/// <summary> /// Hooks into the creation of new processes on the current thread to inject API hooks. /// </summary> /// <param name="selections">The implementations chosen for launch.</param> /// <param name="executor">The executor used to launch the new process.</param> /// <param name="feedManager">Provides access to remote and local <see cref="Feed"/>s. Handles downloading, signature verification and caching.</param> /// <param name="handler">A callback object used when the the user needs to be asked questions or informed about download and IO tasks.</param> /// <exception cref="ImplementationNotFoundException">The main implementation is not cached (possibly because it is installed natively).</exception> public RunHook(Selections selections, IExecutor executor, IFeedManager feedManager, ITaskHandler handler) { var feed = feedManager.GetFeed(selections.InterfaceUri); _target = new FeedTarget(selections.InterfaceUri, feed); var mainImplementation = selections.MainImplementation; _implementationDir = executor.GetImplementationPath(mainImplementation); _mainImplementation = feed[mainImplementation.ID]; _handler = handler; _registryFilter = GetRegistryFilter(); _relaunchControl = GetRelaunchControl(); Log.Info("Activating API hooking"); _hookW = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "CreateProcessW"), new UnsafeNativeMethods.DCreateProcessW(CreateProcessWCallback), null); _hookW.ThreadACL.SetInclusiveACL(new[] {Thread.CurrentThread.ManagedThreadId}); _hookA = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "CreateProcessA"), new UnsafeNativeMethods.DCreateProcessA(CreateProcessACallback), null); _hookA.ThreadACL.SetInclusiveACL(new[] {Thread.CurrentThread.ManagedThreadId}); }
/// <summary> /// Hooks into the creation of new processes on the current thread to inject API hooks. /// </summary> /// <param name="selections">The implementations chosen for launch.</param> /// <param name="executor">The executor used to launch the new process.</param> /// <param name="feedManager">Provides access to remote and local <see cref="Feed"/>s. Handles downloading, signature verification and caching.</param> /// <param name="handler">A callback object used when the the user needs to be asked questions or informed about download and IO tasks.</param> /// <exception cref="ImplementationNotFoundException">The main implementation is not cached (possibly because it is installed natively).</exception> public RunHook(Selections selections, IExecutor executor, IFeedManager feedManager, ITaskHandler handler) { var feed = feedManager.GetFeed(selections.InterfaceUri); _target = new FeedTarget(selections.InterfaceUri, feed); var mainImplementation = selections.MainImplementation; _implementationDir = executor.GetImplementationPath(mainImplementation); _mainImplementation = feed[mainImplementation.ID]; _handler = handler; _registryFilter = GetRegistryFilter(); _relaunchControl = GetRelaunchControl(); Log.Info("Activating API hooking"); _hookW = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "CreateProcessW"), new UnsafeNativeMethods.DCreateProcessW(CreateProcessWCallback), null); _hookW.ThreadACL.SetInclusiveACL(new[] { Thread.CurrentThread.ManagedThreadId }); _hookA = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "CreateProcessA"), new UnsafeNativeMethods.DCreateProcessA(CreateProcessACallback), null); _hookA.ThreadACL.SetInclusiveACL(new[] { Thread.CurrentThread.ManagedThreadId }); }
public IEnumerable <ApiFeedItem> GetGlobalFeed() { return(_feedManager.GetFeed().Select(msg => new ApiFeedItem(msg))); }