mirror of
https://github.com/rapid7/metasploit-payloads
synced 2025-03-24 18:16:24 +01:00
Make builds 100% clean
This commit is contained in:
OJ
parent
35fad79cf0
commit
8ef0a425f1
c/meterpreter/source/extensions/extapi
@ -32,17 +32,21 @@ DWORD get_encoder_clsid(WCHAR *mimeType, CLSID * pClsId)
|
||||
{
|
||||
UINT numEncoders;
|
||||
UINT size;
|
||||
if (GetImageEncodersSize(&numEncoders, &size) != Ok)
|
||||
if (GetImageEncodersSize(&numEncoders, &size) != Ok) {
|
||||
BREAK_WITH_ERROR("[EXTAPI CLIPIMG] Unable to get encoders array size.", ERROR_FUNCTION_FAILED);
|
||||
}
|
||||
|
||||
if (size == 0)
|
||||
if (size == 0) {
|
||||
BREAK_WITH_ERROR("[EXTAPI CLIPIMG] No encoders found.", ERROR_FUNCTION_FAILED);
|
||||
}
|
||||
|
||||
if ((pImageCodecInfo = (ImageCodecInfo*)malloc(size)) == NULL)
|
||||
if ((pImageCodecInfo = (ImageCodecInfo*)malloc(size)) == NULL) {
|
||||
BREAK_WITH_ERROR("[EXTAPI CLIPIMG] Couldn't allocate memory for ImageCodeInfo", ERROR_OUTOFMEMORY);
|
||||
}
|
||||
|
||||
if (GetImageEncoders(numEncoders, size, pImageCodecInfo) != Ok)
|
||||
if (GetImageEncoders(numEncoders, size, pImageCodecInfo) != Ok) {
|
||||
BREAK_WITH_ERROR("[EXTAPI CLIPIMG] Unable to get encoders.", ERROR_FUNCTION_FAILED);
|
||||
}
|
||||
|
||||
for (UINT i = 0; i < numEncoders; ++i) {
|
||||
if (wcscmp(pImageCodecInfo[i].MimeType, mimeType) == 0) {
|
||||
@ -56,8 +60,9 @@ DWORD get_encoder_clsid(WCHAR *mimeType, CLSID * pClsId)
|
||||
}
|
||||
} while (0);
|
||||
|
||||
if (pImageCodecInfo != NULL)
|
||||
if (pImageCodecInfo != NULL) {
|
||||
free(pImageCodecInfo);
|
||||
}
|
||||
|
||||
return dwResult;
|
||||
}
|
||||
@ -130,16 +135,19 @@ DWORD convert_to_jpg(const LPBITMAPINFO lpBI, const LPVOID lpDIB, ULONG ulQualit
|
||||
|
||||
do
|
||||
{
|
||||
if (GdiplusStartup(&gdiPlusToken, &gdiStartupInput, NULL) != Ok)
|
||||
if (GdiplusStartup(&gdiPlusToken, &gdiStartupInput, NULL) != Ok) {
|
||||
BREAK_WITH_ERROR("[EXTAPI CLIPIMG] Unable to initialize GdiPlus", ERROR_FUNCTION_FAILED);
|
||||
}
|
||||
|
||||
CLSID jpegClsid;
|
||||
dprintf("[EXTAPI CLIPIMG] Attempting to get the jpg class id");
|
||||
if (get_encoder_clsid(L"image/jpeg", &jpegClsid) != ERROR_SUCCESS)
|
||||
if (get_encoder_clsid(L"image/jpeg", &jpegClsid) != ERROR_SUCCESS) {
|
||||
BREAK_WITH_ERROR("[EXTAPI CLIPIMG] Unable to find an appropriate image encoder", ERROR_FUNCTION_FAILED);
|
||||
}
|
||||
|
||||
if ((pBitmap = new Bitmap(lpBI, lpDIB)) == NULL)
|
||||
if ((pBitmap = new Bitmap(lpBI, lpDIB)) == NULL) {
|
||||
BREAK_WITH_ERROR("[EXTAPI CLIPIMG] Failed to create bitmap instance", ERROR_FUNCTION_FAILED);
|
||||
}
|
||||
|
||||
EncoderParameters encParams;
|
||||
encParams.Count = 1;
|
||||
@ -148,27 +156,32 @@ DWORD convert_to_jpg(const LPBITMAPINFO lpBI, const LPVOID lpDIB, ULONG ulQualit
|
||||
encParams.Parameter[0].Type = EncoderParameterValueTypeLong;
|
||||
encParams.Parameter[0].Value = &ulQuality;
|
||||
|
||||
if (CreateStreamOnHGlobal(NULL, TRUE, &pStream) != S_OK)
|
||||
if (CreateStreamOnHGlobal(NULL, TRUE, &pStream) != S_OK) {
|
||||
BREAK_WITH_ERROR("[EXTAPI CLIPIMG] Failed to create stream", ERROR_FUNCTION_FAILED);
|
||||
}
|
||||
|
||||
if (pBitmap->Save(pStream, &jpegClsid, &encParams) != Ok)
|
||||
if (pBitmap->Save(pStream, &jpegClsid, &encParams) != Ok) {
|
||||
BREAK_WITH_ERROR("[EXTAPI CLIPIMG] Failed to save image to stream", ERROR_FUNCTION_FAILED);
|
||||
}
|
||||
|
||||
STATSTG stat;
|
||||
if (pStream->Stat(&stat, STATFLAG_NONAME) != S_OK)
|
||||
if (pStream->Stat(&stat, STATFLAG_NONAME) != S_OK) {
|
||||
BREAK_WITH_ERROR("[EXTAPI CLIPIMG] Failed to get image stat", ERROR_FUNCTION_FAILED);
|
||||
}
|
||||
|
||||
// if the image requires the quadpart, then we're in trouble anyway!
|
||||
pImage->dwImageBufferSize = stat.cbSize.LowPart;
|
||||
if ((pImage->pImageBuffer = (LPBYTE)malloc(pImage->dwImageBufferSize)) == NULL)
|
||||
if ((pImage->pImageBuffer = (LPBYTE)malloc(pImage->dwImageBufferSize)) == NULL) {
|
||||
BREAK_WITH_ERROR("[EXTAPI CLIPIMG] Failed to allocate memory for the JPEG", ERROR_OUTOFMEMORY);
|
||||
}
|
||||
|
||||
ULARGE_INTEGER pos;
|
||||
LARGE_INTEGER zero;
|
||||
zero.QuadPart = 0;
|
||||
pos.QuadPart = 0;
|
||||
if (pStream->Seek(zero, STREAM_SEEK_SET, &pos) != S_OK)
|
||||
if (pStream->Seek(zero, STREAM_SEEK_SET, &pos) != S_OK) {
|
||||
BREAK_WITH_ERROR("[EXTAPI CLIPIMG] Failed set stream position", ERROR_FUNCTION_FAILED);
|
||||
}
|
||||
|
||||
ULONG bytesRead = 0;
|
||||
if ((hRes = pStream->Read(pImage->pImageBuffer, pImage->dwImageBufferSize, &bytesRead) != S_OK)) {
|
||||
@ -177,8 +190,9 @@ DWORD convert_to_jpg(const LPBITMAPINFO lpBI, const LPVOID lpDIB, ULONG ulQualit
|
||||
break;
|
||||
}
|
||||
|
||||
if (bytesRead != pImage->dwImageBufferSize)
|
||||
if (bytesRead != pImage->dwImageBufferSize) {
|
||||
BREAK_WITH_ERROR("[EXTAPI CLIPIMG] Failed to read image data from stream", ERROR_FUNCTION_FAILED);
|
||||
}
|
||||
} while (0);
|
||||
|
||||
if (dwResult != ERROR_SUCCESS && pImage->pImageBuffer != NULL) {
|
||||
@ -186,14 +200,17 @@ DWORD convert_to_jpg(const LPBITMAPINFO lpBI, const LPVOID lpDIB, ULONG ulQualit
|
||||
pImage->pImageBuffer = NULL;
|
||||
}
|
||||
|
||||
if (pStream != NULL)
|
||||
if (pStream != NULL) {
|
||||
pStream->Release();
|
||||
}
|
||||
|
||||
if (pBitmap != NULL)
|
||||
if (pBitmap != NULL) {
|
||||
delete pBitmap;
|
||||
}
|
||||
|
||||
if (gdiPlusToken != 0)
|
||||
if (gdiPlusToken != 0) {
|
||||
GdiplusShutdown(gdiPlusToken);
|
||||
}
|
||||
|
||||
return dwResult;
|
||||
}
|
||||
|
||||
@ -36,12 +36,9 @@ Command customCommands[] =
|
||||
*/
|
||||
DWORD __declspec(dllexport) InitServerExtension(Remote *remote)
|
||||
{
|
||||
DWORD index;
|
||||
|
||||
hMetSrv = remote->hMetSrv;
|
||||
|
||||
for (index = 0; customCommands[index].method; index++)
|
||||
command_register(&customCommands[index]);
|
||||
command_register_all(customCommands);
|
||||
|
||||
return ERROR_SUCCESS;
|
||||
}
|
||||
@ -54,10 +51,7 @@ DWORD __declspec(dllexport) InitServerExtension(Remote *remote)
|
||||
*/
|
||||
DWORD __declspec(dllexport) DeinitServerExtension(Remote *remote)
|
||||
{
|
||||
DWORD index;
|
||||
|
||||
for (index = 0; customCommands[index].method; index++)
|
||||
command_deregister(&customCommands[index]);
|
||||
command_deregister_all(customCommands);
|
||||
|
||||
return ERROR_SUCCESS;
|
||||
}
|
||||
|
||||
@ -84,8 +84,9 @@ DWORD request_service_enum(Remote *remote, Packet *packet)
|
||||
} while (0);
|
||||
|
||||
dprintf("[EXTAPI SERVICE] Transmitting response back to caller.");
|
||||
if (response)
|
||||
if (response) {
|
||||
packet_transmit_response(dwResult, remote, response);
|
||||
}
|
||||
|
||||
return dwResult;
|
||||
}
|
||||
@ -115,8 +116,9 @@ DWORD request_service_query(Remote *remote, Packet *packet)
|
||||
}
|
||||
|
||||
lpServiceName = packet_get_tlv_value_string(packet, TLV_TYPE_EXT_SERVICE_ENUM_NAME);
|
||||
if (!lpServiceName)
|
||||
if (!lpServiceName) {
|
||||
BREAK_WITH_ERROR("[EXTAPI SERVICE] Missing service name parameter", ERROR_BAD_ARGUMENTS);
|
||||
}
|
||||
|
||||
dprintf("[EXTAPI SERVICE] Beginning service enumeration");
|
||||
dwResult = query_service(lpServiceName, response);
|
||||
@ -124,8 +126,9 @@ DWORD request_service_query(Remote *remote, Packet *packet)
|
||||
} while (0);
|
||||
|
||||
dprintf("[EXTAPI SERVICE] Transmitting response back to caller.");
|
||||
if (response)
|
||||
if (response) {
|
||||
packet_transmit_response(dwResult, remote, response);
|
||||
}
|
||||
|
||||
return dwResult;
|
||||
}
|
||||
@ -153,24 +156,29 @@ DWORD query_service(LPCSTR cpServiceName, Packet *pResponse)
|
||||
do
|
||||
{
|
||||
dprintf("[EXTAPI SERVICE] Loading advapi32.dll");
|
||||
if ((hAdvapi32 = LoadLibraryA("advapi32.dll")) == NULL)
|
||||
if ((hAdvapi32 = LoadLibraryA("advapi32.dll")) == NULL) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Unable to load advapi32.dll");
|
||||
}
|
||||
|
||||
dprintf("[EXTAPI SERVICE] Searching for OpenSCManagerA");
|
||||
if ((pOpenSCManagerA = (POPENSCMANAGERA)GetProcAddress(hAdvapi32, "OpenSCManagerA")) == NULL)
|
||||
if ((pOpenSCManagerA = (POPENSCMANAGERA)GetProcAddress(hAdvapi32, "OpenSCManagerA")) == NULL) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Unable to locate OpenSCManagerA in advapi32.dll");
|
||||
}
|
||||
|
||||
dprintf("[EXTAPI SERVICE] Searching for CloseServiceHandle");
|
||||
if ((pCloseServiceHandle = (PCLOSESERVICEHANDLE)GetProcAddress(hAdvapi32, "CloseServiceHandle")) == NULL)
|
||||
if ((pCloseServiceHandle = (PCLOSESERVICEHANDLE)GetProcAddress(hAdvapi32, "CloseServiceHandle")) == NULL) {
|
||||
dprintf("[EXTAPI SERVICE] Unable to locate CloseServiceHandle in advapi32.dll. Continuing anyway.");
|
||||
}
|
||||
|
||||
dprintf("[EXTAPI SERVICE] Searching for OpenServiceA");
|
||||
if ((pOpenServiceA = (POPENSERVICEA)GetProcAddress(hAdvapi32, "OpenServiceA")) == NULL)
|
||||
if ((pOpenServiceA = (POPENSERVICEA)GetProcAddress(hAdvapi32, "OpenServiceA")) == NULL) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Unable to locate OpenServiceA in advapi32.dll.");
|
||||
}
|
||||
|
||||
dprintf("[EXTAPI SERVICE] Opening the Service Control manager");
|
||||
if ((scManager = pOpenSCManagerA(NULL, SERVICES_ACTIVE_DATABASEA, SC_MANAGER_CONNECT | GENERIC_READ)) == NULL)
|
||||
if ((scManager = pOpenSCManagerA(NULL, SERVICES_ACTIVE_DATABASEA, SC_MANAGER_CONNECT | GENERIC_READ)) == NULL) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Unable to open the service control manager");
|
||||
}
|
||||
|
||||
dprintf("[EXTAPI SERVICE] Opening the Service: %s", cpServiceName);
|
||||
if ((scService = pOpenServiceA(scManager, cpServiceName, SC_MANAGER_CONNECT | GENERIC_READ)) == NULL) {
|
||||
@ -184,14 +192,17 @@ DWORD query_service(LPCSTR cpServiceName, Packet *pResponse)
|
||||
|
||||
} while (0);
|
||||
|
||||
if (scService && pCloseServiceHandle)
|
||||
if (scService && pCloseServiceHandle) {
|
||||
pCloseServiceHandle(scService);
|
||||
}
|
||||
|
||||
if (scManager && pCloseServiceHandle)
|
||||
if (scManager && pCloseServiceHandle) {
|
||||
pCloseServiceHandle(scManager);
|
||||
}
|
||||
|
||||
if (hAdvapi32)
|
||||
if (hAdvapi32) {
|
||||
FreeLibrary(hAdvapi32);
|
||||
}
|
||||
|
||||
return dwResult;
|
||||
#else
|
||||
@ -226,25 +237,30 @@ DWORD enumerate_services(Packet *pResponse)
|
||||
do
|
||||
{
|
||||
dprintf("[EXTAPI SERVICE] Loading advapi32.dll");
|
||||
if ((hAdvapi32 = LoadLibraryA("advapi32.dll")) == NULL)
|
||||
if ((hAdvapi32 = LoadLibraryA("advapi32.dll")) == NULL) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Unable to load advapi32.dll");
|
||||
}
|
||||
|
||||
dprintf("[EXTAPI SERVICE] Searching for OpenSCManagerA");
|
||||
if ((pOpenSCManagerA = (POPENSCMANAGERA)GetProcAddress(hAdvapi32, "OpenSCManagerA")) == NULL)
|
||||
if ((pOpenSCManagerA = (POPENSCMANAGERA)GetProcAddress(hAdvapi32, "OpenSCManagerA")) == NULL) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Unable to locate OpenSCManagerA in advapi32.dll");
|
||||
}
|
||||
|
||||
dprintf("[EXTAPI SERVICE] Searching for CloseServiceHandle");
|
||||
if ((pCloseServiceHandle = (PCLOSESERVICEHANDLE)GetProcAddress(hAdvapi32, "CloseServiceHandle")) == NULL)
|
||||
if ((pCloseServiceHandle = (PCLOSESERVICEHANDLE)GetProcAddress(hAdvapi32, "CloseServiceHandle")) == NULL) {
|
||||
dprintf("[EXTAPI SERVICE] Unable to locate CloseServiceHandle in advapi32.dll. Continuing anyway.");
|
||||
}
|
||||
|
||||
dprintf("[EXTAPI SERVICE] Searching for EnumServicesStatusExA");
|
||||
if ((pEnumServicesStatusExA = (PENUMSERVICESSTATUSEXA)GetProcAddress(hAdvapi32, "EnumServicesStatusExA")) == NULL)
|
||||
if ((pEnumServicesStatusExA = (PENUMSERVICESSTATUSEXA)GetProcAddress(hAdvapi32, "EnumServicesStatusExA")) == NULL) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Unable to locate EnumServicesStatusExA in advapi32.dll.");
|
||||
}
|
||||
|
||||
// TODO: add support for other machine names so that this instance can query other machines on the network.
|
||||
dprintf("[EXTAPI SERVICE] Opening the Service Control manager");
|
||||
if ((scManager = pOpenSCManagerA(NULL, SERVICES_ACTIVE_DATABASEA, SC_MANAGER_CONNECT | GENERIC_READ)) == NULL)
|
||||
if ((scManager = pOpenSCManagerA(NULL, SERVICES_ACTIVE_DATABASEA, SC_MANAGER_CONNECT | GENERIC_READ)) == NULL) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Unable to open the service control manager");
|
||||
}
|
||||
|
||||
bResult = pEnumServicesStatusExA(scManager, SC_ENUM_PROCESS_INFO, SERVICE_WIN32, SERVICE_STATE_ALL, NULL, 0,
|
||||
&dwBytesNeeded, &dwServicesReturned, &dwResumeHandle, NULL);
|
||||
@ -253,15 +269,17 @@ DWORD enumerate_services(Packet *pResponse)
|
||||
{
|
||||
pSsInfo = (ENUM_SERVICE_STATUS_PROCESSA*)malloc(dwBytesNeeded);
|
||||
|
||||
if (!pSsInfo)
|
||||
if (!pSsInfo) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Out of memory");
|
||||
}
|
||||
|
||||
bResult = pEnumServicesStatusExA(scManager, SC_ENUM_PROCESS_INFO, SERVICE_WIN32, SERVICE_STATE_ALL, (LPBYTE)pSsInfo, dwBytesNeeded,
|
||||
&dwBytesNeeded, &dwServicesReturned, &dwResumeHandle, NULL);
|
||||
}
|
||||
|
||||
if (!bResult)
|
||||
if (!bResult) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Failed to enumerate services");
|
||||
}
|
||||
|
||||
dprintf("[EXTAPI SERVICE] %s with %u entries returned", (bResult ? "succeeded" : "failed"), dwServicesReturned);
|
||||
|
||||
@ -274,14 +292,17 @@ DWORD enumerate_services(Packet *pResponse)
|
||||
|
||||
} while (0);
|
||||
|
||||
if (pSsInfo)
|
||||
if (pSsInfo) {
|
||||
free(pSsInfo);
|
||||
}
|
||||
|
||||
if (scManager && pCloseServiceHandle)
|
||||
if (scManager && pCloseServiceHandle) {
|
||||
pCloseServiceHandle(scManager);
|
||||
}
|
||||
|
||||
if (hAdvapi32)
|
||||
if (hAdvapi32) {
|
||||
FreeLibrary(hAdvapi32);
|
||||
}
|
||||
|
||||
return dwResult;
|
||||
#else
|
||||
@ -352,20 +373,25 @@ DWORD get_service_config(HMODULE hAdvapi32, SC_HANDLE scService, Packet *pRespon
|
||||
do
|
||||
{
|
||||
dprintf("[EXTAPI SERVICE] Searching for QueryServiceConfigA");
|
||||
if ((pQueryServiceConfigA = (PQUERYSERVICECONFIGA)GetProcAddress(hAdvapi32, "QueryServiceConfigA")) == NULL)
|
||||
if ((pQueryServiceConfigA = (PQUERYSERVICECONFIGA)GetProcAddress(hAdvapi32, "QueryServiceConfigA")) == NULL) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Unable to locate QueryServiceConfigA in advapi32.dll.");
|
||||
}
|
||||
|
||||
if (pQueryServiceConfigA(scService, NULL, 0, &cbBytesNeeded))
|
||||
if (pQueryServiceConfigA(scService, NULL, 0, &cbBytesNeeded)) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] This query should have failed");
|
||||
}
|
||||
|
||||
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
|
||||
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Unexpected error from QueryServiceConfigA");
|
||||
}
|
||||
|
||||
if ((lpServiceConfig = (LPQUERY_SERVICE_CONFIGA)malloc(cbBytesNeeded)) == NULL)
|
||||
if ((lpServiceConfig = (LPQUERY_SERVICE_CONFIGA)malloc(cbBytesNeeded)) == NULL) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Out of memory");
|
||||
}
|
||||
|
||||
if (!pQueryServiceConfigA(scService, lpServiceConfig, cbBytesNeeded, &cbBytesNeeded))
|
||||
if (!pQueryServiceConfigA(scService, lpServiceConfig, cbBytesNeeded, &cbBytesNeeded)) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] QueryServiceConfigA failed");
|
||||
}
|
||||
|
||||
dprintf("[EXTAPI SERVICE] Start type: %u", lpServiceConfig->dwStartType);
|
||||
packet_add_tlv_uint(pResponse, TLV_TYPE_EXT_SERVICE_QUERY_STARTTYPE, lpServiceConfig->dwStartType);
|
||||
@ -377,8 +403,9 @@ DWORD get_service_config(HMODULE hAdvapi32, SC_HANDLE scService, Packet *pRespon
|
||||
|
||||
} while (0);
|
||||
|
||||
if (lpServiceConfig)
|
||||
if (lpServiceConfig) {
|
||||
free(lpServiceConfig);
|
||||
}
|
||||
|
||||
return dwResult;
|
||||
}
|
||||
@ -404,37 +431,46 @@ DWORD get_service_dacl(HMODULE hAdvapi32, SC_HANDLE scService, Packet *pResponse
|
||||
do
|
||||
{
|
||||
dprintf("[EXTAPI SERVICE] Searching for QueryServiceObjectSecurity");
|
||||
if ((pQueryServiceObjectSecurity = (PQUERYSERVICEOBJECTSECURITY)GetProcAddress(hAdvapi32, "QueryServiceObjectSecurity")) == NULL)
|
||||
if ((pQueryServiceObjectSecurity = (PQUERYSERVICEOBJECTSECURITY)GetProcAddress(hAdvapi32, "QueryServiceObjectSecurity")) == NULL) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Unable to locate QueryServiceObjectSecurity in advapi32.dll.");
|
||||
}
|
||||
|
||||
dprintf("[EXTAPI SERVICE] Searching for ConvertSecurityDescriptorToStringSecurityDescriptorA");
|
||||
if ((pCSDTSSDA = (PCSDTSSDA)GetProcAddress(hAdvapi32, "ConvertSecurityDescriptorToStringSecurityDescriptorA")) == NULL)
|
||||
if ((pCSDTSSDA = (PCSDTSSDA)GetProcAddress(hAdvapi32, "ConvertSecurityDescriptorToStringSecurityDescriptorA")) == NULL) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Unable to locate ConvertSecurityDescriptorToStringSecurityDescriptorA in advapi32.dll.");
|
||||
}
|
||||
|
||||
if (pQueryServiceObjectSecurity(scService, DACL_SECURITY_INFORMATION, (PSECURITY_DESCRIPTOR)&pSecurityDescriptor, 0, &dwBytesNeeded))
|
||||
if (pQueryServiceObjectSecurity(scService, DACL_SECURITY_INFORMATION, (PSECURITY_DESCRIPTOR)&pSecurityDescriptor, 0, &dwBytesNeeded)) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Call should have failed");
|
||||
}
|
||||
|
||||
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
|
||||
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Unexpected error getting security");
|
||||
}
|
||||
|
||||
if ((pSecurityDescriptor = (PSECURITY_DESCRIPTOR)malloc(dwBytesNeeded)) == NULL)
|
||||
if ((pSecurityDescriptor = (PSECURITY_DESCRIPTOR)malloc(dwBytesNeeded)) == NULL) {
|
||||
BREAK_WITH_ERROR("[EXTAPI SERVICE] Out of memory", ERROR_OUTOFMEMORY);
|
||||
}
|
||||
|
||||
if (!pQueryServiceObjectSecurity(scService, DACL_SECURITY_INFORMATION, pSecurityDescriptor, dwBytesNeeded, &dwBytesNeeded))
|
||||
if (!pQueryServiceObjectSecurity(scService, DACL_SECURITY_INFORMATION, pSecurityDescriptor, dwBytesNeeded, &dwBytesNeeded)) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Unable to query security information for DACL_SECURITY_INFORMATION");
|
||||
}
|
||||
|
||||
if (!pCSDTSSDA(pSecurityDescriptor, SDDL_REVISION_1, DACL_SECURITY_INFORMATION, &lpDaclString, NULL))
|
||||
if (!pCSDTSSDA(pSecurityDescriptor, SDDL_REVISION_1, DACL_SECURITY_INFORMATION, &lpDaclString, NULL)) {
|
||||
BREAK_ON_ERROR("[EXTAPI SERVICE] Unable to get DACL string");
|
||||
}
|
||||
|
||||
packet_add_tlv_string(pResponse, TLV_TYPE_EXT_SERVICE_QUERY_DACL, lpDaclString);
|
||||
|
||||
} while (0);
|
||||
|
||||
if (lpDaclString)
|
||||
if (lpDaclString) {
|
||||
LocalFree(lpDaclString);
|
||||
}
|
||||
|
||||
if (pSecurityDescriptor)
|
||||
if (pSecurityDescriptor) {
|
||||
free(pSecurityDescriptor);
|
||||
}
|
||||
|
||||
return dwResult;
|
||||
}
|
||||
|
||||
@ -91,17 +91,20 @@ DWORD enumerate_windows(Packet *response, BOOL bIncludeUnknown, QWORD parentWind
|
||||
do
|
||||
{
|
||||
dprintf("[EXTAPI WINDOW] Loading user32.dll");
|
||||
if ((hUser32 = LoadLibraryA("user32.dll")) == NULL)
|
||||
if ((hUser32 = LoadLibraryA("user32.dll")) == NULL) {
|
||||
BREAK_ON_ERROR("[EXTAPI WINDOW] Unable to load user32.dll");
|
||||
}
|
||||
|
||||
dprintf("[EXTAPI WINDOW] Searching for GetWindowTextA");
|
||||
if ((state.pGetWindowTextA = (PGETWINDOWTEXA)GetProcAddress(hUser32, "GetWindowTextA")) == NULL)
|
||||
if ((state.pGetWindowTextA = (PGETWINDOWTEXA)GetProcAddress(hUser32, "GetWindowTextA")) == NULL) {
|
||||
BREAK_ON_ERROR("[EXTAPI WINDOW] Unable to locate GetWindowTextA in user32.dll");
|
||||
}
|
||||
dprintf("[EXTAPI WINDOW] Found GetWindowTextA %p", state.pGetWindowTextA);
|
||||
|
||||
dprintf("[EXTAPI WINDOW] Searching for GetWindowThreadProcessId");
|
||||
if ((state.pGetWindowThreadProcessId = (PGETWINDOWTHREADPROCESSID)GetProcAddress(hUser32, "GetWindowThreadProcessId")) == NULL)
|
||||
if ((state.pGetWindowThreadProcessId = (PGETWINDOWTHREADPROCESSID)GetProcAddress(hUser32, "GetWindowThreadProcessId")) == NULL) {
|
||||
BREAK_ON_ERROR("[EXTAPI WINDOW] Unable to locate GetWindowThreadProcessId in user32.dll");
|
||||
}
|
||||
|
||||
dprintf("[EXTAPI WINDOW] Found GetWindowThreadProcessId %p", state.pGetWindowThreadProcessId);
|
||||
|
||||
@ -109,18 +112,21 @@ DWORD enumerate_windows(Packet *response, BOOL bIncludeUnknown, QWORD parentWind
|
||||
state.bIncludeUnknown = bIncludeUnknown;
|
||||
|
||||
dprintf("[EXTAPI WINDOW] Searching for EnumChildWindows");
|
||||
if ((pEnumChildWindows = (PENUMCHILDWINDOWS)GetProcAddress(hUser32, "EnumChildWindows")) == NULL)
|
||||
if ((pEnumChildWindows = (PENUMCHILDWINDOWS)GetProcAddress(hUser32, "EnumChildWindows")) == NULL) {
|
||||
BREAK_ON_ERROR("[EXTAPI WINDOW] Unable to locate EnumChildWindows in user32.dll");
|
||||
}
|
||||
|
||||
dprintf("[EXTAPI WINDOW] Beginning enumeration of child windows with parent %u", parentWindow);
|
||||
if (!pEnumChildWindows(parentWindow != 0 ? (HWND)parentWindow : NULL, (WNDENUMPROC)enumerate_windows_callback, (LPARAM)&state))
|
||||
if (!pEnumChildWindows(parentWindow != 0 ? (HWND)parentWindow : NULL, (WNDENUMPROC)enumerate_windows_callback, (LPARAM)&state)) {
|
||||
BREAK_ON_ERROR("[EXTAPI WINDOW] Failed to enumerate child windows");
|
||||
}
|
||||
|
||||
dwResult = ERROR_SUCCESS;
|
||||
} while (0);
|
||||
|
||||
if (hUser32)
|
||||
if (hUser32) {
|
||||
FreeLibrary(hUser32);
|
||||
}
|
||||
|
||||
return dwResult;
|
||||
#else
|
||||
@ -162,8 +168,9 @@ DWORD request_window_enum(Remote *remote, Packet *packet)
|
||||
} while (0);
|
||||
|
||||
dprintf("[EXTAPI WINDOW] Transmitting response back to caller.");
|
||||
if (response)
|
||||
if (response) {
|
||||
packet_transmit_response(dwResult, remote, response);
|
||||
}
|
||||
|
||||
return dwResult;
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user