private void cbShowObject_SelectedIndexChanged(object sender, EventArgs e) { if (cbShowObject.Text != null) { if ((cbShowObject.Text == "") || cbShowObject.Text.Contains("None")) { return; } else { int index = KernelObjects.IndexOfThisObject(KernelObjects.Registered, cbShowObject.Text.Split(new char[] { ' ' }, StringSplitOptions.RemoveEmptyEntries).First().Trim()); if (index != -1) { KernelObjects.Registered[index].ShowFieldsInfo(); } else { MessageBox.Show("Selected object has been removed.", "Failed", MessageBoxButtons.OK, MessageBoxIcon.Warning); cbShowObject.Text = ""; } } } // cbShowObject.Text = ""; }
private void MainForm_Load(object sender, EventArgs e) { if (InitDevice()) { isDriverLoaded = true; InitializeAppearance(); GetProcess(); // For Test... //kernelObjects = new KernelObjects(this); //return; CommunicationThread = new Thread(CommunicationRoutine); CommunicationThread.Start(); if (CommunicationThread != null && CommunicationThread.ThreadState == ThreadState.Running) { kernelObjects = new KernelObjects(this); return; } else { MessageBox.Show("Failed to Create the User Communication Thread.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); DisConnect(); } } Dispose(); Close(); }
private void addFileToolStripMenuItem_Click(object sender, EventArgs e) { string fileName = null; if (openFileDialog1.ShowDialog() == DialogResult.OK) { fileName = openFileDialog1.FileName; if (fileName != null) { Thread parsingThread = new Thread(() => KernelObjects.AddFileToParse(fileName)); parsingThread.Start(); } } }
private void showOBJECTToolStripMenuItem_DropDownOpening(object sender, EventArgs e) { cbShowObject.Items.Clear(); string[] tmp = KernelObjects.GetRegisteredObjectsList(); if (tmp != null) { cbShowObject.Size = new Size((int)(tmp[0].Length * 7.7), 31); cbShowObject.Items.AddRange(tmp); } else { cbShowObject.Size = new Size(255, 31); cbShowObject.Text = " None"; } }
private void GetRequiredOffsets(REQUIRED_OFFSET Required) { R_MESSAGE_FORM message = new R_MESSAGE_FORM(); message.Required = new REQUIRED_OFFSET(); message.Type = RESPONSE_REQUIRED_OFFSET; if (Required != null) { message.Required.ObjectName = Required.ObjectName.Trim(); message.Required.FieldName = Required.FieldName.Trim(); // Query to 'KernelObjects' class. if ((message.Required.ObjectName.Length > 0) && (message.Required.FieldName.Length > 0)) { int tmp = KernelObjects.IndexOfThisObject(KernelObjects.Registered, message.Required.ObjectName); if (tmp != -1) { tmp = KernelObjects.Registered[tmp].GetFieldOffset(message.Required.FieldName); if (tmp != -1) { message.Required.Offset = (uint)tmp; } } } } if (message.Required.Offset == 0) { message.Res = 0xFFFF; // Signal for Failure. //MessageBox.Show("Failed to get offset required by Driver : " + Required.ObjectName + "!" + Required.FieldName); Thread messageThread = new Thread(() => MessageBox.Show("Failed to get Offset that required by Driver : " + Required.ObjectName + "!" + Required.FieldName)); messageThread.Start(); } SendControlMessage(message.Type, message); }
private void ShowKernelObjectContents(B_MESSAGE_FORM message) { if (dumpedByteStream != null) { // It's the first message for this dump. if (receivedByteStreamLength == 0) { startAddressForThisStream = message.Address; } // Error check. if ((message.Res != 0) || (startAddressForThisStream + receivedByteStreamLength != message.Address) || (receivedByteStreamLength + message.Size > dumpedByteStream.Length)) { InitializeCurrentDump(); // 이거 에러 상황 전까지 받은 데이터는 그냥 출력하는 걸로 바꿀 수도... if (message.Res != 0x89) { MessageBox.Show(String.Format("Error occured while dumping at 0x{0:X8}.", message.Address), "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); } // else -> Failed to get Offset. return; } // Store the received data. uint currentStartIndex = message.Address - startAddressForThisStream; for (uint i = 0; i < message.Size; i++) { dumpedByteStream[currentStartIndex + i] = message.bMessage[i]; } receivedByteStreamLength += message.Size; // Received whole data. if (receivedByteStreamLength == dumpedByteStream.Length) { TreeView currentTree = null; string currentObjectName = null; int indexForKernelObjectInRegistered = -1; switch (this.tabProcess.SelectedIndex) { case 0: // _EPROCESS currentTree = this.tvEprocess; currentObjectName = "_EPROCESS"; break; case 1: break; default: break; } indexForKernelObjectInRegistered = KernelObjects.IndexOfThisObject(KernelObjects.Registered, currentObjectName); if ((currentTree != null) && (indexForKernelObjectInRegistered != -1)) { // Parsing Start... List <string> parsed = KernelObjects.Registered[indexForKernelObjectInRegistered].ShowFieldsInfo(true); if ((parsed != null) && (parsed.Count > 1)) { AppendTree(currentTree, new TreeNode(parsed[0])); for (int i = 1; i < parsed.Count; i++) { string[] splitLine = parsed[i].Split(new char[] { '!' }, StringSplitOptions.RemoveEmptyEntries); AppendTree(currentTree, new TreeNode(splitLine[0]), currentTree.Nodes[0].Nodes); if (splitLine.Length > 1) { for (int j = 1; j < splitLine.Length; j++) { AppendTree(currentTree, new TreeNode(splitLine[j]), currentTree.Nodes[0].LastNode.Nodes); } } } } // For Test... //AppendTree(currentTree, new TreeNode(currentObjectName)); //AppendTree(currentTree, new TreeNode(String.Format("0x{0:X2}{1:X2}{2:X2}{3:X2}", dumpedByteStream[3], dumpedByteStream[2], dumpedByteStream[1], dumpedByteStream[0])), currentTree.Nodes[0].Nodes); //AppendTree(currentTree, new TreeNode(String.Format("0x{0:X2}{1:X2}{2:X2}{3:X2}", dumpedByteStream[7], dumpedByteStream[6], dumpedByteStream[5], dumpedByteStream[4])), currentTree.Nodes[0].Nodes); } } } else { // 위에 에러날 상황과 연계해서 생각해봐야 함. 에러나기 전까지 받은 것들 출력할지 말지. MessageBox.Show("The 'dumpedByteStream' Buffer does not exist.\r\nTHIS MESSAGE IS FOR TEST.", "Error"); InitializeCurrentDump(); } }