WKMD 10.0
This commit is contained in:
DavidXanatos
parent
dc0e3dc617
commit
76ca6187c4
|
|
@ -21,7 +21,7 @@
|
|||
<PropertyGroup Label="Globals">
|
||||
<Keyword>Win32Proj</Keyword>
|
||||
<ProjectGuid>{4019C5EB-8D1E-40E4-B7D1-5601B4B27288}</ProjectGuid>
|
||||
<WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
|
||||
<WindowsTargetPlatformVersion>10.0.17763.0</WindowsTargetPlatformVersion>
|
||||
</PropertyGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'" Label="Configuration">
|
||||
|
|
@ -30,9 +30,11 @@
|
|||
<PlatformToolset>v140</PlatformToolset>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'" Label="Configuration">
|
||||
<ConfigurationType>Application</ConfigurationType>
|
||||
<ConfigurationType>Driver</ConfigurationType>
|
||||
<UseDebugLibraries>true</UseDebugLibraries>
|
||||
<PlatformToolset>v140</PlatformToolset>
|
||||
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
|
||||
<TargetVersion>Windows7</TargetVersion>
|
||||
<DriverType>WDM</DriverType>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'" Label="Configuration">
|
||||
<ConfigurationType>Application</ConfigurationType>
|
||||
|
|
@ -40,9 +42,11 @@
|
|||
<PlatformToolset>v140</PlatformToolset>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'" Label="Configuration">
|
||||
<ConfigurationType>Application</ConfigurationType>
|
||||
<ConfigurationType>Driver</ConfigurationType>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>v140</PlatformToolset>
|
||||
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
|
||||
<TargetVersion>Windows7</TargetVersion>
|
||||
<DriverType>WDM</DriverType>
|
||||
</PropertyGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
|
||||
<ImportGroup Label="ExtensionSettings">
|
||||
|
|
@ -77,8 +81,6 @@
|
|||
<GenerateManifest>false</GenerateManifest>
|
||||
<PostBuildEventUseInBuild>false</PostBuildEventUseInBuild>
|
||||
<TargetName>SbieDrv</TargetName>
|
||||
<IncludePath>C:\WinDDK\7600.16385.1\inc\ddk;C:\WinDDK\7600.16385.1\inc\crt;C:\WinDDK\7600.16385.1\inc\api;$(IncludePath)</IncludePath>
|
||||
<LibraryPath>C:\WinDDK\7600.16385.1\lib\wnet\amd64;$(LibraryPath)</LibraryPath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">
|
||||
<TargetExt>.sys</TargetExt>
|
||||
|
|
@ -93,8 +95,6 @@
|
|||
<GenerateManifest>false</GenerateManifest>
|
||||
<PostBuildEventUseInBuild>false</PostBuildEventUseInBuild>
|
||||
<TargetName>SbieDrv</TargetName>
|
||||
<IncludePath>C:\WinDDK\7600.16385.1\inc\ddk;C:\WinDDK\7600.16385.1\inc\crt;C:\WinDDK\7600.16385.1\inc\api;$(IncludePath)</IncludePath>
|
||||
<LibraryPath>C:\WinDDK\7600.16385.1\lib\wnet\amd64;$(LibraryPath)</LibraryPath>
|
||||
</PropertyGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">
|
||||
<ClCompile>
|
||||
|
|
@ -132,6 +132,7 @@
|
|||
<DisableSpecificWarnings>
|
||||
</DisableSpecificWarnings>
|
||||
<AdditionalOptions>/Wv:18 %(AdditionalOptions)</AdditionalOptions>
|
||||
<PreprocessorDefinitions>POOL_NX_OPTIN=1;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>Native</SubSystem>
|
||||
|
|
@ -198,6 +199,7 @@
|
|||
<ClCompile>
|
||||
<DisableSpecificWarnings>
|
||||
</DisableSpecificWarnings>
|
||||
<PreprocessorDefinitions>POOL_NX_OPTIN=1;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>Native</SubSystem>
|
||||
|
|
|
|||
|
|
@ -40,9 +40,6 @@
|
|||
<ClCompile Include="gui_xp.c">
|
||||
<Filter>xp</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="key_flt.c">
|
||||
<Filter>xp</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="key_xp.c">
|
||||
<Filter>xp</Filter>
|
||||
</ClCompile>
|
||||
|
|
@ -74,6 +71,7 @@
|
|||
<ClCompile Include="..\..\common\list.c">
|
||||
<Filter>common</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="key_flt.c" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="alpc.h" />
|
||||
|
|
|
|||
|
|
@ -137,8 +137,7 @@ _FX BOOLEAN Api_Init(void)
|
|||
// initialize Fast IO dispatch pointers
|
||||
//
|
||||
|
||||
Api_FastIoDispatch = ExAllocatePoolWithTag(
|
||||
NonPagedPool, sizeof(FAST_IO_DISPATCH), tzuk);
|
||||
Api_FastIoDispatch = ExAllocatePoolWithTag(NonPagedPool, sizeof(FAST_IO_DISPATCH), tzuk);
|
||||
if (! Api_FastIoDispatch) {
|
||||
Log_Status(MSG_API_DEVICE, 0, STATUS_INSUFFICIENT_RESOURCES);
|
||||
return FALSE;
|
||||
|
|
|
|||
|
|
@ -308,7 +308,7 @@ _FX WCHAR *Conf_Expand_Helper(
|
|||
static const WCHAR *_DefaultSpoolDirectoryPrefix =
|
||||
L"%SystemRoot%\\System32\\spool\\";
|
||||
NTSTATUS status;
|
||||
const WCHAR *ptr1, *ptr2;
|
||||
const WCHAR *ptr1, *ptr2 = L"";
|
||||
WCHAR varname[66];
|
||||
ULONG len;
|
||||
WCHAR *buf, *ptr;
|
||||
|
|
|
|||
|
|
@ -91,8 +91,7 @@ _FX BOOLEAN Conf_Init_User(void)
|
|||
{
|
||||
List_Init(&Conf_Users);
|
||||
|
||||
Conf_Users_Event =
|
||||
ExAllocatePoolWithTag(NonPagedPool, sizeof(KEVENT), tzuk);
|
||||
Conf_Users_Event = ExAllocatePoolWithTag(NonPagedPool, sizeof(KEVENT), tzuk);
|
||||
if (! Conf_Users_Event) {
|
||||
Log_Msg0(MSG_1104);
|
||||
return FALSE;
|
||||
|
|
|
|||
|
|
@ -47,8 +47,8 @@
|
|||
|
||||
|
||||
NTSTATUS DriverEntry(
|
||||
DRIVER_OBJECT *DriverObject,
|
||||
UNICODE_STRING *RegistryPath);
|
||||
IN DRIVER_OBJECT *DriverObject,
|
||||
IN UNICODE_STRING *RegistryPath);
|
||||
|
||||
static BOOLEAN Driver_CheckOsVersion(void);
|
||||
|
||||
|
|
@ -56,7 +56,9 @@ static BOOLEAN Driver_InitPublicSecurity(void);
|
|||
|
||||
static BOOLEAN Driver_FindHomePath(UNICODE_STRING *RegistryPath);
|
||||
|
||||
#ifdef WINXP_SUPPORT
|
||||
static BOOLEAN Driver_FindMissingServices(void);
|
||||
#endif // WINXP_SUPPORT
|
||||
|
||||
static void SbieDrv_DriverUnload(DRIVER_OBJECT *DriverObject);
|
||||
|
||||
|
|
@ -68,7 +70,9 @@ static void SbieDrv_DriverUnload(DRIVER_OBJECT *DriverObject);
|
|||
#pragma alloc_text (INIT, DriverEntry)
|
||||
#pragma alloc_text (INIT, Driver_CheckOsVersion)
|
||||
#pragma alloc_text (INIT, Driver_FindHomePath)
|
||||
#ifdef WINXP_SUPPORT
|
||||
#pragma alloc_text (INIT, Driver_FindMissingServices)
|
||||
#endif // WINXP_SUPPORT
|
||||
#endif // ALLOC_PRAGMA
|
||||
|
||||
|
||||
|
|
@ -122,7 +126,9 @@ ULONG Process_Flags3 = 0;
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
#ifdef WINXP_SUPPORT
|
||||
P_NtSetInformationToken ZwSetInformationToken = NULL;
|
||||
#endif // WINXP_SUPPORT
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
|
|
@ -136,6 +142,8 @@ _FX NTSTATUS DriverEntry(
|
|||
{
|
||||
BOOLEAN ok = TRUE;
|
||||
|
||||
ExInitializeDriverRuntime(DrvRtPoolNxOptIn);
|
||||
|
||||
//
|
||||
// initialize global driver variables
|
||||
//
|
||||
|
|
@ -188,8 +196,10 @@ _FX NTSTATUS DriverEntry(
|
|||
if (ok)
|
||||
ok = Session_Init();
|
||||
|
||||
#ifdef WINXP_SUPPORT
|
||||
if (ok)
|
||||
ok = Driver_FindMissingServices();
|
||||
#endif // WINXP_SUPPORT
|
||||
|
||||
if (ok)
|
||||
ok = Token_Init();
|
||||
|
|
@ -585,6 +595,8 @@ _FX BOOLEAN Driver_FindHomePath(UNICODE_STRING *RegistryPath)
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
#ifdef WINXP_SUPPORT
|
||||
|
||||
#define FIND_SERVICE(svc,prmcnt) \
|
||||
{ \
|
||||
static const char *ProcName = #svc; \
|
||||
|
|
@ -634,6 +646,8 @@ _FX BOOLEAN Driver_FindMissingServices(void)
|
|||
|
||||
#undef FIND_SERVICE
|
||||
|
||||
#endif // WINXP_SUPPORT
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// DriverUnload
|
||||
|
|
|
|||
|
|
@ -83,7 +83,9 @@ typedef struct _KEY_MOUNT KEY_MOUNT;
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
#ifdef WINXP_SUPPORT
|
||||
extern P_NtSetInformationToken ZwSetInformationToken;
|
||||
#endif // WINXP_SUPPORT
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
|
|
|
|||
|
|
@ -284,7 +284,7 @@ _FX NTSTATUS File_TranslateShares(
|
|||
_FX NTSTATUS File_TranslateSymlinks(WCHAR *name, ULONG max_len)
|
||||
{
|
||||
NTSTATUS status;
|
||||
HANDLE handle;
|
||||
HANDLE handle = NULL;
|
||||
OBJECT_ATTRIBUTES objattrs;
|
||||
UNICODE_STRING uni;
|
||||
ULONG len, rem, ofs;
|
||||
|
|
|
|||
|
|
@ -250,7 +250,7 @@ skip_padding_bytes:
|
|||
|
||||
_FX ULONG Hook_Find_ZwRoutine_2(ULONG ServiceNum, void **out_routine)
|
||||
{
|
||||
UCHAR *addr;
|
||||
UCHAR *addr = NULL;
|
||||
BOOLEAN found = FALSE;
|
||||
ULONG subcode = 0;
|
||||
int i;
|
||||
|
|
|
|||
|
|
@ -1323,7 +1323,7 @@ _FX NTSTATUS Ipc_Api_CreateDirOrLink(PROCESS *proc, ULONG64 *parms)
|
|||
NTSTATUS status;
|
||||
HANDLE handle;
|
||||
UNICODE_STRING64 *user_uni;
|
||||
WCHAR *user_buf, *objname_buf, *target_buf;
|
||||
WCHAR *user_buf, *objname_buf = NULL, *target_buf;
|
||||
ULONG user_len, objname_len, target_len;
|
||||
OBJECT_ATTRIBUTES objattrs;
|
||||
UNICODE_STRING objname, target;
|
||||
|
|
|
|||
|
|
@ -487,13 +487,13 @@ WCHAR * Key_GetSandboxPath(ULONG spid, void *Object)
|
|||
if (temp)
|
||||
{
|
||||
// Matches "\REGISTRY\USER\S-1-5-21*\"
|
||||
if (!wcsnicmp(&KeyName->Buffer[head_len], USERS, wcslen(USERS)))
|
||||
if (!_wcsnicmp(&KeyName->Buffer[head_len], USERS, wcslen(USERS)))
|
||||
{
|
||||
ULONG sidSize = (ULONG)temp - (ULONG)&KeyName->Buffer[head_len];
|
||||
if (sidSize < MAX_USER_SID_SIZE)
|
||||
{
|
||||
// Matches "\REGISTRY\USER\S-1-5-21*_Classes\"
|
||||
if (!wcsnicmp(temp - wcslen(CLASSES), L"_Classes", wcslen(CLASSES)))
|
||||
if (!_wcsnicmp(temp - wcslen(CLASSES), L"_Classes", wcslen(CLASSES)))
|
||||
{
|
||||
wcscpy(targetName + path_len, L"\\user\\current_classes");
|
||||
path_len += wcslen(L"\\user\\current_classes");
|
||||
|
|
@ -510,7 +510,7 @@ WCHAR * Key_GetSandboxPath(ULONG spid, void *Object)
|
|||
}
|
||||
}
|
||||
// starts with "\REGISTRY\\MACHINE\"
|
||||
else if (!wcsnicmp(KeyName->Buffer, HEADER_MACHINE, wcslen(HEADER_MACHINE)))
|
||||
else if (!_wcsnicmp(KeyName->Buffer, HEADER_MACHINE, wcslen(HEADER_MACHINE)))
|
||||
{
|
||||
wcscpy(targetName + path_len, KeyName->Buffer + 9);
|
||||
targetFound = 1;
|
||||
|
|
|
|||
|
|
@ -130,8 +130,7 @@ _FX void Mem_FreeString(WCHAR *string)
|
|||
|
||||
_FX BOOLEAN Mem_GetLockResource(PERESOURCE *ppResource, BOOLEAN InitMsg)
|
||||
{
|
||||
*ppResource = ExAllocatePoolWithTag(
|
||||
NonPagedPool, sizeof(ERESOURCE), tzuk);
|
||||
*ppResource = ExAllocatePoolWithTag(NonPagedPool, sizeof(ERESOURCE), tzuk);
|
||||
if (*ppResource) {
|
||||
ExInitializeResourceLite(*ppResource);
|
||||
return TRUE;
|
||||
|
|
|
|||
|
|
@ -45,7 +45,7 @@
|
|||
#define SE_GROUP_LOGON_ID (0xC0000000L)
|
||||
#define SE_GROUP_RESOURCE (0x20000000L)
|
||||
|
||||
|
||||
#ifdef WINXP_SUPPORT
|
||||
typedef enum _TOKEN_INFORMATION_CLASS2 {
|
||||
TokenIsAppContainer = 29,
|
||||
TokenCapabilities,
|
||||
|
|
@ -63,6 +63,7 @@ typedef enum _TOKEN_INFORMATION_CLASS2 {
|
|||
TokenPrivateNameSpace//,
|
||||
//MaxTokenInfoClass // MaxTokenInfoClass should always be the last enum
|
||||
} TOKEN_INFORMATION_CLASS2;
|
||||
#endif // WINXP_SUPPORT
|
||||
|
||||
NTOS_NTSTATUS ZwOpenThreadToken(
|
||||
IN HANDLE ThreadHandle,
|
||||
|
|
@ -310,8 +311,13 @@ NTOS_NTSTATUS ZwSetInformationProcess(
|
|||
#define THREAD_DIRECT_IMPERSONATION (0x0200)
|
||||
#define THREAD_SET_LIMITED_INFORMATION (0x0400) // vista
|
||||
#define THREAD_QUERY_LIMITED_INFORMATION (0x0800) // vista
|
||||
#if (NTDDI_VERSION >= NTDDI_VISTA)
|
||||
#define THREAD_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | \
|
||||
0x3FF)
|
||||
0xFFFF)
|
||||
#else
|
||||
#define THREAD_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | \
|
||||
0x3FF)
|
||||
#endif
|
||||
|
||||
|
||||
NTOS_NTSTATUS PsSetThreadHardErrorsAreDisabled(
|
||||
|
|
@ -624,6 +630,7 @@ typedef ULONG OB_OPERATION;
|
|||
#define OB_OPERATION_HANDLE_CREATE 0x00000001
|
||||
#define OB_OPERATION_HANDLE_DUPLICATE 0x00000002
|
||||
|
||||
#if (NTDDI_VERSION < NTDDI_VISTASP1)
|
||||
NTOS_NTSTATUS ObRegisterCallbacks(
|
||||
__in POB_CALLBACK_REGISTRATION CallbackRegistration,
|
||||
__deref_out PVOID *RegistrationHandle);
|
||||
|
|
@ -631,6 +638,7 @@ NTOS_NTSTATUS ObRegisterCallbacks(
|
|||
|
||||
NTOS_NTSTATUS ObUnRegisterCallbacks(
|
||||
__in PVOID RegistrationHandle);
|
||||
#endif
|
||||
|
||||
|
||||
// ------------------------------------------------------------------
|
||||
|
|
|
|||
|
|
@ -54,8 +54,8 @@ _FX NTSTATUS Process_Api_Start(PROCESS *proc, ULONG64 *parms)
|
|||
{
|
||||
LONG_PTR user_box_parm;
|
||||
HANDLE user_pid_parm;
|
||||
BOX *box;
|
||||
PEPROCESS ProcessObject;
|
||||
BOX *box = NULL;
|
||||
PEPROCESS ProcessObject = NULL;
|
||||
NTSTATUS status;
|
||||
|
||||
//
|
||||
|
|
|
|||
|
|
@ -138,9 +138,9 @@ _FX BOX *Process_GetForcedStartBox(
|
|||
NTSTATUS status;
|
||||
ULONG SessionId;
|
||||
UNICODE_STRING SidString;
|
||||
WCHAR *ImagePath2;
|
||||
WCHAR *ImagePath2 = L"";
|
||||
ULONG ImagePath2_len;
|
||||
const WCHAR *ImageName;
|
||||
const WCHAR *ImageName = L"";
|
||||
|
||||
PEPROCESS ProcessObject;
|
||||
WCHAR *CurDir, *DocArg;
|
||||
|
|
|
|||
|
|
@ -58,8 +58,7 @@ static KEVENT *Process_Low_Event = NULL;
|
|||
|
||||
_FX BOOLEAN Process_Low_Init(void)
|
||||
{
|
||||
Process_Low_Event =
|
||||
ExAllocatePoolWithTag(NonPagedPool, sizeof(KEVENT), tzuk);
|
||||
Process_Low_Event = ExAllocatePoolWithTag(NonPagedPool, sizeof(KEVENT), tzuk);
|
||||
if (! Process_Low_Event) {
|
||||
Log_Msg0(MSG_1104);
|
||||
return FALSE;
|
||||
|
|
|
|||
|
|
@ -915,7 +915,7 @@ _FX NTSTATUS Process_GetSidStringAndSessionId(
|
|||
UNICODE_STRING *SidString, ULONG *SessionId)
|
||||
{
|
||||
NTSTATUS status;
|
||||
PEPROCESS ProcessObject;
|
||||
PEPROCESS ProcessObject = NULL;
|
||||
PACCESS_TOKEN TokenObject;
|
||||
|
||||
if (ProcessHandle == NtCurrentProcess()) {
|
||||
|
|
|
|||
|
|
@ -1172,7 +1172,7 @@ _FX NTSTATUS Thread_SetInformationThread_ImpersonationToken(
|
|||
void *ProcessObject;
|
||||
PROCESS *proc2;
|
||||
THREAD *thrd2;
|
||||
HANDLE MyTokenHandle;
|
||||
HANDLE MyTokenHandle = NULL;
|
||||
NTSTATUS status;
|
||||
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
|
||||
BOOLEAN MustCreateThread;
|
||||
|
|
|
|||
|
|
@ -501,7 +501,7 @@ _FX void *Token_FilterPrimary(PROCESS *proc, void *ProcessObject)
|
|||
_FX void *Token_Filter(void *TokenObject, ULONG DropRights, ULONG SessionId)
|
||||
{
|
||||
TOKEN_GROUPS *groups;
|
||||
void *ReturnToken;
|
||||
void *ReturnToken = NULL;
|
||||
NTSTATUS status;
|
||||
ULONG i, j;
|
||||
BOOLEAN ShouldFilterToken = FALSE;
|
||||
|
|
@ -1015,7 +1015,7 @@ _FX BOOLEAN Token_IsSharedSid_W8(void *TokenObject)
|
|||
_FX void *Token_RestrictHelper1(
|
||||
void *TokenObject, ULONG *OutIntegrityLevel, PROCESS *proc)
|
||||
{
|
||||
void *NewTokenObject;
|
||||
void *NewTokenObject = NULL;
|
||||
SID_AND_ATTRIBUTES *SidAndAttrsInToken = NULL;
|
||||
ULONG RestrictedSidCount_offset = 0;
|
||||
ULONG RestrictedSids_offset = 0;
|
||||
|
|
@ -1505,7 +1505,7 @@ _FX NTSTATUS Token_AssignPrimaryHandle(
|
|||
{
|
||||
NTSTATUS status;
|
||||
HANDLE ProcessHandle;
|
||||
ULONG *PtrPrimaryTokenFrozen;
|
||||
ULONG *PtrPrimaryTokenFrozen = NULL;
|
||||
ULONG SavePrimaryTokenFrozen;
|
||||
|
||||
//
|
||||
|
|
|
|||
Loading…
Reference in New Issue