forked from Ascotbe/Kernelhub
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
59 changed files
with
7,385 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
|
||
Microsoft Visual Studio Solution File, Format Version 12.00 | ||
# Visual Studio 15 | ||
VisualStudioVersion = 15.0.26730.8 | ||
MinimumVisualStudioVersion = 10.0.40219.1 | ||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "MsiExploit", "MsiExploit\MsiExploit.vcxproj", "{E75DCF6C-9B6D-49C8-96D7-0003C127B449}" | ||
EndProject | ||
Global | ||
GlobalSection(SolutionConfigurationPlatforms) = preSolution | ||
Debug|x64 = Debug|x64 | ||
Debug|x86 = Debug|x86 | ||
Release|x64 = Release|x64 | ||
Release|x86 = Release|x86 | ||
EndGlobalSection | ||
GlobalSection(ProjectConfigurationPlatforms) = postSolution | ||
{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Debug|x64.ActiveCfg = Debug|x64 | ||
{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Debug|x64.Build.0 = Debug|x64 | ||
{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Debug|x86.ActiveCfg = Debug|Win32 | ||
{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Debug|x86.Build.0 = Debug|Win32 | ||
{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Release|x64.ActiveCfg = Release|x64 | ||
{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Release|x64.Build.0 = Release|x64 | ||
{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Release|x86.ActiveCfg = Release|Win32 | ||
{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Release|x86.Build.0 = Release|Win32 | ||
EndGlobalSection | ||
GlobalSection(SolutionProperties) = preSolution | ||
HideSolutionNode = FALSE | ||
EndGlobalSection | ||
GlobalSection(ExtensibilityGlobals) = postSolution | ||
SolutionGuid = {AA32DEA9-85D3-447D-820E-C6ACA3AD0CBD} | ||
EndGlobalSection | ||
EndGlobal |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,204 @@ | ||
// Copyright 2015 Google Inc. All Rights Reserved. | ||
// | ||
// Licensed under the Apache License, Version 2.0 (the "License"); | ||
// you may not use this file except in compliance with the License. | ||
// You may obtain a copy of the License at | ||
// | ||
// http ://www.apache.org/licenses/LICENSE-2.0 | ||
// | ||
// Unless required by applicable law or agreed to in writing, software | ||
// distributed under the License is distributed on an "AS IS" BASIS, | ||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
// See the License for the specific language governing permissions and | ||
// limitations under the License. | ||
|
||
#include "stdafx.h" | ||
#include "CommonUtils.h" | ||
#include <strsafe.h> | ||
#include "ntimports.h" | ||
|
||
void __stdcall my_puts(const char* str) | ||
{ | ||
fwrite(str, 1, strlen(str), stdout); | ||
} | ||
|
||
static console_output _pout = my_puts; | ||
|
||
void DebugSetOutput(console_output pout) | ||
{ | ||
_pout = pout; | ||
} | ||
|
||
void DebugPrintf(const char* lpFormat, ...) | ||
{ | ||
CHAR buf[1024]; | ||
va_list va; | ||
|
||
va_start(va, lpFormat); | ||
|
||
StringCbVPrintfA(buf, sizeof(buf), lpFormat, va); | ||
|
||
_pout(buf); | ||
} | ||
|
||
std::wstring GetErrorMessage(DWORD dwError) | ||
{ | ||
LPWSTR pBuffer = NULL; | ||
|
||
DWORD dwSize = FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS | | ||
FORMAT_MESSAGE_ALLOCATE_BUFFER, 0, dwError, 0, (LPWSTR)&pBuffer, 32 * 1024, nullptr); | ||
|
||
if (dwSize > 0) | ||
{ | ||
std::wstring ret = pBuffer; | ||
|
||
LocalFree(pBuffer); | ||
|
||
return ret; | ||
} | ||
else | ||
{ | ||
printf("Error getting message %d\n", GetLastError()); | ||
WCHAR buf[64]; | ||
StringCchPrintf(buf, _countof(buf), L"%d", dwError); | ||
return buf; | ||
} | ||
} | ||
|
||
std::wstring GetErrorMessage() | ||
{ | ||
return GetErrorMessage(GetLastError()); | ||
} | ||
|
||
|
||
BOOL SetPrivilege(HANDLE hToken, LPCTSTR lpszPrivilege, BOOL bEnablePrivilege) | ||
{ | ||
TOKEN_PRIVILEGES tp; | ||
LUID luid; | ||
|
||
if (!LookupPrivilegeValue(NULL, lpszPrivilege, &luid)) | ||
{ | ||
return FALSE; | ||
} | ||
|
||
tp.PrivilegeCount = 1; | ||
tp.Privileges[0].Luid = luid; | ||
if (bEnablePrivilege) | ||
{ | ||
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; | ||
} | ||
else | ||
{ | ||
tp.Privileges[0].Attributes = 0; | ||
} | ||
|
||
if (!AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(TOKEN_PRIVILEGES), (PTOKEN_PRIVILEGES)NULL, (PDWORD)NULL)) | ||
{ | ||
return FALSE; | ||
} | ||
|
||
if (GetLastError() == ERROR_NOT_ALL_ASSIGNED) | ||
{ | ||
return FALSE; | ||
} | ||
|
||
return TRUE; | ||
} | ||
|
||
DWORD NtStatusToDosError(NTSTATUS status) | ||
{ | ||
DEFINE_NTDLL(RtlNtStatusToDosError); | ||
return fRtlNtStatusToDosError(status); | ||
} | ||
|
||
void SetNtLastError(NTSTATUS status) | ||
{ | ||
SetLastError(NtStatusToDosError(status)); | ||
} | ||
|
||
FARPROC GetProcAddressNT(LPCSTR lpName) | ||
{ | ||
return GetProcAddress(GetModuleHandleW(L"ntdll"), lpName); | ||
} | ||
|
||
HANDLE OpenFileNative(LPCWSTR path, HANDLE root, ACCESS_MASK desired_access, ULONG share_access, ULONG open_options) | ||
{ | ||
UNICODE_STRING name = { 0 }; | ||
OBJECT_ATTRIBUTES obj_attr = { 0 }; | ||
|
||
DEFINE_NTDLL(RtlInitUnicodeString); | ||
DEFINE_NTDLL(NtOpenFile); | ||
|
||
if (path) | ||
{ | ||
fRtlInitUnicodeString(&name, path); | ||
InitializeObjectAttributes(&obj_attr, &name, OBJ_CASE_INSENSITIVE, root, nullptr); | ||
} | ||
else | ||
{ | ||
InitializeObjectAttributes(&obj_attr, nullptr, OBJ_CASE_INSENSITIVE, root, nullptr); | ||
} | ||
|
||
HANDLE h = nullptr; | ||
IO_STATUS_BLOCK io_status = { 0 }; | ||
NTSTATUS status = fNtOpenFile(&h, desired_access, &obj_attr, &io_status, share_access, open_options); | ||
if (NT_SUCCESS(status)) | ||
{ | ||
return h; | ||
} | ||
else | ||
{ | ||
SetNtLastError(status); | ||
return nullptr; | ||
} | ||
} | ||
|
||
std::wstring BuildFullPath(const std::wstring& path, bool native) | ||
{ | ||
std::wstring ret; | ||
WCHAR buf[MAX_PATH]; | ||
|
||
if (native) | ||
{ | ||
ret = L"\\??\\"; | ||
} | ||
|
||
if (GetFullPathName(path.c_str(), MAX_PATH, buf, nullptr) > 0) | ||
{ | ||
ret += buf; | ||
} | ||
else | ||
{ | ||
ret += path; | ||
} | ||
|
||
return ret; | ||
} | ||
|
||
std::wstring GetFileName(const std::wstring& s) { | ||
|
||
char sep = '/'; | ||
|
||
#ifdef _WIN32 | ||
sep = '\\'; | ||
#endif | ||
|
||
size_t i = s.rfind(sep, s.length()); | ||
if (i != std::string::npos) { | ||
return(s.substr(i + 1, s.length() - i)); | ||
} | ||
|
||
return(L""); | ||
} | ||
|
||
std::wstring GetDirectoryName(const std::wstring& filename) { | ||
|
||
std::wstring directory = L""; | ||
const size_t last_slash_idx = filename.rfind('\\'); | ||
if (std::string::npos != last_slash_idx) | ||
{ | ||
directory = filename.substr(0, last_slash_idx); | ||
} | ||
|
||
return directory; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
#pragma once | ||
|
||
#include <Windows.h> | ||
#include <string> | ||
|
||
typedef void(__stdcall *console_output)(const char*); | ||
|
||
void DebugSetOutput(console_output pout); | ||
void DebugPrintf(const char* lpFormat, ...); | ||
HANDLE CreateSymlink(HANDLE root, LPCWSTR linkname, LPCWSTR targetname); | ||
HANDLE OpenSymlink(HANDLE root, LPCWSTR linkname); | ||
HANDLE CreateObjectDirectory(HANDLE hRoot, LPCWSTR dirname, HANDLE hShadow); | ||
HANDLE OpenObjectDirectory(HANDLE hRoot, LPCWSTR dirname); | ||
std::wstring GetErrorMessage(DWORD dwError); | ||
std::wstring GetErrorMessage(); | ||
BOOL SetPrivilege(HANDLE hToken, LPCTSTR lpszPrivilege, BOOL bEnablePrivilege); | ||
bool CreateRegSymlink(LPCWSTR lpSymlink, LPCWSTR lpTarget, bool bVolatile); | ||
bool DeleteRegSymlink(LPCWSTR lpSymlink); | ||
DWORD NtStatusToDosError(NTSTATUS status); | ||
bool CreateNativeHardlink(LPCWSTR linkname, LPCWSTR targetname); | ||
bool CreateNativeHardlink(LPCWSTR targetname, HANDLE hFile); | ||
HANDLE OpenFileNative(LPCWSTR path, HANDLE root, ACCESS_MASK desired_access, ULONG share_access, ULONG open_options); | ||
std::wstring BuildFullPath(const std::wstring& path, bool native); | ||
std::wstring GetFileName(const std::wstring& s); | ||
std::wstring GetDirectoryName(const std::wstring& filename); |
Oops, something went wrong.