private void skypeWatcherHandler(object sender, ElapsedEventArgs elapsedEventArgs)
{
// Check that Skype window that provides API is active now.
var skypeIsActive = WinApiWrapper.WindowExists(SKYPE_MAIN_WINDOW_CLASS) &&
!WinApiWrapper.WindowExists(SKYPE_LOGIN_WINDOW_CLASS);
// Ping-pong with Skype to check if we still are subscribed to its messages.
if (IsConnected && skypeIsActive)
{
sendSkypeCommand(SkypeCommands.PING);
// Check when last PONG was recieved. Let 3 lost PONGs are OK.
var diff = DateTime.Now - _lastPong;
if (diff.Milliseconds > WATCH_INTERVAL * 3)
{
disconnect();
return;
}
}
if (!IsConnected && skypeIsActive)
{
enableSkypeMessaging();
}
else if (IsConnected && !skypeIsActive)
{
disconnect();
}
}
private void enableSkypeMessaging()
{
// Register API messages for communicating with Skype.
_skypeApiDiscover = WinApiWrapper.RegisterApiMessage(SkypeControlApiMessages.DISCOVER);
_skypeApiAttach = WinApiWrapper.RegisterApiMessage(SkypeControlApiMessages.ATTACH);
// Register Skype messages handler if Skype is active.
WinApiWrapper.SendMessage(_broadcastHandle, _skypeApiDiscover, _windowHandleSource.Handle);
}
private static bool EnablePrivelege()
{
IntPtr hToken;
LUID luidSEDebugNameValue;
TOKEN_PRIVILEGES tkpPrivileges;
if (!WinApiWrapper.OpenProcessToken(WinApiWrapper.GetCurrentProcess(), (uint)TokenAccess.TOKEN_ADJUST_PRIVILEGES | (uint)TokenAccess.TOKEN_QUERY, out hToken))
{
Console.WriteLine("OpenProcessToken() failed, error = {0} . SeDebugPrivilege is not available", Marshal.GetLastWin32Error());
return(false);
}
else
{
Console.WriteLine("OpenProcessToken() successfully");
}
if (!WinApiWrapper.LookupPrivilegeValue(null, SePrivilegeNames.SE_DEBUG_NAME, out luidSEDebugNameValue))
{
Console.WriteLine("LookupPrivilegeValue() failed, error = {0} .SeDebugPrivilege is not available", Marshal.GetLastWin32Error());
WinApiWrapper.CloseHandle(hToken);
return(false);
}
else
{
Console.WriteLine("LookupPrivilegeValue() successfully");
}
tkpPrivileges.PrivilegeCount = 1;
tkpPrivileges.Luid = luidSEDebugNameValue;
tkpPrivileges.Attributes = (uint)SePrivilege.SE_PRIVILEGE_ENABLED;
bool isOk = true;
if (!WinApiWrapper.AdjustTokenPrivileges(hToken, false, ref tkpPrivileges, 0, IntPtr.Zero, IntPtr.Zero))
{
Console.WriteLine("LookupPrivilegeValue() failed, error = {0} .SeDebugPrivilege is not available", Marshal.GetLastWin32Error());
isOk = false;
}
else
{
Console.WriteLine("SeDebugPrivilege is now available");
}
WinApiWrapper.CloseHandle(hToken);
return(isOk);
}
/// <summary>
/// Sends the Skype command using Windows API.
/// </summary>
/// <param name="command">The command.</param>
private void sendSkypeCommand(string command)
{
#if DEBUG
Trace.WriteLine("SKYPE < " + command);
#endif
var data = new CopyDataStruct {
Id = "1", Size = command.Length + 1, Data = command
};
try
{
WinApiWrapper.SendMessage(
_skypeWindowHandle, WinApiConstants.WM_COPYDATA, _windowHandleSource.Handle, ref data);
}
catch (WinApiException)
{
}
}
private FileSecurity GetFileSecurity(string fileName)
{
if (string.IsNullOrWhiteSpace(fileName))
{
throw new ArgumentNullException(nameof(fileName));
}
if (!File.Exists(fileName))
{
throw new FileNotFoundException("Could not find file to set ownership.", fileName);
}
// Allow this process to circumvent ACL restrictions
WinApiWrapper.ModifyPrivilege(PrivilegeName.SeRestorePrivilege, true);
// Sometimes this is required and other times it works without it. Not sure when.
WinApiWrapper.ModifyPrivilege(PrivilegeName.SeTakeOwnershipPrivilege, true);
var accessControl = File.GetAccessControl(fileName);
return(accessControl);
}
private static void MemoryReader()
{
Console.WriteLine("Mode: Reader");
if (!EnablePrivelege())
{
Console.WriteLine("Couldn't enable privilegs. Exiting...");
return;
}
Console.Write("Enter generated Guid from writer for correctess checking: ");
Guid validGuid = Guid.Parse(Console.ReadLine());
Console.Write("Enter process id: ");
int procId = int.Parse(Console.ReadLine());
Console.Write("Enter memory reading addr in hex(example, 0x24B004446D0): ");
string strHex = Console.ReadLine().Replace("0x", "");
long addrToRead = long.Parse(strHex, System.Globalization.NumberStyles.HexNumber);
IntPtr hProc = IntPtr.Zero, hToken = IntPtr.Zero;
hProc = WinApiWrapper.OpenProcess(ProcessAccessFlags.All, false, procId);
try
{
if (!WinApiWrapper.OpenProcessToken(hProc, (uint)TokenAccess.TOKEN_ALL_ACCESS, out hToken))
{
Console.WriteLine("OpenProcessToken failed with error: {0}", Marshal.GetLastWin32Error());
return;
}
IntPtr pAddr = new IntPtr(addrToRead);
MEMORY_BASIC_INFORMATION memInfo;
if (0 == WinApiWrapper.VirtualQueryEx(hProc, pAddr, out memInfo, (uint)Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION))))
{
Console.WriteLine("VirtualQueryEx failed with error: {0}", Marshal.GetLastWin32Error());
return;
}
Console.WriteLine("Memory info: ");
PrintMemInfo(memInfo);
Console.WriteLine();
// Guid length is 16 bytes!
byte[] buffer = new byte[16];
IntPtr readBytesPtr = IntPtr.Zero;
if (!WinApiWrapper.ReadProcessMemory(hProc, pAddr, buffer, buffer.Length, out readBytesPtr))
{
Console.WriteLine("ReadProcessMemory failed with error: {0}", Marshal.GetLastWin32Error());
return;
}
long readBytes = readBytesPtr.ToInt64();
Console.WriteLine("Read {0} bytes from 0x{1:X}", readBytesPtr.ToInt64(), pAddr.ToInt64());
Console.Write("Buffer data is: ");
ShowBuffer(buffer);
Console.WriteLine();
Guid guid = new Guid(buffer);
Console.WriteLine("Buffer as Guid: {0}", guid);
if (validGuid == guid)
{
Console.WriteLine("Read memory is OK!");
}
else
{
Console.WriteLine("Read memory failed!");
}
Console.WriteLine("Press 'Enter' to quit");
Console.ReadLine();
}
finally
{
if (hToken != IntPtr.Zero)
{
WinApiWrapper.CloseHandle(hToken);
}
if (hProc != IntPtr.Zero)
{
WinApiWrapper.CloseHandle(hProc);
}
}
}
