📄 mspyuser.c
字号:
/*++
Copyright (c) 1989-2002 Microsoft Corporation
Module Name:
mspyUser.c
Abstract:
This file contains the implementation for the main function of the
user application piece of MiniSpy. This function is responsible for
controlling the command mode available to the user to control the
kernel mode driver.
Environment:
User mode
--*/
#include <stdlib.h>
#include <stdio.h>
#include <windows.h>
#include <assert.h>
#include "mspyLog.h"
#include <strsafe.h>
#define SUCCESS 0
#define USAGE_ERROR 1
#define EXIT_INTERPRETER 2
#define EXIT_PROGRAM 4
#define INTERPRETER_EXIT_COMMAND1 "go"
#define INTERPRETER_EXIT_COMMAND2 "g"
#define PROGRAM_EXIT_COMMAND "exit"
#define MINISPY_NAME L"MiniSpy"
DWORD
InterpretCommand (
__in int argc,
__in_ecount(argc) char *argv[],
__in PLOG_CONTEXT Context
);
VOID
ListDevices (
VOID
);
VOID
DisplayError (
__in DWORD Code
)
/*++
Routine Description:
This routine will display an error message based off of the Win32 error
code that is passed in. This allows the user to see an understandable
error message instead of just the code.
Arguments:
Code - The error code to be translated.
Return Value:
None.
--*/
{
WCHAR buffer[256];
DWORD count;
HMODULE module = NULL;
HRESULT status;
count = FormatMessage (FORMAT_MESSAGE_FROM_SYSTEM,
NULL,
Code,
0,
buffer,
sizeof(buffer) / sizeof(WCHAR),
NULL);
if (count == 0) {
count = GetSystemDirectory( buffer,
sizeof(buffer) / sizeof( WCHAR ) );
status = StringCchCat( buffer,
sizeof(buffer) / sizeof( WCHAR ),
L"\\fltlib.dll" );
if (status != S_OK) {
printf(" Could not translate error: %d\n", Code);
return;
}
module = LoadLibraryExW( buffer, NULL, LOAD_LIBRARY_AS_DATAFILE );
//
// Translate the Win32 error code into a useful message.
//
count = FormatMessage (FORMAT_MESSAGE_FROM_HMODULE,
module,
Code,
0,
buffer,
sizeof(buffer) / sizeof(WCHAR),
NULL);
if (module != NULL) {
FreeLibrary( module );
}
//
// If we still couldn't resolve the message, generate a string
//
if (count == 0) {
printf(" Could not translate error: %d\n", Code);
return;
}
}
//
// Display the translated error.
//
printf(" %ws\n", buffer);
}
int _cdecl
main (
__in int argc,
__in_ecount(argc) char *argv[]
)
/*++
Routine Description:
Main routine for minispy
Arguments:
Return Value:
--*/
{
HANDLE port = INVALID_HANDLE_VALUE;
HRESULT hResult = S_OK;
DWORD result;
ULONG threadId;
HANDLE thread = NULL;
LOG_CONTEXT context;
CHAR inputChar;
//
// Initialize handle in case of error
//
context.ShutDown = NULL;
//
// Open the port that is used to talk to
// MiniSpy.
//
printf( "Connecting to filter's port...\n" );
hResult = FilterConnectCommunicationPort( MINISPY_PORT_NAME,
0,
NULL,
0,
NULL,
&port );
if (IS_ERROR( hResult )) {
printf( "Could not connect to filter: 0x%08x\n", hResult );
DisplayError( hResult );
goto Main_Exit;
}
//
// Initialize the fields of the LOG_CONTEXT
//
context.Port = port;
context.ShutDown = CreateSemaphore( NULL,
0,
1,
L"MiniSpy shut down" );
context.CleaningUp = FALSE;
context.LogToFile = FALSE;
context.LogToScreen = FALSE; //don't start logging yet
context.NextLogToScreen = TRUE;
context.OutputFile = NULL;
//
// Check the valid parameters for startup
//
if (argc > 1) {
if (InterpretCommand( argc - 1, &(argv[1]), &context ) == USAGE_ERROR) {
goto Main_Exit;
}
}
//
// Create the thread to read the log records that are gathered
// by MiniSpy.sys.
//
printf( "Creating logging thread...\n" );
thread = CreateThread( NULL,
0,
RetrieveLogRecords,
(LPVOID)&context,
0,
&threadId);
if (!thread) {
result = GetLastError();
printf( "Could not create logging thread: %d\n", result );
DisplayError( result );
goto Main_Exit;
}
//
// Check to see what devices we are attached to from
// previous runs of this program.
//
ListDevices();
//
// Process commands from the user
//
printf( "\nHit [Enter] to begin command mode...\n\n" );
fflush( stdout );
//
// set screen logging state
//
context.LogToScreen = context.NextLogToScreen;
while (inputChar = (CHAR)getchar()) {
CHAR *parms[40];
CHAR commandLine[81];
INT parmCount, count;
DWORD returnValue = SUCCESS;
BOOL newParm;
CHAR ch;
if (inputChar == '\n') {
//
// Start command interpreter. First we must turn off logging
// to screen if we are. Also, remember the state of logging
// to the screen, so that we can reinstate that when command
// interpreter is finished.
//
context.NextLogToScreen = context.LogToScreen;
context.LogToScreen = FALSE;
while (returnValue != EXIT_INTERPRETER) {
//
// Print prompt
//
printf( ">" );
//
// Read in next line, keeping track of the number of parameters
// as we go.
//
parmCount = 0;
newParm = TRUE;
for ( count = 0;
(count < 80) && ((ch = (CHAR)getchar()) != '\n');
count++)
{
commandLine[count] = ch;
if (newParm && (ch != ' ')) {
parms[parmCount++] = &commandLine[count];
}
//
// Always insert NULL's for spaces
//
if (ch == ' ') {
newParm = TRUE;
commandLine[count] = 0;
} else {
newParm = FALSE;
}
}
commandLine[count] = '\0';
//
// We've got our parameter count and parameter list, so
// send it off to be interpreted.
//
returnValue = InterpretCommand( parmCount, parms, &context );
if (returnValue == EXIT_PROGRAM) {
// Time to stop the program
goto Main_Cleanup;
}
}
//
// Set LogToScreen appropriately based on any commands seen
//
context.LogToScreen = context.NextLogToScreen;
if (context.LogToScreen) {
printf( "Should be logging to screen...\n" );
}
}
}
Main_Cleanup:
//
// Clean up the threads, then fall through to Main_Exit
//
printf( "Cleaning up...\n" );
//
// Set the Cleaning up flag to TRUE to notify other threads
// that we are cleaning up
//
context.CleaningUp = TRUE;
//
// Wait for everyone to shut down
//
WaitForSingleObject( context.ShutDown, INFINITE );
if (context.LogToFile) {
fclose( context.OutputFile );
}
Main_Exit:
//
// Clean up the data that is always around and exit
//
if(context.ShutDown) {
CloseHandle( context.ShutDown );
}
if (thread) {
CloseHandle( thread );
}
if (INVALID_HANDLE_VALUE != port) {
CloseHandle( port );
}
return 0;
}
DWORD
InterpretCommand (
__in int argc,
__in_ecount(argc) char *argv[],
__in PLOG_CONTEXT Context
)
/*++
Routine Description:
Process options from the user
Arguments:
Return Value:
--*/
{
LONG parmIndex;
PCHAR parm;
HRESULT hResult;
DWORD returnValue = SUCCESS;
CHAR buffer[BUFFER_SIZE];
DWORD bufferLength;
PWCHAR instanceString;
WCHAR instanceName[INSTANCE_NAME_MAX_CHARS + 1];
//
// Interpret the command line parameters
//
for (parmIndex = 0; parmIndex < argc; parmIndex++) {
parm = argv[parmIndex];
if (parm[0] == '/') {
//
// Have the beginning of a switch
//
switch (parm[1]) {
case 'a':
case 'A':
//
// Attach to the specified drive letter
//
parmIndex++;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -