private static NtAlpcClient ConnectPort(string path, SecurityQualityOfService sqos)
{
AlpcReceiveMessageAttributes in_attr = new AlpcReceiveMessageAttributes();
return(NtAlpcClient.Connect(path, null,
CreatePortAttributes(sqos), AlpcMessageFlags.SyncRequest, null, null, null, in_attr, NtWaitTimeout.FromSeconds(5)));
}
private NdrUnmarshalBuffer SendAndReceiveImmediate(int proc_num, NdrMarshalBuffer ndr_buffer, byte[] buffer)
{
LRPC_IMMEDIATE_REQUEST_MESSAGE req_msg = new LRPC_IMMEDIATE_REQUEST_MESSAGE()
{
Header = new LRPC_HEADER(LRPC_MESSAGE_TYPE.lmtRequest),
BindingId = 0,
CallId = CallId++,
ProcNum = proc_num,
};
if (ObjectUuid != Guid.Empty)
{
req_msg.ObjectUuid = ObjectUuid;
req_msg.Flags |= LRPC_REQUEST_MESSAGE_FLAGS.ObjectUuid;
}
AlpcMessageType <LRPC_IMMEDIATE_REQUEST_MESSAGE> send_msg = new AlpcMessageType <LRPC_IMMEDIATE_REQUEST_MESSAGE>(req_msg, buffer);
AlpcMessageRaw resp_msg = new AlpcMessageRaw(0x1000);
AlpcSendMessageAttributes send_attr = new AlpcSendMessageAttributes();
if (ndr_buffer.Handles.Count > 0)
{
send_attr.AddHandles(ndr_buffer.Handles);
}
using (AlpcReceiveMessageAttributes recv_attr = new AlpcReceiveMessageAttributes())
{
_client.SendReceive(AlpcMessageFlags.SyncRequest, send_msg, send_attr, resp_msg, recv_attr, NtWaitTimeout.Infinite);
NdrUnmarshalBuffer unmarshal = HandleResponse(resp_msg, recv_attr, req_msg.CallId);
ClearAttributes(resp_msg, recv_attr);
return(unmarshal);
}
}
private RpcClientResponse SendAndReceiveImmediate(int proc_num, Guid objuuid, byte[] ndr_buffer, IReadOnlyCollection <NtObject> handles)
{
LRPC_IMMEDIATE_REQUEST_MESSAGE req_msg = new LRPC_IMMEDIATE_REQUEST_MESSAGE()
{
Header = new LRPC_HEADER(LRPC_MESSAGE_TYPE.lmtRequest),
BindingId = 0,
CallId = CallId++,
ProcNum = proc_num,
};
if (objuuid != Guid.Empty)
{
req_msg.ObjectUuid = objuuid;
req_msg.Flags |= LRPC_REQUEST_MESSAGE_FLAGS.ObjectUuid;
}
AlpcMessageType <LRPC_IMMEDIATE_REQUEST_MESSAGE> send_msg = new AlpcMessageType <LRPC_IMMEDIATE_REQUEST_MESSAGE>(req_msg, ndr_buffer);
AlpcMessageRaw resp_msg = new AlpcMessageRaw(0x1000);
AlpcSendMessageAttributes send_attr = new AlpcSendMessageAttributes();
if (handles.Count > 0)
{
send_attr.AddHandles(handles);
}
using (AlpcReceiveMessageAttributes recv_attr = new AlpcReceiveMessageAttributes()) {
_client.SendReceive(AlpcMessageFlags.SyncRequest, send_msg, send_attr, resp_msg, recv_attr, NtWaitTimeout.Infinite);
RpcClientResponse response = HandleResponse(resp_msg, recv_attr, req_msg.CallId);
ClearAttributes(resp_msg, recv_attr);
return(response);
}
}
private void ClearAttributes(AlpcMessage msg, AlpcReceiveMessageAttributes attributes)
{
AlpcMessageAttributeFlags flags = attributes.ValidAttributes & (AlpcMessageAttributeFlags.View | AlpcMessageAttributeFlags.Handle);
if (!msg.ContinuationRequired || flags == 0)
{
return;
}
_client.Send(AlpcMessageFlags.None, msg, attributes.ToContinuationAttributes(flags), NtWaitTimeout.Infinite);
}
private void BindInterface(Guid interface_id, Version interface_version)
{
var bind_msg = new AlpcMessageType <LRPC_BIND_MESSAGE>(new LRPC_BIND_MESSAGE(interface_id, interface_version));
var recv_msg = new AlpcMessageRaw(0x1000);
using (var recv_attr = new AlpcReceiveMessageAttributes()) {
_client.SendReceive(AlpcMessageFlags.SyncRequest, bind_msg, null, recv_msg, recv_attr, NtWaitTimeout.Infinite);
using (var buffer = recv_msg.Data.ToBuffer()) {
CheckForFault(buffer, LRPC_MESSAGE_TYPE.lmtBind);
var value = buffer.Read <LRPC_BIND_MESSAGE>(0);
if (value.RpcStatus != 0)
{
throw new NtException(NtObjectUtils.MapDosErrorToStatus(value.RpcStatus));
}
}
}
}
private RpcClientResponse SendAndReceiveLarge(int proc_num, Guid objuuid, byte[] ndr_buffer, IReadOnlyCollection <NtObject> handles)
{
LRPC_LARGE_REQUEST_MESSAGE req_msg = new LRPC_LARGE_REQUEST_MESSAGE()
{
Header = new LRPC_HEADER(LRPC_MESSAGE_TYPE.lmtRequest),
BindingId = 0,
CallId = CallId++,
ProcNum = proc_num,
LargeDataSize = ndr_buffer.Length,
Flags = LRPC_REQUEST_MESSAGE_FLAGS.ViewPresent
};
if (objuuid != Guid.Empty)
{
req_msg.ObjectUuid = objuuid;
req_msg.Flags |= LRPC_REQUEST_MESSAGE_FLAGS.ObjectUuid;
}
var send_msg = new AlpcMessageType <LRPC_LARGE_REQUEST_MESSAGE>(req_msg);
var recv_msg = new AlpcMessageRaw(0x1000);
var send_attr = new AlpcSendMessageAttributes();
if (handles.Count > 0)
{
send_attr.AddHandles(handles);
}
using (var port_section = _client.CreatePortSection(AlpcCreatePortSectionFlags.Secure, ndr_buffer.Length))
{
using (var data_view = port_section.CreateSectionView(AlpcDataViewAttrFlags.Secure | AlpcDataViewAttrFlags.AutoRelease, ndr_buffer.Length))
{
data_view.WriteBytes(ndr_buffer);
send_attr.Add(data_view.ToMessageAttribute());
using (var recv_attr = new AlpcReceiveMessageAttributes())
{
RpcUtils.DumpBuffer(true, "ALPC Request Large", send_msg);
_client.SendReceive(AlpcMessageFlags.SyncRequest, send_msg, send_attr, recv_msg, recv_attr, NtWaitTimeout.Infinite);
RpcUtils.DumpBuffer(true, "ALPC Response Large", recv_msg);
RpcClientResponse response = HandleResponse(recv_msg, recv_attr, req_msg.CallId);
ClearAttributes(recv_msg, recv_attr);
return(response);
}
}
}
}
private RpcClientResponse HandleResponse(AlpcMessageRaw message, AlpcReceiveMessageAttributes attributes, int call_id)
{
using (var buffer = message.Data.ToBuffer()) {
CheckForFault(buffer, LRPC_MESSAGE_TYPE.lmtResponse);
// Get data as safe buffer.
var response = buffer.Read <LRPC_IMMEDIATE_RESPONSE_MESSAGE>(0);
if (response.CallId != call_id)
{
throw new ArgumentException("Mismatched Call ID");
}
if ((response.Flags & LRPC_RESPONSE_MESSAGE_FLAGS.ViewPresent) == LRPC_RESPONSE_MESSAGE_FLAGS.ViewPresent)
{
return(HandleLargeResponse(message, buffer.GetStructAtOffset <LRPC_LARGE_RESPONSE_MESSAGE>(0), attributes));
}
return(HandleImmediateResponse(message, buffer.GetStructAtOffset <LRPC_IMMEDIATE_RESPONSE_MESSAGE>(0), attributes, message.DataLength));
}
}
private NdrUnmarshalBuffer SendAndReceiveLarge(int proc_num, NdrMarshalBuffer ndr_buffer, byte[] buffer)
{
LRPC_LARGE_REQUEST_MESSAGE req_msg = new LRPC_LARGE_REQUEST_MESSAGE()
{
Header = new LRPC_HEADER(LRPC_MESSAGE_TYPE.lmtRequest),
BindingId = 0,
CallId = CallId++,
ProcNum = proc_num,
LargeDataSize = buffer.Length,
Flags = LRPC_REQUEST_MESSAGE_FLAGS.ViewPresent
};
if (ObjectUuid != Guid.Empty)
{
req_msg.ObjectUuid = ObjectUuid;
req_msg.Flags |= LRPC_REQUEST_MESSAGE_FLAGS.ObjectUuid;
}
var send_msg = new AlpcMessageType <LRPC_LARGE_REQUEST_MESSAGE>(req_msg);
var recv_msg = new AlpcMessageRaw(0x1000);
var send_attr = new AlpcSendMessageAttributes();
if (ndr_buffer.Handles.Count > 0)
{
send_attr.AddHandles(ndr_buffer.Handles);
}
using (var port_section = _client.CreatePortSection(AlpcCreatePortSectionFlags.Secure, buffer.Length))
{
using (var data_view = port_section.CreateSectionView(AlpcDataViewAttrFlags.Secure | AlpcDataViewAttrFlags.AutoRelease, buffer.Length))
{
data_view.WriteBytes(buffer);
send_attr.Add(data_view.ToMessageAttribute());
using (var recv_attr = new AlpcReceiveMessageAttributes())
{
_client.SendReceive(AlpcMessageFlags.SyncRequest, send_msg, send_attr, recv_msg, recv_attr, NtWaitTimeout.Infinite);
NdrUnmarshalBuffer unmarshal = HandleResponse(recv_msg, recv_attr, req_msg.CallId);
ClearAttributes(recv_msg, recv_attr);
return(unmarshal);
}
}
}
}
private RpcClientResponse HandleLargeResponse(AlpcMessageRaw message, SafeStructureInOutBuffer <LRPC_LARGE_RESPONSE_MESSAGE> response, AlpcReceiveMessageAttributes attributes)
{
if (!attributes.HasValidAttribute(AlpcMessageAttributeFlags.View))
{
throw new ArgumentException("Large response received but no data view available");
}
return(new RpcClientResponse(attributes.DataView.ReadBytes(response.Result.LargeDataSize), attributes.Handles));
}
private RpcClientResponse HandleImmediateResponse(AlpcMessageRaw message, SafeStructureInOutBuffer <LRPC_IMMEDIATE_RESPONSE_MESSAGE> response, AlpcReceiveMessageAttributes attributes, int data_length)
{
return(new RpcClientResponse(response.Data.ToArray(), attributes.Handles));
}
