public static bool ForceOutOfProcTracking(ExecutableType toolType, string dllName, string cancelEventName) { bool flag = false; if (cancelEventName == null) { if (dllName != null) { return(true); } if (IntPtr.Size == 4) { if ((toolType == ExecutableType.Managed64Bit) || (toolType == ExecutableType.Native64Bit)) { return(true); } if ((toolType == ExecutableType.ManagedIL) && (ToolLocationHelper.GetPathToDotNetFrameworkFile(s_TrackerFilename, TargetDotNetFrameworkVersion.Version40, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness64) != null)) { flag = true; } return(flag); } if ((IntPtr.Size != 8) || ((toolType != ExecutableType.Managed32Bit) && (toolType != ExecutableType.Native32Bit))) { return(flag); } } return(true); }
public void Run(RemoteHooking.IContext context, int threadId, ExecutableType exeType) { #if DEBUG System.Diagnostics.Debugger.Launch(); #endif _tracer.TraceNote("Trying to hook executable detected as '{0}'.", exeType); System.Diagnostics.Process process = System.Diagnostics.Process.GetCurrentProcess(); if (exeType == ExecutableType.Steam) { Steam.ModifyEP(process); } CncOnline.ModifyPublicKey(process); LocalHook getHostByName = LocalHook.Create(NativeLibrary.GetExport(Ws2_32.HModule, "gethostbyname"), new Ws2_32.GetHostByNameDelegate(CncOnline.GetHostByName), null); getHostByName.ThreadACL.SetExclusiveACL(new[] { 0 }); LocalHook send = LocalHook.Create(NativeLibrary.GetExport(Ws2_32.HModule, "send"), new Ws2_32.SendDelegate(CncOnline.Send), null); send.ThreadACL.SetExclusiveACL(new[] { 0 }); InitializeHooks(exeType); IntPtr thread = Kernel32.OpenThread(0x00100002, true, threadId); if (thread != IntPtr.Zero) { Kernel32.ResumeThread(thread); Kernel32.WaitForSingleObject(thread, -1); Kernel32.CloseHandle(thread); } else { throw new InvalidOperationException(); } }
public ExecutableItem(ExecutableType type,int count,int cost) { ExecutableType = type; Slot = Slot.executable; this.count = count; this.cost = cost; }
public static Process StartProcess(string command, string arguments, ExecutableType toolType, string dllName, string intermediateDirectory, string rootFiles, string cancelEventName) { dllName = dllName ?? GetFileTrackerPath(toolType); string str = TrackerArguments(command, arguments, dllName, intermediateDirectory, rootFiles, cancelEventName); return(Process.Start(GetTrackerPath(toolType), str)); }
private Software GetSoftwareFromInputs() { ExecutableType type = ExecutableType.Command; string executable = ""; switch (ExecutablePivot.SelectedIndex) { case 0: type = ExecutableType.Command; executable = CommandName.Text; break; case 1: type = ExecutableType.Fixed; executable = FixedFilePath.Text; break; case 2: type = ExecutableType.Dynamic; if (executableFolder != null) { executable = FileUtil.SaveDirectoryAsToken(executableFolder); } break; } return(new Software(SoftwareName.Text, type, executable, DynamicFolderFilter.Text, Arguments.Text, InstallRegex.Text, LatestUrl.Text, LatestRegex.Text)); }
public ExecutableFileInfo(string path, string projectRelativePath, string displayName, ExecutableType executableType) { this.Path = path; this.ProcessName = IOPath.GetFileNameWithoutExtension(path); this.ProjectRelativePath = projectRelativePath; this.ExecutableType = executableType; this.DisplayName = displayName; }
public void Read(PeReader rdr) { rdr.SetPosition(StandardFieldsOffset); t = (ExecutableType)rdr.ReadUInt16(); sf = new StandardFieldsHeader(file, this); sf.Read(rdr); wsf = new WindowsSpecificFieldsHeader(file, this); wsf.Read(rdr); dd = new DataDirectoriesHeader(this); dd.Read(rdr); }
public Software(string name, ExecutableType executableType, string executableIdentifier, string executableRegex, string installedArguments, string installedRegex, string latestUrl, string latestRegex) { this.Name = name; this.ExecutableType = executableType; this.ExecutableIdentifier = executableIdentifier; this.ExecutableRegex = executableRegex; this.InstalledArguments = installedArguments; this.InstalledRegex = installedRegex; this.LatestUrl = latestUrl; this.LatestRegex = latestRegex; }
CompileFromFile( String InSourcePath, ExecutableType InExecType, GenerateAssemblyIn InGenerateIn, CompilerVersion CompilerVersion) { List <string> addnReferencedAssemblies = new List <string>(); AcCompilerResults results = Compile_Actual( InSourcePath, null, InExecType, InGenerateIn, addnReferencedAssemblies, CompilerVersion); return(results); }
CompileFromSource( string InSourceLines, ExecutableType InExecType, GenerateAssemblyIn InGenerateIn, List <string> InAddnReferencedAssemblies, CompilerVersion CompilerVersion) { AcCompilerResults results = Compile_Actual( null, InSourceLines, InExecType, InGenerateIn, InAddnReferencedAssemblies, CompilerVersion); return(results); }
public static int CostByExecutableType(ExecutableType type) { switch (type) { case ExecutableType.craft: return 1; case ExecutableType.enchant: return 1000; case ExecutableType.catalys: return 1; default: return 1; } }
public Nanohook(RemoteHooking.IContext context, int threadId, ExecutableType executableType) { #if DEBUG IntPtr consoleWindow = IntPtr.Zero; if (Kernel32.AllocConsole()) { consoleWindow = Kernel32.GetConsoleWindow(); User32.SetLayeredWindowAttributes(consoleWindow, 0u, 225, 2); } User32.ShowWindow(consoleWindow, 5); Console.ForegroundColor = ConsoleColor.Green; Console.Title = "Nanocore Debug Console"; #endif Tracer.TraceWrite += Log; Tracer.SetTraceLevel(6); }
/// <summary> /// Generates an executable that does nothing but call a given method. /// </summary> public string GenerateExecutable(MethodInfo methodToCall, ExecutableType executableType, string assemblyName) { var saveDir = System.IO.Path.GetDirectoryName(typeof(ExecutableGenerator).Assembly.Location); var w = System.Diagnostics.Stopwatch.StartNew(); //From http://stackoverflow.com/a/15602171 var executableFileName = assemblyName + ".exe"; AssemblyBuilder assemblyBuilder = AppDomain.CurrentDomain.DefineDynamicAssembly( new AssemblyName(assemblyName), AssemblyBuilderAccess.Save, saveDir); ModuleBuilder moduleBuilder = assemblyBuilder.DefineDynamicModule( assemblyName, executableFileName); TypeBuilder typeBuilder = moduleBuilder.DefineType("Program", TypeAttributes.Class | TypeAttributes.Public); MethodBuilder methodBuilder = typeBuilder.DefineMethod( "Main", MethodAttributes.HideBySig | MethodAttributes.Public | MethodAttributes.Static, typeof(void), new Type[] { typeof(string[]) }); ILGenerator gen = methodBuilder.GetILGenerator(); gen.Emit(OpCodes.Ldarg_0); gen.Emit(OpCodes.Call, methodToCall); gen.Emit(OpCodes.Ret); typeBuilder.CreateType(); assemblyBuilder.SetEntryPoint(methodBuilder, PEFileKinds.ConsoleApplication); File.Delete(executableFileName); PortableExecutableKinds peKind; ImageFileMachine machine; if (executableType == ExecutableType.Force32Bit) { peKind = PortableExecutableKinds.Required32Bit; machine = ImageFileMachine.I386; } else if (executableType == ExecutableType.Force64Bit) { peKind = PortableExecutableKinds.PE32Plus; machine = ImageFileMachine.AMD64; } else { peKind = PortableExecutableKinds.ILOnly; machine = ImageFileMachine.I386; } assemblyBuilder.Save(executableFileName, peKind, machine); var elapsed = w.Elapsed.ToString(); return(System.IO.Path.Combine(saveDir, executableFileName)); }
/// <summary> /// Determines whether we must track out-of-proc, or whether inproc tracking will work. /// </summary> /// <param name="toolType">The executable type for the tool being tracked</param> /// <param name="cancelEventName">The name of the cancel event tracker should listen for, or null if there isn't one</param> /// <returns>True if we need to track out-of-proc, false if inproc tracking is OK</returns> public static bool ForceOutOfProcTracking(ExecutableType toolType, string dllName, string cancelEventName) { bool trackOutOfProc = false; string trackerPath = null; if (cancelEventName != null) { // If we have a cancel event, we must track out-of-proc. trackOutOfProc = true; } else if (dllName != null) { // If we have a DLL name, we need to track out of proc -- inproc tracking just uses // the default FileTracker.dll from the path. trackOutOfProc = true; } else if (IntPtr.Size == sizeof(Int32)) { // Current process is 32-bit. So we need to spawn Tracker.exe if our tool is // explicitly marked as 64-bit OR is MSIL and we're installed on a 64-bit OS. if (toolType == ExecutableType.Managed64Bit || toolType == ExecutableType.Native64Bit) { trackOutOfProc = true; } else if (toolType == ExecutableType.ManagedIL) { trackerPath = ToolLocationHelper.GetPathToDotNetFrameworkFile(s_TrackerFilename, TargetDotNetFrameworkVersion.VersionLatest, DotNetFrameworkArchitecture.Bitness64); if (trackerPath != null) { // If we found a 64-bit path, we're on a 64-bit OS and need to use it. Otherwise, we're fine. trackOutOfProc = true; } } } else if (IntPtr.Size == sizeof(Int64)) { // Current process is 64-bit. We need to spawn Tracker.exe if our tool is // explicitly marked as 32-bit. if (toolType == ExecutableType.Managed32Bit || toolType == ExecutableType.Native32Bit) { trackOutOfProc = true; } } return(trackOutOfProc); }
private static string GetPath(string filename, ExecutableType toolType, string rootPath) { string path = null; if (!string.IsNullOrEmpty(rootPath)) { path = Path.Combine(rootPath, filename); if (!File.Exists(path)) { path = null; } return(path); } switch (toolType) { case ExecutableType.Native32Bit: return(GetPath(filename, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness32)); case ExecutableType.Native64Bit: return(GetPath(filename, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness64)); case ExecutableType.ManagedIL: path = GetPath(filename, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness64); if (path == null) { path = GetPath(filename, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness32); } return(path); case ExecutableType.Managed32Bit: return(GetPath(filename, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness32)); case ExecutableType.Managed64Bit: return(GetPath(filename, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness64)); case ExecutableType.SameAsCurrentProcess: if (IntPtr.Size != 4) { return(GetPath(filename, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness64)); } return(GetPath(filename, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness32)); } ErrorUtilities.ThrowInternalErrorUnreachable(); return(null); }
/// <summary> /// 检查可执行类型是否符合 /// </summary> /// <param name="executableType"></param> /// <returns></returns> private bool CheckMode(ExecutableType executableType) { var isDebug = false; #if DEBUG isDebug = true; #endif switch (executableType) { case ExecutableType.All: return(true); case ExecutableType.Debug: return(isDebug); case ExecutableType.Release: return(!isDebug); case ExecutableType.Admin: return(IsAdminAllow()); case ExecutableType.Debug & ExecutableType.Admin: return(isDebug & IsAdminAllow()); case ExecutableType.Release & ExecutableType.Admin: return(!isDebug& IsAdminAllow()); } bool IsAdminAllow() { if (CmdTerminal.CurrentInternal.IsAdminMode) { return(CmdTerminal.CurrentInternal.IsAdminModeActive); } else { return(true); } } return(false); }
/// <summary> /// Determines whether we must track out-of-proc, or whether inproc tracking will work. /// </summary> /// <param name="toolType">The executable type for the tool being tracked</param> /// <param name="cancelEventName">The name of the cancel event tracker should listen for, or null if there isn't one</param> /// <returns>True if we need to track out-of-proc, false if inproc tracking is OK</returns> public static bool ForceOutOfProcTracking(ExecutableType toolType, string dllName, string cancelEventName) { bool trackOutOfProc = false; if (cancelEventName != null) { // If we have a cancel event, we must track out-of-proc. trackOutOfProc = true; } else if (dllName != null) { // If we have a DLL name, we need to track out of proc -- inproc tracking just uses // the default FileTracker trackOutOfProc = true; } // toolType is not relevant now that Detours can handle child processes of a different // bitness than the parent. return(trackOutOfProc); }
/// <summary> /// Process an NE executable header /// </summary> private ExecutableType ProcessNe() { ExecutableType foundExe = ExecutableType.Unknown; inputFile.Seek(dataBase + currentFormat.ExecutableOffset); IMAGE_OS2_HEADER ne = IMAGE_OS2_HEADER.Deserialize(inputFile); long o = currentFormat.ExecutableOffset; inputFile.Seek(dataBase + currentFormat.ExecutableOffset + ne.SegmentTableOffset + 0 * 8 /* sizeof(NewSeg) */); NewSeg codeSegInfo = NewSeg.Deserialize(inputFile); inputFile.Seek(dataBase + currentFormat.ExecutableOffset + ne.SegmentTableOffset + 2 * 8 /* sizeof(NewSeg) */); NewSeg dataSegInfo = NewSeg.Deserialize(inputFile); // Assumption: there are resources and they are at the end .. inputFile.Seek(dataBase + currentFormat.ExecutableOffset + ne.ResourceTableOffset); short rsAlign = inputFile.ReadInt16(); // ne.ne_cres is 0 so you have to cheat while (inputFile.Position + 8 /* sizeof(rsType) */ <= dataBase + currentFormat.ExecutableOffset + ne.ResidentNameTableOffset) { RsrcTypeInfo rsType = RsrcTypeInfo.Deserialize(inputFile); for (int z2 = 1; z2 < rsType.rt_nres; z2++) { RsrcNameInfo rsName = RsrcNameInfo.Deserialize(inputFile); int a = rsName.Offset << rsAlign + rsName.Length << rsAlign; if (o < a) { o = a; } } currentFormat.ExecutableOffset = 0; foundExe = ExecutableType.NE; } return(foundExe); }
/// <summary> /// Given a filename (only really meant to support either Tracker.exe or FileTracker.dll), returns /// the appropriate path for the appropriate file type. /// </summary> /// <param name="filename"></param> /// <param name="toolType"></param> /// <param name="rootPath">The root path for the file. Overrides the toolType if specified.</param> private static string GetPath(string filename, ExecutableType toolType, string rootPath) { string trackerPath = null; if (!String.IsNullOrEmpty(rootPath)) { trackerPath = Path.Combine(rootPath, filename); if (!File.Exists(trackerPath)) { // if an override path was specified, that's it -- we don't want to fall back if the file // is not found there. trackerPath = null; } } else { // Since Detours can handle cross-bitness process launches, the toolType // can be ignored; just return the path corresponding to the current architecture. trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Current); } return(trackerPath); }
private void Initialize(string fileName) { Contracts.Requires.NotNull(fileName, "fileName"); this.originalFileName = fileName; this.fileInfo = new FileInfo(fileName); string owner = null; this.executableType = ExecutableType.Unknown; if (this.fileInfo.Exists) { this.fileVersionInfo = FileVersionInfo.GetVersionInfo(fileName); // Try to fill the SHFILEINFO struct for the file type, if the returned pointer is 0 then an error occurred. IntPtr ptr = SafeNativeMethods.SHGetFileInfo(fileName, FileAttributes.Normal, ref this.shellFileInfo, Marshal.SizeOf(typeof(SHFILEINFO)), SHGFI.TYPENAME); if (ptr == IntPtr.Zero) { throw new IOException(); } Marshal.FreeCoTaskMem(ptr); // Try to fill the same SHFILEINFO struct for the exe type. The returned pointer contains the encoded // executable type data. ptr = IntPtr.Zero; ptr = SafeNativeMethods.SHGetFileInfo(fileName, FileAttributes.Normal, ref this.shellFileInfo, Marshal.SizeOf(typeof(SHFILEINFO)), SHGFI.EXETYPE); // We need to split the returned pointer up into the high and low order words. These are important // because they help distinguish some of the types. The possible values are: // // Value Meaning // ---------------------------------------------------------------------------------------------- // 0 Nonexecutable file or an error condition. // LOWORD = NE or PE and HIWORD = Windows version Microsoft Windows application. // LOWORD = MZ and HIWORD = 0 Windows 95, Windows 98: Microsoft MS-DOS .exe, .com, or .bat file // Microsoft Windows NT, Windows 2000, Windows XP: MS-DOS .exe or .com file // LOWORD = PE and HIWORD = 0 Windows 95, Windows 98: Microsoft Win32 console application // Windows NT, Windows 2000, Windows XP: Win32 console application or .bat file // MZ = 0x5A4D - DOS signature. // NE = 0x454E - OS/2 signature. // LE = 0x454C - OS/2 LE or VXD signature. // PE = 0x4550 - Win32/NT signature. int wparam = ptr.ToInt32(); int loWord = wparam & 0xffff; int hiWord = wparam >> 16; if (wparam == 0) { this.executableType = ExecutableType.Unknown; } else { if (hiWord == 0x0000) { if (loWord == 0x5A4D) { // The file is an MS-DOS .exe, .com, or .bat this.executableType = ExecutableType.DOS; } else if (loWord == 0x4550) { this.executableType = ExecutableType.Win32Console; } } else { if (loWord == 0x454E || loWord == 0x4550) { this.executableType = ExecutableType.Windows; } else if (loWord == 0x454C) { this.executableType = ExecutableType.Windows; } } } FileSecurity fs = File.GetAccessControl(this.originalFileName, AccessControlSections.Owner); owner = fs.GetOwner(typeof(NTAccount)).ToString(); } this.fileOwner = owner; }
/// <summary> /// Given the ExecutableType of the tool being wrapped and information that we /// know about our current bitness, figures out and returns the path to the correct /// FileTracker.dll. /// </summary> /// <param name="toolExecutableTypeToUse">The executable type of the tool being wrapped</param> /// <param name="rootPath">The root path for FileTracker.dll. Overrides the toolType if specified.</param> public static string GetFileTrackerPath(ExecutableType toolType, string rootPath) { return(GetPath(s_FileTrackerFilename, toolType, rootPath)); }
/// <summary> /// Given a filename (only really meant to support either Tracker.exe or FileTracker.dll), returns /// the appropriate path for the appropriate file type. /// </summary> /// <param name="filename"></param> /// <param name="toolType"></param> /// <param name="rootPath">The root path for the file. Overrides the toolType if specified.</param> private static string GetPath(string filename, ExecutableType toolType, string rootPath) { string trackerPath = null; if (!String.IsNullOrEmpty(rootPath)) { trackerPath = Path.Combine(rootPath, filename); if (!File.Exists(trackerPath)) { // if an override path was specified, that's it -- we don't want to fall back if the file // is not found there. trackerPath = null; } } else { switch (toolType) { case ExecutableType.Native32Bit: // A native executable that's 32-bit. Just return the 32-bit path trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Bitness32); break; case ExecutableType.Native64Bit: // A native executable that's 64-bit. Just return the 64-bit path trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Bitness64); break; case ExecutableType.ManagedIL: // Next most likely -- the tool is a managed executable that has not been explicitly marked // either 32 or 64 bit. // This case is slightly tricky -- we have to return the path to the 64-bit tracker if we're running // on a 64-bit machine, and the 32-bit tracker if we're running on a 32-bit machine. trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Bitness64); // If the path is null, that means there is no 64-bit framework -- that's fine, return the 32-bit path instead. if (trackerPath == null) { trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Bitness32); } break; case ExecutableType.Managed32Bit: // A managed executable that has been explicitly marked 32-bit. Just return the 32-bit path. trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Bitness32); break; case ExecutableType.Managed64Bit: // A managed executable that has been explicitly marked 64-bit. Just return the 64-bit path. If this // is a 32-bit machine, then we will return null, and the error will be caught and handled appropriately // elsewhere. trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Bitness64); break; case ExecutableType.SameAsCurrentProcess: // Figure out what bitness the current process is and return that bitness of Tracker.exe. if (IntPtr.Size == sizeof(Int32)) { trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Bitness32); } else { trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Bitness64); } break; default: ErrorUtilities.ThrowInternalErrorUnreachable(); return null; } } return trackerPath; }
public ExecutableItem(ExecutableType type) { ExecutableType = type; Slot = Slot.executable; }
public static bool ForceOutOfProcTracking(ExecutableType toolType, string dllName, string cancelEventName) { bool flag = false; if (cancelEventName == null) { if (dllName != null) { return true; } if (IntPtr.Size == 4) { if ((toolType == ExecutableType.Managed64Bit) || (toolType == ExecutableType.Native64Bit)) { return true; } if ((toolType == ExecutableType.ManagedIL) && (ToolLocationHelper.GetPathToDotNetFrameworkFile(s_TrackerFilename, TargetDotNetFrameworkVersion.Version40, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness64) != null)) { flag = true; } return flag; } if ((IntPtr.Size != 8) || ((toolType != ExecutableType.Managed32Bit) && (toolType != ExecutableType.Native32Bit))) { return flag; } } return true; }
/// <summary> /// Given the ExecutableType of the tool being wrapped and information that we /// know about our current bitness, figures out and returns the path to the correct /// FileTracker.dll. /// </summary> /// <param name="toolType">The <see cref="ExecutableType"/> of the tool being wrapped</param> public static string GetFileTrackerPath(ExecutableType toolType) => GetFileTrackerPath(toolType, null);
/// <summary> /// Start the process; tracking the command. /// </summary> /// <param name="command">The command to track</param> /// <param name="arguments">The command to track's arguments</param> /// <param name="toolType">The type of executable the wrapped tool is</param> /// <param name="rootFiles">Rooting marker</param> /// <returns>Process instance</returns> public static Process StartProcess(string command, string arguments, ExecutableType toolType, string rootFiles) => StartProcess(command, arguments, toolType, null, null, rootFiles, null);
/// <summary> /// Determines whether we must track out-of-proc, or whether inproc tracking will work. /// </summary> /// <param name="toolType">The executable type for the tool being tracked</param> /// <param name="cancelEventName">The name of the cancel event tracker should listen for, or null if there isn't one</param> /// <returns>True if we need to track out-of-proc, false if inproc tracking is OK</returns> public static bool ForceOutOfProcTracking(ExecutableType toolType, string dllName, string cancelEventName) { bool trackOutOfProc = false; string trackerPath = null; if (cancelEventName != null) { // If we have a cancel event, we must track out-of-proc. trackOutOfProc = true; } else if (dllName != null) { // If we have a DLL name, we need to track out of proc -- inproc tracking just uses // the default FileTracker.dll from the path. trackOutOfProc = true; } else if (IntPtr.Size == sizeof(Int32)) { // Current process is 32-bit. So we need to spawn Tracker.exe if our tool is // explicitly marked as 64-bit OR is MSIL and we're installed on a 64-bit OS. if (toolType == ExecutableType.Managed64Bit || toolType == ExecutableType.Native64Bit) { trackOutOfProc = true; } else if (toolType == ExecutableType.ManagedIL) { trackerPath = ToolLocationHelper.GetPathToDotNetFrameworkFile(s_TrackerFilename, TargetDotNetFrameworkVersion.VersionLatest, DotNetFrameworkArchitecture.Bitness64); if (trackerPath != null) { // If we found a 64-bit path, we're on a 64-bit OS and need to use it. Otherwise, we're fine. trackOutOfProc = true; } } } else if (IntPtr.Size == sizeof(Int64)) { // Current process is 64-bit. We need to spawn Tracker.exe if our tool is // explicitly marked as 32-bit. if (toolType == ExecutableType.Managed32Bit || toolType == ExecutableType.Native32Bit) { trackOutOfProc = true; } } return trackOutOfProc; }
/// <summary> /// Determines whether we must track out-of-proc, or whether inproc tracking will work. /// </summary> /// <param name="toolType">The executable type for the tool being tracked</param> /// <returns>True if we need to track out-of-proc, false if inproc tracking is OK</returns> public static bool ForceOutOfProcTracking(ExecutableType toolType) { return ForceOutOfProcTracking(toolType, null, null); }
private bool ComputePathToResGen() { this.resgenPath = null; if (string.IsNullOrEmpty(this.sdkToolsPath)) { this.resgenPath = ToolLocationHelper.GetPathToDotNetFrameworkSdkFile("resgen.exe", TargetDotNetFrameworkVersion.Version35); this.resGenType = ExecutableType.ManagedIL; if ((this.resgenPath == null) && this.ExecuteAsTool) { base.Log.LogErrorWithCodeFromResources("General.PlatformSDKFileNotFound", new object[] { "resgen.exe", ToolLocationHelper.GetDotNetFrameworkSdkInstallKeyValue(TargetDotNetFrameworkVersion.Version35), ToolLocationHelper.GetDotNetFrameworkSdkRootRegistryKey(TargetDotNetFrameworkVersion.Version35) }); } } else { this.resgenPath = SdkToolsPathUtility.GeneratePathToTool(SdkToolsPathUtility.FileInfoExists, ProcessorArchitecture.CurrentProcessArchitecture, this.SdkToolsPath, "Resgen.exe", base.Log, this.ExecuteAsTool); if (this.ExecuteAsTool && (this.resgenPath != null)) { this.resgenPath = Microsoft.Build.Shared.NativeMethodsShared.GetLongFilePath(this.resgenPath); if (string.IsNullOrEmpty(this.ToolArchitecture)) { if (this.resgenPath.Equals(Microsoft.Build.Shared.NativeMethodsShared.GetLongFilePath(ToolLocationHelper.GetPathToDotNetFrameworkSdkFile("resgen.exe", TargetDotNetFrameworkVersion.Version40)), StringComparison.OrdinalIgnoreCase)) { this.resGenType = ExecutableType.Managed32Bit; } else if ((this.resgenPath.Equals(Microsoft.Build.Shared.NativeMethodsShared.GetLongFilePath(ToolLocationHelper.GetPathToDotNetFrameworkSdkFile("resgen.exe", TargetDotNetFrameworkVersion.Version35)), StringComparison.OrdinalIgnoreCase) || this.resgenPath.Equals(Microsoft.Build.Shared.NativeMethodsShared.GetLongFilePath(ToolLocationHelper.GetPathToDotNetFrameworkSdkFile("resgen.exe", TargetDotNetFrameworkVersion.Version20)), StringComparison.OrdinalIgnoreCase)) || this.resgenPath.Equals(Microsoft.Build.Shared.NativeMethodsShared.GetLongFilePath(ToolLocationHelper.GetPathToDotNetFrameworkSdkFile("resgen.exe", TargetDotNetFrameworkVersion.Version11)), StringComparison.OrdinalIgnoreCase)) { this.resGenType = ExecutableType.ManagedIL; } else { this.resGenType = ExecutableType.Managed32Bit; } } else if (!Enum.TryParse<ExecutableType>(this.ToolArchitecture, out this.resGenType)) { base.Log.LogErrorWithCodeFromResources("General.InvalidValue", new object[] { "ToolArchitecture", "GenerateResource" }); return false; } } } if ((this.resgenPath == null) && !this.ExecuteAsTool) { this.resgenPath = string.Empty; return true; } if (this.resgenPath != null) { this.resgenPath = Path.GetDirectoryName(this.resgenPath); } return (this.resgenPath != null); }
/// <summary> /// Given the ExecutableType of the tool being wrapped and information that we /// know about our current bitness, figures out and returns the path to the correct /// FileTracker.dll. /// </summary> /// <param name="toolExecutableTypeToUse">The executable type of the tool being wrapped</param> public static string GetFileTrackerPath(ExecutableType toolType) { return GetFileTrackerPath(toolType, null); }
/// <summary> /// Start the process; tracking the command. /// </summary> /// <param name="command">The command to track</param> /// <param name="arguments">The command to track's arguments</param> /// <param name="toolType">The type of executable the wrapped tool is</param> /// <param name="intermediateDirectory">Intermediate directory where tracking logs will be written</param> /// <param name="rootFiles">Rooting marker</param> /// <returns>Process instance</returns> public static Process StartProcess(string command, string arguments, ExecutableType toolType, string intermediateDirectory, string rootFiles) { return(StartProcess(command, arguments, toolType, null, intermediateDirectory, rootFiles, null)); }
/// <summary> /// Start the process; tracking the command. /// </summary> /// <param name="command">The command to track</param> /// <param name="arguments">The command to track's arguments</param> /// <param name="toolType">The type of executable the wrapped tool is</param> /// <param name="intermediateDirectory">Intermediate directory where tracking logs will be written</param> /// <param name="rootFiles">Rooting marker</param> /// <returns>Process instance</returns> public static Process StartProcess(string command, string arguments, ExecutableType toolType, string intermediateDirectory, string rootFiles) { return StartProcess(command, arguments, toolType, null, intermediateDirectory, rootFiles, null); }
/// <summary> /// Start the process; tracking the command. /// </summary> /// <param name="command">The command to track</param> /// <param name="arguments">The command to track's arguments</param> /// <param name="toolType">The type of executable the wrapped tool is</param> /// <param name="dllName">The name of the dll that will do the tracking</param> /// <param name="intermediateDirectory">Intermediate directory where tracking logs will be written</param> /// <param name="rootFiles">Rooting marker</param> /// <param name="cancelEventName">If Tracker should be listening on a particular event for cancellation, pass its name here</param> /// <returns>Process instance</returns> public static Process StartProcess(string command, string arguments, ExecutableType toolType, string dllName, string intermediateDirectory, string rootFiles, string cancelEventName) { dllName = dllName ?? GetFileTrackerPath(toolType); string fullArguments = TrackerArguments(command, arguments, dllName, intermediateDirectory, rootFiles, cancelEventName); return Process.Start(GetTrackerPath(toolType), fullArguments); }
/// <summary> /// Determines whether we must track out-of-proc, or whether inproc tracking will work. /// </summary> /// <param name="toolType">The executable type for the tool being tracked</param> /// <returns>True if we need to track out-of-proc, false if inproc tracking is OK</returns> public static bool ForceOutOfProcTracking(ExecutableType toolType) => ForceOutOfProcTracking(toolType, null, null);
public static int Main(string[] args) { #if DEBUG IntPtr hConsole = IntPtr.Zero; if (Kernel32.AllocConsole()) { hConsole = Kernel32.GetConsoleWindow(); User32.SetLayeredWindowAttributes(hConsole, 0u, 225, 2); } User32.ShowWindow(hConsole, 5); Console.ForegroundColor = ConsoleColor.Green; Tracer.TraceWrite += TraceWrite; #endif Console.CancelKeyPress += ConsoleCancel; Kernel32.Win32FindDataW findFileData = new Kernel32.Win32FindDataW(); IntPtr hSearch = Kernel32.FindFirstFileW("lotrsec.big", ref findFileData); if (hSearch == (IntPtr)(-1)) { StringBuilder fileName = new StringBuilder(Kernel32.MAX_PATH); Kernel32.GetModuleFileNameW(IntPtr.Zero, fileName, Kernel32.MAX_PATH); for (int idx = fileName.Length - 1; idx != 0; --idx) { if (fileName[idx] == '\\') { fileName[idx] = '\0'; break; } } Kernel32.SetCurrentDirectoryW(fileName.ToString()); } else { Kernel32.FindClose(hSearch); } string config = null; string modconifg = null; List <string> argList = new List <string>(args.Length); for (int idx = 0; idx < args.Length; ++idx) { if (string.Equals(args[idx], "-config")) { if (idx == args.Length - 1) { MessageBox.Show("Invalid config parameter. A path needs to be set."); return(-1); } config = args[idx++ + 1]; } if (string.Equals(args[idx], "-modconfig")) { if (idx == args.Length - 1) { MessageBox.Show("Invalid modconfig parameter. A path needs to be set."); return(-1); } modconifg = args[idx++ + 1]; } else { argList.Add(args[idx]); } } args = argList.ToArray(); Kernel32.StartupInfoW si = new Kernel32.StartupInfoW(true); Kernel32.ProcessInformation pi = new Kernel32.ProcessInformation(); int overallTries = 0; int tries = 0; Registry registry = new Registry(); string executablePath = System.IO.Path.Combine(registry.InstallPath, "data", "ra3_1.12.game"); ExecutableType executableType = ExecutableType.Unknown; using (System.IO.Stream stream = new System.IO.FileStream(executablePath, System.IO.FileMode.Open, System.IO.FileAccess.Read, System.IO.FileShare.Read)) { byte[] buffer = new byte[stream.Length]; stream.Read(buffer, 0, buffer.Length); uint hash = Nanocore.Core.FastHash.GetHashCode(buffer); switch (hash) { case 0xCFAAD44Bu: case 0xE6D223E6u: case 0xCF5817CCu: executableType = ExecutableType.Steam; break; case 0xE7AF6A35u: case 0x2F121290u: executableType = ExecutableType.Origin; break; case 0xA05DEB39: // this has the 4gb thing applied, need to check the original executableType = ExecutableType.Retail; break; case 0xBFE68CAD: // should I care? this is mostly here because origins and reloaded exe have the same size executableType = ExecutableType.ReLOADeD; break; } } if (executableType == ExecutableType.Unknown) { MessageBox.Show("A version of the game is installed. Please get the game from an official source."); return(-1); } else if (executableType == ExecutableType.Retail) { MessageBox.Show("The retail or an old origin version is installed. If you are using Origin please update the game. Retail versions cannot be supported due to SecuROM."); return(-1); } while (!_isConsoleCancel) { ++tries; if (tries > 20) { if (MessageBox.Show("Windows caching interferred with injecting into the game, do you want to try again?", "Error", MessageBoxButton.YesNo) == MessageBoxResult.Yes) { overallTries += tries; tries = 1; } else { break; } } try { Kernel32.CreateProcessW(null, $"\"{executablePath}\" {string.Join(" ", args)} -config \"{config ?? System.IO.Path.Combine(registry.InstallPath, $"RA3_{registry.Language}_1.12.skudef")}\" {(modconifg is null ? string.Empty : $"-modconfig \"{modconifg}\"")}", IntPtr.Zero, IntPtr.Zero, true, 4, IntPtr.Zero, null, ref si, ref pi); EZHook.Inject(pi.DwProcessId, "Nanocore.dll", pi.DwThreadId, executableType); }
/// <summary> /// Given the ExecutableType of the tool being wrapped and information that we /// know about our current bitness, figures out and returns the path to the correct /// Tracker.exe. /// </summary> /// <param name="toolType">The <see cref="ExecutableType"/> of the tool being wrapped</param> /// <param name="rootPath">The root path for Tracker.exe. Overrides the toolType if specified.</param> public static string GetTrackerPath(ExecutableType toolType, string rootPath) => GetPath(s_TrackerFilename, toolType, rootPath);
public override void Read(BlamLib.IO.EndianReader s) { base.Read(s); Unknown000 = s.ReadInt32(); BuildString = s.ReadTagString(); ExecutableType = (ExecutableType)s.ReadInt32(); ExecutableVersion = s.ReadInt32(); CompatibleVersion = s.ReadInt32(); Language = s.ReadInt32(); MapMinorVersion = s.ReadInt32(); Unknown038 = s.ReadUInt32(); Unknown03C = s.ReadUInt32(); Unknown040 = s.ReadUInt32(); SignatureLength = s.ReadInt32(); Signature = s.ReadBytes(60); Unknown084 = s.ReadBool(); Unknown085 = s.ReadBool(); Unknown086 = s.ReadBool(); Unknown087 = s.ReadBool(); Unknown088 = s.ReadInt32(); SessionName = s.ReadAsciiString(128); Options.Read(s); UnknownF91C = s.ReadUInt32(); LengthInTicks = s.ReadUInt32(); SnippetStartTick = s.ReadUInt32(); UnknownF928 = s.ReadBytes(1336); }
/// <summary> /// Start the process; tracking the command. /// </summary> /// <param name="command">The command to track</param> /// <param name="arguments">The command to track's arguments</param> /// <param name="toolType">The type of executable the wrapped tool is</param> /// <param name="dllName">The name of the dll that will do the tracking</param> /// <param name="intermediateDirectory">Intermediate directory where tracking logs will be written</param> /// <param name="rootFiles">Rooting marker</param> /// <returns>Process instance</returns> public static Process StartProcess(string command, string arguments, ExecutableType toolType, string dllName, string intermediateDirectory, string rootFiles) => StartProcess(command, arguments, toolType, dllName, intermediateDirectory, rootFiles, null);
/// <summary> /// Given a filename (only really meant to support either Tracker.exe or FileTracker.dll), returns /// the appropriate path for the appropriate file type. /// </summary> /// <param name="filename"></param> /// <param name="toolType"></param> /// <param name="rootPath">The root path for the file. Overrides the toolType if specified.</param> private static string GetPath(string filename, ExecutableType toolType, string rootPath) { string trackerPath = null; if (!String.IsNullOrEmpty(rootPath)) { trackerPath = Path.Combine(rootPath, filename); if (!File.Exists(trackerPath)) { // if an override path was specified, that's it -- we don't want to fall back if the file // is not found there. trackerPath = null; } } else { switch (toolType) { case ExecutableType.Native32Bit: // A native executable that's 32-bit. Just return the 32-bit path trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Bitness32); break; case ExecutableType.Native64Bit: // A native executable that's 64-bit. Just return the 64-bit path trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Bitness64); break; case ExecutableType.ManagedIL: // Next most likely -- the tool is a managed executable that has not been explicitly marked // either 32 or 64 bit. // This case is slightly tricky -- we have to return the path to the 64-bit tracker if we're running // on a 64-bit machine, and the 32-bit tracker if we're running on a 32-bit machine. trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Bitness64); // If the path is null, that means there is no 64-bit framework -- that's fine, return the 32-bit path instead. if (trackerPath == null) { trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Bitness32); } break; case ExecutableType.Managed32Bit: // A managed executable that has been explicitly marked 32-bit. Just return the 32-bit path. trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Bitness32); break; case ExecutableType.Managed64Bit: // A managed executable that has been explicitly marked 64-bit. Just return the 64-bit path. If this // is a 32-bit machine, then we will return null, and the error will be caught and handled appropriately // elsewhere. trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Bitness64); break; case ExecutableType.SameAsCurrentProcess: // Figure out what bitness the current process is and return that bitness of Tracker.exe. if (IntPtr.Size == sizeof(Int32)) { trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Bitness32); } else { trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Bitness64); } break; default: ErrorUtilities.ThrowInternalErrorUnreachable(); return(null); } } return(trackerPath); }
private static bool IsExecutable(string fileName) { // https://stackoverflow.com/questions/3693891/how-to-determine-if-a-file-is-executable if (fileName == null) { throw new ArgumentNullException("fileName"); } ExecutableType executableType = ExecutableType.Unknown; IntPtr ptr; if (File.Exists(fileName)) { // Try to fill the same SHFILEINFO struct for the exe type. The returned pointer contains the encoded // executable type data. ptr = IntPtr.Zero; SHFILEINFO shFileInfo = new SHFILEINFO(); ptr = SHGetFileInfo(fileName, (uint)FileAttributes.Normal, ref shFileInfo, Marshal.SizeOf(typeof(SHFILEINFO)), SHGFI.EXETYPE); // We need to split the returned pointer up into the high and low order words. These are important // because they help distinguish some of the types. The possible values are: // // Value Meaning // ---------------------------------------------------------------------------------------------- // 0 Nonexecutable file or an error condition. // LOWORD = NE or PE and HIWORD = Windows version Microsoft Windows application. // LOWORD = MZ and HIWORD = 0 Windows 95, Windows 98: Microsoft MS-DOS .exe, .com, or .bat file // Microsoft Windows NT, Windows 2000, Windows XP: MS-DOS .exe or .com file // LOWORD = PE and HIWORD = 0 Windows 95, Windows 98: Microsoft Win32 console application // Windows NT, Windows 2000, Windows XP: Win32 console application or .bat file // MZ = 0x5A4D - DOS signature. // NE = 0x454E - OS/2 signature. // LE = 0x454C - OS/2 LE or VXD signature. // PE = 0x4550 - Win32/NT signature. int wparam = ptr.ToInt32(); int loWord = wparam & 0xffff; int hiWord = wparam >> 16; if (wparam == 0) { //executableType = Shell32.ExecutableType.Unknown; return(false); } else { if (hiWord == 0x0000) { if (loWord == 0x5A4D) { // The file is an MS-DOS .exe, .com, or .bat //executableType = Shell32.ExecutableType.DOS; return(true); } else if (loWord == 0x4550) { //executableType = Shell32.ExecutableType.Win32Console; return(true); } } else { if (loWord == 0x454E || loWord == 0x4550) { //executableType = Shell32.ExecutableType.Windows; return(true); } else if (loWord == 0x454C) { //executableType = Shell32.ExecutableType.Windows; return(true); } } } } return(false); }
/// <summary> /// Given a filename (only really meant to support either Tracker.exe or FileTracker.dll), returns /// the appropriate path for the appropriate file type. /// </summary> /// <param name="filename"></param> /// <param name="toolType"></param> /// <param name="rootPath">The root path for the file. Overrides the toolType if specified.</param> private static string GetPath(string filename, ExecutableType toolType, string rootPath) { string trackerPath = null; if (!String.IsNullOrEmpty(rootPath)) { trackerPath = Path.Combine(rootPath, filename); if (!File.Exists(trackerPath)) { // if an override path was specified, that's it -- we don't want to fall back if the file // is not found there. trackerPath = null; } } else { // Since Detours can handle cross-bitness process launches, the toolType // can be ignored; just return the path corresponding to the current architecture. trackerPath = GetPath(filename, DotNetFrameworkArchitecture.Current); } return trackerPath; }
/// <summary> /// Determines whether we must track out-of-proc, or whether inproc tracking will work. /// </summary> /// <param name="toolType">The executable type for the tool being tracked</param> /// <returns>True if we need to track out-of-proc, false if inproc tracking is OK</returns> public static bool ForceOutOfProcTracking(ExecutableType toolType) { return(ForceOutOfProcTracking(toolType, null, null)); }
/// <summary> /// Determines whether we must track out-of-proc, or whether inproc tracking will work. /// </summary> /// <param name="toolType">The executable type for the tool being tracked</param> /// <param name="cancelEventName">The name of the cancel event tracker should listen for, or null if there isn't one</param> /// <returns>True if we need to track out-of-proc, false if inproc tracking is OK</returns> public static bool ForceOutOfProcTracking(ExecutableType toolType, string dllName, string cancelEventName) { bool trackOutOfProc = false; if (cancelEventName != null) { // If we have a cancel event, we must track out-of-proc. trackOutOfProc = true; } else if (dllName != null) { // If we have a DLL name, we need to track out of proc -- inproc tracking just uses // the default FileTracker trackOutOfProc = true; } // toolType is not relevant now that Detours can handle child processes of a different // bitness than the parent. return trackOutOfProc; }
/// <summary> /// Given the ExecutableType of the tool being wrapped and information that we /// know about our current bitness, figures out and returns the path to the correct /// FileTracker.dll. /// </summary> /// <param name="toolExecutableTypeToUse">The executable type of the tool being wrapped</param> public static string GetFileTrackerPath(ExecutableType toolType) { return(GetFileTrackerPath(toolType, null)); }
private static string GetPath(string filename, ExecutableType toolType, string rootPath) { string path = null; if (!string.IsNullOrEmpty(rootPath)) { path = Path.Combine(rootPath, filename); if (!File.Exists(path)) { path = null; } return path; } switch (toolType) { case ExecutableType.Native32Bit: return GetPath(filename, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness32); case ExecutableType.Native64Bit: return GetPath(filename, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness64); case ExecutableType.ManagedIL: path = GetPath(filename, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness64); if (path == null) { path = GetPath(filename, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness32); } return path; case ExecutableType.Managed32Bit: return GetPath(filename, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness32); case ExecutableType.Managed64Bit: return GetPath(filename, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness64); case ExecutableType.SameAsCurrentProcess: if (IntPtr.Size != 4) { return GetPath(filename, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness64); } return GetPath(filename, Microsoft.Build.Utilities.DotNetFrameworkArchitecture.Bitness32); } ErrorUtilities.ThrowInternalErrorUnreachable(); return null; }
/// <summary> /// Start the process; tracking the command. /// </summary> /// <param name="command">The command to track</param> /// <param name="arguments">The command to track's arguments</param> /// <param name="toolType">The type of executable the wrapped tool is</param> /// <returns>Process instance</returns> public static Process StartProcess(string command, string arguments, ExecutableType toolType) { return StartProcess(command, arguments, toolType, null, null, null, null); }
/// <summary> /// Given the ExecutableType of the tool being wrapped and information that we /// know about our current bitness, figures out and returns the path to the correct /// FileTracker.dll. /// </summary> /// <param name="toolExecutableTypeToUse">The executable type of the tool being wrapped</param> /// <param name="rootPath">The root path for FileTracker.dll. Overrides the toolType if specified.</param> public static string GetFileTrackerPath(ExecutableType toolType, string rootPath) { return GetPath(s_FileTrackerFilename, toolType, rootPath); }
/// <summary> /// Start the process; tracking the command. /// </summary> /// <param name="command">The command to track</param> /// <param name="arguments">The command to track's arguments</param> /// <param name="toolType">The type of executable the wrapped tool is</param> /// <returns>Process instance</returns> public static Process StartProcess(string command, string arguments, ExecutableType toolType) { return(StartProcess(command, arguments, toolType, null, null, null, null)); }
private bool HaveExecutableItem(ExecutableType t) { var allItems = MainController.Instance.PlayerData.GetAllItems(); return allItems.FirstOrDefault(x => x.Slot == Slot.executable && ((ExecutableItem)x).ExecutableType == t) != null; }