
DWORD count; DWORD count;
BYTE* buffer = new BYTE[PIPE_BUFFER_SIZE]; BYTE buffer[PIPE_BUFFER_SIZE];
HANDLE hostPipe = ::hookPipe = INVALID_HANDLE_VALUE, HANDLE hostPipe = ::hookPipe = INVALID_HANDLE_VALUE,
pipeAcquisitionMutex = CreateMutexW(nullptr, TRUE, ITH_GRANTPIPE_MUTEX); pipeAcquisitionMutex = CreateMutexW(nullptr, TRUE, ITH_GRANTPIPE_MUTEX);