Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Moving forward with v0.2 #19

Merged
merged 136 commits into from
Sep 15, 2023
Merged

Moving forward with v0.2 #19

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
136 commits
Select commit Hold shift + click to select a range
aa7a16b
Moved base and Common to CMake instead of VS
Jul 16, 2022
bbf82cb
delete self-sign cert after use
Jul 16, 2022
f99372b
remove flag /integritycheck for driverclient
Jul 16, 2022
8287d6e
driver comm work ok
Jul 16, 2022
be88f7a
- [driver] restored interception routines
Jul 20, 2022
f15277a
- [driver] `bzero( GlobalContext)` on creation
Jul 20, 2022
eeed478
- [driver] started adding the irp collector
Jul 20, 2022
5f0e7c0
[driver] fixed bad lock on listentry class
Jul 20, 2022
dd8d9e4
[driver] added a State property for `HookedDriver` and added the call…
Jul 20, 2022
b563221
- [driver] added enable/disable ioctls
Jul 21, 2022
70e0fd9
[driver] double debug string
Jul 21, 2022
f508d07
[driver] Search for all device objects in lambda when looking for Hoo…
Jul 21, 2022
debdf59
[driver] implemented push/pop/setevent for Collector
Jul 21, 2022
72766ac
[driver] bzero when allocating HookedDriverManager
Jul 21, 2022
bba2eae
[driver] implemented CapturedIrp.cpp
Jul 22, 2022
b81559c
[driver] make sure event is not null to set/unset it from Collector
Jul 22, 2022
1de6a4c
[driver] minor additions
Jul 22, 2022
ad27204
[driver] moved old driver to `old/`
Jul 22, 2022
f2ca682
[driver] made `Collector` pure templated header
Jul 22, 2022
c7c7b34
[tools] `DriverClient` has an ioctl for querying size of hooked drive…
Jul 22, 2022
3a76b0c
[driver] now also capturing output buffer from ioctl and read commands
Jul 22, 2022
ccc4cf4
[driver] implemented SetEvent
Jul 24, 2022
5980100
[driver] implemented new util, `CFB::Driver::Utils::KUnicodeString`
Jul 24, 2022
7c81bfc
[driver] using `CFB::Driver::Utils::KUnicodeString` instead of just `…
Jul 24, 2022
9829923
[driver] no more crashes
Jul 24, 2022
96ea91f
[driver] enabling driver hooking
Jul 24, 2022
75a046f
[driver] `HookedDriver` should be operational
Jul 25, 2022
df43224
[docs] skeleton
Jul 25, 2022
566358d
[docs] skeleton
Jul 25, 2022
ee0b6e5
[driver] finished the implementation of fastio
Jul 26, 2022
51e1911
[driver] prevent logs to be displayed at irql > apc
Jul 27, 2022
66f71c9
[driver-tools] added `set-event`
Jul 27, 2022
6dcf0f7
[driver] Prefixed private members of `CapturedIrp` with `m_`
Jul 28, 2022
2898fd7
[driver] replaced `struct` -> `class`
Jul 28, 2022
ebef55d
Merge branch 'main' of github.com:hugsy/cfb into dev
Jul 28, 2022
faab5f2
[driver] everything works!
Jul 28, 2022
5932e31
[broker] skeleton
Jul 29, 2022
e76d08f
[common] Untracking `CompileInfo.hpp`
Jul 29, 2022
a8c68b9
[broker] using cmake to embed the driver and icon
Jul 29, 2022
5468b4c
[broker] architecture changed to use connectors
Jul 31, 2022
f7228f9
[Broker] fixed driver embedding
Jul 31, 2022
3932aee
[broker] driver service works great
Jul 31, 2022
0f72745
[broker] edit cmake to link with runasadmin directive
Jul 31, 2022
d0bfb8d
[broker] added `install` directives for cmake + adjusted build ghactions
Jul 31, 2022
fbd105e
[broker] synchro with `ServiceManager` works
Jul 31, 2022
59e9edf
[broker] moved all managers into specific threads
Aug 1, 2022
457452c
[broker] implemented the last managers, and it compiles!
Aug 1, 2022
201f1fd
[broker] added the termination event support for IrpManager
Aug 1, 2022
cda53f1
[broker] implem the body of drivermanager
Aug 6, 2022
0b7a329
[driver] Exclusive access : true -> false
Aug 6, 2022
0bd2a80
still problem of sync between state, ottherwise it all works
Aug 6, 2022
2e8b695
[broker] replaced atomic_flag with native windows event
Aug 11, 2022
bbd88c9
[driver] replaced driver major function hooking with driver substitution
Aug 11, 2022
95c3229
[driver] fixed bad allocation bug for uniquepointer of driverobject
Aug 12, 2022
34a515b
[broker] fixed thread sync issue
Aug 15, 2022
5ebf626
[broker] added a termination event for each thread
Aug 16, 2022
a8cd6bc
[cmake] added install directives
Aug 18, 2022
c97d5c6
[broker] add shutdown variable + make sure `Setup` returns an `Result<>`
Aug 18, 2022
fb0afd0
Update build.yml
hugsy Aug 19, 2022
3f36b1f
Update build.yml
hugsy Aug 19, 2022
5b67b85
Merge branch 'dev' of github.com:hugsy/CFB into dev
Aug 19, 2022
c86dd7f
Update README.md
hugsy Aug 20, 2022
394b9d3
Add files via upload
hugsy Aug 20, 2022
302d9a4
[logo] removed old images
hugsy Aug 20, 2022
5bafa8b
Create docs.yml
hugsy Aug 20, 2022
22569d5
restored logo
Aug 20, 2022
8439d41
[ci] make notification conditional
Aug 20, 2022
be5103b
comms cli <-> broker working ok
Aug 24, 2022
473c2b9
[broker] added `hook_driver` and `unhook_driver` command handlers
Aug 24, 2022
9bbef24
[broker] moved `Messages.hpp` and cpp to Broker
Aug 25, 2022
5112c61
[broker] messaging finally works as intended
Aug 25, 2022
f37d5f3
[driver] fixed long standing issue of bad calculation of unicode_stri…
Aug 26, 2022
53c45a0
[driver] removed `wchar_t*` only call in favor of `unicode_string`
Aug 26, 2022
4f89629
[broker] added request `GetNumberOfDrivers`
Aug 26, 2022
1826f0e
[broker] added requests `EnableDriver`/`DisableDriver`
Aug 26, 2022
ea8e0f0
[driver] moved client install target to Driver (not Tools)
Aug 26, 2022
5e264e0
[ci] Actions to also build tools
Aug 26, 2022
22fbf95
[cmake] let cmake handle configuration settings
Aug 27, 2022
8297f4f
[cmake] add the configuration in the artifact name
Aug 27, 2022
32a727e
Update notify.yml
hugsy Aug 27, 2022
6e7bec9
[ci] merged issues into notify
Aug 27, 2022
93a6c47
Merge branch 'dev' of github.com:hugsy/CFB into dev
Aug 27, 2022
b058f67
[ci] cleanup docs
Aug 27, 2022
9b1624d
[ci] renamed docs
Aug 27, 2022
a8d1d03
[ci] notify for any branch
Aug 27, 2022
f338153
[ci] filter notify pr & issues only when opened
Aug 27, 2022
c1a8a22
[ci] replaced build dir with env var
Aug 27, 2022
17d6878
[ci] updated `workflow_run` in notify
Aug 27, 2022
5907790
[docs] updated badges
Aug 28, 2022
5758d00
moved all v1 code to `Old/`
Sep 7, 2022
221e6a4
[driver] `DriverReadRoutine` finally implemented
Sep 10, 2022
96738c9
[driver] added test case for driverclient.exe
Sep 10, 2022
af5f0b1
[actions] updated docs workflow
Sep 10, 2022
da38a80
[docs] added debugging pages to docs
Sep 10, 2022
bf69cff
[actions] notificatoins
Sep 10, 2022
d413eb1
[actions] notifications
Sep 11, 2022
2f74a4d
[docs] setup
Sep 12, 2022
f2ad366
[driver] restoring captured irp
Jan 7, 2023
ddcd041
[driver] check caller has also se_driver_load
Jan 19, 2023
c8225f7
Squashed commit of the following:
Jan 26, 2023
0e95601
everything works except data feed
Jan 28, 2023
818d03b
hazaaaaa
Jan 29, 2023
672c7d2
cosmetic stuff
Jan 29, 2023
90b9a36
[gui] fixed irp table row selection
Jan 30, 2023
9ce602f
all works in new version, deleting old folder
Jan 30, 2023
d7deff2
use cmake to autofill PE metadata
Jan 30, 2023
de86291
rename : Assets/img -> Assets/Images
Jan 30, 2023
debc974
fixed ci build, added pe metadata
Jan 30, 2023
16b9c09
[gui] conserve old values of `Drivers`
Jan 31, 2023
b21b5be
Squashed commit of the following:
Jan 31, 2023
c1508b5
Squashed commit of the following:
Feb 2, 2023
fa8ee4a
Update build.yml
hugsy Feb 2, 2023
8e27d6a
[ci] adding `ctest` to build process
Feb 3, 2023
57827df
[driver] fixed bad synchro leading to bsod when irp arrives after unh…
Feb 4, 2023
5bc764b
[broker] connectors can be enabled//disabled
Feb 5, 2023
3ad2e32
[driver] also work on \filesystem , fixed a bug in `KUnicodeString`
Feb 5, 2023
bbea9cd
[driver] capping hexdump output
Feb 5, 2023
1d0df57
minor stuff
Feb 5, 2023
c7b3e04
[driver] fixed bug that missed capture irp_mj_write
Feb 5, 2023
d3514f1
quick fix to also build on arm64
Feb 5, 2023
545c108
try ci for arm64
Feb 5, 2023
ee5daa9
[ci] only run test on relwdbg
Feb 5, 2023
9d24865
[ci] only run test on relwdbg and x64
Feb 6, 2023
157d272
killing more todos
Feb 8, 2023
8e00b96
make sure gui is compiled after commonlib
Feb 22, 2023
e1200d9
[driver] fixed another kstring bug
Mar 5, 2023
d4bbac1
[cmake] force cert deletion
Apr 7, 2023
4f66be2
[ci] restored `Invoke-VisualStudio.ps1`
Apr 14, 2023
1653943
[cmake] added missing directive to install cert in Driver folder
Apr 17, 2023
b591505
fixed build to use always asan on debug
hugsy Aug 10, 2023
c42f3fc
Adding schedule task to GHActions (#18)
hugsy Sep 6, 2023
ad984a8
Update build.yml
hugsy Sep 7, 2023
ed72d1a
Update build.yml
hugsy Sep 8, 2023
88cd9d5
Update build.yml
hugsy Sep 15, 2023
a72b928
Update build.yml
hugsy Sep 15, 2023
4018035
Update build.yml
hugsy Sep 15, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
quick fix to also build on arm64
  • Loading branch information
hugsy committed Feb 5, 2023
commit d3514f1d249681946a926a986e9f155fe1c64ea0
33 changes: 12 additions & 21 deletions CMakeLists.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,29 +65,20 @@ string(TIMESTAMP CFB_CURRENT_YEAR "%Y")
# Build
#
add_subdirectory(${CFB_ROOT_DIR}/Common)
add_subdirectory(${CFB_ROOT_DIR}/Driver)
add_subdirectory(${CFB_ROOT_DIR}/Broker)

if(CFB_BUILD_GUI)
add_subdirectory(${CFB_ROOT_DIR}/GUI)
endif(CFB_BUILD_GUI)

if(CFB_BUILD_TOOLS)
add_subdirectory(${CFB_ROOT_DIR}/Driver/Client)
endif(CFB_BUILD_TOOLS)

if(CFB_BUILD_TESTS)
include(CTest)
add_subdirectory(${CFB_ROOT_DIR}/Common/Tests)
add_subdirectory(${CFB_ROOT_DIR}/Broker/Tests)
add_subdirectory(${CFB_ROOT_DIR}/GUI/Tests)
endif(CFB_BUILD_TESTS)

if(CFB_BUILD_BROKER)
add_subdirectory(${CFB_ROOT_DIR}/Driver)
add_subdirectory(${CFB_ROOT_DIR}/Broker)

if(CFB_BUILD_TESTS)
add_subdirectory(${CFB_ROOT_DIR}/Broker/Tests)
endif(CFB_BUILD_TESTS)

if(CFB_BUILD_TOOLS)
add_subdirectory(${CFB_ROOT_DIR}/Driver/Client)
endif(CFB_BUILD_TOOLS)
endif(CFB_BUILD_BROKER)

if(CFB_BUILD_GUI)
add_subdirectory(${CFB_ROOT_DIR}/GUI)

if(CFB_BUILD_TESTS)
add_subdirectory(${CFB_ROOT_DIR}/GUI/Tests)
endif(CFB_BUILD_TESTS)
endif(CFB_BUILD_GUI)
2 changes: 1 addition & 1 deletion Driver/Source/Driver.rc.in
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
#include <Winver.h>

VS_VERSION_INFO VERSIONINFO
FILEVERSION @BROKER_VERSION_MAJOR@,@BROKER_VERSION_MINOR@,@BROKER_VERSION_PATCH@,0
FILEVERSION @DRIVER_VERSION_MAJOR@,@DRIVER_VERSION_MINOR@,@DRIVER_VERSION_PATCH@,0
PRODUCTVERSION @CFB_VERSION_MAJOR@,@CFB_VERSION_MINOR@,@CFB_VERSION_PATCH@,0
FILEOS VOS_NT_WINDOWS32
FILETYPE VFT_DRV
Expand Down
2 changes: 2 additions & 0 deletions Driver/Source/DriverUtils.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,8 +54,10 @@ ToString(KIRQL const Level)
return "APC_LEVEL";
case DISPATCH_LEVEL:
return "DISPATCH_LEVEL";
#ifdef CMCI_LEVEL
case CMCI_LEVEL:
return "CMCI_LEVEL";
#endif // CMCI_LEVEL
case CLOCK_LEVEL:
return "CLOCK_LEVEL";
case POWER_LEVEL:
Expand Down
20 changes: 14 additions & 6 deletions cmake/FindWdk.cmake
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,12 +80,16 @@ set(WDK_COMPILE_FLAGS
set(WDK_COMPILE_DEFINITIONS "WINNT=1")
set(WDK_COMPILE_DEFINITIONS_DEBUG "MSC_NOOPT;DEPRECATE_DDK_FUNCTIONS=1;DBG=1")

if(CMAKE_SIZEOF_VOID_P EQUAL 4)
if(CMAKE_GENERATOR_PLATFORM STREQUAL "win32")
list(APPEND WDK_COMPILE_DEFINITIONS "_X86_=1;i386=1;STD_CALL")
set(WDK_PLATFORM "x86")
elseif(CMAKE_SIZEOF_VOID_P EQUAL 8)
elseif(CMAKE_GENERATOR_PLATFORM STREQUAL "x64")
list(APPEND WDK_COMPILE_DEFINITIONS "_WIN64;_AMD64_;AMD64")
set(WDK_PLATFORM "x64")
elseif(CMAKE_GENERATOR_PLATFORM STREQUAL "arm64")
list(APPEND WDK_COMPILE_DEFINITIONS "_WIN64;_ARM64_;ARM64")
set(WDK_COMPILE_FLAGS ${WDK_COMPILE_FLAGS} /GS-) # TODO: fixes missing symbol __security_pop_cookie, fix
set(WDK_PLATFORM "arm64")
else()
message(FATAL_ERROR "Unsupported architecture")
endif()
Expand Down Expand Up @@ -133,11 +137,15 @@ function(wdk_add_driver _target)
"${WDK_ROOT}/Include/${WDK_VERSION}/km/crt"
)

target_link_libraries(${_target} WDK::NTOSKRNL WDK::HAL WDK::BUFFEROVERFLOWK WDK::WMILIB)
target_link_libraries(${_target}
WDK::NTOSKRNL
WDK::HAL
WDK::WMILIB

if(CMAKE_SIZEOF_VOID_P EQUAL 4)
target_link_libraries(${_target} WDK::MEMCMP)
endif()
$<$<STREQUAL:${CMAKE_GENERATOR_PLATFORM},arm64>:WDK::BUFFEROVERFLOWFASTFAILK>
$<$<STREQUAL:${CMAKE_GENERATOR_PLATFORM},x64>:WDK::BUFFEROVERFLOWK>
$<$<STREQUAL:${CMAKE_GENERATOR_PLATFORM},win32>:WDK::BUFFEROVERFLOWK WDK::MEMCMP>
)

if(DEFINED WDK_KMDF)
target_include_directories(${_target} SYSTEM PRIVATE "${WDK_ROOT}/Include/wdf/kmdf/${WDK_KMDF}")
Expand Down