public HypercallComponent(UInt64 code, UInt64 param1, UInt64 param2)
{
InitializeComponent();
createHexBox();
cmbFuzzType.SelectedIndex = 0;
txtCallnr.Text = HypercallConversions.getCallCode(code).ToString();
txtCount.Text = HypercallConversions.getCountOfElements(code).ToString();
txtStart.Text = HypercallConversions.getRepStartIndex(code).ToString();
optFast.Checked = HypercallConversions.isFast(code);
byte[] byteArr = new byte[16];
for (int x = 0; x < 8; x++)
{
byteArr[x] = (byte)(param1 & 0xFF);
param1 = param1 >> 8;
}
for (int x = 0; x < 8; x++)
{
byteArr[x + 8] = (byte)(param2 & 0xFF);
param2 = param2 >> 8;
}
hexBoxIn.ByteProvider = new DynamicByteProvider(byteArr);
updateEnabled();
}
public HypercallSelectionForm(MainWindow parentIn, List <HypercallStruct> callsIn)
{
InitializeComponent();
cmbFuzzType.SelectedIndex = 0;
parent = parentIn;
calls = callsIn;
table.Rows.Clear();
int idx = 0;
int largest = 16;
foreach (HypercallStruct call in calls)
{
String code = "0x" + HypercallConversions.getCallCode(call.code).ToString("X2");
String count = "0x" + HypercallConversions.getCountOfElements(call.code).ToString("X");
String start = "0x" + HypercallConversions.getRepStartIndex(call.code).ToString("X");
bool fast = HypercallConversions.isFast(call.code);
if (call.input.Length > largest)
{
largest = call.input.Length;
}
object[] row = new object[] { idx++, code, fast, count, start, call.input.Length.ToString(), "open" };
table.Rows.Add(row);
}
txtFuzzMaxPos.Text = largest.ToString();
}
public void save()
{
SaveFileDialog saveFileDialog = new SaveFileDialog();
saveFileDialog.InitialDirectory = "c:\\";
saveFileDialog.Filter = "HyperViper Call List (*.hvcl)|*.hvcl|All files (*.*)|*.*";
saveFileDialog.FilterIndex = 0;
saveFileDialog.RestoreDirectory = true;
if (saveFileDialog.ShowDialog() == DialogResult.OK)
{
uint callnr = UInt32.Parse(txtCallnr.Text);
uint count = UInt32.Parse(txtCount.Text);
uint start = UInt32.Parse(txtStart.Text);
uint outSize = UInt32.Parse(txtOutSize.Text);
ulong inputInt = (ulong)HypercallConversions.hypercallInput(callnr, optFast.Checked, count, start);
byte[] inputBuffer = new byte[hexBoxIn.ByteProvider.Length];
for (int x = 0; x < inputBuffer.Length; x++)
{
inputBuffer[x] = hexBoxIn.ByteProvider.ReadByte(x);
}
HVCL.save(saveFileDialog.FileName, inputInt, inputBuffer);
}
}
public void addHypercall(UInt64 code, byte[] input)
{
TabPage newPage = new TabPage("Hypercall " + HypercallConversions.getCallCode(code));
newPage.Controls.Add(new HypercallComponent(code, input));
tabs.TabPages.Add(newPage);
}
public void addHypercall(UInt64 code, UInt64 param1, UInt64 param2)
{
TabPage newPage = new TabPage("Hypercall " + HypercallConversions.getCallCode(code));
newPage.Controls.Add(new HypercallComponent(code, param1, param2));
tabs.TabPages.Add(newPage);
}
private void btnSend_Click(object sender, EventArgs e)
{
try
{
uint callnr = UInt32.Parse(txtCallnr.Text);
uint count = UInt32.Parse(txtCount.Text);
uint start = UInt32.Parse(txtStart.Text);
uint outSize = UInt32.Parse(txtOutSize.Text);
long inputInt = HypercallConversions.hypercallInput(callnr, optFast.Checked, count, start);
long output;
byte[] outputBuffer = new byte[outSize];
byte[] inputBuffer = new byte[hexBoxIn.ByteProvider.Length];
for (int x = 0; x < inputBuffer.Length; x++)
{
inputBuffer[x] = hexBoxIn.ByteProvider.ReadByte(x);
}
if (optFast.Checked && inputBuffer.Length != 0x10)
{
MessageBox.Show("Fast hypercall input has to be 16 bytes (two 8 byte registers");
return;
}
if (DriverIO.hypercall(inputInt, inputBuffer, (uint)inputBuffer.Length, out output, out outputBuffer, outSize))
{
txtResultStatus.Text = (output & 0xFFFF).ToString();
if ((output & 0xFFFF) > 0 || optFast.Checked)
{
hexBoxOut.ByteProvider = new DynamicByteProvider(new byte[0]);
hexBoxOut.Visible = false;
}
else
{
hexBoxOut.ByteProvider = new DynamicByteProvider(outputBuffer);
hexBoxOut.Visible = true;
}
}
else
{
hexBoxOut.ByteProvider = new DynamicByteProvider(new byte[0]);
hexBoxOut.Visible = false;
txtResultStatus.Text = "";
MessageBox.Show("Making hypercall failed!");
}
}
catch (Exception exc)
{
MessageBox.Show(exc.Message);
}
}
public HypercallComponent(UInt64 code, byte[] input)
{
InitializeComponent();
createHexBox();
cmbFuzzType.SelectedIndex = 0;
txtCallnr.Text = HypercallConversions.getCallCode(code).ToString();
txtCount.Text = HypercallConversions.getCountOfElements(code).ToString();
txtStart.Text = HypercallConversions.getRepStartIndex(code).ToString();
optFast.Checked = HypercallConversions.isFast(code);
hexBoxIn.ByteProvider = new DynamicByteProvider(input);
updateEnabled();
}
static public void save(String fname, ulong hypercallCodeInput, byte[] input)
{
using (BinaryWriter writer = new BinaryWriter(File.Open(fname, FileMode.Create)))
{
writer.Write(0x4c435648);
writer.Write(hypercallCodeInput);
if (!HypercallConversions.isFast(hypercallCodeInput))
{
writer.Write(input.Length);
}
writer.Write(input);
writer.Close();
}
}
private void button1_Click(object sender, EventArgs e)
{
uint callnr = UInt32.Parse(txtCallnr.Text);
uint count = UInt32.Parse(txtCount.Text);
uint start = UInt32.Parse(txtStart.Text);
long inputInt = HypercallConversions.hypercallInput(callnr, optFast.Checked, count, start);
byte[] inputBuffer = new byte[hexBoxIn.ByteProvider.Length];
for (int x = 0; x < inputBuffer.Length; x++)
{
inputBuffer[x] = hexBoxIn.ByteProvider.ReadByte(x);
}
HV_MUTATION_CONF conf;
conf.target = 0;
conf.dbgMsg = (byte)(chkFuzzDbg.Checked ? 1 : 0);
conf.type = getFuzzType();
conf.seed = UInt32.Parse(txtFuzzSeed.Text);
conf.minChanges = UInt32.Parse(txtFuzzMin.Text);
conf.maxChanges = UInt32.Parse(txtFuzzMax.Text);
conf.maxLength = (uint)inputBuffer.Length;
conf.count = getFuzzCount((uint)inputBuffer.Length);
if (optFast.Checked && inputBuffer.Length != 0x10)
{
MessageBox.Show("Fast hypercall input has to be 16 bytes (two 8 byte registers");
return;
}
if (DriverIO.hypercallFuzz(inputInt, inputBuffer, (uint)inputBuffer.Length, conf))
{
MessageBox.Show("DONE");
}
else
{
MessageBox.Show("FAILED");
}
}
static public List <HypercallStruct> open(String fname)
{
List <HypercallStruct> result = new List <HypercallStruct>();
using (BinaryReader reader = new BinaryReader(File.Open(fname, FileMode.Open)))
{
if (reader.ReadInt32() != 0x4c435648)
{
return(null);
}
while (reader.BaseStream.Position != reader.BaseStream.Length)
{
HypercallStruct res = new HypercallStruct();
res.code = (ulong)reader.ReadInt64();
if (HypercallConversions.isFast(res.code))
{
res.input = reader.ReadBytes(16);
}
else
{
int tmp = reader.ReadInt32();
if (tmp == 0)
{
res.input = new byte[0];
}
else
{
res.input = reader.ReadBytes(tmp);
}
}
result.Add(res);
}
}
return(result);
}
