diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2024-03-08 08:29:04 +0100 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2024-03-08 08:29:04 +0100 |
| commit | 27de0798b73e7310dfc6ed76578120a41ba8c160 (patch) | |
| tree | 5e2a9ad4d1b9885704a68bcef4308e99a80004ad | |
| parent | f15f07392dae1dcc99f4646b88c28b5161df61c5 (diff) | |
initial tarkov driver (WiP)
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
| -rw-r--r-- | Makefile | 14 | ||||
| -rw-r--r-- | tarkov.cpp | 69 | ||||
| -rw-r--r-- | tfk.bat | 27 |
3 files changed, 108 insertions, 2 deletions
@@ -8,17 +8,27 @@ DRIVER_NAME = driver-kmem DRIVER_OBJECTS = $(DRIVER_NAME).o memory.o DRIVER_TARGET = $(DRIVER_NAME).sys -all: $(DRIVER_TARGET) +TARKOV_NAME = tfk +TARKOV_OBJECTS = tarkov.o memory.o +TARKOV_TARGET = $(TARKOV_NAME).sys -install: $(DRIVER_TARGET) +all: $(DRIVER_TARGET) $(TARKOV_TARGET) + +install: $(DRIVER_TARGET) $(TARKOV_TARGET) $(call INSTALL_EXEC_SIGN,$(DRIVER_TARGET)) $(INSTALL) $(DRIVER_NAME).bat $(DESTDIR) + $(call INSTALL_EXEC_SIGN,$(TARKOV_TARGET)) + $(INSTALL) $(TARKOV_NAME).bat $(DESTDIR) clean: rm -f $(DRIVER_OBJECTS) $(DRIVER_TARGET) + rm -f $(TARKOV_OBJECTS) $(TARKOV_TARGET) %.o: %.cpp $(call BUILD_CPP_OBJECT,$<,$@) $(DRIVER_TARGET): $(DRIVER_OBJECTS) $(call LINK_CPP_KERNEL_TARGET,$(DRIVER_OBJECTS),$@) + +$(TARKOV_TARGET): $(TARKOV_OBJECTS) + $(call LINK_CPP_KERNEL_TARGET,$(TARKOV_OBJECTS),$@) diff --git a/tarkov.cpp b/tarkov.cpp new file mode 100644 index 0000000..c71d286 --- /dev/null +++ b/tarkov.cpp @@ -0,0 +1,69 @@ +#include <ntddk.h> + +#include <DriverThread.hpp> + +#include "memory.hpp" + +using namespace DriverThread; + +static Thread thread; + +static uint64_t SearchTarkovProcess(void) { + const auto &procs = ::GetProcesses(); + const wchar_t targetProcess[] = L"EscapeFromTarkov.exe"; + const auto &found = eastl::find_if(procs.begin(), procs.end(), + [&targetProcess](const auto &item) { + if (item.ProcessName == targetProcess) + return true; + return false; + }); + + if (found == procs.end()) { + return 0; + } + + return found->UniqueProcessId; +} + +extern "C" { +DRIVER_INITIALIZE DriverEntry; +DRIVER_UNLOAD DriverUnload; + +NTSTATUS DriverEntry(_In_ struct _DRIVER_OBJECT *DriverObject, + _In_ PUNICODE_STRING RegistryPath) { + UNREFERENCED_PARAMETER(DriverObject); + UNREFERENCED_PARAMETER(RegistryPath); + + auto args = eastl::make_shared<ThreadArgs>(); + thread.Start( + [](eastl::shared_ptr<ThreadArgs> args) { + UNREFERENCED_PARAMETER(args); + + auto pid = reinterpret_cast<HANDLE>(SearchTarkovProcess()); + if (pid == NULL) { + return STATUS_SUCCESS; + } + DbgPrint("Process pid: %p\n", pid); + + PEPROCESS pep; + HANDLE obj; + if (!NT_SUCCESS(::OpenProcess(pid, &pep, &obj))) { + return STATUS_SUCCESS; + } + + // TODO: Fill me with useful code.. ;) + + return STATUS_SUCCESS; + }, + args); + + return STATUS_SUCCESS; +} + +VOID DriverUnload(_In_ struct _DRIVER_OBJECT *DriverObject) { + UNREFERENCED_PARAMETER(DriverObject); + + DbgPrint("%s\n", "Waiting for thread termination.."); + thread.WaitForTermination(); +} +} @@ -0,0 +1,27 @@ +@echo off +set SERVICE_NAME=tkf +set DRIVER="%~dp0\tkf.sys" + +net session >nul 2>&1 +if NOT %ERRORLEVEL% EQU 0 ( + echo ERROR: This script requires Administrator privileges! + pause + exit /b 1 +) + +echo --------------------------------------- +echo -- Service Name: %SERVICE_NAME% +echo -- Driver......: %DRIVER% +echo --------------------------------------- + +sc create %SERVICE_NAME% binPath= %DRIVER% type= kernel +echo --------------------------------------- +sc start %SERVICE_NAME% +echo --------------------------------------- +sc query %SERVICE_NAME% +echo [PRESS A KEY TO STOP THE DRIVER] +pause +sc stop %SERVICE_NAME% +sc delete %SERVICE_NAME% +echo Done. +timeout /t 3 |