/// <summary> /// The main entry point for the application. /// </summary> public static void Main(string[] args) { string database_file = null; string save_file = null; bool do_enum = false; bool enum_clsid = false; bool enum_runtime = false; bool show_help = false; bool query_interfaces = false; int concurrent_queries = Environment.ProcessorCount; bool refresh_interfaces = false; bool enable_activation_filter = false; string symbol_dir = null; bool delete_database = false; string view_access_sd = null; string view_launch_sd = null; string view_name = null; COMRegistryMode mode = COMRegistryMode.Merged; IEnumerable <COMServerType> server_types = new COMServerType[] { COMServerType.InProcHandler32, COMServerType.InProcServer32, COMServerType.LocalServer32 }; OptionSet opts = new OptionSet() { { "i|in=", "Open a database file.", v => database_file = v }, { "o|out=", "Save database and exit.", v => save_file = v }, { "e|enum", "Enumerate the provided CLSID (GUID).", v => enum_clsid = v != null }, { "r|rt", "Enumerate the provided Runtime Class.", v => enum_runtime = v != null }, { "q|query", "Query all interfaces for database", v => query_interfaces = v != null }, { "c|conn=", "Number of concurrent interface queries", v => concurrent_queries = int.Parse(v) }, { "s|server=", "Specify server types for query", v => server_types = ParseServerTypes(v) }, { "refresh", "Refresh interfaces in query", v => refresh_interfaces = v != null }, { "m", "Loading mode is machine only.", v => mode = COMRegistryMode.MachineOnly }, { "u", "Loading mode is user only.", v => mode = COMRegistryMode.UserOnly }, { "a", "Enable activation filter.", v => enable_activation_filter = v != null }, { "g=", "Generate a symbol file in the specified directory.", v => symbol_dir = v }, { "d", "Delete the input database once loaded", v => delete_database = v != null }, { "v=", "View a COM access security descriptor (specify the SDDL)", v => view_access_sd = v }, { "l=", "View a COM launch security descriptor (specify the SDDL)", v => view_launch_sd = v }, { "n=", "Name any simple form display such as security descriptor", v => view_name = v }, { "h|help", "Show this message and exit.", v => show_help = v != null }, }; List <string> additional_args = new List <string>(); try { additional_args = opts.Parse(args); } catch { show_help = true; } do_enum = enum_clsid || enum_runtime; if (show_help || (do_enum && additional_args.Count < 4) || (symbol_dir != null && !Directory.Exists(symbol_dir))) { StringWriter writer = new StringWriter(); writer.WriteLine("Usage: OleViewDotNet [options] [enum args]"); writer.WriteLine(); writer.WriteLine("Options:"); opts.WriteOptionDescriptions(writer); MessageBox.Show(writer.ToString(), "Help", MessageBoxButtons.OK, MessageBoxIcon.Information); Environment.Exit(1); } if (do_enum) { try { Environment.Exit(EnumInterfaces(new Queue <string>(additional_args), enum_runtime)); } catch { Environment.Exit(42); } } else if (symbol_dir != null) { try { COMUtilities.GenerateSymbolFile(symbol_dir, Environment.Is64BitProcess ? Properties.Settings.Default.DbgHelpPath64 : Properties.Settings.Default.DbgHelpPath32, Properties.Settings.Default.SymbolPath); Environment.Exit(0); } catch (Exception) { Environment.Exit(1); } } else { AutoSaveLoadConfiguration autoload_config = new AutoSaveLoadConfiguration(); AppDomain.CurrentDomain.UnhandledException += UnhandledExceptionHandler; Application.EnableVisualStyles(); Application.SetCompatibleTextRenderingDefault(false); try { if (view_access_sd != null || view_launch_sd != null) { bool access = view_access_sd != null; SecurityDescriptor sd = new SecurityDescriptor(view_access_sd ?? view_launch_sd); AccessMask valid_access = access ? 0x7 : 0x1F; SecurityDescriptorViewerControl control = new SecurityDescriptorViewerControl(); DocumentForm frm = new DocumentForm(control); string title = $"{(access ? "Access Security" : "Launch Security")}"; if (!string.IsNullOrWhiteSpace(view_name)) { title = $"{view_name} {title}"; } frm.Text = title; control.SetSecurityDescriptor(sd, typeof(COMAccessRights), new GenericMapping() { GenericExecute = valid_access, GenericRead = valid_access, GenericWrite = valid_access, GenericAll = valid_access }, valid_access); Application.Run(frm); return; } COMRegistry registry = null; if (database_file == null && autoload_config.AutoLoad && File.Exists(autoload_config.DatabasePath)) { try { registry = COMUtilities.LoadRegistry(null, autoload_config.DatabasePath); } catch { MessageBox.Show($"Error loading database {autoload_config.DatabasePath}", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); } } if (registry == null) { registry = database_file != null?COMUtilities.LoadRegistry(null, database_file) : COMUtilities.LoadRegistry(null, mode); } if (delete_database && database_file != null) { File.Delete(database_file); } if (query_interfaces) { if (!COMUtilities.QueryAllInterfaces(null, registry.Clsids.Values, server_types, concurrent_queries, refresh_interfaces)) { Environment.Exit(1); } } if (save_file != null) { registry.Save(save_file); Environment.Exit(0); } _appContext = new MultiApplicationContext(new MainForm(registry)); if (enable_activation_filter) { COMUtilities.CoRegisterActivationFilter(new ActivationFilter()); } Application.Run(_appContext); autoload_config = new AutoSaveLoadConfiguration(); if (autoload_config.AutoSave) { registry.Save(autoload_config.DatabasePath); } } catch (Exception ex) { if (!(ex is OperationCanceledException)) { ShowError(null, ex); } } } }
public static void Main(string[] args) { string database_file = null; string save_file = null; bool enum_clsid = false; bool enum_runtime = false; bool show_help = false; bool query_interfaces = false; int concurrent_queries = Environment.ProcessorCount; bool refresh_interfaces = false; bool enable_activation_filter = false; COMRegistryMode mode = COMRegistryMode.Merged; IEnumerable <COMServerType> server_types = new COMServerType[] { COMServerType.InProcHandler32, COMServerType.InProcServer32, COMServerType.LocalServer32 }; OptionSet opts = new OptionSet() { { "i|in=", "Open a database file.", v => database_file = v }, { "o|out=", "Save database and exit.", v => save_file = v }, { "e|enum", "Enumerate the provided CLSID (GUID).", v => enum_clsid = v != null }, { "r|rt", "Enumerate the provided Runtime Class.", v => enum_runtime = v != null }, { "q|query", "Query all interfaces for database", v => query_interfaces = v != null }, { "c|conn=", "Number of concurrent interface queries", v => concurrent_queries = int.Parse(v) }, { "s|server=", "Specify server types for query", v => server_types = ParseServerTypes(v) }, { "refresh", "Refresh interfaces in query", v => refresh_interfaces = v != null }, { "m", "Loading mode is machine only.", v => mode = COMRegistryMode.MachineOnly }, { "u", "Loading mode is user only.", v => mode = COMRegistryMode.UserOnly }, { "a", "Enable activation filter.", v => enable_activation_filter = v != null }, { "h|help", "Show this message and exit.", v => show_help = v != null }, }; List <string> additional_args = new List <string>(); try { additional_args = opts.Parse(args); } catch { show_help = true; } if (show_help || (enum_clsid && additional_args.Count < 4) || (enum_runtime && additional_args.Count < 3)) { StringWriter writer = new StringWriter(); writer.WriteLine("Usage: OleViewDotNet [options] [enum args]"); writer.WriteLine(); writer.WriteLine("Options:"); opts.WriteOptionDescriptions(writer); MessageBox.Show(writer.ToString(), "Help", MessageBoxButtons.OK, MessageBoxIcon.Information); Environment.Exit(1); } if (enum_clsid || enum_runtime) { try { Environment.Exit(EnumInterfaces(new Queue <string>(additional_args), enum_runtime)); } catch { Environment.Exit(42); } } else { AppDomain.CurrentDomain.UnhandledException += UnhandledExceptionHandler; Application.EnableVisualStyles(); Application.SetCompatibleTextRenderingDefault(false); try { COMRegistry registry = database_file != null?COMUtilities.LoadRegistry(null, database_file) : COMUtilities.LoadRegistry(null, mode); if (query_interfaces) { if (!COMUtilities.QueryAllInterfaces(null, registry.Clsids.Values, server_types, concurrent_queries, refresh_interfaces)) { Environment.Exit(1); } } if (save_file != null) { registry.Save(save_file); Environment.Exit(0); } _appContext = new MultiApplicationContext(new MainForm(registry)); if (enable_activation_filter) { COMUtilities.CoRegisterActivationFilter(new ActivationFilter()); } Application.Run(_appContext); } catch (Exception ex) { if (!(ex is OperationCanceledException)) { ShowError(null, ex); } } } }
private void menuFileOpenUserOnly_Click(object sender, EventArgs e) { LoadRegistry(() => COMUtilities.LoadRegistry(this, COMRegistryMode.UserOnly)); }