diff options
| -rw-r--r-- | KMemDriver.sln | 13 | ||||
| -rw-r--r-- | MemDriverLib/KInterface.h | 120 | ||||
| -rw-r--r-- | MemDriverLib/MemDriverLib.vcxproj | 2 | ||||
| -rw-r--r-- | MemDriverLib/MemDriverLib.vcxproj.filters | 4 | ||||
| -rw-r--r-- | MemDriverWeb/MemDriverWeb.cpp | 21 | ||||
| -rw-r--r-- | MemDriverWeb/MemDriverWeb.vcxproj | 170 | ||||
| -rw-r--r-- | MemDriverWeb/MemDriverWeb.vcxproj.filters | 30 | ||||
| -rw-r--r-- | MemDriverWeb/pch.cpp | 5 | ||||
| -rw-r--r-- | MemDriverWeb/pch.h | 14 |
9 files changed, 256 insertions, 123 deletions
diff --git a/KMemDriver.sln b/KMemDriver.sln index 8d221c2..8e5601e 100644 --- a/KMemDriver.sln +++ b/KMemDriver.sln @@ -9,6 +9,11 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "KTest", "KTest\KTest.vcxpro EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "MemDriverLib", "MemDriverLib\MemDriverLib.vcxproj", "{B6790A97-6995-46B6-AD73-AC5BC4AC76DB}" EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "MemDriverWeb", "MemDriverWeb\MemDriverWeb.vcxproj", "{D36A5026-3729-4CC0-BD26-37177ACE3590}" + ProjectSection(ProjectDependencies) = postProject + {B6790A97-6995-46B6-AD73-AC5BC4AC76DB} = {B6790A97-6995-46B6-AD73-AC5BC4AC76DB} + EndProjectSection +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|x64 = Debug|x64 @@ -45,6 +50,14 @@ Global {B6790A97-6995-46B6-AD73-AC5BC4AC76DB}.Release|x64.Build.0 = Release|x64 {B6790A97-6995-46B6-AD73-AC5BC4AC76DB}.Release|x86.ActiveCfg = Release|Win32 {B6790A97-6995-46B6-AD73-AC5BC4AC76DB}.Release|x86.Build.0 = Release|Win32 + {D36A5026-3729-4CC0-BD26-37177ACE3590}.Debug|x64.ActiveCfg = Debug|x64 + {D36A5026-3729-4CC0-BD26-37177ACE3590}.Debug|x64.Build.0 = Debug|x64 + {D36A5026-3729-4CC0-BD26-37177ACE3590}.Debug|x86.ActiveCfg = Debug|Win32 + {D36A5026-3729-4CC0-BD26-37177ACE3590}.Debug|x86.Build.0 = Debug|Win32 + {D36A5026-3729-4CC0-BD26-37177ACE3590}.Release|x64.ActiveCfg = Release|x64 + {D36A5026-3729-4CC0-BD26-37177ACE3590}.Release|x64.Build.0 = Release|x64 + {D36A5026-3729-4CC0-BD26-37177ACE3590}.Release|x86.ActiveCfg = Release|Win32 + {D36A5026-3729-4CC0-BD26-37177ACE3590}.Release|x86.Build.0 = Release|Win32 EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE diff --git a/MemDriverLib/KInterface.h b/MemDriverLib/KInterface.h deleted file mode 100644 index a8a7ee2..0000000 --- a/MemDriverLib/KInterface.h +++ /dev/null @@ -1,120 +0,0 @@ -#pragma once - -#include "Driver.h" - -#include <vector> -#include <Windows.h> - -#define DEFAULT_TIMEOUT 2500 -#define INVALID_NTSTATUS (UINT32)-1 - -typedef enum SendRecvReturn { - SRR_INVALID = 0, SRR_SIGNALED, SRR_TIMEOUT, SRR_ERR_UEVENT, SRR_ERR_KEVENT, SRR_ERR_HEADER -} SendRecvReturn; - -class KInterface -{ -public: - static KInterface& getInstance() - { - static KInterface instance; - return instance; - } - KInterface(); - KInterface(KInterface const&) = delete; - void operator=(KInterface const&) = delete; - - bool Init(); - bool Handshake(); - bool Ping(); - bool Pages(HANDLE targetPID, - std::vector<MEMORY_BASIC_INFORMATION>& dest, - PVOID start_address = NULL); - bool Modules(HANDLE targetPID, - std::vector<MODULE_DATA>& dest); - bool Exit(); - bool RPM(HANDLE targetPID, PVOID address, BYTE *buf, SIZE_T size, - PKERNEL_READ_REQUEST result); - bool WPM(HANDLE targetPID, PVOID address, BYTE *buf, SIZE_T size, - PKERNEL_WRITE_REQUEST result); - - PVOID getBuffer(); - HANDLE getKHandle(); - HANDLE getUHandle(); - UINT32 getLastPingValue(); - UINT32 getLastNtStatus(); - SendRecvReturn RecvWait(DWORD timeout = DEFAULT_TIMEOUT); - -private: - SendRecvReturn SendRecvWait(UINT32 type, DWORD timeout = DEFAULT_TIMEOUT); - - PVOID m_shmem = NULL; - HANDLE m_kevent = NULL, m_uevent = NULL; - - UINT32 m_last_ping_value = 0; - UINT32 m_last_ntstatus = INVALID_NTSTATUS; -}; - -class KMemory -{ -public: - template <class T> - static T Rpm(HANDLE targetPID, PVOID address) { - T buf; - if (!KInterface::getInstance().RPM(targetPID, address, (BYTE*)&buf, sizeof buf, NULL)) - throw std::runtime_error("KMemory RPM failed"); - return buf; - } - template <class T> - static void Wpm(HANDLE targetPID, PVOID address, T *buf) { - if (!KInterface::getInstance().WPM(targetPID, address, (BYTE*)buf, sizeof *buf, NULL)) - throw std::runtime_error("KMemory WPM failed"); - } -}; - -class KMemoryBuf -{ -public: - template <size_t SIZE> - static SSIZE_T Rpm(HANDLE targetPID, PVOID address, BYTE *dest) { - KERNEL_READ_REQUEST rr = { 0 }; - if (!KInterface::getInstance().RPM(targetPID, address, &dest[0], SIZE, &rr)) - return -1; - return rr.SizeRes; - } - template <size_t SIZE> - static SSIZE_T Wpm(HANDLE targetPID, PVOID address, BYTE *dest) { - KERNEL_WRITE_REQUEST wr = { 0 }; - if (!KInterface::getInstance().WPM(targetPID, address, &dest[0], SIZE, &wr)) - return -1; - return wr.SizeRes; - } -}; - -template <SIZE_T SIZE> -struct Diff { - BYTE current_buffer[SIZE]; - BYTE old_buffer[SIZE]; - std::vector<std::pair<SIZE_T, SIZE_T>> diffs; -}; - -class KScan -{ -public: - template <typename T, SIZE_T SIZE> - static SSIZE_T ScanSimple(HANDLE targetPID, PVOID start_address, SIZE_T max_scansize, T(&a)[SIZE]) - { - return KScanSimple(targetPID, start_address, max_scansize, a, sizeof T * SIZE); - } - template <SIZE_T SIZE> - static SSIZE_T BinDiffSimple(HANDLE targetPID, PVOID start_address, Diff<SIZE> *diff) - { - return KBinDiffSimple(targetPID, start_address, diff->current_buffer, - diff->old_buffer, SIZE, &diff->diffs); - } -private: - static SSIZE_T KScanSimple(HANDLE targetPID, PVOID start_address, SIZE_T max_scansize, - PVOID scanbuf, SIZE_T scanbuf_size); - static SSIZE_T KBinDiffSimple(HANDLE targetPid, PVOID start_address, - BYTE *curbuf, BYTE *oldbuf, SIZE_T siz, std::vector<std::pair<SIZE_T, SIZE_T>> *diffs); -};
\ No newline at end of file diff --git a/MemDriverLib/MemDriverLib.vcxproj b/MemDriverLib/MemDriverLib.vcxproj index cd962af..578e5e8 100644 --- a/MemDriverLib/MemDriverLib.vcxproj +++ b/MemDriverLib/MemDriverLib.vcxproj @@ -150,7 +150,7 @@ </ItemDefinitionGroup> <ItemGroup> <ClInclude Include="..\include\Driver.h" /> - <ClInclude Include="KInterface.h" /> + <ClInclude Include="..\include\KInterface.h" /> <ClInclude Include="stdafx.h" /> <ClInclude Include="targetver.h" /> </ItemGroup> diff --git a/MemDriverLib/MemDriverLib.vcxproj.filters b/MemDriverLib/MemDriverLib.vcxproj.filters index 0afe07b..b674adc 100644 --- a/MemDriverLib/MemDriverLib.vcxproj.filters +++ b/MemDriverLib/MemDriverLib.vcxproj.filters @@ -21,10 +21,10 @@ <ClInclude Include="targetver.h"> <Filter>Header Files</Filter> </ClInclude> - <ClInclude Include="KInterface.h"> + <ClInclude Include="..\include\Driver.h"> <Filter>Header Files</Filter> </ClInclude> - <ClInclude Include="..\include\Driver.h"> + <ClInclude Include="..\include\KInterface.h"> <Filter>Header Files</Filter> </ClInclude> </ItemGroup> diff --git a/MemDriverWeb/MemDriverWeb.cpp b/MemDriverWeb/MemDriverWeb.cpp new file mode 100644 index 0000000..73c4f91 --- /dev/null +++ b/MemDriverWeb/MemDriverWeb.cpp @@ -0,0 +1,21 @@ +// MemDriverWeb.cpp : This file contains the 'main' function. Program execution begins and ends there. +// + +#include "pch.h" +#include <iostream> + +int main() +{ + std::cout << "Hello World!\n"; +} + +// Run program: Ctrl + F5 or Debug > Start Without Debugging menu +// Debug program: F5 or Debug > Start Debugging menu + +// Tips for Getting Started: +// 1. Use the Solution Explorer window to add/manage files +// 2. Use the Team Explorer window to connect to source control +// 3. Use the Output window to see build output and other messages +// 4. Use the Error List window to view errors +// 5. Go to Project > Add New Item to create new code files, or Project > Add Existing Item to add existing code files to the project +// 6. In the future, to open this project again, go to File > Open > Project and select the .sln file diff --git a/MemDriverWeb/MemDriverWeb.vcxproj b/MemDriverWeb/MemDriverWeb.vcxproj new file mode 100644 index 0000000..735eb01 --- /dev/null +++ b/MemDriverWeb/MemDriverWeb.vcxproj @@ -0,0 +1,170 @@ +<?xml version="1.0" encoding="utf-8"?> +<Project DefaultTargets="Build" ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <ItemGroup Label="ProjectConfigurations"> + <ProjectConfiguration Include="Debug|Win32"> + <Configuration>Debug</Configuration> + <Platform>Win32</Platform> + </ProjectConfiguration> + <ProjectConfiguration Include="Release|Win32"> + <Configuration>Release</Configuration> + <Platform>Win32</Platform> + </ProjectConfiguration> + <ProjectConfiguration Include="Debug|x64"> + <Configuration>Debug</Configuration> + <Platform>x64</Platform> + </ProjectConfiguration> + <ProjectConfiguration Include="Release|x64"> + <Configuration>Release</Configuration> + <Platform>x64</Platform> + </ProjectConfiguration> + </ItemGroup> + <PropertyGroup Label="Globals"> + <VCProjectVersion>15.0</VCProjectVersion> + <ProjectGuid>{D36A5026-3729-4CC0-BD26-37177ACE3590}</ProjectGuid> + <Keyword>Win32Proj</Keyword> + <RootNamespace>MemDriverWeb</RootNamespace> + <WindowsTargetPlatformVersion>10.0.17763.0</WindowsTargetPlatformVersion> + </PropertyGroup> + <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" /> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration"> + <ConfigurationType>Application</ConfigurationType> + <UseDebugLibraries>true</UseDebugLibraries> + <PlatformToolset>v141</PlatformToolset> + <CharacterSet>Unicode</CharacterSet> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration"> + <ConfigurationType>Application</ConfigurationType> + <UseDebugLibraries>false</UseDebugLibraries> + <PlatformToolset>v141</PlatformToolset> + <WholeProgramOptimization>true</WholeProgramOptimization> + <CharacterSet>Unicode</CharacterSet> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration"> + <ConfigurationType>Application</ConfigurationType> + <UseDebugLibraries>true</UseDebugLibraries> + <PlatformToolset>v141</PlatformToolset> + <CharacterSet>Unicode</CharacterSet> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration"> + <ConfigurationType>Application</ConfigurationType> + <UseDebugLibraries>false</UseDebugLibraries> + <PlatformToolset>v141</PlatformToolset> + <WholeProgramOptimization>true</WholeProgramOptimization> + <CharacterSet>Unicode</CharacterSet> + </PropertyGroup> + <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" /> + <ImportGroup Label="ExtensionSettings"> + </ImportGroup> + <ImportGroup Label="Shared"> + </ImportGroup> + <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> + <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> + </ImportGroup> + <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> + <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> + </ImportGroup> + <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> + <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> + </ImportGroup> + <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> + <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> + </ImportGroup> + <PropertyGroup Label="UserMacros" /> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> + <LinkIncremental>true</LinkIncremental> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> + <LinkIncremental>true</LinkIncremental> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> + <LinkIncremental>false</LinkIncremental> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> + <LinkIncremental>false</LinkIncremental> + </PropertyGroup> + <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> + <ClCompile> + <PrecompiledHeader>Use</PrecompiledHeader> + <WarningLevel>Level3</WarningLevel> + <Optimization>Disabled</Optimization> + <SDLCheck>true</SDLCheck> + <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <ConformanceMode>true</ConformanceMode> + <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile> + </ClCompile> + <Link> + <SubSystem>Console</SubSystem> + <GenerateDebugInformation>true</GenerateDebugInformation> + <AdditionalLibraryDirectories>$(VCToolsInstallDir)lib\x64;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories> + </Link> + </ItemDefinitionGroup> + <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> + <ClCompile> + <PrecompiledHeader>Use</PrecompiledHeader> + <WarningLevel>Level3</WarningLevel> + <Optimization>Disabled</Optimization> + <SDLCheck>true</SDLCheck> + <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <ConformanceMode>true</ConformanceMode> + <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile> + </ClCompile> + <Link> + <SubSystem>Console</SubSystem> + <GenerateDebugInformation>true</GenerateDebugInformation> + </Link> + </ItemDefinitionGroup> + <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> + <ClCompile> + <PrecompiledHeader>Use</PrecompiledHeader> + <WarningLevel>Level3</WarningLevel> + <Optimization>MaxSpeed</Optimization> + <FunctionLevelLinking>true</FunctionLevelLinking> + <IntrinsicFunctions>true</IntrinsicFunctions> + <SDLCheck>true</SDLCheck> + <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <ConformanceMode>true</ConformanceMode> + <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile> + </ClCompile> + <Link> + <SubSystem>Console</SubSystem> + <EnableCOMDATFolding>true</EnableCOMDATFolding> + <OptimizeReferences>true</OptimizeReferences> + <GenerateDebugInformation>true</GenerateDebugInformation> + </Link> + </ItemDefinitionGroup> + <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> + <ClCompile> + <PrecompiledHeader>Use</PrecompiledHeader> + <WarningLevel>Level3</WarningLevel> + <Optimization>MaxSpeed</Optimization> + <FunctionLevelLinking>true</FunctionLevelLinking> + <IntrinsicFunctions>true</IntrinsicFunctions> + <SDLCheck>true</SDLCheck> + <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <ConformanceMode>true</ConformanceMode> + <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile> + </ClCompile> + <Link> + <SubSystem>Console</SubSystem> + <EnableCOMDATFolding>true</EnableCOMDATFolding> + <OptimizeReferences>true</OptimizeReferences> + <GenerateDebugInformation>true</GenerateDebugInformation> + <AdditionalLibraryDirectories>$(VCToolsInstallDir)lib\x64;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories> + </Link> + </ItemDefinitionGroup> + <ItemGroup> + <ClInclude Include="pch.h" /> + </ItemGroup> + <ItemGroup> + <ClCompile Include="MemDriverWeb.cpp" /> + <ClCompile Include="pch.cpp"> + <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader> + <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader> + <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader> + <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">Create</PrecompiledHeader> + </ClCompile> + </ItemGroup> + <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" /> + <ImportGroup Label="ExtensionTargets"> + </ImportGroup> +</Project>
\ No newline at end of file diff --git a/MemDriverWeb/MemDriverWeb.vcxproj.filters b/MemDriverWeb/MemDriverWeb.vcxproj.filters new file mode 100644 index 0000000..374637f --- /dev/null +++ b/MemDriverWeb/MemDriverWeb.vcxproj.filters @@ -0,0 +1,30 @@ +<?xml version="1.0" encoding="utf-8"?> +<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <ItemGroup> + <Filter Include="Source Files"> + <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier> + <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions> + </Filter> + <Filter Include="Header Files"> + <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier> + <Extensions>h;hh;hpp;hxx;hm;inl;inc;ipp;xsd</Extensions> + </Filter> + <Filter Include="Resource Files"> + <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier> + <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions> + </Filter> + </ItemGroup> + <ItemGroup> + <ClInclude Include="pch.h"> + <Filter>Header Files</Filter> + </ClInclude> + </ItemGroup> + <ItemGroup> + <ClCompile Include="pch.cpp"> + <Filter>Source Files</Filter> + </ClCompile> + <ClCompile Include="MemDriverWeb.cpp"> + <Filter>Source Files</Filter> + </ClCompile> + </ItemGroup> +</Project>
\ No newline at end of file diff --git a/MemDriverWeb/pch.cpp b/MemDriverWeb/pch.cpp new file mode 100644 index 0000000..3a3d12b --- /dev/null +++ b/MemDriverWeb/pch.cpp @@ -0,0 +1,5 @@ +// pch.cpp: source file corresponding to pre-compiled header; necessary for compilation to succeed + +#include "pch.h" + +// In general, ignore this file, but keep it around if you are using pre-compiled headers. diff --git a/MemDriverWeb/pch.h b/MemDriverWeb/pch.h new file mode 100644 index 0000000..b04e71e --- /dev/null +++ b/MemDriverWeb/pch.h @@ -0,0 +1,14 @@ +// Tips for Getting Started: +// 1. Use the Solution Explorer window to add/manage files +// 2. Use the Team Explorer window to connect to source control +// 3. Use the Output window to see build output and other messages +// 4. Use the Error List window to view errors +// 5. Go to Project > Add New Item to create new code files, or Project > Add Existing Item to add existing code files to the project +// 6. In the future, to open this project again, go to File > Open > Project and select the .sln file + +#ifndef PCH_H +#define PCH_H + +// TODO: add headers that you want to pre-compile here + +#endif //PCH_H |