Hesham/wintun
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

api: arrange rundll32 a console logger

Browse Source 
Signed-off-by: Simon Rozman <simon@rozman.si>
This commit is contained in:
Simon Rozman 2020-10-15 15:23:23 +02:00 committed by Jason A. Donenfeld
parent 70461121f7
commit 8bfe692c97
1 changed files with 57 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
api/rundll32.c
View File

@ -7,6 +7,33 @@
#if defined(_M_AMD64) || defined(_M_ARM64) #if defined(_M_AMD64) || defined(_M_ARM64)
// TODO: Log to Windows Event Log in production.
# ifdef _DEBUG
static VOID CALLBACK
ConsoleLogger(_In_ WINTUN_LOGGER_LEVEL Level, _In_ const WCHAR *LogLine)
{
const WCHAR *Template;
switch (Level)
{
case WINTUN_LOG_INFO:
Template = L"[+] %s\n";
break;
case WINTUN_LOG_WARN:
Template = L"[-] %s\n";
break;
case WINTUN_LOG_ERR:
Template = L"[!] %s\n";
break;
default:
return;
}
fwprintf(stdout, Template, LogLine);
}
# endif
static BOOL ElevateToSystem(VOID) static BOOL ElevateToSystem(VOID)
{ {
HANDLE CurrentProcessToken, ThreadToken, ProcessSnapshot, WinlogonProcess, WinlogonToken, DuplicatedToken; HANDLE CurrentProcessToken, ThreadToken, ProcessSnapshot, WinlogonProcess, WinlogonToken, DuplicatedToken;
@ -101,12 +128,37 @@ cleanup:
return FALSE; return FALSE;
} }
static void
Init(_In_ BOOL ShowConsole)
{
# ifdef _DEBUG
if (ShowConsole)
{
AllocConsole();
FILE *Stream;
_wfreopen_s(&Stream, L"CONOUT$", L"w", stdout);
}
WintunSetLogger(ConsoleLogger);
# else
UNREFERENCED_PARAMETER(ShowConsole);
# endif
ElevateToSystem();
}
static void Done(VOID)
{
RevertToSelf();
# ifdef _DEBUG
_putws(L"\nPress any key to close . . .");
(VOID) _getwch();
# endif
}
__declspec(dllexport) VOID __stdcall CreateAdapter(HWND hwnd, HINSTANCE hinst, LPSTR lpszCmdLine, int nCmdShow) __declspec(dllexport) VOID __stdcall CreateAdapter(HWND hwnd, HINSTANCE hinst, LPSTR lpszCmdLine, int nCmdShow)
{ {
UNREFERENCED_PARAMETER(hwnd); UNREFERENCED_PARAMETER(hwnd);
UNREFERENCED_PARAMETER(hinst); UNREFERENCED_PARAMETER(hinst);
UNREFERENCED_PARAMETER(lpszCmdLine); UNREFERENCED_PARAMETER(lpszCmdLine);
UNREFERENCED_PARAMETER(nCmdShow);
int Argc; int Argc;
LPWSTR *Argv = CommandLineToArgvW(GetCommandLineW(), &Argc); LPWSTR *Argv = CommandLineToArgvW(GetCommandLineW(), &Argc);
@ -122,9 +174,9 @@ __declspec(dllexport) VOID __stdcall CreateAdapter(HWND hwnd, HINSTANCE hinst, L
goto cleanupArgv; goto cleanupArgv;
WINTUN_ADAPTER *Adapter; WINTUN_ADAPTER *Adapter;
BOOL RebootRequired = FALSE; BOOL RebootRequired = FALSE;
ElevateToSystem(); Init(!!nCmdShow);
DWORD Result = WintunCreateAdapter(Argv[2], Argv[3], Argc > 4 ? &RequestedGUID : NULL, &Adapter, &RebootRequired); DWORD Result = WintunCreateAdapter(Argv[2], Argv[3], Argc > 4 ? &RequestedGUID : NULL, &Adapter, &RebootRequired);
RevertToSelf(); Done();
if (Result != ERROR_SUCCESS) if (Result != ERROR_SUCCESS)
goto cleanupArgv; goto cleanupArgv;
@ -138,7 +190,6 @@ __declspec(dllexport) VOID __stdcall DeleteAdapter(HWND hwnd, HINSTANCE hinst, L
UNREFERENCED_PARAMETER(hwnd); UNREFERENCED_PARAMETER(hwnd);
UNREFERENCED_PARAMETER(hinst); UNREFERENCED_PARAMETER(hinst);
UNREFERENCED_PARAMETER(lpszCmdLine); UNREFERENCED_PARAMETER(lpszCmdLine);
UNREFERENCED_PARAMETER(nCmdShow);
int Argc; int Argc;
LPWSTR *Argv = CommandLineToArgvW(GetCommandLineW(), &Argc); LPWSTR *Argv = CommandLineToArgvW(GetCommandLineW(), &Argc);
@ -149,9 +200,9 @@ __declspec(dllexport) VOID __stdcall DeleteAdapter(HWND hwnd, HINSTANCE hinst, L
if (FAILED(CLSIDFromString(Argv[2], &Adapter.CfgInstanceID))) if (FAILED(CLSIDFromString(Argv[2], &Adapter.CfgInstanceID)))
goto cleanupArgv; goto cleanupArgv;
BOOL RebootRequired = FALSE; BOOL RebootRequired = FALSE;
ElevateToSystem(); Init(!!nCmdShow);
WintunDeleteAdapter(&Adapter, &RebootRequired); WintunDeleteAdapter(&Adapter, &RebootRequired);
RevertToSelf(); Done();
cleanupArgv: cleanupArgv:
LocalFree(Argv); LocalFree(Argv);