Beispiel #1
0
        /// <param name="rip">The instruction pointer to start disassembly on</param>
        /// <param name="pid">The PID to the process to get memory from</param>
        /// <param name="disasmBox">The listbox to dump disasm to</param>
        /// <param name="methodIntPtr">The trueIntPtr of the Method that we want to attack so that our jmp,call,etc are at the correct offsets.</param>
        public void disassembler(byte[] bytesToDisassam, System.Windows.Forms.RichTextBox disasmBox, IntPtr methodIntPtr)
        {
            try
            {
                var disasm = new Disasm();
                IntPtr disasmPtr = Marshal.AllocHGlobal(Marshal.SizeOf(disasm));

                int result = 0;

                if (IntPtr.Size == 8)
                {
                    disasm.Archi = 64;
                }
                else
                    disasm.Archi = 32;

                disasm.Options = 0x200; //display in NASM syntax

                int size = bytesToDisassam.Length;
                //IntPtr executionPointer = System.Runtime.InteropServices.Marshal.AllocHGlobal(size);
                //   System.Runtime.InteropServices.Marshal.Copy(bytesToDisassam, 0, executionPointer, size);
                disasm.EIP = methodIntPtr;

                var EIPrange = (methodIntPtr.ToInt64() + size / 2);

                while (true)
                {
                    System.Runtime.InteropServices.Marshal.StructureToPtr(disasm, disasmPtr, false);
                    if (IntPtr.Size == 8)
                    {

                        result = BeaEngine.Disasm64(disasmPtr);
                        Marshal.PtrToStructure(disasmPtr, disasm);
                    }
                    else
                        result = BeaEngine.Disasm(disasm);

                    //Marshal.PtrToStructure(disasmPtr, disasm);
                    if (result == (int)BeaConstants.SpecialInfo.UNKNOWN_OPCODE)
                    {
                        disasmBox.AppendText("Beaengine error: unknown opcode \n");
                        break;
                    }

                    disasmBox.AppendText("0x" + disasm.Instruction.Opcode.ToString("X") + " " + disasm.CompleteInstr.ToString() + "\n");

                    if (disasm.Instruction.Opcode.ToString("X") == "C3")
                        break;

                    disasm.EIP = new IntPtr(disasm.EIP.ToInt64() + result);

                }
            }
            catch (Exception ex)
            {
                disasmBox.AppendText("Beaengine error: " + ex.Message.ToString() + "\n");
            }
        }
Beispiel #2
0
        /// <summary>
        /// Disassemble a given piece of shellcode. 
        /// </summary>
        /// <param name="disasmBytes">The byte array to disassemble</param>
        /// <param name="architecture">The architecture to target. Either 32 or 64 bit Windows</param>
        /// <param name="disasmBox">The listbox to place the disassembly</param>
        /// <param name="showOffsets">Boolean to determine whether or not to display address offsets in the disassembly listing.</param>
        public void disassembleSC(byte[] disasmBytes, uint architecture, System.Windows.Forms.RichTextBox disasmBox, bool showOffsets)
        {
            var disasm = new Disasm();
            disasm.Options = 0x200;//display in NASM syntax

            if (architecture == 32)
            {
                disasm.Archi = 32;
            }
            else if (architecture == 64)
            {
                disasm.Archi = 64;
            }

            int size = disasmBytes.Length;
            IntPtr executionPointer = System.Runtime.InteropServices.Marshal.AllocHGlobal(size);
            System.Runtime.InteropServices.Marshal.Copy(disasmBytes, 0, executionPointer, size);
            disasm.EIP = new IntPtr(executionPointer.ToInt64());

            int result;
            var disasmPtr = Marshal.AllocHGlobal(Marshal.SizeOf(disasm));
            disasmBox.AppendText("Disassembled shellcode with " + architecture + "bit\n");
            var EIPrange = (executionPointer.ToInt64() + size/2);

            try
            {
                while (disasm.EIP.ToInt64()  < EIPrange)
                {
                    System.Runtime.InteropServices.Marshal.StructureToPtr(disasm, disasmPtr, false);
                    result = BeaEngine.Disasm(disasmPtr);
                    Marshal.PtrToStructure(disasmPtr, disasm);
                    if (result == (int)BeaConstants.SpecialInfo.UNKNOWN_OPCODE)
                    {
                        disasmBox.AppendText("Unknown opcode error @ " + disasm.EIP.ToString("X") + "\n");
                        break;
                    }

                    if (showOffsets)
                        disasmBox.AppendText(disasm.EIP.ToString("X") + "h : " + disasm.CompleteInstr.ToString() + "\n");
                    else
                        disasmBox.AppendText(disasm.CompleteInstr.ToString() + "\n");

                    if (disasm.Instruction.Opcode.ToString("X") == "C3")
                        break;
                    disasm.EIP = new IntPtr(disasm.EIP.ToInt64() + result);

                }
            }
            catch
            {
                disasmBox.AppendText("Something went wrong with disassembly\n");
            }
        }
        public void appendNewText(System.Windows.Forms.RichTextBox text)
        {
            if (this.lastWrittenLine == (this.ourEvents.Count - 1))
                return;

            for (int i = this.lastWrittenLine; i < this.ourEvents.Count; i++)
            {
                text.AppendBoldText(genHelper.formatForAstronomicalYear(this.ourEvents[i].getEventYear()));
                text.AppendText("  [" + this.ourEvents[i].getInit().ToString() + "]  ", StellarHistoryLogger.getColor(this.ourEvents[i]));
                text.AppendText(this.ourEvents[i].getEventText());
                text.AppendText(Environment.NewLine);

                this.lastWrittenLine = i;
            }
        }
Beispiel #4
0
        //this allows multiple colors in a text box
        //need a static method so that it is thread safe
        public static void AppendText(System.Windows.Forms.RichTextBox box, string text, System.Drawing.Color color)
        {
            box.SelectionStart = box.TextLength;
            box.SelectionLength = 0;

            box.SelectionColor = color;
            box.AppendText(text);
            //box.SelectionColor = box.ForeColor;
        }
Beispiel #5
0
 public static void SetText(System.Windows.Forms.TextBox ctrl, string text)
 {
     if (ctrl.InvokeRequired)
     {
         object[] params_list = new object[] { ctrl, text };
         ctrl.Invoke(new SetTextDelegate(SetText), params_list);
     }
     else { ctrl.AppendText(text); }
 }
Beispiel #6
0
 void AppendRichText(System.Windows.Forms.RichTextBox ctl, String str)
 {
     if (ctl.InvokeRequired)
     {
         this.Invoke(new Action<string>(ctl.AppendText), new object[] { str });
     }
     else
     {
         ctl.AppendText(str);
         ctl.ScrollToCaret();  //Scrolls the contents of the control to the current caret position
         ctl.Refresh();
     }
 }
Beispiel #7
0
        /// <summary>
        /// 
        /// </summary>
        /// <returns>true if some new text have been added to richTextBox.</returns>
        public bool AppendOutputToRichTextBox(System.Windows.Forms.RichTextBox richTextBox)
        {
            bool newLines = false;

            lock (m_SyncObj)
            {
                if (m_OutputLines.Count > 0)
                {
                    newLines = true;

                    // I can see it's not required, RichTextBox already does not flicker or slow down
                    // when adding hundreds of lines.
                    //richTextBox.BeginUpdate(); TODO ?

                    richTextBox.SelectionStart = richTextBox.TextLength;
                    richTextBox.SelectionLength = 0;

                    while (m_OutputLines.Count > 0)
                    {
                        string line = m_OutputLines.Dequeue();
                        bool lineIsError = m_OutputLineIsError.Dequeue();

                        richTextBox.SelectionColor = lineIsError ?
                            System.Drawing.Color.Maroon :
                            System.Drawing.Color.Black;

                        richTextBox.AppendText(line);
                        richTextBox.AppendText("\r\n");
                    }

                    //richTextBox.EndUpdate(); TODO ?
                }
            }

            return newLines;
        }
Beispiel #8
0
 public static void PrintXmlAudiobookToTextBoxForFrankie(System.Windows.Forms.RichTextBox txtArea, AudioBooker.classes.XmlIlyaParagraph xmlPara)
 {
     txtArea.Clear();
     if (xmlPara == null)
         return;
     var shit = xmlPara.Sentences
         .SelectMany(x => x.Lang2Segments)
         .Select(x => new ToStringTuple {
             Text = String.Format("{0}: {1}", "Segment", x.Filename),
             TimeIn = x.TimeIn,
         });
     foreach (var sss in shit) {
         txtArea.SelectionColor = sss.SelectionColor;
         txtArea.SelectionBackColor = sss.SelectionBackColor;
         //if (sss.State == XmlSegmentState.Pending)
         //    txtArea.SelectionBackColor = Color.Orange;
         //if (sss.IsCurrent) {
         //    txtArea.SelectionBackColor = Color.Black;
         //    txtArea.SelectionColor = Color.White;
         //}
         txtArea.AppendText(sss.Text + "\n");
     }
 }
Beispiel #9
0
        public static void AppendAndMaybeScrollToBottom(System.Windows.Controls.TextBox box, string text)
        {
            double dVer = box.VerticalOffset;
            double dViewport = box.ViewportHeight;
            double dExtent = box.ExtentHeight;

            box.AppendText(text);

            if (dVer != 0)
            {
                if (dVer + dViewport == dExtent)
                    box.ScrollToEnd();
            }
        }
Beispiel #10
0
 /// <summary>
 /// Appends the taxt and a newline character
 /// </summary>
 /// <param name="text">the text to append</param>
 /// <param name="textbox">the textbox to append to</param>
 internal static void appendTextToTextbox(string text, System.Windows.Forms.TextBox textbox)
 {
     textbox.AppendText(text);
     textbox.AppendText(Environment.NewLine);
 }
Beispiel #11
0
		private void getandupdate (System.Windows.Forms.RichTextBox box, string URL){
			string download="";
			WebClient myWebClient = new WebClient();
			statusBar1.Text="Updating the DB...";
			try{
				byte[] myDataBuffer = myWebClient.DownloadData (URL);
				download = Encoding.ASCII.GetString(myDataBuffer);
			} catch (Exception ex){
				MessageBox.Show("Cannot update:\n\n"+ex.ToString());
				return;
			}
			box.Clear();
			string[] newdirs = download.Replace("\r\n","\n").Split('\n');
			foreach (string dir in newdirs){
				if (dir.Length>1){
					box.AppendText(dir.Replace("/","")+"\r\n");
				}
			}
		}
        //  Lectura del changelog
        public void ReadChangelog(string pDir, ref System.Windows.Forms.RichTextBox pTxtBox, ref string pReadState)
        {
            System.Xml.XmlDocument xmlDocument = new System.Xml.XmlDocument();
            System.Xml.XmlNodeList nodeLogEntry = xmlDocument.SelectNodes("/changelogs/log/logentry");
            System.Xml.XmlNodeList nodeListAuthor = xmlDocument.GetElementsByTagName("author");
            System.Xml.XmlNodeList nodeListDate = xmlDocument.GetElementsByTagName("date");
            System.Xml.XmlNodeList nodeListMsg = xmlDocument.GetElementsByTagName("msg");

            int nodeCont = 0;
            pTxtBox.Clear();
            try
            {
                xmlDocument.Load(Consts.LOCAL_CHANGELOG_PATH);
                pTxtBox.AppendText("Número de cambios: " + Convert.ToString(nodeLogEntry.Count) + "\n===========================\n\n");
                foreach(System.Xml.XmlNode Nodo in nodeLogEntry)
                {
                    string NodeRev = Nodo.Attributes.GetNamedItem("revision").Value;
                    pTxtBox.AppendText(
                        "REVISIÓN: " + NodeRev + "\n" +
                        "AUTOR: " + nodeListAuthor.Item(nodeCont).InnerText + "\n" +
                        "DATE: " + nodeListDate.Item(nodeCont).InnerText + "\n" +
                        "MSG: " + nodeListMsg.Item(nodeCont).InnerText + "\n");
                    if (nodeCont < nodeLogEntry.Count - 1)
                    {
                        pTxtBox.AppendText("---------------------------------------------\n");
                    }
                    nodeCont++;
                    }
                pReadState = "Changelog leido correctamente";
            }
            catch(Exception ex)
            {
                pReadState = "Error al leer el changelog";
            }
        }
Beispiel #13
0
 private void DelgateDeclarationTextApp(System.Windows.Forms.TextBox myctl, String s)
 {
     myctl.AppendText(s);
 }
Beispiel #14
0
        public void Summarize(System.Windows.Forms.RichTextBox richTextBox)
        {
            richTextBox.Clear();

            if (this.synchronizedDifferences.Any())
            {
                const double syncAllowableAverage = 0.0003;
                double syncAverage = this.synchronizedDifferences.Average();
                this.successful = this.successful && syncAverage < syncAllowableAverage;
                richTextBox.AppendText("Synchronized average: ");
                richTextBox.SelectionColor = syncAverage < syncAllowableAverage ? Color.Green : Color.Red;
                richTextBox.SelectionFont = new Font(richTextBox.Font, FontStyle.Bold);
                richTextBox.AppendText(syncAverage.ToString("F10") + 's' + Environment.NewLine);

                const double syncAllowableMax = 0.0003;
                double syncMax = this.synchronizedDifferences.Max();
                richTextBox.AppendText("Synchronized max: ");
                richTextBox.SelectionColor = syncMax < syncAllowableMax ? Color.Green : Color.Goldenrod;
                richTextBox.SelectionFont = new Font(richTextBox.Font, FontStyle.Bold);
                richTextBox.AppendText(syncMax.ToString("F10") + 's' + Environment.NewLine);
            }
            else
            {
                richTextBox.AppendText("Synchronized average: N/A" + Environment.NewLine);
                richTextBox.AppendText("Synchronized max: N/A" + Environment.NewLine);
            }

            if (this.unsynchronizedDifferences.Any())
            {
                const double unsyncAllowableAverage = 0.001;
                double unsyncAverage = this.unsynchronizedDifferences.Average();
                this.successful = this.successful && unsyncAverage < unsyncAllowableAverage;
                richTextBox.AppendText("Unsynchronized average: ");
                richTextBox.SelectionColor = unsyncAverage < unsyncAllowableAverage ? Color.Green : Color.Red;
                richTextBox.SelectionFont = new Font(richTextBox.Font, FontStyle.Bold);
                richTextBox.AppendText(unsyncAverage.ToString("F10") + 's' + Environment.NewLine);

                const double unsyncAllowableMax = 0.001;
                double unsyncMax = this.unsynchronizedDifferences.Max();
                richTextBox.AppendText("Unsynchronized max: ");
                richTextBox.SelectionColor = unsyncMax < unsyncAllowableMax ? Color.Green : Color.Goldenrod;
                richTextBox.SelectionFont = new Font(richTextBox.Font, FontStyle.Bold);
                richTextBox.AppendText(unsyncMax.ToString("F10") + 's' + Environment.NewLine);
            }
            else
            {
                richTextBox.AppendText("Unsynchronized average: N/A" + Environment.NewLine);
                richTextBox.AppendText("Unsynchronized max: N/A" + Environment.NewLine);
            }

            if (this.variationCoefficients.Any())
            {
                // 0.15 semi-arbitrarily chosen to be reasonable boundary, based on repeated trials and human observation
                // But bumped it up to 0.25 to avoid false positives
                const double vcAllowableAverage = 0.25;
                double vcAverage = this.variationCoefficients.Average();
                this.successful = this.successful && vcAverage < vcAllowableAverage;
                richTextBox.AppendText("Variation coefficient average: ");
                richTextBox.SelectionColor = vcAverage < vcAllowableAverage ? Color.Green : Color.Red;
                richTextBox.SelectionFont = new Font(richTextBox.Font, FontStyle.Bold);
                richTextBox.AppendText(vcAverage.ToString("F3") + Environment.NewLine);

                const double vcAllowableMax = 0.5;
                double vcMax = this.variationCoefficients.Max();
                richTextBox.AppendText("Variation coefficient max: ");
                richTextBox.SelectionColor = vcMax < vcAllowableMax ? Color.Green : Color.Goldenrod;
                richTextBox.SelectionFont = new Font(richTextBox.Font, FontStyle.Bold);
                richTextBox.AppendText(vcMax.ToString("F3") + Environment.NewLine);
            }
            else
            {
                richTextBox.AppendText("Variation coefficient average: N/A" + Environment.NewLine);
                richTextBox.AppendText("Variation coefficient max: N/A" + Environment.NewLine);
            }

            richTextBox.AppendText("Counter always increasing in serial task: ");
            richTextBox.SelectionColor = this.serialTasksAlwaysAscending ? Color.Green : Color.Red;
            richTextBox.SelectionFont = new Font(richTextBox.Font, FontStyle.Bold);
            richTextBox.AppendText((this.serialTasksAlwaysAscending ? "YES" : "NO") + Environment.NewLine);

            this.successful = this.successful && this.serialTasksAlwaysAscending;

            // insert ok/bad at beginning
            richTextBox.Select(0, 0);
            if (this.successful)
            {
                richTextBox.SelectionColor = Color.Green;
                richTextBox.SelectionFont = new Font(richTextBox.Font, FontStyle.Bold);
                richTextBox.SelectedText= "OK" + Environment.NewLine;
            }
            else
            {
                richTextBox.SelectionColor = Color.Red;
                richTextBox.SelectionFont = new Font(richTextBox.Font, FontStyle.Bold);
                richTextBox.SelectedText = "BAD" + Environment.NewLine;
            }

            // insert message before ok/bad
            richTextBox.Select(0, 0);
            richTextBox.SelectedText = "Overall status: ";

            if (!this.successful)
            {
                string message = "The program has detected some poor timing results on your computer. " +
                                 "It is normal for this to happen once in a while." + Environment.NewLine + Environment.NewLine +
                                 "However, if you run the tests a few more times and are consistently receiving poor timing results, there may be applications running on your PC that consume too many resources and cause false positives.  " +
                                 "First, try stopping other programs that are running.  " +
                                 "If the poor timing results still persist, you may have an issue with your computer hardware or your BIOS.  " +
                                 "Click the 'Copy results to clipboard' button to your right, and paste everything in an email to [email protected] with subject 'Timing results' for more help determining how to fix the issue.";

                System.Windows.Forms.MessageBox.Show(message, "Poor timing results");
            }
        }
Beispiel #15
0
 private static void insertWithColor(System.Windows.Forms.RichTextBox output, string text, Color color) {
   output.SelectionStart = output.TextLength;
   output.SelectionLength = 0;
   output.SelectionColor = color;
   output.AppendText(text);
   output.SelectionColor = output.ForeColor;
 }
Beispiel #16
0
 /// <summary>
 /// 将日志信息显示在文本框
 /// </summary>
 /// <param name="tb">文本框</param>
 /// <param name="logLV">日志等级</param>
 public static void DisplayLog(System.Windows.Forms.TextBox tb, LogLevel logLV)
 {
     tb.Invoke(new Action(() =>
         {
             tb.Clear();
             switch (logLV)
             {
                 case LogLevel.Normal:
                     foreach (string str in NormalInfo)
                     {
                         tb.AppendText(str + "\r\n");
                         tb.AppendText("==============================================================\r\n");
                     }
                     NormalInfo.Clear();
                     break;
                 case LogLevel.Warn:
                     foreach (string str in WarnInfo)
                     {
                         tb.AppendText(str + "\r\n");
                         tb.AppendText("==============================================================\r\n");
                     }
                     WarnInfo.Clear();
                     break;
                 case LogLevel.Error:
                     foreach (string str in ErrorInfo)
                     {
                         tb.AppendText(str + "\r\n");
                         tb.AppendText("==============================================================\r\n");
                     }
                     ErrorInfo.Clear();
                     break;
                 default:
                     break;
             }
         }));
 }
        private void UpdateStatusBox(System.Windows.Controls.TextBox statusTextBox, String Message)
        {
            var dispatchMessage = Dispatcher.BeginInvoke(DispatcherPriority.Send, (SendOrPostCallback)delegate
            {
                statusTextBox.AppendText(Message + "\r\n");
            }, null);

            System.Windows.Forms.Application.DoEvents();
        }
 //Метод отправки сообщения в файл
 public void SendToFile(Message mes, string filePath)
 {
     //Создаем уникальное имя guid
     var guid = Guid.NewGuid();
     //Создаем директорию, если ее нет
     Directory.CreateDirectory(filePath);
     //Создаем файл в директории
     var file = new FileInfo(filePath + guid as string + ".txt");
     var writer = file.AppendText();
     //Записываем сообщение в файл
     writer.WriteLine(mes.Label);
     writer.WriteLine(mes.Body as string);
     writer.Close();
 }