Ejemplo n.º 1
0
 private void AddProcessBeingHookedWithoutConfirmation(IRunningProcess aProcess)
 {
     lock (_processesBeingHookedLock)
     {
         _processesBeingHookedWithoutConfirmation.Add(aProcess);
     }
 }
Ejemplo n.º 2
0
 private void RemoveProcessBeingHookedWithoutConfirmation(IRunningProcess aProcess)
 {
     lock (_processesBeingHookedLock)
     {
         _processesBeingHookedWithoutConfirmation.Remove(aProcess);
     }
 }
Ejemplo n.º 3
0
        //private EntityDictionary<IRunningProcess, int, Module[]> _modulesCache;

        public IEnumerable <Module> HookableModulesFor(IRunningProcess aProcess)
        {
            //if (_modulesCache == null)
            //{
            //    _modulesCache = new EntityDictionary<IRunningProcess, int, Module[]>(process => process.Id,
            //    process =>
            //    {
            //        var nktProcess = NktProcessFrom(aProcess);
            //        return nktProcess.Modules().CollectAll().Select(module => Module.From(module, aProcess, this)).ToArray();
            //    }
            //);
            //}

            //return _modulesCache.ValueOrInitialize(aProcess);


            IEnumerable <Module> modules;

            try
            {
                var nktProcess = NktProcessFrom(aProcess);
                modules = nktProcess.Modules().CollectAll().Select(module => Module.From(module, aProcess, this)).ToArray();
            }
            catch
            {
                modules = Enumerable.Empty <Module>();
            }

            return(modules);
        }
Ejemplo n.º 4
0
 public Hook[] HooksFor(IRunningProcess aProcess)
 {
     lock (_syncLock)
     {
         return(_hooks.ValueOrInitialize(aProcess).ToArray());
     }
 }
Ejemplo n.º 5
0
 public bool IsHooked(IRunningProcess aProcess)
 {
     lock (_syncLock)
     {
         return(_hooks.ValueOrInitialize(aProcess).Count > 0);
     }
 }
Ejemplo n.º 6
0
        public Hook AddHook(IRunningProcess aProcess, Module aModule, Function aFunction)
        {
            var ntkProcess = NktProcessFrom(aProcess);

            if (ntkProcess == null)
            {
                return(null);
            }
            if (!aProcess.IsAlive())
            {
                return(null);
            }

            var nktModule = ntkProcess.ModuleByName(aModule.Name);

            if (nktModule == null)
            {
                return(null);
            }

            var nktFunction = nktModule.FunctionByName(aFunction.Name);

            if (nktFunction == null)
            {
                return(null);
            }

            var nktHook = _manager.CreateHook(nktFunction, 0);

            nktHook.Hook(true);
            nktHook.Attach(ntkProcess, true);

            return(CreateConsoleHookFrom(nktHook));
        }
Ejemplo n.º 7
0
 public void DisplaySelectedProcessesModulesIfWasAdded(IRunningProcess aProcess)
 {
     if (_selectedProcesses.Contains(aProcess))
     {
         DisplaySelectedProcessesModulesKeepingSelection();
     }
 }
Ejemplo n.º 8
0
 public bool IsHooked(IRunningProcess aProcess)
 {
     lock(_syncLock)
     {
         return _hooks.ValueOrInitialize(aProcess).Count > 0;
     }
 }
Ejemplo n.º 9
0
        private void HookStateChangedHandler(Hook hook, IRunningProcess aProcess, eNktHookState previousState, eNktHookState currentState)
        {
            var aStateChangeInfo = new HookStateChangeInfo(hook, aProcess, previousState, currentState);

            var aHook = aStateChangeInfo.Hook;

            if (aStateChangeInfo.CurrentState == eNktHookState.stRemoved)
            {
                _view.RemoveHook(aHook);
                _view.RemoveHookEnabled     = false;
                _view.RemoveAllHooksEnabled = _spyManager.AtLeastOneHookWasCreated;
                _view.ExportHookingSettings = _spyManager.AtLeastOneHookWasCreated;
            }
            else
            {
                _view.DisplayHookStatus(aStateChangeInfo);
            }

            if (!aProcess.IsHooked())
            {
                _view.DisplayRecentlyUnhookedProcess(aProcess);
            }
            else if (aProcess.AtLeastOneHookIsActive())
            {
                _view.DisplayRecentlyHookedProcessAsActive(aProcess);
            }
            else
            {
                _view.DisplayRecentlyHookedProcessAsInactive(aProcess);
            }

            _view.RefreshModulesView();
        }
Ejemplo n.º 10
0
 public Hook[] HooksFor(IRunningProcess aProcess)
 {
     lock (_syncLock)
     {
         return _hooks.ValueOrInitialize(aProcess).ToArray();
     }
 }
Ejemplo n.º 11
0
 public bool AtLeastOneHookIsActiveOn(IRunningProcess aProcess)
 {
     lock (_syncLock)
     {
         return _activeHooks.ValueOrInitialize(aProcess).Count > 0;
     }
 }
Ejemplo n.º 12
0
        public void Update(Hook aHook, IRunningProcess aProcess, eNktHookState currentState, eNktHookState previousState)
        {
            var module = aProcess.ModuleByName(aHook.ModuleName);

            lock (_syncLock)
            {
                if (currentState == eNktHookState.stRemoved)
                {
                    _hooks.ValueOrInitialize(aProcess).Remove(aHook);
                    _activeHooks.ValueOrInitialize(aProcess).Remove(aHook.Id);
                    if (previousState == eNktHookState.stActive)
                    {
                        _hookCountByModule.Update(aProcess, moduleDictionary =>
                        {
                            moduleDictionary.Update(module, oldCount => -- oldCount);
                            return(moduleDictionary);
                        });
                    }
                }
                else
                {
                    _hooks.ValueOrInitialize(aProcess).Add(aHook);

                    if (currentState == eNktHookState.stActive)
                    {
                        _activeHooks.ValueOrInitialize(aProcess).Add(aHook.Id);
                        _hookCountByModule.Update(aProcess, moduleDictionary =>
                        {
                            moduleDictionary.Update(module, oldCount => ++ oldCount);
                            return(moduleDictionary);
                        });
                    }
                }
            }
        }
Ejemplo n.º 13
0
 public HookStateChangeInfo(Hook aHook, IRunningProcess aProcess, eNktHookState previousState, eNktHookState currentState)
 {
     Process = aProcess;
     PreviousState = previousState;
     CurrentState = currentState;
     Hook = aHook;
 }
Ejemplo n.º 14
0
 public bool AtLeastOneHookIsActiveOn(IRunningProcess aProcess)
 {
     lock (_syncLock)
     {
         return(_activeHooks.ValueOrInitialize(aProcess).Count > 0);
     }
 }
Ejemplo n.º 15
0
 public HookStateChangeInfo(Hook aHook, IRunningProcess aProcess, eNktHookState previousState, eNktHookState currentState)
 {
     Process       = aProcess;
     PreviousState = previousState;
     CurrentState  = currentState;
     Hook          = aHook;
 }
Ejemplo n.º 16
0
 private bool ProcessIsNotBeingHooked(IRunningProcess aProcess)
 {
     lock (_processesBeingHookedLock)
     {
         return(!_processesBeingHookedWithoutConfirmation.Contains(aProcess));
     }
 }
Ejemplo n.º 17
0
        public void LoadHooksWithoutConfirmationOn(IRunningProcess aProcess)
        {
            AddProcessBeingHookedWithoutConfirmation(aProcess);

            RecreateHooksFromRulesOn(new[] {aProcess});

            RemoveProcessBeingHookedWithoutConfirmation(aProcess);
        }
Ejemplo n.º 18
0
 public IdleTimeModule(IEplanHelper eplanHelper,
                       IModuleConfiguration moduleConfiguration,
                       IRunningProcess runningProcess)
 {
     this.eplanHelper         = eplanHelper;
     this.moduleConfiguration = moduleConfiguration;
     this.runningProcess      = runningProcess;
 }
Ejemplo n.º 19
0
        public void LoadHooksWithoutConfirmationOn(IRunningProcess aProcess)
        {
            AddProcessBeingHookedWithoutConfirmation(aProcess);

            RecreateHooksFromRulesOn(new[] { aProcess });

            RemoveProcessBeingHookedWithoutConfirmation(aProcess);
        }
Ejemplo n.º 20
0
        public void ApplyHookOn(Hook hook, IRunningProcess process)
        {
            var rule = new HookingRule(process.Name, hook.ModuleName, hook.FunctionName);

            RecreateHookFromRuleOn(new List <IRunningProcess> {
                process
            }, rule);
        }
Ejemplo n.º 21
0
 private void AgentLoadHandler(IRunningProcess aProcess, int anErrorCode)
 {
     if (anErrorCode == 0)
     {
         return;
     }
     _view.ShowAgentLoadingError(aProcess, anErrorCode);
 }
Ejemplo n.º 22
0
        public void UpdateProcessToSelectionIfItsGroupIsSelected(IRunningProcess aProcess)
        {
            var firstSelectedProcess = _selectedProcesses.FirstOrDefault();

            if (firstSelectedProcess != null && firstSelectedProcess.Name.Equals(aProcess.Name))
            {
                _selectedProcesses = _selectedProcesses.Union(new[] { aProcess });
            }
        }
Ejemplo n.º 23
0
        private void ProcessAddedHook(IRunningProcess aProcess, Module aModule, Function aFunction, Hook aHook)
        {
            _hookingSettings.Add(aProcess.Name, aModule.Name, aFunction.Name);

            DisplayHook(aProcess, aModule, aFunction, aHook);
            _view.RemoveAllHooksEnabled = true;
            _view.ExportHookingSettings = true;
            _view.RemoveHookEnabled     = true;
        }
Ejemplo n.º 24
0
        public bool IsHookActiveOn(Hook aHook, IRunningProcess aProcess)
        {
            var nktHook = NktHookFor(aHook);

            if (nktHook == null)
            {
                return(false);
            }
            return(nktHook.State(aProcess.Id) == eNktHookState.stActive);
        }
Ejemplo n.º 25
0
        private void ProcessTerminatedHandler(IRunningProcess aProcess)
        {
            if (!ProcessFilter.ForInvalidProcesses(_platformBits).IsValid(aProcess))
            {
                return;
            }

            RemoveRunningProcess(aProcess);
            RemoveProcessHooks(aProcess);
        }
Ejemplo n.º 26
0
        private void RemoveRunningProcess(IRunningProcess aProcess)
        {
            _view.RemoveRunningProcess(aProcess);

            if (!_selectedProcesses.Contains(aProcess))
            {
                return;
            }

            RemoveRunningProcessFromSelection(aProcess);
        }
Ejemplo n.º 27
0
 public void RemoveAllHooksOf(IRunningProcess aProcess)
 {
     lock (_syncLock)
     {
         _hooks.Remove(aProcess);
         _activeHooks.Remove(aProcess);
         _hookCountByModule.Update(aProcess, moduleDictionary => {
             moduleDictionary.Clear();
             return(moduleDictionary);
         });
     }
 }
Ejemplo n.º 28
0
        public void ShowAgentLoadingError(IRunningProcess aProcess, int anErrorCode)
        {
            if (!aProcess.IsAlive(10))
            {
                return;
            }

            string errorMessage = string.Format("Deviare Agent load error. Process: {0} ({1}). Error code: 0x{2:X}",
                                                aProcess.Name, aProcess.Id, anErrorCode);

            MessageBox.Show(errorMessage);
        }
Ejemplo n.º 29
0
 public void RemoveRunningProcessFromSelection(IRunningProcess aProcess)
 {
     _selectedProcesses.ForEach(p => p.IfRunning(proc =>
     {
         if (proc.Id != aProcess.Id)
         {
             return;
         }
         var newProcessSelection = _selectedProcesses.ToList();
         newProcessSelection.Remove(proc);
         SelectedProcessesChanged(newProcessSelection);
     })
                                );
 }
Ejemplo n.º 30
0
        private void Add(IRunningProcess aProcess, Module aModule, Function aFunction, Hook aHook)
        {
            lock (_dataLock)
            {
                if (_hookNodes.ContainsKey(aHook)) return;

                var aProcessNode = _nodes.ValueOrInitialize(aProcess);
                var aModuleNode = aProcessNode.ModuleNodeFor(aModule);
                var aHookNode = aModuleNode.AddHook(aHook, aFunction);

                _hookNodes[aHook] = aHookNode;

                _model.Nodes.Add(aProcessNode);
            }
        }
Ejemplo n.º 31
0
        private void ProcessStartedHandler(IRunningProcess aProcess)
        {
            if (!ProcessFilter.ForInvalidProcesses(_platformBits).IsValid(aProcess))
            {
                return;
            }

            _view.DisplayNewRunningProcess(aProcess);
            _view.RemoveProcessToBeHookedOnStart(aProcess);

            UpdateProcessToSelectionIfItsGroupIsSelected(aProcess);

            DisplaySelectedProcessesModulesIfWasAdded(aProcess);

            _hookLoader.LoadHooksOn(new [] { aProcess });
        }
Ejemplo n.º 32
0
        public void DisplayHook(Hook hook, IRunningProcess process, HookStateChangeInfo pepe)
        {
            if (!process.IsAlive())
            {
                return;
            }

            lock (_dataLock)
            {
                process.Do(hook, (p, m, f) =>
                {
                    Add(process, m, f, hook);
                    _hookNodes[hook].UpdateState(pepe.CurrentState);
                });
            }
        }
Ejemplo n.º 33
0
        public IEnumerable <IRunningProcess> SelectProcessesToApplyHookingRules(IEnumerable <IProcess> toHookOnStart,
                                                                                IEnumerable <IRunningProcess> unhooked,
                                                                                IEnumerable <IRunningProcess>
                                                                                hookedInactive,
                                                                                IEnumerable <IRunningProcess> hookedActive)
        {
            var selectedProcesses = new IRunningProcess[0];

            var job = new UpdateUIJob(this,
                                      () =>
                                      selectedProcesses =
                                          ProcessSelectionForm.Show(toHookOnStart, unhooked, hookedInactive, hookedActive));

            job.Perform();

            return(selectedProcesses);
        }
Ejemplo n.º 34
0
        public Function[] HookableFunctionsFor(Module aModule, IRunningProcess aProcess)
        {
            IEnumerable <Function> functions;

            try
            {
                var nktProcess = NktProcessFrom(aProcess);
                var nktModule  = nktProcess.ModuleByName(aModule.Name);
                functions = Function.From(nktModule.ExportedFunctions().CollectAll());
            }
            catch
            {
                functions = Enumerable.Empty <Function>();
            }

            return(functions.ToArray());
        }
Ejemplo n.º 35
0
        public Module ModuleByName(IRunningProcess aProcess, string aModuleName)
        {
            var nktProcess = NktProcessFrom(aProcess);

            if (nktProcess == null)
            {
                return(null);
            }

            var aModule = nktProcess.ModuleByName(aModuleName);

            if (aModule == null)
            {
                return(null);
            }

            return(Module.From(aModule, aProcess, this));
        }
Ejemplo n.º 36
0
        private void Add(IRunningProcess aProcess, Module aModule, Function aFunction, Hook aHook)
        {
            lock (_dataLock)
            {
                if (_hookNodes.ContainsKey(aHook))
                {
                    return;
                }

                var aProcessNode = _nodes.ValueOrInitialize(aProcess);
                var aModuleNode  = aProcessNode.ModuleNodeFor(aModule);
                var aHookNode    = aModuleNode.AddHook(aHook, aFunction);

                _hookNodes[aHook] = aHookNode;

                _model.Nodes.Add(aProcessNode);
            }
        }
Ejemplo n.º 37
0
 public void UpdateProcessToSelectionIfItsGroupIsSelected(IRunningProcess aProcess)
 {
     var firstSelectedProcess = _selectedProcesses.FirstOrDefault();
     if (firstSelectedProcess != null && firstSelectedProcess.Name.Equals(aProcess.Name))
         _selectedProcesses = _selectedProcesses.Union(new[] { aProcess });
 }
Ejemplo n.º 38
0
        private void ProcessTerminatedHandler(IRunningProcess aProcess)
        {
            if (!ProcessFilter.ForInvalidProcesses(_platformBits).IsValid(aProcess))
                return;

            RemoveRunningProcess(aProcess);
            RemoveProcessHooks(aProcess);
        }
Ejemplo n.º 39
0
        private void RemoveRunningProcess(IRunningProcess aProcess)
        {
            _view.RemoveRunningProcess(aProcess);

            if (!_selectedProcesses.Contains(aProcess)) return;

            RemoveRunningProcessFromSelection(aProcess);
        }
Ejemplo n.º 40
0
        public IEnumerable<IRunningProcess> SelectProcessesToApplyHookingRules(IEnumerable<IProcess> toHookOnStart,
                                                                               IEnumerable<IRunningProcess> unhooked,
                                                                               IEnumerable<IRunningProcess>
                                                                                   hookedInactive,
                                                                               IEnumerable<IRunningProcess> hookedActive)
        {
            var selectedProcesses = new IRunningProcess[0];

            var job = new UpdateUIJob(this,
                                      () =>
                                      selectedProcesses =
                                      ProcessSelectionForm.Show(toHookOnStart, unhooked, hookedInactive, hookedActive));
            job.Perform();

            return selectedProcesses;
        }
Ejemplo n.º 41
0
        private void ProcessStartedHandler(IRunningProcess aProcess)
        {
            if (!ProcessFilter.ForInvalidProcesses(_platformBits).IsValid(aProcess))
                return;

            _view.DisplayNewRunningProcess(aProcess);
            _view.RemoveProcessToBeHookedOnStart(aProcess);

            UpdateProcessToSelectionIfItsGroupIsSelected(aProcess);

            DisplaySelectedProcessesModulesIfWasAdded(aProcess);

            _hookLoader.LoadHooksOn(new [] {aProcess});
        }
Ejemplo n.º 42
0
 public void AddHookForRunningProcess(IRunningProcess aProcess, Module aModule, Function aFunction)
 {
     aProcess.Hook(aModule, aFunction, hook => ProcessAddedHook(aProcess, aModule, aFunction, hook));
 }
Ejemplo n.º 43
0
 private void DisplayHook(IRunningProcess aProcess, Module aModule, Function aFunction, Hook aHook)
 {
     _view.DisplayHook(aProcess, aModule, aFunction, aHook);
 }
Ejemplo n.º 44
0
        public void Update(Hook aHook, IRunningProcess aProcess, eNktHookState currentState, eNktHookState previousState)
        {
            var module = aProcess.ModuleByName(aHook.ModuleName);
            lock (_syncLock)
            {
                if (currentState == eNktHookState.stRemoved)
                {
                    _hooks.ValueOrInitialize(aProcess).Remove(aHook);
                    _activeHooks.ValueOrInitialize(aProcess).Remove(aHook.Id);
                    if (previousState == eNktHookState.stActive) 
                        _hookCountByModule.Update(aProcess, moduleDictionary =>
                                                            { 
                                                                moduleDictionary.Update(module, oldCount => --oldCount);
                                                                return moduleDictionary;
                                                            });
                }
                else
                {
                    _hooks.ValueOrInitialize(aProcess).Add(aHook);

                    if (currentState == eNktHookState.stActive)
                    {
                        _activeHooks.ValueOrInitialize(aProcess).Add(aHook.Id);
                        _hookCountByModule.Update(aProcess, moduleDictionary =>
                                                            {
                                                                moduleDictionary.Update(module, oldCount => ++oldCount);
                                                                return moduleDictionary;
                                                            });
                    }
                }
            }
        }
Ejemplo n.º 45
0
        public void DisplayHook(Hook hook, IRunningProcess process, HookStateChangeInfo pepe)
        {
            if (!process.IsAlive()) return;

            lock (_dataLock)
            {
                process.Do(hook, (p, m, f) =>
                                     {
                                         Add(process, m, f, hook);
                                         _hookNodes[hook].UpdateState(pepe.CurrentState);
                                     });
                
            }
        }
Ejemplo n.º 46
0
 public RunningModule(string path, string name, IntPtr baseAddress, IRunningProcess process, ISpyManager aSpyManager)
     : base(path, name, baseAddress)
 {
     _process = process;
     _spyManager = aSpyManager;
 }
Ejemplo n.º 47
0
 public bool Test(IRunningProcess aProcess)
 {
     return _isValidProcess(aProcess);
 }
Ejemplo n.º 48
0
 public int HooksCountFor(IRunningProcess aProcess, Module aModule)
 {
     return _hookCountByModule.ValueOrInitialize(aProcess).ValueOrInitialize(aModule);
 }
Ejemplo n.º 49
0
 private void AgentLoadHandler(IRunningProcess aProcess, int anErrorCode)
 {
     if (anErrorCode == 0) return;
     _view.ShowAgentLoadingError(aProcess, anErrorCode);
 }
Ejemplo n.º 50
0
 public void RemoveAllHooksOf(IRunningProcess aProcess)
 {
     lock (_syncLock)
     {
         _hooks.Remove(aProcess);
         _activeHooks.Remove(aProcess);
         _hookCountByModule.Update(aProcess, moduleDictionary => { 
                                                                     moduleDictionary.Clear();
                                                                     return moduleDictionary;
                                                                 });
     }
 }
Ejemplo n.º 51
0
 public void RemoveRunningProcessFromSelection(IRunningProcess aProcess)
 {
     _selectedProcesses.ForEach(p => p.IfRunning(proc =>
     {
         if (proc.Id != aProcess.Id) return;
         var newProcessSelection = _selectedProcesses.ToList();
         newProcessSelection.Remove(proc);
         SelectedProcessesChanged(newProcessSelection);
     })
                                                     );
 }
Ejemplo n.º 52
0
 public bool IsValid(IRunningProcess aProcess)
 {
     return _filters.All(filter => filter.Test(aProcess));
 }
Ejemplo n.º 53
0
 public void DisplaySelectedProcessesModulesIfWasAdded(IRunningProcess aProcess)
 {
     if (_selectedProcesses.Contains(aProcess))
         DisplaySelectedProcessesModulesKeepingSelection();
 }
Ejemplo n.º 54
0
 private bool ProcessIsNotBeingHooked(IRunningProcess aProcess)
 {
     lock (_processesBeingHookedLock)
     {
         return !_processesBeingHookedWithoutConfirmation.Contains(aProcess);
     }
 }
Ejemplo n.º 55
0
        private void ProcessAddedHook(IRunningProcess aProcess, Module aModule, Function aFunction, Hook aHook)
        {
            _hookingSettings.Add(aProcess.Name, aModule.Name, aFunction.Name);

            DisplayHook(aProcess, aModule, aFunction, aHook);
            _view.RemoveAllHooksEnabled = true;
            _view.ExportHookingSettings = true;
            _view.RemoveHookEnabled = true;
        }
Ejemplo n.º 56
0
 public bool IsActiveOn(IRunningProcess aProcess)
 {
     return _spyManager.IsHookActiveOn(this, aProcess);
 }
Ejemplo n.º 57
0
        private void HookStateChangedHandler(Hook hook, IRunningProcess aProcess, eNktHookState previousState, eNktHookState currentState)
        {
            var aStateChangeInfo = new HookStateChangeInfo(hook, aProcess, previousState, currentState);

            var aHook = aStateChangeInfo.Hook;
            if (aStateChangeInfo.CurrentState == eNktHookState.stRemoved)
            {
                _view.RemoveHook(aHook);
                _view.RemoveHookEnabled = false;
                _view.RemoveAllHooksEnabled = _spyManager.AtLeastOneHookWasCreated;
                _view.ExportHookingSettings = _spyManager.AtLeastOneHookWasCreated;
            }
            else
                _view.DisplayHookStatus(aStateChangeInfo);

            if (!aProcess.IsHooked())
                _view.DisplayRecentlyUnhookedProcess(aProcess);
            else if (aProcess.AtLeastOneHookIsActive())
                _view.DisplayRecentlyHookedProcessAsActive(aProcess);
            else
                _view.DisplayRecentlyHookedProcessAsInactive(aProcess);

            _view.RefreshModulesView();
        }
Ejemplo n.º 58
0
        public void ShowAgentLoadingError(IRunningProcess aProcess, int anErrorCode)
        {
            if (!aProcess.IsAlive(10)) return;

            string errorMessage = string.Format("Deviare Agent load error. Process: {0} ({1}). Error code: 0x{2:X}",
                                                aProcess.Name, aProcess.Id, anErrorCode);
            MessageBox.Show(errorMessage);
        }
Ejemplo n.º 59
0
 public static Module From(NktModule module, IRunningProcess aProcess, ISpyManager aSpyManager)
 {
     return new RunningModule(module.Path, module.Name, module.BaseAddress, aProcess, aSpyManager);
 }
Ejemplo n.º 60
0
 public void DisplayHook(IRunningProcess aProcess, Module aModule, Function aFunction, Hook aHook)
 {
 }