📄 spyserver.c
字号:
default:
TRACE_WARNING (TEXT("Driver request not handled (code=%d)\n"), p->dwCode) ;
}
TRACE_INFO (TEXT(" \\----ANS------/\n")) ;
return nResponseSize ;
}
/******************************************************************/
/* Exported function : GetFilterSet */
/******************************************************************/
HFILTERSET SpySrv_GetFilterSet ()
{
TRACE ;
return g_hFilterSet ;
}
/******************************************************************/
/* Internal function */
/******************************************************************/
BOOL SpySrv_SendFilterSetToDriver ()
{
DWORD nMaxSize ;
DWORD nSize ;
PVOID pSerial ;
BOOL bSuccess ;
DWORD nWaitResult ;
OVERLAPPED ov ;
ASSERT (g_hFilterSet!=NULL) ;
nMaxSize = 1024*1024 ;
pSerial = malloc (nMaxSize) ;
nSize = FilterSet_Serialize (g_hFilterSet, pSerial, nMaxSize) ;
if( ! nSize )
{
TRACE_ERROR(TEXT("FilterSet_Serialize failed\n")) ;
free (pSerial) ;
return FALSE ;
}
ov.hEvent = CreateEvent (NULL, TRUE, FALSE, NULL) ;
bSuccess = DeviceIoControl (g_hDriver,
IOCTL_SET_FILTERSET,
pSerial, nSize,
NULL, 0, NULL, &ov) ;
if( !bSuccess && GetLastError()==ERROR_IO_PENDING )
{
TRACE_WARNING (TEXT("IOCTL_SET_FILTERSET is running asynchronously\n")) ;
nWaitResult = WaitForSingleObject (ov.hEvent, 10*1000) ;
bSuccess = nWaitResult==WAIT_OBJECT_0 ;
}
CloseHandle (ov.hEvent) ;
free (pSerial) ;
if( ! bSuccess )
TRACE_ERROR (TEXT("Failed to send filter set to driver\n")) ;
return bSuccess ;
}
BOOL SpySrv_SetScannerExePath (LPCWSTR szScannerExe)
{
BOOL bSuccess ;
DWORD nWaitResult ;
OVERLAPPED ov ;
UINT nSize ;
ov.hEvent = CreateEvent (NULL, TRUE, FALSE, NULL) ;
nSize = szScannerExe!=NULL ? (_tcslen(szScannerExe)+1)*sizeof(TCHAR) : 0 ;
bSuccess = DeviceIoControl (g_hDriver,
IOCTL_SET_SCANNER_PATH,
(VOID*)szScannerExe, nSize,
NULL, 0, NULL, &ov) ;
if( !bSuccess && GetLastError()==ERROR_IO_PENDING )
{
TRACE_WARNING (TEXT("IOCTL_SET_SCANNER_PATH is running asynchronously\n")) ;
nWaitResult = WaitForSingleObject (ov.hEvent, 10*1000) ;
bSuccess = nWaitResult==WAIT_OBJECT_0 ;
}
CloseHandle (ov.hEvent) ;
if( ! bSuccess )
TRACE_ERROR (TEXT("Failed to send scanner path to driver\n")) ;
return bSuccess ;
}
/******************************************************************/
/* Internal function : InitDriver */
/******************************************************************/
BOOL _SpySrv_InitDriver ()
{
TRACE ;
// open a handle on driver
g_hDriver = CreateFile (TEXT("\\\\.\\WINPOOCH"),
GENERIC_READ|GENERIC_WRITE, 0,
NULL, OPEN_EXISTING,
FILE_FLAG_OVERLAPPED, NULL) ;
// ok ?
if( g_hDriver==INVALID_HANDLE_VALUE || g_hDriver==NULL )
{
TRACE_ERROR(TEXT("CreateFile failed (0x%08X)\n"), GetLastError()) ;
return FALSE ;
}
{
LPCTSTR * pszFilters ;
UINT nFilters ;
pszFilters = Config_GetStringArray (CFGSAR_SCAN_PATTERNS, &nFilters) ;
SpySrv_SetScanFilters (pszFilters, nFilters) ;
}
SpySrv_SetScannerExePath (Scanner_GetScannerExe()) ;
return TRUE ;
}
/******************************************************************/
/* Internal function : UninitDriver */
/******************************************************************/
VOID _SpySrv_UninitDriver ()
{
TRACE ;
CloseHandle (g_hDriver) ;
}
/******************************************************************/
/* Exported function : Init */
/******************************************************************/
BOOL SpySrv_Init (HWND hwndMain)
{
TRACE ;
g_hwndMain = hwndMain ;
g_hInstance = (HINSTANCE) GetWindowLong (hwndMain, GWL_HINSTANCE) ;
g_hFilterMutex = CreateMutex (NULL, FALSE, NULL) ;
g_hFilterSet = FilterSet_Create (64) ;
FilterSet_InitDefaultFilter (g_hFilterSet) ;
// initialize
if( ! _SpySrv_InitDriver(g_hwndMain) )
{
TRACE_ERROR(TEXT("InitDriver failed (0x%08X)\n"), GetLastError()) ;
CloseHandle (g_hFilterMutex) ;
return FALSE ;
}
return TRUE ;
}
/******************************************************************/
/* Exported function : Uninit */
/******************************************************************/
VOID SpySrv_Uninit ()
{
TRACE ;
_SpySrv_UninitDriver () ;
_SpySrv_UninitFilters () ;
CloseHandle (g_hFilterMutex) ;
}
/******************************************************************/
/* Exported function : Start */
/******************************************************************/
BOOL SpySrv_Start (HWND hwndMain)
{
BOOL bSuccess ;
TRACE ;
// send filters to driver
bSuccess = SpySrv_SendFilterSetToDriver () ;
if( ! bSuccess )
{
TRACE_ERROR(TEXT("SendFiltersToDriver failed\n")) ;
CloseHandle (g_hDriver) ;
return FALSE ;
}
// initialize app-driver link
bSuccess = Link_Init (g_hDriver, _SpySrv_RequestFromDriver) ;
// ok ?
if( ! bSuccess )
{
TRACE_ERROR(TEXT("Link_Init failed (0x%08X)\n"), GetLastError()) ;
CloseHandle (g_hDriver) ;
return FALSE ;
}
_SpySrv_RefreshProcList () ;
return TRUE ;
}
/******************************************************************/
/* Exported function : Stop */
/******************************************************************/
VOID SpySrv_Stop ()
{
TRACE ;
Link_Uninit () ;
}
/******************************************************************/
/* Internal function : UninitFilters */
/******************************************************************/
BOOL _SpySrv_UninitFilters ()
{
TRACE ;
FilterSet_Destroy (g_hFilterSet) ;
return TRUE ;
}
/******************************************************************/
/* Internal function : LockFilter */
/******************************************************************/
VOID SpySrv_LockFilterSet ()
{
DWORD dwResult ;
// TRACE ;
dwResult = WaitForSingleObject (g_hFilterMutex, 10000) ;
if( dwResult!=WAIT_OBJECT_0 )
TRACE_ERROR (TEXT("WaitForSingleObject failed (res=%u, error=%u)\n"),
dwResult, GetLastError()) ;
}
/******************************************************************/
/* Internal function : UnlockFilter */
/******************************************************************/
VOID SpySrv_UnlockFilterSet ()
{
//TRACE ;
if( ! ReleaseMutex (g_hFilterMutex) )
TRACE_ERROR (TEXT("ReleaseMutex failed (error=%u)\n"), GetLastError()) ;
}
/******************************************************************/
/* Internal function : GetAbsolutePath */
/******************************************************************/
void _SpySrv_GetAbsolutePath (LPTSTR szPath, LPCTSTR szFile)
{
TCHAR *p ;
GetModuleFileName (NULL, szPath, MAX_PATH) ;
p = _tcsrchr (szPath, TEXT('\\')) ;
ASSERT (p!=NULL) ;
_tcscpy (p+1, szFile) ;
}
/******************************************************************/
/* Exported function : ReadFilterFile */
/******************************************************************/
VOID SpySrv_ReadFilterFile ()
{
HFILTERSET hNewFilterSet ;
TCHAR szPath[MAX_PATH] ;
TCHAR szBuffer[1024] ;
DWORD dwFormatVersion ;
DWORD dwAppVersion ;
_SpySrv_GetAbsolutePath (szPath, szFilterFilename) ;
if( 0xFFFFFFFF==GetFileAttributes(szPath) )
{
TrayIcon_Alert (STR_DEF(_NO_FILTERS,szNoFiltersAlert)) ;
return ;
}
FilterFile_GetFileVersion(szPath,&dwFormatVersion,&dwAppVersion) ;
if( dwFormatVersion<4 || dwAppVersion<0x00600 )
{
wsprintf (szBuffer, TEXT("%s.bak"), szPath) ;
MoveFile (szPath, szBuffer) ;
TrayIcon_Alert (STR_DEF(_OLD_FILTERS_CLEARED,szOldFiltersCleared)) ;
return ;
}
hNewFilterSet = FilterFile_Read (szPath) ;
if( ! hNewFilterSet )
{
wsprintf (szBuffer,
STR_DEF(_ERROR_IN_FILTERS,szFiltersErrorAlert),
szFilterFilename, FilterFile_GetErrorString()) ;
MessageBox (NULL, szBuffer, TEXT(APPLICATION_NAME), MB_ICONERROR|MB_SETFOREGROUND) ;
return ;
}
SpySrv_LockFilterSet () ;
FilterSet_Destroy (g_hFilterSet) ;
g_hFilterSet = hNewFilterSet ;
SpySrv_UnlockFilterSet () ;
}
/******************************************************************/
/* Exported function : WriteFilterFile */
/******************************************************************/
VOID SpySrv_WriteFilterFile ()
{
TCHAR szPath[MAX_PATH] ;
SpySrv_LockFilterSet () ;
_SpySrv_GetAbsolutePath (szPath, szFilterFilename) ;
FilterFile_Write (szPath, g_hFilterSet) ;
SpySrv_UnlockFilterSet () ;
}
/******************************************************************/
/* Exported function : */
/******************************************************************/
VOID SpySrv_SetFilterSet (HFILTERSET hNewFilterSet)
{
SpySrv_LockFilterSet () ;
FilterSet_Destroy (g_hFilterSet) ;
g_hFilterSet = hNewFilterSet ;
SpySrv_UnlockFilterSet () ;
PostMessage (g_hwndMain, WM_SPYNOTIFY, SN_FILTERCHANGED, 0) ;
}
/******************************************************************/
/* Exported function : */
/******************************************************************/
BOOL SpySrv_AddRuleForProgram (FILTRULE* pRule, LPCTSTR szPath)
{
HFILTER hFilter ;
// verify params
ASSERT (pRule!=NULL) ;
ASSERT (szPath!=NULL) ;
SpySrv_LockFilterSet () ;
hFilter = FilterSet_GetFilterStrict (g_hFilterSet, szPath) ;
if( ! hFilter ) {
hFilter = Filter_Create (szPath) ;
FilterSet_AddFilter (g_hFilterSet, hFilter) ;
}
Filter_AddRule (hFilter, pRule) ;
SpySrv_SendFilterSetToDriver () ;
SpySrv_UnlockFilterSet () ;
PostMessage (g_hwndMain, WM_SPYNOTIFY, SN_FILTERCHANGED, 0) ;
return TRUE ;
}
/******************************************************************/
/* Exported function */
/******************************************************************/
BOOL SpySrv_KillProcess (PROCADDR nProcessAddress, BOOL bKernelModeKill)
{
BOOL bSuccess ;
if( ! bKernelModeKill )
{
PROCSTRUCT *pProc ;
HANDLE hProcess ;
UINT nProcessId ;
ProcList_Lock () ;
pProc = ProcList_Get (nProcessAddress) ;
if( pProc ) nProcessId = pProc->nProcessId ;
ProcList_Unlock () ;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -