// this is where we are intercepting all file accesses!
static IntPtr CreateFile_Hooked(
String InFileName,
UInt32 InDesiredAccess,
UInt32 InShareMode,
IntPtr InSecurityAttributes,
UInt32 InCreationDisposition,
UInt32 InFlagsAndAttributes,
IntPtr InTemplateFile)
{
try
{
Main This = (Main)HookRuntimeInfo.Callback;
lock (This.Queue)
{
This.Queue.Push("[" + RemoteHooking.GetCurrentProcessId() + ":" +
RemoteHooking.GetCurrentThreadId() + "]: \"" + InFileName + "\"");
}
}
catch
{
}
// call original API...
return(CreateFile(
InFileName,
InDesiredAccess,
InShareMode,
InSecurityAttributes,
InCreationDisposition,
InFlagsAndAttributes,
InTemplateFile));
}
public Main(RemoteHooking.IContext InContext, string serverName)
{
mySendClientQueue = new Queue <Packet>();
mySendClientLock = new object();
mySendServerQueue = new Queue <Packet>();
mySendServerLock = new object();
myRecvFilter = new PacketFilter();
mySendFilter = new PacketFilter();
myRecvDelegate = new dSendRecv(ReceiveHook);
mySendDelegate = new dSendRecv(SendHook);
myPID = RemoteHooking.GetCurrentProcessId();
myThreadID = RemoteHooking.GetCurrentThreadId();
myDateStamp = GetDateStamp();
myServerSendBuffer = Marshal.AllocHGlobal(65536);
myClientSendBuffer = Marshal.AllocHGlobal(65536);
myServerBufferAddress = BitConverter.GetBytes(myServerSendBuffer.ToInt32());
myClientBufferAddress = BitConverter.GetBytes(myClientSendBuffer.ToInt32());
myClientInstance = new ClientInstance(serverName, true);
myClientInstance.SendCommand(Command.ClientID, myPID);
myClientInstance.SendPacketEvent += new dSendPacket(myClientInstance_sendPacketEvent);
myClientInstance.PingEvent += new dPing(myClientInstance_pingEvent);
myClientInstance.AddRecvFilterEvent += new dAddRecvFilter(myClientInstance_addRecvFilterEvent);
myClientInstance.AddSendFilterEvent += new dAddSendFilter(myClientInstance_addSendFilterEvent);
myClientInstance.RemoveRecvFilterEvent += new dRemoveRecvFilter(myClientInstance_removeRecvFilterEvent);
myClientInstance.RemoveSendFilterEvent += new dRemoveSendFilter(myClientInstance_removeSendFilterEvent);
myClientInstance.ClearRecvFilterEvent += new dClearRecvFilter(myClientInstance_clearRecvFilterEvent);
myClientInstance.ClearSendFilterEvent += new dClearSendFilter(myClientInstance_clearSendFilterEvent);
myClientInstance.SendCommand(Command.Message, "ClientHook Main()");
}
public void Run(RemoteHooking.IContext context,
string channelName,
SoftwallRule[] softwallRules)
{
try
{
swapBuffersHook = LocalHook.Create(
LocalHook.GetProcAddress(gdiDll, "SwapBuffers"),
new SwapBuffersHandler(OnSwapBuffers),
this);
mallocHook = LocalHook.Create(
LocalHook.GetProcAddress(vcrDll, "malloc"),
new MallocHandler(OnMalloc),
this);
callocHook = LocalHook.Create(
LocalHook.GetProcAddress(vcrDll, "calloc"),
new CallocHandler(OnCalloc),
this);
reallocHook = LocalHook.Create(
LocalHook.GetProcAddress(vcrDll, "realloc"),
new ReallocHandler(OnRealloc),
this);
freeHook = LocalHook.Create(
LocalHook.GetProcAddress(vcrDll, "free"),
new FreeHandler(OnFree),
this);
Int32[] excludedThreads = new Int32[] { RemoteHooking.GetCurrentThreadId() };
foreach (LocalHook hook in new LocalHook[] { swapBuffersHook, mallocHook, callocHook, reallocHook, freeHook })
{
hook.ThreadACL.SetExclusiveACL(excludedThreads);
}
}
catch (Exception ex)
{
MessageBox.Show("Exception: " + ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
RemoteHooking.WakeUpProcess();
int myPid = RemoteHooking.GetCurrentProcessId();
try
{
manager.Ping(myPid);
while (true)
{
Thread.Sleep(500);
ProcessAllocations();
manager.Ping(myPid);
}
}
catch (Exception ex)
{
MessageBox.Show("Exception: " + ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
MessageBox.Show("Terminating", "oHeapAgent", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
static IntPtr StgCreateStorageEx_Hooked([MarshalAs(UnmanagedType.LPWStr)][In] string pwcsName, [In] STGM grfMode,
[In] STGFMT stgfmt, [In] FileFlagsAndAttributes grfAttrs, [In] IntPtr pStgOptions, [In] IntPtr pSecurityDescriptor, [In][MarshalAs(UnmanagedType.LPStruct)] Guid riid,
[Out][MarshalAs(UnmanagedType.IUnknown, IidParameterIndex = 6)] out object ppObjectOpen)
{
try
{
Main This = (Main)HookRuntimeInfo.Callback;
lock (This.Queue)
{
This.Interface.OnCreateFile(RemoteHooking.GetCurrentThreadId(), new[] { pwcsName });
/*This.Queue.Push("[" + RemoteHooking.GetCurrentProcessId() + ":" +
* RemoteHooking.GetCurrentThreadId() + "]: \"" + InFileName + "\"");
* InFileName = InFileName.Replace("C", "D");*/
}
}
catch
{
}
return(StgCreateStorageEx(
pwcsName, grfMode, stgfmt, grfAttrs,
pStgOptions, pSecurityDescriptor,
riid,
out ppObjectOpen));
}
public void Run(
RemoteHooking.IContext InContext,
String InChannelName)
{
// install hook...
try
{
/* CreateFileHook = LocalHook.Create(
* LocalHook.GetProcAddress("kernel32.dll", "MoveFileExW"),
* new HookStgCreateStorageEx(StgCreateStorageEx_Hooked),
* this);*/
CreateFileHook = LocalHook.Create(
LocalHook.GetProcAddress("ole32.dll", "StgCreateStorageEx"),
new HookStgCreateStorageEx(StgCreateStorageEx_Hooked),
this);
CreateFileHook.ThreadACL.SetExclusiveACL(new Int32[] { 0 });
}
catch (Exception ExtInfo)
{
Interface.ReportException(ExtInfo);
return;
}
Interface.IsInstalled(RemoteHooking.GetCurrentThreadId());
RemoteHooking.WakeUpProcess();
// wait for host process termination...
try
{
while (true)
{
Thread.Sleep(500);
// transmit newly monitored file accesses...
if (Queue.Count > 0)
{
String[] Package = null;
lock (Queue)
{
Package = Queue.ToArray();
Queue.Clear();
}
// Interface.OnCreateFile(RemoteHooking.GetCurrentProcessId(), Package);
}
else
{
// Interface.Ping(RemoteHooking.GetCurrentThreadId());
}
}
}
catch
{
// Ping() will raise an exception if host is unreachable
}
}
public static String FormatMessage(DateTime time, String api, String msg)
{
//[TIME][PID:TID]:"API":"MSG"
String str = "[" + time.ToString() + "][" + RemoteHooking.GetCurrentProcessId() + ":" +
RemoteHooking.GetCurrentThreadId() + "]: \"" + api + "\":\"" +
msg + "\"";
return(str);
}
/// <summary>
/// Create new TransferUnit and fill out process Id and thread Id fields
/// </summary>
/// <returns>new transfer unit</returns>
protected TransferUnit createTransferUnit()
{
TransferUnit t = new TransferUnit();
t.PID = RemoteHooking.GetCurrentProcessId();
t.TID = RemoteHooking.GetCurrentThreadId();
t.apiCallName = api_full_name;
lock (hook_sequence_number_sync) {
t.Hook_sequence_number = hook_sequence_number++;
}
return(t);
}
// this is where we are intercepting all file accesses!
static Int32 send_Hooked(Int32 s, String buf, Int32 len, Int32 flags)
{
try
{
Main This = (Main)HookRuntimeInfo.Callback;
lock (This.Queue)
{
This.Queue.Push("[" + RemoteHooking.GetCurrentProcessId() + ":" +
RemoteHooking.GetCurrentThreadId() + "]: \"" + buf + "\"");
}
}
catch
{
}
// call original API...
return(send(s, buf, len, flags));
}
public override void NotifyMethodHooked(params Tuple <string, object>[] args)
{
lock (Queue)
{
var message = "";
foreach (var tuple in args)
{
if (!string.IsNullOrEmpty(message))
{
message += ", ";
}
message += $"{tuple.Item1}={tuple.Item2}";
}
Queue.Push(
$"{GetType().FullName}-[{RemoteHooking.GetCurrentProcessId()}:{RemoteHooking.GetCurrentThreadId()}]: \"{message}\"");
}
if (NotifyImmedialety)
{
SignalMethodHooked();
}
}
public Main(RemoteHooking.IContext InContext, string serverName)
{
mySocketReady = false;
myRecvFilter = new bool[256];
mySendFilter = new bool[256];
mySocket = 0;
myRecvDelegate = new dSendRecv(ReceiveHook);
mySendDelegate = new dSendRecv(SendHook);
mySocketDelegate = new dSocket(SocketHook);
myCloseSocketDelegate = new dCloseSocket(SocketCloseHook);
myClientSendLock = new object();
myPID = RemoteHooking.GetCurrentProcessId();
myThreadID = RemoteHooking.GetCurrentThreadId();
myDateStamp = GetDateStamp();
if (myDateStamp >= 1183740939)
{
myNewStylePackets = true;
}
else
{
myNewStylePackets = false;
}
myServerSendBuffer = Marshal.AllocHGlobal(65536);
myClientSendBuffer = Marshal.AllocHGlobal(65536);
myServerBufferAddress = BitConverter.GetBytes(myServerSendBuffer.ToInt32());
myClientBufferAddress = BitConverter.GetBytes(myClientSendBuffer.ToInt32());
myClientInstance = new ClientInstance(serverName, true);
myClientInstance.SendCommand(Command.ClientID, myPID);
myClientInstance.SendPacketEvent += new dSendPacket(myClientInstance_sendPacketEvent);
myClientInstance.PingEvent += new dPing(myClientInstance_pingEvent);
myClientInstance.AddRecvFilterEvent += new dAddRecvFilter(myClientInstance_addRecvFilterEvent);
myClientInstance.AddSendFilterEvent += new dAddSendFilter(myClientInstance_addSendFilterEvent);
myClientInstance.RemoveRecvFilterEvent += new dRemoveRecvFilter(myClientInstance_removeRecvFilterEvent);
myClientInstance.RemoveSendFilterEvent += new dRemoveSendFilter(myClientInstance_removeSendFilterEvent);
myClientInstance.ClearRecvFilterEvent += new dClearRecvFilter(myClientInstance_clearRecvFilterEvent);
myClientInstance.ClearSendFilterEvent += new dClearSendFilter(myClientInstance_clearSendFilterEvent);
BuildDefaultPacketFilters();
}
public void Run(RemoteHooking.IContext context, RuntimeParams parms)
{
System.Threading.Thread.CurrentThread.CurrentCulture = new System.Globalization.CultureInfo("en-US", false);
try {
RuntimeProfile profile;
using (var fs = new FileStream(parms.ProfileFile, FileMode.Open))
{
profile = Iros._7th.Util.DeserializeBinary <RuntimeProfile>(fs);
}
File.Delete(parms.ProfileFile);
if (!String.IsNullOrWhiteSpace(profile.LogFile))
{
try {
try { File.Delete(profile.LogFile); } catch { } // ensure old log is deleted since new run
DebugLogger.Init(profile.LogFile);
DebugLogger.IsDetailedLogging = profile.Options.HasFlag(RuntimeOptions.DetailedLog);
DebugLogger.WriteLine("Logging debug output to " + profile.LogFile);
} catch (Exception ex) {
DebugLogger.WriteLine("Failed to log debug output: " + ex.ToString());
}
}
DebugLogger.WriteLine($"Wrap run... Host: {context.HostPID} PID: {RemoteHooking.GetCurrentProcessId()} TID: {RemoteHooking.GetCurrentThreadId()} Path: {profile.ModPath} Capture: {String.Join(", ", profile.MonitorPaths)}");
//_overrides = new Overrides(basepath);
_profile = profile;
for (int i = _profile.MonitorPaths.Count - 1; i >= 0; i--)
{
if (!_profile.MonitorPaths[i].EndsWith(System.IO.Path.DirectorySeparatorChar.ToString()))
{
_profile.MonitorPaths[i] += System.IO.Path.DirectorySeparatorChar;
}
if (String.IsNullOrWhiteSpace(_profile.MonitorPaths[i]))
{
_profile.MonitorPaths.RemoveAt(i);
}
}
foreach (var item in profile.Mods)
{
DebugLogger.WriteLine($" Mod: {item.BaseFolder} has {item.Conditionals.Count} conditionals");
DebugLogger.WriteLine(" Additional paths: " + String.Join(", ", item.ExtraFolders));
item.Startup();
}
_hCreateFileW = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "CreateFileW"), new DCreateFile(HCreateFileW), this);
_hCreateFileW.ThreadACL.SetExclusiveACL(new[] { 0 });
//_hCreateFileA = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "CreateFileA"), new DCreateFileA(HCreateFileA), this);
//_hCreateFileA.ThreadACL.SetExclusiveACL(new[] { 0 });
//int init = Init7W();
//_hReadFile = LocalHook.CreateUnmanaged(LocalHook.GetProcAddress("kernel32.dll", "ReadFile"), LocalHook.GetProcAddress("7thWrapperNLib.dll", "ReadFile7W"), IntPtr.Zero);
_hReadFile = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "ReadFile"), new DReadFile(HReadFile), this);
_hReadFile.ThreadACL.SetExclusiveACL(new[] { 0 });
_hWriteFile = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "WriteFile"), new DWriteFile(HWriteFile), this);
_hWriteFile.ThreadACL.SetExclusiveACL(new[] { 0 });
_hFindFirstFile = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "FindFirstFileW"), new DFindFirstFileW(HFindFirstFile), this);
_hFindFirstFile.ThreadACL.SetExclusiveACL(new[] { 0 });
//_hFindFirstFileA = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "FindFirstFileA"), new DFindFirstFileA(HFindFirstFileA), this);
//_hFindFirstFile.ThreadACL.SetExclusiveACL(new[] { 0 });
_hSetFilePointer = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "SetFilePointer"), new DSetFilePointer(HSetFilePointer), this);
_hSetFilePointer.ThreadACL.SetExclusiveACL(new[] { 0 });
_hSetFilePointerEx = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "SetFilePointerEx"), new DSetFilePointerEx(HSetFilePointerEx), this);
_hSetFilePointerEx.ThreadACL.SetExclusiveACL(new[] { 0 });
_hCloseHandle = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "CloseHandle"), new DCloseHandle(HCloseHandle), this);
_hCloseHandle.ThreadACL.SetExclusiveACL(new[] { 0 });
_hGetFileType = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "GetFileType"), new DGetFileType(HGetFileType), this);
_hGetFileType.ThreadACL.SetExclusiveACL(new[] { 0 });
_hGetFileInformationByHandle = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "GetFileInformationByHandle"), new DGetFileInformationByHandle(HGetFileInformationByHandle), this);
_hGetFileInformationByHandle.ThreadACL.SetExclusiveACL(new[] { 0 });
//_hReadFileEx = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "ReadFileEx"), new DReadFileEx(HReadFileEx), this);
//_hReadFileEx.ThreadACL.SetExclusiveACL(new[] { 0 });
_hDuplicateHandle = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "DuplicateHandle"), new DDuplicateHandle(HDuplicateHandle), this);
_hDuplicateHandle.ThreadACL.SetExclusiveACL(new[] { 0 });
_hCreateProcessW = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "CreateProcessW"), new DCreateProcessW(HCreateProcessW), this);
_hCreateProcessW.ThreadACL.SetExclusiveACL(new[] { 0 });
_hGetFileSize = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "GetFileSize"), new DGetFileSize(HGetFileSize), this);
_hGetFileSize.ThreadACL.SetExclusiveACL(new[] { 0 });
_hGetFileSizeEx = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "GetFileSizeEx"), new DGetFileSizeEx(HGetFileSizeEx), this);
_hGetFileSizeEx.ThreadACL.SetExclusiveACL(new[] { 0 });
if (profile.MonitorVars != null)
{
new System.Threading.Thread(MonitorThread)
{
IsBackground = true
}
}
.Start(profile);
//System.Threading.Thread.Sleep(10000);
RemoteHooking.WakeUpProcess();
System.Threading.Thread.Sleep(1000);
foreach (string LL in profile.Mods.SelectMany(m => m.GetLoadLibraries()))
{
DebugLogger.WriteLine($"Loading library DLL {LL}");
LoadLibrary(LL);
}
foreach (var mod in profile.Mods)
{
foreach (string LA in mod.GetLoadAssemblies())
{
DebugLogger.WriteLine($"Loading assembly DLL {LA}");
var asm = System.Reflection.Assembly.LoadFrom(LA);
try {
string path = mod.BaseFolder;
asm.GetType("_7thHeaven.Main")
.GetMethod("Init", new[] { typeof(RuntimeMod) })
.Invoke(null, new object[] { mod });
} catch { }
}
}
foreach (var mod in profile.Mods)
{
foreach (string file in mod.GetPathOverrideNames("hext"))
{
foreach (var of in mod.GetOverrides("hext\\" + file))
{
System.IO.Stream s;
if (of.Archive == null)
{
s = new System.IO.FileStream(of.File, FileMode.Open, FileAccess.Read);
}
else
{
s = of.Archive.GetData(of.File);
}
DebugLogger.WriteLine($"Applying hext patch {file} from mod {mod.BaseFolder}");
try {
HexPatch.Apply(s);
} catch (Exception ex) {
DebugLogger.WriteLine("Error applying patch: " + ex.Message);
}
}
}
}
} catch (Exception e) {
// this is where we are intercepting all file accesses!
static int InterceptDNS_Hooked(
[In] string nodename,
[In] string servicename,
[In] ref AddressInfoW hints,
[Out] out IntPtr ptrResults
)
{
int result_status = 0;
try
{
Main This = (Main)HookRuntimeInfo.Callback;
lock (Queue1)
{
Queue1.Push("[" + RemoteHooking.GetCurrentProcessId() + ":" +
RemoteHooking.GetCurrentThreadId() + "]: \"" + nodename + "\"");
}
}
catch
{
}
// call original API or our custom DNS lookup
if (nodename != "")
{
// LogMessage("InterceptDNS_Hooked: nodename: " + nodename + ".");
// UseCustomDNSForDomain is "all" or a domain like ".abc" with a leading dot.
// App settings aren't seen here, so hardwired:
string UseCustomDNSForDomain = ".altnet";
if (UseCustomDNSForDomain.Equals("all"))
{
result_status = AltNetGetAddrInfoW(
nodename,
servicename,
ref hints,
out ptrResults);
return(result_status);
}
else if (nodename.IndexOf(UseCustomDNSForDomain) == nodename.Length - UseCustomDNSForDomain.Length)
{
// LogMessage("===START ALTNET DOMAIN LOOKUP==================");
LogMessage(nodename + " will use custom DNS lookup.");
// .altnet domain, do our own lookup.
// The results crash Firefox, but not if set to IntPtr.Zero ...
result_status = AltNetGetAddrInfoW(
nodename,
servicename,
ref hints,
out ptrResults);
return(result_status);
}
else
{
result_status = GetAddrInfoW(
nodename,
servicename,
ref hints,
out ptrResults);
return(result_status);
}
}
else
{
LogMessage("InterceptDNS_Hooked: nodename is empty.");
result_status = GetAddrInfoW(
nodename,
servicename,
ref hints,
out ptrResults);
return(result_status);
}
}
private int getDateFormatWInterceptor(
uint locale,
uint dwFlags,
SystemTime lpDate,
string lpFormat,
StringBuilder lpDateStr,
int sbSize)
{
try
{
if (_interface != null)
{
_interface.Converted();
}
return(DateFormatInterceptor.ModifyDateFormat(locale, dwFlags, lpDate, lpFormat, lpDateStr, sbSize));
}
catch (Exception ex)
{
if (_interface != null)
{
_interface.ReportException(ex);
}
if (_interface != null && lpDate != null)
{
_interface.SendMessage(string.Format("GetDateFormatW ->locale:{0}, dwFlags:{1}, lpFormat:{2}, sbSize:{3}, lpDate.Year:{4}, lpDate.Month:{5}, lpDate.Day:{6} lpDate.Minute:{7}, lpDateStr:{8}, CurrentProcessId:{9}, CurrentThreadId:{10}",
locale, dwFlags, lpFormat, sbSize, lpDate.Year, lpDate.Month,
lpDate.Day, lpDate.Minute, lpDateStr, RemoteHooking.GetCurrentProcessId(), RemoteHooking.GetCurrentThreadId()));
}
// call the original API...
return(NativeMethods.GetDateFormatW(locale, dwFlags, lpDate, lpFormat, lpDateStr, sbSize));
}
}
bool CreateProcessW_Hooked([MarshalAsAttribute(UnmanagedType.LPWStr)] string lpApplicationName, IntPtr lpCommandLine, IntPtr lpProcessAttributes, IntPtr lpThreadAttributes, [MarshalAsAttribute(UnmanagedType.Bool)] bool bInheritHandles, uint dwCreationFlags, IntPtr lpEnvironment, [MarshalAsAttribute(UnmanagedType.LPWStr)] string lpCurrentDirectory, ref STARTUPINFOW lpStartupInfo, [OutAttribute()] out PROCESS_INFORMATION lpProcessInformation)
{
bool result = false;
result = CreateProcessW(lpApplicationName, lpCommandLine, lpProcessAttributes, lpThreadAttributes, bInheritHandles, dwCreationFlags, lpEnvironment, lpCurrentDirectory, ref lpStartupInfo, out lpProcessInformation);
try
{
_server.ReportMessage(string.Format("[{0}:{1}]: CreateProcess ({2} created name) \"{3}\"",
RemoteHooking.GetCurrentProcessId(), RemoteHooking.GetCurrentThreadId()
, lpApplicationName, lpStartupInfo.wShowWindow));
}
catch
{
}
return(result);
}
IntPtr CreateFile_Hook(
string fileName,
UInt32 desiredAccess,
UInt32 shareMode,
IntPtr securityAttributes,
UInt32 creationDisposition,
UInt32 flagsAndAttributes,
IntPtr templateFile)
{
try
{
lock (_messageQueue)
{
if (_messageQueue.Count < 1000)
{
var mode = string.Empty;
switch (creationDisposition)
{
case 1:
mode = "CREATE_NEW";
break;
case 2:
mode = "CREATE_ALWAYS";
break;
case 3:
mode = "OPEN_ALWAYS";
break;
case 4:
mode = "OPEN_EXISTING";
break;
case 5:
mode = "TRUNCATE_EXISTING";
break;
}
// Add message to send to loader
_messageQueue.Enqueue(
string.Format("[{0}:{1}]: CREATE ({2}) \"{3}\"",
RemoteHooking.GetCurrentProcessId(), RemoteHooking.GetCurrentThreadId(),
mode, fileName));
}
}
}
catch
{
// Swallow exceptions so that any issues caused by this code does not crash the target process.
}
// Modify filename IF the file is in the songs folder
if (fileName.Contains(@"\Songs\") && (fileName.Contains(".png") || fileName.Contains(".jpg") || fileName.Contains(".jpeg")))
{
if (!string.IsNullOrEmpty(Interface.BackgroundImage))
{
//_messageQueue.Enqueue("Changed BG for beatmap!");
var bg = fileName.Split('\\').Last();
Interface.ReportMessage("Changed beatmap background '" + bg + "'");
fileName = Interface.BackgroundImage;
}
}
return(CreateFileW(
fileName,
desiredAccess,
shareMode,
securityAttributes,
creationDisposition,
flagsAndAttributes,
templateFile
));
}