mirror of
https://github.com/JKornev/hidden
synced 2024-06-16 03:58:04 +00:00
Added 'query' command
This commit is contained in:
parent
84947c69aa
commit
0959938a6a
@ -44,14 +44,15 @@
|
||||
+ Добавить поддержку флага автоприсвоение состояния существующим процессам для Hid_AddExcludedImage\Hid_AddProtectedImage
|
||||
+ Проверить как ведёт себя файловый фильтр с файлами открытыми по ID или по короткому пути
|
||||
- Реализовать HiddenCLI
|
||||
- ignore
|
||||
- unignore
|
||||
- protect
|
||||
- unprotect
|
||||
- query
|
||||
+ ignore
|
||||
+ unignore
|
||||
+ protect
|
||||
+ unprotect
|
||||
+ query
|
||||
- Протестировать все комманды
|
||||
- Проверить чтобы все ObjId генерировались начиная с 1
|
||||
- Написать тест HiddenCLITests
|
||||
- Реализовать функционал вкл\выкл драйвера через IOCTL
|
||||
- Написать тест HiddenCLITests
|
||||
+ Портировать драйвер под архитектуру x64
|
||||
+ Портировать под версии Windows 8, 8.1, 10
|
||||
+ Залить проект на Git
|
||||
@ -62,7 +63,6 @@
|
||||
- Отреверсить установщик VMWare tools
|
||||
- Сокрытие VMBox Tools
|
||||
- Отреверсить установщик VMBox tools
|
||||
- Реализовать поддержку вкл\выкл драйвера
|
||||
- Реализовать steals mode
|
||||
- Реализовать поддержку загрузки дефольтных конфигов из реестра
|
||||
- Насодить на ETL и DbgPrintEx
|
||||
|
@ -40,9 +40,9 @@ void Connection::Open()
|
||||
if (m_deviceName.size())
|
||||
deviceName = m_deviceName.c_str();
|
||||
|
||||
//status = Hid_Initialize(&m_context, deviceName);
|
||||
//if (!HID_STATUS_SUCCESSFUL(status))
|
||||
// throw WException(HID_STATUS_CODE(status), L"Error, can't connect to gate");
|
||||
status = Hid_Initialize(&m_context, deviceName);
|
||||
if (!HID_STATUS_SUCCESSFUL(status))
|
||||
throw WException(HID_STATUS_CODE(status), L"Error, can't connect to gate");
|
||||
}
|
||||
|
||||
HidContext Connection::GetContext()
|
||||
|
@ -158,6 +158,7 @@
|
||||
<ClCompile Include="Hide.cpp" />
|
||||
<ClCompile Include="Ignore.cpp" />
|
||||
<ClCompile Include="Protect.cpp" />
|
||||
<ClCompile Include="Query.cpp" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="Commands.h" />
|
||||
@ -166,6 +167,7 @@
|
||||
<ClInclude Include="Hide.h" />
|
||||
<ClInclude Include="Ignore.h" />
|
||||
<ClInclude Include="Protect.h" />
|
||||
<ClInclude Include="Query.h" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<Text Include="cli.txt" />
|
||||
|
@ -14,6 +14,9 @@
|
||||
<ClCompile Include="Protect.cpp">
|
||||
<Filter>Commands</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="Query.cpp">
|
||||
<Filter>Commands</Filter>
|
||||
</ClCompile>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<Text Include="cli.txt" />
|
||||
@ -31,6 +34,9 @@
|
||||
<ClInclude Include="Protect.h">
|
||||
<Filter>Commands</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="Query.h">
|
||||
<Filter>Commands</Filter>
|
||||
</ClInclude>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<Filter Include="Commands">
|
||||
|
75
HiddenCLI/Query.cpp
Normal file
75
HiddenCLI/Query.cpp
Normal file
@ -0,0 +1,75 @@
|
||||
#include "Query.h"
|
||||
#include <iostream>
|
||||
|
||||
using namespace std;
|
||||
|
||||
CommandQuery::CommandQuery() : m_command(L"/query")
|
||||
{
|
||||
}
|
||||
|
||||
CommandQuery::~CommandQuery()
|
||||
{
|
||||
}
|
||||
|
||||
bool CommandQuery::CompareCommand(std::wstring& command)
|
||||
{
|
||||
return (command == m_command);
|
||||
}
|
||||
|
||||
void CommandQuery::LoadArgs(Arguments& args)
|
||||
{
|
||||
wstring object, target;
|
||||
|
||||
if (!args.GetNext(object))
|
||||
throw WException(-2, L"Error, mismatched argument #1 for command 'query'");
|
||||
|
||||
if (object != L"process")
|
||||
throw WException(-2, L"Error, invalid object type for command 'query'");
|
||||
|
||||
if (!args.GetNext(target))
|
||||
throw WException(-2, L"Error, mismatched argument #2 for command 'query'");
|
||||
|
||||
m_targetProcId = _wtol(target.c_str());
|
||||
if (!m_targetProcId)
|
||||
throw WException(-2, L"Error, invalid target pid for command 'query'");
|
||||
}
|
||||
|
||||
const wchar_t* ConvertInheritTypeToUnicode(HidPsInheritTypes type)
|
||||
{
|
||||
switch (type)
|
||||
{
|
||||
case HidPsInheritTypes::WithoutInherit:
|
||||
return L"none";
|
||||
break;
|
||||
case HidPsInheritTypes::InheritOnce:
|
||||
return L"once";
|
||||
break;
|
||||
case HidPsInheritTypes::InheritAlways:
|
||||
return L"always";
|
||||
break;
|
||||
}
|
||||
return L"unknown";
|
||||
}
|
||||
|
||||
void CommandQuery::PerformCommand(Connection& connection)
|
||||
{
|
||||
HidStatus status;
|
||||
HidActiveState excludeState, protectedState;
|
||||
HidPsInheritTypes excludedInherit, protectedInherit;
|
||||
|
||||
status = Hid_GetExcludedState(connection.GetContext(), m_targetProcId, &excludeState, &excludedInherit);
|
||||
if (!HID_STATUS_SUCCESSFUL(status))
|
||||
throw WException(HID_STATUS_CODE(status), L"Error, query ignored state rejected");
|
||||
|
||||
status = Hid_GetProtectedState(connection.GetContext(), m_targetProcId, &protectedState, &protectedInherit);
|
||||
if (!HID_STATUS_SUCCESSFUL(status))
|
||||
throw WException(HID_STATUS_CODE(status), L"Error, query protected state rejected");
|
||||
|
||||
wcerr << L"ignore state:" << (excludeState == HidActiveState::StateEnabled ? L"true" : L"false")
|
||||
<< L", inherit:" << ConvertInheritTypeToUnicode(excludedInherit) << endl;
|
||||
wcerr << L"protect state:" << (protectedState == HidActiveState::StateEnabled ? L"true" : L"false")
|
||||
<< L", inherit:" << ConvertInheritTypeToUnicode(protectedInherit) << endl;
|
||||
|
||||
wcout << L"status:ok;ignore:" << excludeState << L"," << excludedInherit
|
||||
<< L";protect:" << protectedState << L"," << protectedInherit << endl;
|
||||
}
|
20
HiddenCLI/Query.h
Normal file
20
HiddenCLI/Query.h
Normal file
@ -0,0 +1,20 @@
|
||||
#pragma once
|
||||
|
||||
#include "Commands.h"
|
||||
|
||||
class CommandQuery : public ICommand
|
||||
{
|
||||
const wchar_t* m_command = nullptr;
|
||||
|
||||
HidProcId m_targetProcId;
|
||||
|
||||
public:
|
||||
|
||||
CommandQuery();
|
||||
virtual ~CommandQuery();
|
||||
|
||||
virtual bool CompareCommand(std::wstring& command);
|
||||
virtual void LoadArgs(Arguments& args);
|
||||
virtual void PerformCommand(Connection& connection);
|
||||
};
|
||||
|
@ -8,6 +8,9 @@ connection:
|
||||
|
||||
commands:
|
||||
|
||||
state <on|off>
|
||||
Enable or disable hidden
|
||||
|
||||
hide <file|dir|regval|regkey> <%path%>
|
||||
Hide filesystem or registry object by path
|
||||
|
||||
@ -49,5 +52,5 @@ commands:
|
||||
unprotect pid <%pid%>
|
||||
Turn off protection for specific process by PID
|
||||
|
||||
query <%pid%>
|
||||
query process <%pid%>
|
||||
Query information about state of the process by PID
|
Loading…
Reference in New Issue
Block a user