aboutsummaryrefslogtreecommitdiffhomepage
path: root/ext/detours/samples/tryman/tstman.cpp
diff options
context:
space:
mode:
authorAndrzej Janik <[email protected]>2021-01-03 17:52:14 +0100
committerAndrzej Janik <[email protected]>2021-01-03 17:52:14 +0100
commit77523940b39d522adc26b18f00c3373407523c55 (patch)
tree666a5541f635b56d1f56305767a09cab2ae48d81 /ext/detours/samples/tryman/tstman.cpp
parentae950163cd05f7a2205740af0acc6e427f0ffd92 (diff)
parentdabc40cb19bf4e297c32284d26c74adbd6775e49 (diff)
downloadZLUDA-77523940b39d522adc26b18f00c3373407523c55.tar.gz
ZLUDA-77523940b39d522adc26b18f00c3373407523c55.zip
Merge commit 'dabc40cb19bf4e297c32284d26c74adbd6775e49' as 'ext/detours'
Diffstat (limited to 'ext/detours/samples/tryman/tstman.cpp')
-rw-r--r--ext/detours/samples/tryman/tstman.cpp334
1 files changed, 334 insertions, 0 deletions
diff --git a/ext/detours/samples/tryman/tstman.cpp b/ext/detours/samples/tryman/tstman.cpp
new file mode 100644
index 0000000..0ae169b
--- /dev/null
+++ b/ext/detours/samples/tryman/tstman.cpp
@@ -0,0 +1,334 @@
+//////////////////////////////////////////////////////////////////////////////
+//
+// Detours Test Program (tstman.cpp of tstman.dll)
+//
+// Microsoft Research Detours Package
+//
+// Copyright (c) Microsoft Corporation. All rights reserved.
+//
+// This DLL doesn't detour any APIs, but it does enumerate the modules
+// loaded in a process and look at their size and processor target.
+//
+
+#include <stdio.h>
+#include <windows.h>
+#pragma warning(push)
+#if _MSC_VER > 1400
+#pragma warning(disable:6102 6103) // /analyze warnings
+#endif
+#include <strsafe.h>
+#pragma warning(pop)
+#include "detours.h"
+
+static HMODULE s_hInst = NULL;
+static CHAR s_szDllPath[MAX_PATH];
+
+static int (WINAPI * TrueEntryPoint)(VOID) = NULL;
+static int (WINAPI * RawEntryPoint)(VOID) = NULL;
+
+BOOL (WINAPI * Real_CreateProcessA)(LPCSTR a0,
+ LPSTR a1,
+ LPSECURITY_ATTRIBUTES a2,
+ LPSECURITY_ATTRIBUTES a3,
+ BOOL a4,
+ DWORD a5,
+ LPVOID a6,
+ LPCSTR a7,
+ struct _STARTUPINFOA* a8,
+ LPPROCESS_INFORMATION a9)
+ = CreateProcessA;
+
+BOOL (WINAPI * Real_CreateProcessW)(LPCWSTR a0,
+ LPWSTR a1,
+ LPSECURITY_ATTRIBUTES a2,
+ LPSECURITY_ATTRIBUTES a3,
+ BOOL a4,
+ DWORD a5,
+ LPVOID a6,
+ LPCWSTR a7,
+ struct _STARTUPINFOW* a8,
+ LPPROCESS_INFORMATION a9)
+ = CreateProcessW;
+
+
+BOOL WINAPI Mine_CreateProcessA(LPCSTR lpApplicationName,
+ LPSTR lpCommandLine,
+ LPSECURITY_ATTRIBUTES lpProcessAttributes,
+ LPSECURITY_ATTRIBUTES lpThreadAttributes,
+ BOOL bInheritHandles,
+ DWORD dwCreationFlags,
+ LPVOID lpEnvironment,
+ LPCSTR lpCurrentDirectory,
+ LPSTARTUPINFOA lpStartupInfo,
+ LPPROCESS_INFORMATION lpProcessInformation)
+{
+ BOOL rv = 0;
+ __try {
+ rv = DetourCreateProcessWithDllExA(lpApplicationName,
+ lpCommandLine,
+ lpProcessAttributes,
+ lpThreadAttributes,
+ bInheritHandles,
+ dwCreationFlags,
+ lpEnvironment,
+ lpCurrentDirectory,
+ lpStartupInfo,
+ lpProcessInformation,
+ s_szDllPath,
+ Real_CreateProcessA);
+ } __finally {
+ };
+ return rv;
+}
+
+BOOL WINAPI Mine_CreateProcessW(LPCWSTR lpApplicationName,
+ LPWSTR lpCommandLine,
+ LPSECURITY_ATTRIBUTES lpProcessAttributes,
+ LPSECURITY_ATTRIBUTES lpThreadAttributes,
+ BOOL bInheritHandles,
+ DWORD dwCreationFlags,
+ LPVOID lpEnvironment,
+ LPCWSTR lpCurrentDirectory,
+ LPSTARTUPINFOW lpStartupInfo,
+ LPPROCESS_INFORMATION lpProcessInformation)
+{
+ BOOL rv = 0;
+ __try {
+ rv = DetourCreateProcessWithDllExW(lpApplicationName,
+ lpCommandLine,
+ lpProcessAttributes,
+ lpThreadAttributes,
+ bInheritHandles,
+ dwCreationFlags,
+ lpEnvironment,
+ lpCurrentDirectory,
+ lpStartupInfo,
+ lpProcessInformation,
+ s_szDllPath,
+ Real_CreateProcessW);
+ } __finally {
+ };
+ return rv;
+}
+
+void DumpModuleInfo(HMODULE hModule)
+{
+ PBYTE pbModule = (PBYTE)hModule;
+ PIMAGE_DOS_HEADER pidh = (PIMAGE_DOS_HEADER)pbModule;
+ PIMAGE_NT_HEADERS pinh = (PIMAGE_NT_HEADERS)(pbModule + pidh->e_lfanew);
+ CHAR szFile[MAX_PATH] = "";
+
+ GetModuleFileNameA(hModule, szFile, sizeof(szFile));
+
+ CHAR szMagic[64];
+ CHAR szMachine[64];
+ CHAR szClr[64];
+
+ PIMAGE_DATA_DIRECTORY pdir
+ = (pinh->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR32_MAGIC)
+ ? ((PIMAGE_NT_HEADERS32)pinh)->OptionalHeader.DataDirectory
+ : ((PIMAGE_NT_HEADERS64)pinh)->OptionalHeader.DataDirectory;
+
+ if (pdir[IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR].VirtualAddress != 0 &&
+ pdir[IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR].Size != 0) {
+
+ PDETOUR_CLR_HEADER pch
+ = (PDETOUR_CLR_HEADER)
+ (pbModule + pdir[IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR].VirtualAddress);
+
+ if ((pch->Flags & 0x3) == 0x0) {
+ StringCchPrintfA(szClr, ARRAYSIZE(szClr), "clr "); // 32- or 64-bit.
+ }
+ else if ((pch->Flags & 0x3) == 0x1) {
+ StringCchPrintfA(szClr, ARRAYSIZE(szClr), "clri "); // IL-Only, 32- or 64-bit.
+ }
+ else if ((pch->Flags & 0x3) == 0x2) {
+ StringCchPrintfA(szClr, ARRAYSIZE(szClr), "clr32 "); // must be 32-bit.
+ }
+ else if ((pch->Flags & 0x3) == 0x3) {
+ StringCchPrintfA(szClr, ARRAYSIZE(szClr), "clr32i"); // IL-Only, must be 32-bit.
+ }
+ }
+ else {
+ StringCchPrintfA(szClr, ARRAYSIZE(szClr), " ");
+ }
+
+ if (pinh->OptionalHeader.Magic == 0x10b) {
+ StringCchPrintfA(szMagic, ARRAYSIZE(szMagic), "32");
+ }
+ else if (pinh->OptionalHeader.Magic == 0x20b) {
+ StringCchPrintfA(szMagic, ARRAYSIZE(szMagic), "64");
+ }
+ else {
+ StringCchPrintfA(szMagic, ARRAYSIZE(szMagic), "??");
+ }
+
+ if (pinh->FileHeader.Machine == 0x8664) {
+ StringCchPrintfA(szMachine, ARRAYSIZE(szMachine), "x64", pinh->FileHeader.Machine);
+ }
+ else if (pinh->FileHeader.Machine == 0x014c) {
+ StringCchPrintfA(szMachine, ARRAYSIZE(szMachine), "x86", pinh->FileHeader.Machine);
+ }
+ else if (pinh->FileHeader.Machine == 0x0200) {
+ StringCchPrintfA(szMachine, ARRAYSIZE(szMachine), "i64", pinh->FileHeader.Machine);
+ }
+ else if (pinh->FileHeader.Machine == 0x01c0) {
+ StringCchPrintfA(szMachine, ARRAYSIZE(szMachine), "arm", pinh->FileHeader.Machine);
+ }
+ else {
+ StringCchPrintfA(szMachine, ARRAYSIZE(szMachine), "%04x", pinh->FileHeader.Machine);
+ DWORD dwSize = DetourGetSizeOfPayloads(hModule);
+ if (dwSize > 0) {
+ StringCchPrintfA(szMachine, ARRAYSIZE(szMachine), " ");
+ StringCchPrintfA(szFile, ARRAYSIZE(szFile), "-- %d byte payload.", dwSize);
+ }
+ }
+
+ printf("%16I64x: %s %s %s %s\n", (ULONG64)hModule, szMagic, szMachine, szClr, szFile);
+}
+
+void DumpMemory(PBYTE pbData, DWORD cbData)
+{
+ for (DWORD i = 0; i < cbData; i += 16) {
+ printf(" %p:", pbData + i);
+ for (DWORD j = 0; j < 16; j++) {
+ if (i + j < cbData) {
+ printf("%02x", pbData[i+j]);
+ }
+ else {
+ printf(" ");
+ }
+ }
+ printf(" ");
+ for (DWORD j = 0; j < 16; j++) {
+ if (i + j < cbData) {
+ if ( pbData[i+j] >= ' ' && pbData[i+j] < 127) {
+ printf("%c", pbData[i+j]);
+ }
+ else {
+ printf(".");
+ }
+ }
+ else {
+ printf(" ");
+ }
+ }
+ printf("\n");
+ }
+}
+
+int WINAPI Test3264(int arg)
+{
+ return arg + 1;
+}
+
+int WINAPI TestEntryPoint(VOID)
+{
+#if DETOURS_64BIT
+ printf("----------------: ");
+#else
+ printf("--------: ");
+#endif
+
+ printf("Calling EntryPoint() from detour.\n");
+ fflush(stdout);
+
+ return TrueEntryPoint();
+}
+
+BOOL WINAPI DllMain(HINSTANCE hinst, DWORD dwReason, LPVOID reserved)
+{
+ (void)hinst;
+ (void)reserved;
+
+ if (DetourIsHelperProcess()) {
+ return TRUE;
+ }
+
+ if (dwReason == DLL_PROCESS_ATTACH) {
+ DetourRestoreAfterWith();
+
+ s_hInst = hinst;
+ GetModuleFileNameA(s_hInst, s_szDllPath, ARRAYSIZE(s_szDllPath));
+
+#if DETOURS_64BIT
+ printf("----------------: ");
+#else
+ printf("--------: ");
+#endif
+
+ SYSTEM_INFO si;
+ GetSystemInfo(&si);
+
+ if (si.wProcessorArchitecture == 9) {
+ printf("x64 Processor\n");
+ }
+ else if (si.wProcessorArchitecture == 0) {
+ printf("x86 Processor\n");
+ }
+ else if (si.wProcessorArchitecture == 6) {
+ printf("ia64 Processor\n");
+ }
+ else {
+ printf("%04x Processor\n", si.wProcessorArchitecture);
+ }
+
+ HMODULE hSelf = GetModuleHandle(NULL);
+ HMODULE hTest = (HMODULE)DetourGetContainingModule(DetourCodeFromPointer(Test3264, NULL));
+ HMODULE hKern = (HMODULE)DetourGetContainingModule(DetourCodeFromPointer(CreateProcessW, NULL));
+
+ DumpModuleInfo(hSelf);
+ DumpModuleInfo(hTest);
+ DumpModuleInfo(hKern);
+ for (HINSTANCE hInst = NULL; (hInst = DetourEnumerateModules(hInst)) != NULL;) {
+ if (hInst == hSelf || hInst == hTest || hInst == hKern) {
+ continue;
+ }
+
+ DumpModuleInfo(hInst);
+ }
+ fflush(stdout);
+
+ TrueEntryPoint = (int (WINAPI *)(VOID))DetourGetEntryPoint(NULL);
+ RawEntryPoint = TrueEntryPoint;
+
+ DetourTransactionBegin();
+ DetourUpdateThread(GetCurrentThread());
+ DetourAttach(&(PVOID&)TrueEntryPoint, TestEntryPoint);
+ DetourAttach(&(PVOID&)Real_CreateProcessA, Mine_CreateProcessA);
+ DetourAttach(&(PVOID&)Real_CreateProcessW, Mine_CreateProcessW);
+ LONG error = DetourTransactionCommit();
+
+#if DETOURS_64BIT
+ printf("----------------: ");
+#else
+ printf("--------: ");
+#endif
+
+ if (error == NO_ERROR) {
+ printf("Detoured EntryPoint().\n");
+ }
+ else {
+ printf("Error detouring EntryPoint(): %ld (@ %p)\n", error, RawEntryPoint);
+ __debugbreak();
+ }
+ }
+ else if (dwReason == DLL_PROCESS_DETACH) {
+
+ DetourTransactionBegin();
+ DetourUpdateThread(GetCurrentThread());
+ DetourDetach(&(PVOID&)TrueEntryPoint, TestEntryPoint);
+ DetourDetach(&(PVOID&)Real_CreateProcessA, Mine_CreateProcessA);
+ DetourDetach(&(PVOID&)Real_CreateProcessW, Mine_CreateProcessW);
+ LONG error = DetourTransactionCommit();
+
+ if (error != NO_ERROR) {
+ printf("Error detach detours failed: %ld\n", error);
+ }
+ }
+
+ return TRUE;
+}
+
+//
+///////////////////////////////////////////////////////////////// End of File.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-26 02:21:13 +0000