コード例 #1
0
        private RpcClientResponse SendAndReceiveImmediate(int proc_num, Guid objuuid, byte[] ndr_buffer, IReadOnlyCollection <NtObject> handles)
        {
            LRPC_IMMEDIATE_REQUEST_MESSAGE req_msg = new LRPC_IMMEDIATE_REQUEST_MESSAGE()
            {
                Header    = new LRPC_HEADER(LRPC_MESSAGE_TYPE.lmtRequest),
                BindingId = 0,
                CallId    = CallId++,
                ProcNum   = proc_num,
            };

            if (objuuid != Guid.Empty)
            {
                req_msg.ObjectUuid = objuuid;
                req_msg.Flags     |= LRPC_REQUEST_MESSAGE_FLAGS.ObjectUuid;
            }

            AlpcMessageType <LRPC_IMMEDIATE_REQUEST_MESSAGE> send_msg = new AlpcMessageType <LRPC_IMMEDIATE_REQUEST_MESSAGE>(req_msg, ndr_buffer);
            AlpcMessageRaw            resp_msg  = new AlpcMessageRaw(0x1000);
            AlpcSendMessageAttributes send_attr = new AlpcSendMessageAttributes();

            if (handles.Count > 0)
            {
                send_attr.AddHandles(handles);
            }

            using (AlpcReceiveMessageAttributes recv_attr = new AlpcReceiveMessageAttributes()) {
                _client.SendReceive(AlpcMessageFlags.SyncRequest, send_msg, send_attr, resp_msg, recv_attr, NtWaitTimeout.Infinite);
                RpcClientResponse response = HandleResponse(resp_msg, recv_attr, req_msg.CallId);
                ClearAttributes(resp_msg, recv_attr);
                return(response);
            }
        }
コード例 #2
0
        private NdrUnmarshalBuffer SendAndReceiveImmediate(int proc_num, NdrMarshalBuffer ndr_buffer, byte[] buffer)
        {
            LRPC_IMMEDIATE_REQUEST_MESSAGE req_msg = new LRPC_IMMEDIATE_REQUEST_MESSAGE()
            {
                Header    = new LRPC_HEADER(LRPC_MESSAGE_TYPE.lmtRequest),
                BindingId = 0,
                CallId    = CallId++,
                ProcNum   = proc_num,
            };

            if (ObjectUuid != Guid.Empty)
            {
                req_msg.ObjectUuid = ObjectUuid;
                req_msg.Flags     |= LRPC_REQUEST_MESSAGE_FLAGS.ObjectUuid;
            }

            AlpcMessageType <LRPC_IMMEDIATE_REQUEST_MESSAGE> send_msg = new AlpcMessageType <LRPC_IMMEDIATE_REQUEST_MESSAGE>(req_msg, buffer);
            AlpcMessageRaw            resp_msg  = new AlpcMessageRaw(0x1000);
            AlpcSendMessageAttributes send_attr = new AlpcSendMessageAttributes();

            if (ndr_buffer.Handles.Count > 0)
            {
                send_attr.AddHandles(ndr_buffer.Handles);
            }

            using (AlpcReceiveMessageAttributes recv_attr = new AlpcReceiveMessageAttributes())
            {
                _client.SendReceive(AlpcMessageFlags.SyncRequest, send_msg, send_attr, resp_msg, recv_attr, NtWaitTimeout.Infinite);
                NdrUnmarshalBuffer unmarshal = HandleResponse(resp_msg, recv_attr, req_msg.CallId);
                ClearAttributes(resp_msg, recv_attr);
                return(unmarshal);
            }
        }
コード例 #3
0
        private RpcClientResponse HandleLargeResponse(AlpcMessageRaw message, SafeStructureInOutBuffer <LRPC_LARGE_RESPONSE_MESSAGE> response, AlpcReceiveMessageAttributes attributes)
        {
            if (!attributes.HasValidAttribute(AlpcMessageAttributeFlags.View))
            {
                throw new ArgumentException("Large response received but no data view available");
            }

            return(new RpcClientResponse(attributes.DataView.ReadBytes(response.Result.LargeDataSize), attributes.Handles));
        }
コード例 #4
0
        private void BindInterface(Guid interface_id, Version interface_version)
        {
            var bind_msg = new AlpcMessageType <LRPC_BIND_MESSAGE>(new LRPC_BIND_MESSAGE(interface_id, interface_version));
            var recv_msg = new AlpcMessageRaw(0x1000);

            using (var recv_attr = new AlpcReceiveMessageAttributes()) {
                _client.SendReceive(AlpcMessageFlags.SyncRequest, bind_msg, null, recv_msg, recv_attr, NtWaitTimeout.Infinite);
                using (var buffer = recv_msg.Data.ToBuffer()) {
                    CheckForFault(buffer, LRPC_MESSAGE_TYPE.lmtBind);
                    var value = buffer.Read <LRPC_BIND_MESSAGE>(0);
                    if (value.RpcStatus != 0)
                    {
                        throw new NtException(NtObjectUtils.MapDosErrorToStatus(value.RpcStatus));
                    }
                }
            }
        }
コード例 #5
0
        private RpcClientResponse SendAndReceiveLarge(int proc_num, Guid objuuid, byte[] ndr_buffer, IReadOnlyCollection <NtObject> handles)
        {
            LRPC_LARGE_REQUEST_MESSAGE req_msg = new LRPC_LARGE_REQUEST_MESSAGE()
            {
                Header        = new LRPC_HEADER(LRPC_MESSAGE_TYPE.lmtRequest),
                BindingId     = 0,
                CallId        = CallId++,
                ProcNum       = proc_num,
                LargeDataSize = ndr_buffer.Length,
                Flags         = LRPC_REQUEST_MESSAGE_FLAGS.ViewPresent
            };

            if (objuuid != Guid.Empty)
            {
                req_msg.ObjectUuid = objuuid;
                req_msg.Flags     |= LRPC_REQUEST_MESSAGE_FLAGS.ObjectUuid;
            }

            var send_msg  = new AlpcMessageType <LRPC_LARGE_REQUEST_MESSAGE>(req_msg);
            var recv_msg  = new AlpcMessageRaw(0x1000);
            var send_attr = new AlpcSendMessageAttributes();

            if (handles.Count > 0)
            {
                send_attr.AddHandles(handles);
            }

            using (var port_section = _client.CreatePortSection(AlpcCreatePortSectionFlags.Secure, ndr_buffer.Length))
            {
                using (var data_view = port_section.CreateSectionView(AlpcDataViewAttrFlags.Secure | AlpcDataViewAttrFlags.AutoRelease, ndr_buffer.Length))
                {
                    data_view.WriteBytes(ndr_buffer);
                    send_attr.Add(data_view.ToMessageAttribute());
                    using (var recv_attr = new AlpcReceiveMessageAttributes())
                    {
                        RpcUtils.DumpBuffer(true, "ALPC Request Large", send_msg);
                        _client.SendReceive(AlpcMessageFlags.SyncRequest, send_msg, send_attr, recv_msg, recv_attr, NtWaitTimeout.Infinite);
                        RpcUtils.DumpBuffer(true, "ALPC Response Large", recv_msg);
                        RpcClientResponse response = HandleResponse(recv_msg, recv_attr, req_msg.CallId);
                        ClearAttributes(recv_msg, recv_attr);
                        return(response);
                    }
                }
            }
        }
コード例 #6
0
        private RpcClientResponse HandleResponse(AlpcMessageRaw message, AlpcReceiveMessageAttributes attributes, int call_id)
        {
            using (var buffer = message.Data.ToBuffer()) {
                CheckForFault(buffer, LRPC_MESSAGE_TYPE.lmtResponse);
                // Get data as safe buffer.
                var response = buffer.Read <LRPC_IMMEDIATE_RESPONSE_MESSAGE>(0);
                if (response.CallId != call_id)
                {
                    throw new ArgumentException("Mismatched Call ID");
                }

                if ((response.Flags & LRPC_RESPONSE_MESSAGE_FLAGS.ViewPresent) == LRPC_RESPONSE_MESSAGE_FLAGS.ViewPresent)
                {
                    return(HandleLargeResponse(message, buffer.GetStructAtOffset <LRPC_LARGE_RESPONSE_MESSAGE>(0), attributes));
                }
                return(HandleImmediateResponse(message, buffer.GetStructAtOffset <LRPC_IMMEDIATE_RESPONSE_MESSAGE>(0), attributes, message.DataLength));
            }
        }
コード例 #7
0
        private NdrUnmarshalBuffer SendAndReceiveLarge(int proc_num, NdrMarshalBuffer ndr_buffer, byte[] buffer)
        {
            LRPC_LARGE_REQUEST_MESSAGE req_msg = new LRPC_LARGE_REQUEST_MESSAGE()
            {
                Header        = new LRPC_HEADER(LRPC_MESSAGE_TYPE.lmtRequest),
                BindingId     = 0,
                CallId        = CallId++,
                ProcNum       = proc_num,
                LargeDataSize = buffer.Length,
                Flags         = LRPC_REQUEST_MESSAGE_FLAGS.ViewPresent
            };

            if (ObjectUuid != Guid.Empty)
            {
                req_msg.ObjectUuid = ObjectUuid;
                req_msg.Flags     |= LRPC_REQUEST_MESSAGE_FLAGS.ObjectUuid;
            }

            var send_msg  = new AlpcMessageType <LRPC_LARGE_REQUEST_MESSAGE>(req_msg);
            var recv_msg  = new AlpcMessageRaw(0x1000);
            var send_attr = new AlpcSendMessageAttributes();

            if (ndr_buffer.Handles.Count > 0)
            {
                send_attr.AddHandles(ndr_buffer.Handles);
            }

            using (var port_section = _client.CreatePortSection(AlpcCreatePortSectionFlags.Secure, buffer.Length))
            {
                using (var data_view = port_section.CreateSectionView(AlpcDataViewAttrFlags.Secure | AlpcDataViewAttrFlags.AutoRelease, buffer.Length))
                {
                    data_view.WriteBytes(buffer);
                    send_attr.Add(data_view.ToMessageAttribute());
                    using (var recv_attr = new AlpcReceiveMessageAttributes())
                    {
                        _client.SendReceive(AlpcMessageFlags.SyncRequest, send_msg, send_attr, recv_msg, recv_attr, NtWaitTimeout.Infinite);
                        NdrUnmarshalBuffer unmarshal = HandleResponse(recv_msg, recv_attr, req_msg.CallId);
                        ClearAttributes(recv_msg, recv_attr);
                        return(unmarshal);
                    }
                }
            }
        }
コード例 #8
0
 private RpcClientResponse HandleImmediateResponse(AlpcMessageRaw message, SafeStructureInOutBuffer <LRPC_IMMEDIATE_RESPONSE_MESSAGE> response, AlpcReceiveMessageAttributes attributes, int data_length)
 {
     return(new RpcClientResponse(response.Data.ToArray(), attributes.Handles));
 }