1.1.0
This commit is contained in:
parent
392cde4282
commit
9d8ef41fb5
12
CHANGELOG.md
12
CHANGELOG.md
|
@ -6,11 +6,10 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# [1.1.0 / 5.56.0] - 2022-01-??
|
# [1.1.0 / 5.56.0] - 2022-01-06
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
- added support for NtRenameKey (this requires UseRegDeleteV2=y) [#205](https://github.com/sandboxie-plus/Sandboxie/issues/205)
|
- added support for NtRenameKey (this requires UseRegDeleteV2=y) [#205](https://github.com/sandboxie-plus/Sandboxie/issues/205)
|
||||||
- added options menu command to reset the GUI [#1589](https://github.com/sandboxie-plus/Sandboxie/issues/1589)
|
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
- reworked the mechanism sandboxie uses to mark host files as deleted
|
- reworked the mechanism sandboxie uses to mark host files as deleted
|
||||||
|
@ -25,12 +24,12 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# [1.0.10 / 5.55.10] - 2022-01-??
|
# [1.0.10 / 5.55.10] - 2022-01-06
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
- added option to show only boxes in tray with runnign processes [#1186](https://github.com/sandboxie-plus/Sandboxie/issues/1186)
|
- added option to show only boxes in tray with runnign processes [#1186](https://github.com/sandboxie-plus/Sandboxie/issues/1186)
|
||||||
-- additional option show only pinned bixes, in box options a bix can be set to be always shown in theay list (Pinned)
|
-- additional option show only pinned bixes, in box options a bix can be set to be always shown in theay list (Pinned)
|
||||||
- add reset ui option
|
- added options menu command to reset the GUI [#1589](https://github.com/sandboxie-plus/Sandboxie/issues/1589)
|
||||||
- added 'Run Un-Sandboxed' context menu option
|
- added 'Run Un-Sandboxed' context menu option
|
||||||
- added new trigger "OnBoxDelete" that allows to specify a command that is run UNBOXED just before the box content gets deleted
|
- added new trigger "OnBoxDelete" that allows to specify a command that is run UNBOXED just before the box content gets deleted
|
||||||
-- note: this can be used as a replacemetn to the DeleteCommand [#591](https://github.com/sandboxie-plus/Sandboxie/issues/591)
|
-- note: this can be used as a replacemetn to the DeleteCommand [#591](https://github.com/sandboxie-plus/Sandboxie/issues/591)
|
||||||
|
@ -55,6 +54,11 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
||||||
- fixed issues canceling box deletion operations didn't working [1061](https://github.com/sandboxie-plus/Sandboxie/issues/1061)
|
- fixed issues canceling box deletion operations didn't working [1061](https://github.com/sandboxie-plus/Sandboxie/issues/1061)
|
||||||
- fixed issue with DPI scalling and color picker dialog [#803](https://github.com/sandboxie-plus/Sandboxie/issues/803)
|
- fixed issue with DPI scalling and color picker dialog [#803](https://github.com/sandboxie-plus/Sandboxie/issues/803)
|
||||||
|
|
||||||
|
### Removed
|
||||||
|
- removed UseRpcMgmtSetComTimeout=AppXDeploymentClient.dll,y used for free download manager as it broke other things
|
||||||
|
-- when using free download manager ad the line manually to your sandboxie.ini
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## [1.0.9 / 5.55.9] - 2022-01-31
|
## [1.0.9 / 5.55.9] - 2022-01-31
|
||||||
|
|
|
@ -37,8 +37,15 @@
|
||||||
// Functions
|
// Functions
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
static OBJECT_TYPE* Obj_GetObjectType(const WCHAR* TypeName);
|
||||||
|
|
||||||
|
static BOOLEAN Obj_AddObjectType(const WCHAR *TypeName);
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
#ifdef ALLOC_PRAGMA
|
#ifdef ALLOC_PRAGMA
|
||||||
|
#pragma alloc_text (INIT, Obj_GetObjectType)
|
||||||
|
#pragma alloc_text (INIT, Obj_AddObjectType)
|
||||||
#pragma alloc_text (INIT, Obj_Init)
|
#pragma alloc_text (INIT, Obj_Init)
|
||||||
#endif // ALLOC_PRAGMA
|
#endif // ALLOC_PRAGMA
|
||||||
|
|
||||||
|
@ -47,6 +54,7 @@
|
||||||
// Variables
|
// Variables
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
POBJECT_TYPE *Obj_ObjectTypes = NULL;
|
||||||
|
|
||||||
static const WCHAR Obj_Unnamed_Name = L'\0';
|
static const WCHAR Obj_Unnamed_Name = L'\0';
|
||||||
|
|
||||||
|
@ -75,6 +83,54 @@ P_ObQueryNameInfo pObQueryNameInfo = NULL;
|
||||||
#endif _WIN64
|
#endif _WIN64
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
//
|
||||||
|
// kernel object types (w8 64bit):
|
||||||
|
//
|
||||||
|
// AlpcPortObjectType
|
||||||
|
// CmKeyObjectType Exported
|
||||||
|
// DbgkDebugObjectType
|
||||||
|
// EtwpRealTimeConnectionObjectType
|
||||||
|
// EtwpRegistrationObjectType
|
||||||
|
// ExCallbackObjectType
|
||||||
|
// ExCompositionSurfaceObjectType Exported
|
||||||
|
// ExDesktopObjectType Exported
|
||||||
|
// ExEventObjectType Exported
|
||||||
|
// ExEventPairObjectType
|
||||||
|
// ExMutantObjectType
|
||||||
|
// ExProfileObjectType
|
||||||
|
// ExSemaphoreObjectType Exported
|
||||||
|
// ExTimerObjectType
|
||||||
|
// ExWindowStationObjectType Exported
|
||||||
|
// ExpIRTimerObjectType
|
||||||
|
// ExpKeyedEventObjectType
|
||||||
|
// ExpWorkerFactoryObjectType
|
||||||
|
// IoAdapterObjectType Exported
|
||||||
|
// IoCompletionObjectType
|
||||||
|
// IoControllerObjectType
|
||||||
|
// IoDeviceHandlerObjectType Exported
|
||||||
|
// IoDeviceObjectType Exported
|
||||||
|
// IoDriverObjectType Exported
|
||||||
|
// IoFileObjectType Exported
|
||||||
|
// IopWaitCompletionPacketObjectType
|
||||||
|
// LpcPortObjectType Exported
|
||||||
|
// LpcWaitablePortObjectType
|
||||||
|
// MmSectionObjectType Exported
|
||||||
|
// MmSessionObjectType
|
||||||
|
// ObpDirectoryObjectType
|
||||||
|
// ObpSymbolicLinkObjectType
|
||||||
|
// ObpTypeObjectType
|
||||||
|
// PopPowerRequestObjectType
|
||||||
|
// PsProcessType Exported
|
||||||
|
// PsThreadType Exported
|
||||||
|
// PsJobType Exported
|
||||||
|
// SeTokenObjectType Exported
|
||||||
|
// TmEnlistmentObjectType Exported
|
||||||
|
// TmResourceManagerObjectType Exported
|
||||||
|
// TmTransactionManagerObjectType Exported
|
||||||
|
// TmTransactionObjectType Exported
|
||||||
|
// WmipGuidObjectType
|
||||||
|
//
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
// Obj_Init
|
// Obj_Init
|
||||||
|
@ -83,16 +139,6 @@ P_ObQueryNameInfo pObQueryNameInfo = NULL;
|
||||||
|
|
||||||
_FX BOOLEAN Obj_Init(void)
|
_FX BOOLEAN Obj_Init(void)
|
||||||
{
|
{
|
||||||
//
|
|
||||||
// prepare object filter callback registration on Vista SP1 and later
|
|
||||||
//
|
|
||||||
|
|
||||||
if (Driver_OsVersion > DRIVER_WINDOWS_VISTA) {
|
|
||||||
|
|
||||||
if (!Obj_Init_Filter())
|
|
||||||
return FALSE;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (Driver_OsVersion >= DRIVER_WINDOWS_7) {
|
if (Driver_OsVersion >= DRIVER_WINDOWS_7) {
|
||||||
|
|
||||||
//
|
//
|
||||||
|
@ -121,6 +167,49 @@ _FX BOOLEAN Obj_Init(void)
|
||||||
pObGetObjectType = (P_ObGetObjectType)ptr;
|
pObGetObjectType = (P_ObGetObjectType)ptr;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// initialize set of recognized objects types
|
||||||
|
//
|
||||||
|
|
||||||
|
Obj_ObjectTypes = Mem_AllocEx(
|
||||||
|
Driver_Pool, sizeof(POBJECT_TYPE) * 9, TRUE);
|
||||||
|
if (! Obj_ObjectTypes)
|
||||||
|
return FALSE;
|
||||||
|
memzero(Obj_ObjectTypes, sizeof(POBJECT_TYPE) * 9);
|
||||||
|
|
||||||
|
if (! Obj_AddObjectType(L"Job")) // PsJobType
|
||||||
|
return FALSE;
|
||||||
|
if (! Obj_AddObjectType(L"Event")) // ExEventObjectType
|
||||||
|
return FALSE;
|
||||||
|
if (! Obj_AddObjectType(L"Mutant")) // ExMutantObjectType - not exported
|
||||||
|
return FALSE;
|
||||||
|
if (! Obj_AddObjectType(L"Semaphore")) // ExSemaphoreObjectType
|
||||||
|
return FALSE;
|
||||||
|
if (! Obj_AddObjectType(L"Section")) // MmSectionObjectType
|
||||||
|
return FALSE;
|
||||||
|
#ifdef XP_SUPPORT
|
||||||
|
if (Driver_OsVersion < DRIVER_WINDOWS_VISTA) {
|
||||||
|
if (! Obj_AddObjectType(L"Port")) // LpcPortObjectType
|
||||||
|
return FALSE;
|
||||||
|
} else
|
||||||
|
#endif
|
||||||
|
{
|
||||||
|
if (! Obj_AddObjectType(L"ALPC Port")) // AlpcPortObjectType - not exported
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
//DbgPrint("JobObject; Known: %p; Found: %p\r\n", *PsJobType, Obj_ObjectTypes[0]);
|
||||||
|
|
||||||
|
//
|
||||||
|
// prepare object filter callback registration on Vista SP1 and later
|
||||||
|
//
|
||||||
|
|
||||||
|
if (Driver_OsVersion > DRIVER_WINDOWS_VISTA) {
|
||||||
|
|
||||||
|
if (!Obj_Init_Filter())
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -615,3 +704,76 @@ _FX POBJECT_TYPE Obj_GetTypeObjectType(void)
|
||||||
|
|
||||||
return _TypeObjectType;
|
return _TypeObjectType;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// Obj_GetObjectType
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
_FX OBJECT_TYPE* Obj_GetObjectType(const WCHAR *TypeName)
|
||||||
|
{
|
||||||
|
NTSTATUS status;
|
||||||
|
WCHAR ObjectName[64];
|
||||||
|
UNICODE_STRING uni;
|
||||||
|
OBJECT_ATTRIBUTES objattrs;
|
||||||
|
HANDLE handle;
|
||||||
|
OBJECT_TYPE *object;
|
||||||
|
|
||||||
|
wcscpy(ObjectName, L"\\ObjectTypes\\");
|
||||||
|
wcscat(ObjectName, TypeName);
|
||||||
|
RtlInitUnicodeString(&uni, ObjectName);
|
||||||
|
InitializeObjectAttributes(&objattrs,
|
||||||
|
&uni, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL);
|
||||||
|
|
||||||
|
//
|
||||||
|
// Windows 7 requires that we pass ObjectType in the second parameter
|
||||||
|
// below, while earlier versions of Windows do not require this.
|
||||||
|
// Obj_GetTypeObjectType() returns ObjectType on Windows 7, and
|
||||||
|
// NULL on earlier versions of Windows
|
||||||
|
//
|
||||||
|
|
||||||
|
status = ObOpenObjectByName(
|
||||||
|
&objattrs, Obj_GetTypeObjectType(), KernelMode,
|
||||||
|
NULL, 0, NULL, &handle);
|
||||||
|
if (! NT_SUCCESS(status)) {
|
||||||
|
Log_Status_Ex(MSG_OBJ_HOOK_ANY_PROC, 0x44, status, TypeName);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
status = ObReferenceObjectByHandle(
|
||||||
|
handle, 0, NULL, KernelMode, &object, NULL);
|
||||||
|
|
||||||
|
ZwClose(handle);
|
||||||
|
|
||||||
|
if (! NT_SUCCESS(status)) {
|
||||||
|
Log_Status_Ex(MSG_OBJ_HOOK_ANY_PROC, 0x55, status, TypeName);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
ObDereferenceObject(object);
|
||||||
|
|
||||||
|
return object;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// Obj_AddObjectType
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
_FX BOOLEAN Obj_AddObjectType(const WCHAR *TypeName)
|
||||||
|
{
|
||||||
|
OBJECT_TYPE* object;
|
||||||
|
ULONG i;
|
||||||
|
|
||||||
|
object = Obj_GetObjectType(TypeName);
|
||||||
|
if (object == NULL)
|
||||||
|
return FALSE;
|
||||||
|
|
||||||
|
for (i = 0; Obj_ObjectTypes[i]; ++i)
|
||||||
|
;
|
||||||
|
Obj_ObjectTypes[i] = object;
|
||||||
|
|
||||||
|
return TRUE;
|
||||||
|
}
|
|
@ -84,6 +84,7 @@ BOOLEAN Obj_HookParseProc(
|
||||||
// Variables
|
// Variables
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
extern POBJECT_TYPE *Obj_ObjectTypes;
|
||||||
|
|
||||||
extern const OBJECT_NAME_INFORMATION Obj_Unnamed;
|
extern const OBJECT_NAME_INFORMATION Obj_Unnamed;
|
||||||
|
|
||||||
|
|
|
@ -97,24 +97,24 @@ _FX BOOLEAN Obj_Load_Filter(void)
|
||||||
//
|
//
|
||||||
// The types handled by the Syscall_DuplicateHandle are as follows
|
// The types handled by the Syscall_DuplicateHandle are as follows
|
||||||
//
|
//
|
||||||
// "Process" -> Thread_CheckProcessObject
|
// "Process" -> Thread_CheckProcessObject <- PsProcessType
|
||||||
// "Thread" -> Thread_CheckThreadObject
|
// "Thread" -> Thread_CheckThreadObject <- PsThreadType
|
||||||
//
|
//
|
||||||
// "File" -> File_CheckFileObject <- given the the note above why do we double filter for files ???
|
// "File" -> File_CheckFileObject <- IoFileObjectType // given the the note above why do we double filter for files ???
|
||||||
//
|
//
|
||||||
// "Event" -> Ipc_CheckGenericObject
|
// "Event" -> Ipc_CheckGenericObject
|
||||||
// "EventPair" -> Ipc_CheckGenericObject <- ExEventPairObjectType not exported
|
// "EventPair" -> Ipc_CheckGenericObject <- ExEventPairObjectType not exported
|
||||||
// "KeyedEvent" -> Ipc_CheckGenericObject <- ExpKeyedEventObjectType not exported
|
// "KeyedEvent" -> Ipc_CheckGenericObject <- ExpKeyedEventObjectType not exported
|
||||||
// "Mutant" -> Ipc_CheckGenericObject <- ExMutantObjectType not exported
|
// "Mutant" -> Ipc_CheckGenericObject <- ExMutantObjectType not exported
|
||||||
// "Semaphore" -> Ipc_CheckGenericObject
|
// "Semaphore" -> Ipc_CheckGenericObject <- ExSemaphoreObjectType
|
||||||
// "Section" -> Ipc_CheckGenericObject
|
// "Section" -> Ipc_CheckGenericObject <- MmSectionObjectType
|
||||||
//
|
//
|
||||||
// "JobObject" -> Ipc_CheckJobObject
|
// "JobObject" -> Ipc_CheckJobObject <- PsJobType
|
||||||
//
|
//
|
||||||
// "Port" / "ALPC Port" -> Ipc_CheckPortObject <- AlpcPortObjectType and LpcWaitablePortObjectType not exported, LpcPortObjectType exported
|
// "Port" / "ALPC Port" -> Ipc_CheckPortObject <- AlpcPortObjectType and LpcWaitablePortObjectType not exported, LpcPortObjectType exported
|
||||||
// Note: proper IPC isolation requires filering of NtRequestPort, NtRequestWaitReplyPort, and NtAlpcSendWaitReceivePort calls
|
// Note: proper IPC isolation requires filtering of NtRequestPort, NtRequestWaitReplyPort, and NtAlpcSendWaitReceivePort calls
|
||||||
//
|
//
|
||||||
// "Token" -> Thread_CheckTokenObject
|
// "Token" -> Thread_CheckTokenObject <- SeTokenObjectType
|
||||||
//
|
//
|
||||||
|
|
||||||
if (!pObRegisterCallbacks || !pObUnRegisterCallbacks)
|
if (!pObRegisterCallbacks || !pObUnRegisterCallbacks)
|
||||||
|
|
|
@ -87,8 +87,6 @@ typedef struct _SESSION SESSION;
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
static BOOLEAN Session_AddObjectType(const WCHAR *TypeName);
|
|
||||||
|
|
||||||
static void Session_Unlock(KIRQL irql);
|
static void Session_Unlock(KIRQL irql);
|
||||||
|
|
||||||
static SESSION *Session_Get(
|
static SESSION *Session_Get(
|
||||||
|
@ -115,14 +113,6 @@ static NTSTATUS Session_Api_MonitorPut2(PROCESS *proc, ULONG64 *parms);
|
||||||
static NTSTATUS Session_Api_MonitorGetEx(PROCESS *proc, ULONG64 *parms);
|
static NTSTATUS Session_Api_MonitorGetEx(PROCESS *proc, ULONG64 *parms);
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
|
||||||
|
|
||||||
|
|
||||||
#ifdef ALLOC_PRAGMA
|
|
||||||
#pragma alloc_text (INIT, Session_AddObjectType)
|
|
||||||
#endif // ALLOC_PRAGMA
|
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
// Variables
|
// Variables
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
@ -133,8 +123,6 @@ PERESOURCE Session_ListLock = NULL;
|
||||||
|
|
||||||
volatile LONG Session_MonitorCount = 0;
|
volatile LONG Session_MonitorCount = 0;
|
||||||
|
|
||||||
static POBJECT_TYPE *Session_ObjectTypes = NULL;
|
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
// Session_Init
|
// Session_Init
|
||||||
|
@ -156,36 +144,6 @@ _FX BOOLEAN Session_Init(void)
|
||||||
//Api_SetFunction(API_MONITOR_GET, Session_Api_MonitorGet);
|
//Api_SetFunction(API_MONITOR_GET, Session_Api_MonitorGet);
|
||||||
Api_SetFunction(API_MONITOR_GET_EX, Session_Api_MonitorGetEx);
|
Api_SetFunction(API_MONITOR_GET_EX, Session_Api_MonitorGetEx);
|
||||||
|
|
||||||
//
|
|
||||||
// initialize set of recognized objects types for Session_Api_MonitorPut
|
|
||||||
//
|
|
||||||
|
|
||||||
Session_ObjectTypes = Mem_AllocEx(
|
|
||||||
Driver_Pool, sizeof(POBJECT_TYPE) * 9, TRUE);
|
|
||||||
if (! Session_ObjectTypes)
|
|
||||||
return FALSE;
|
|
||||||
memzero(Session_ObjectTypes, sizeof(POBJECT_TYPE) * 9);
|
|
||||||
|
|
||||||
if (! Session_AddObjectType(L"Job"))
|
|
||||||
return FALSE;
|
|
||||||
if (! Session_AddObjectType(L"Event"))
|
|
||||||
return FALSE;
|
|
||||||
if (! Session_AddObjectType(L"Mutant"))
|
|
||||||
return FALSE;
|
|
||||||
if (! Session_AddObjectType(L"Semaphore"))
|
|
||||||
return FALSE;
|
|
||||||
if (! Session_AddObjectType(L"Section"))
|
|
||||||
return FALSE;
|
|
||||||
#ifdef XP_SUPPORT
|
|
||||||
if (Driver_OsVersion < DRIVER_WINDOWS_VISTA) {
|
|
||||||
if (! Session_AddObjectType(L"Port"))
|
|
||||||
return FALSE;
|
|
||||||
} else
|
|
||||||
#endif
|
|
||||||
{
|
|
||||||
if (! Session_AddObjectType(L"ALPC Port"))
|
|
||||||
return FALSE;
|
|
||||||
}
|
|
||||||
|
|
||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
|
@ -206,62 +164,6 @@ _FX void Session_Unload(void)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
|
||||||
// Session_AddObjectType
|
|
||||||
//---------------------------------------------------------------------------
|
|
||||||
|
|
||||||
|
|
||||||
_FX BOOLEAN Session_AddObjectType(const WCHAR *TypeName)
|
|
||||||
{
|
|
||||||
NTSTATUS status;
|
|
||||||
WCHAR ObjectName[64];
|
|
||||||
UNICODE_STRING uni;
|
|
||||||
OBJECT_ATTRIBUTES objattrs;
|
|
||||||
HANDLE handle;
|
|
||||||
OBJECT_TYPE *object;
|
|
||||||
ULONG i;
|
|
||||||
|
|
||||||
wcscpy(ObjectName, L"\\ObjectTypes\\");
|
|
||||||
wcscat(ObjectName, TypeName);
|
|
||||||
RtlInitUnicodeString(&uni, ObjectName);
|
|
||||||
InitializeObjectAttributes(&objattrs,
|
|
||||||
&uni, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL);
|
|
||||||
|
|
||||||
//
|
|
||||||
// Windows 7 requires that we pass ObjectType in the second parameter
|
|
||||||
// below, while earlier versions of Windows do not require this.
|
|
||||||
// Obj_GetTypeObjectType() returns ObjectType on Windows 7, and
|
|
||||||
// NULL on earlier versions of Windows
|
|
||||||
//
|
|
||||||
|
|
||||||
status = ObOpenObjectByName(
|
|
||||||
&objattrs, Obj_GetTypeObjectType(), KernelMode,
|
|
||||||
NULL, 0, NULL, &handle);
|
|
||||||
if (! NT_SUCCESS(status)) {
|
|
||||||
Log_Status_Ex(MSG_OBJ_HOOK_ANY_PROC, 0x44, status, TypeName);
|
|
||||||
return FALSE;
|
|
||||||
}
|
|
||||||
|
|
||||||
status = ObReferenceObjectByHandle(
|
|
||||||
handle, 0, NULL, KernelMode, &object, NULL);
|
|
||||||
|
|
||||||
ZwClose(handle);
|
|
||||||
|
|
||||||
if (! NT_SUCCESS(status)) {
|
|
||||||
Log_Status_Ex(MSG_OBJ_HOOK_ANY_PROC, 0x55, status, TypeName);
|
|
||||||
return FALSE;
|
|
||||||
}
|
|
||||||
|
|
||||||
ObDereferenceObject(object);
|
|
||||||
|
|
||||||
for (i = 0; Session_ObjectTypes[i]; ++i)
|
|
||||||
;
|
|
||||||
Session_ObjectTypes[i] = object;
|
|
||||||
|
|
||||||
return TRUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
// Session_Unlock
|
// Session_Unlock
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
@ -867,7 +769,7 @@ _FX NTSTATUS Session_Api_MonitorPut2(PROCESS *proc, ULONG64 *parms)
|
||||||
|
|
||||||
RtlInitUnicodeString(&objname, name);
|
RtlInitUnicodeString(&objname, name);
|
||||||
|
|
||||||
for (i = 0; Session_ObjectTypes[i]; ++i) {
|
for (i = 0; Obj_ObjectTypes[i]; ++i) {
|
||||||
|
|
||||||
// ObReferenceObjectByName needs a non-zero ObjectType
|
// ObReferenceObjectByName needs a non-zero ObjectType
|
||||||
// so we have to keep going through all possible object
|
// so we have to keep going through all possible object
|
||||||
|
@ -875,7 +777,7 @@ _FX NTSTATUS Session_Api_MonitorPut2(PROCESS *proc, ULONG64 *parms)
|
||||||
|
|
||||||
status = ObReferenceObjectByName(
|
status = ObReferenceObjectByName(
|
||||||
&objname, OBJ_CASE_INSENSITIVE, NULL, 0,
|
&objname, OBJ_CASE_INSENSITIVE, NULL, 0,
|
||||||
Session_ObjectTypes[i], KernelMode, NULL,
|
Obj_ObjectTypes[i], KernelMode, NULL,
|
||||||
&object);
|
&object);
|
||||||
|
|
||||||
if (status != STATUS_OBJECT_TYPE_MISMATCH)
|
if (status != STATUS_OBJECT_TYPE_MISMATCH)
|
||||||
|
|
|
@ -160,14 +160,14 @@ SpecialImage=browser,PuffinSecureBrowser.exe
|
||||||
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# updater blockage
|
# updater blockage, usage:
|
||||||
|
#SoftwareUpdater=starting_image.exe,updater_path\updater_image.exe
|
||||||
#
|
#
|
||||||
|
|
||||||
[Template_BlockSoftwareUpdaters]
|
[Template_BlockSoftwareUpdaters]
|
||||||
|
#Tmpl.Title=#xxxx
|
||||||
BlockSoftwareUpdaters=y
|
#Tmpl.Class=Misc
|
||||||
|
#BlockSoftwareUpdaters=y
|
||||||
#SoftwareUpdater=starting_image,updater_path
|
|
||||||
|
|
||||||
SoftwareUpdater=firefox.exe,*\mozilla firefox\updater.exe
|
SoftwareUpdater=firefox.exe,*\mozilla firefox\updater.exe
|
||||||
SoftwareUpdater=firefox.exe,*\mozilla firefox\updates\*updater.exe
|
SoftwareUpdater=firefox.exe,*\mozilla firefox\updates\*updater.exe
|
||||||
|
@ -3413,7 +3413,7 @@ RpcPortBinding=apisethost.appexecutionalias.dll,'0497b57d-2e66-424f-a0c6-157cd5d
|
||||||
|
|
||||||
|
|
||||||
# RpcMgmtSetComTimeout presets
|
# RpcMgmtSetComTimeout presets
|
||||||
UseRpcMgmtSetComTimeout=AppXDeploymentClient.dll,y
|
#UseRpcMgmtSetComTimeout=AppXDeploymentClient.dll,y
|
||||||
UseRpcMgmtSetComTimeout=WINNSI.DLL,n
|
UseRpcMgmtSetComTimeout=WINNSI.DLL,n
|
||||||
|
|
||||||
# windows proxy auto discovery
|
# windows proxy auto discovery
|
||||||
|
|
|
@ -15,8 +15,8 @@ CPopUpWindow::CPopUpWindow(QWidget* parent) : QMainWindow(parent)
|
||||||
flags |= Qt::CustomizeWindowHint;
|
flags |= Qt::CustomizeWindowHint;
|
||||||
//flags &= ~Qt::WindowContextHelpButtonHint;
|
//flags &= ~Qt::WindowContextHelpButtonHint;
|
||||||
//flags &= ~Qt::WindowSystemMenuHint;
|
//flags &= ~Qt::WindowSystemMenuHint;
|
||||||
flags &= ~Qt::WindowMinMaxButtonsHint;
|
//flags &= ~Qt::WindowMinMaxButtonsHint;
|
||||||
//flags &= ~Qt::WindowMinimizeButtonHint;
|
flags &= ~Qt::WindowMaximizeButtonHint;
|
||||||
//flags &= ~Qt::WindowCloseButtonHint;
|
//flags &= ~Qt::WindowCloseButtonHint;
|
||||||
setWindowFlags(flags);
|
setWindowFlags(flags);
|
||||||
|
|
||||||
|
@ -26,7 +26,7 @@ CPopUpWindow::CPopUpWindow(QWidget* parent) : QMainWindow(parent)
|
||||||
ui.setupUi(centralWidget);
|
ui.setupUi(centralWidget);
|
||||||
this->setCentralWidget(centralWidget);
|
this->setCentralWidget(centralWidget);
|
||||||
|
|
||||||
setWindowFlags(Qt::Tool);
|
//setWindowFlags(Qt::Tool);
|
||||||
|
|
||||||
ui.table->verticalHeader()->hide();
|
ui.table->verticalHeader()->hide();
|
||||||
ui.table->horizontalHeader()->hide();
|
ui.table->horizontalHeader()->hide();
|
||||||
|
|
Loading…
Reference in New Issue