c++ - Finding where a handle is open to -

-

i'm messing around handles / hooks, , have question. right now, have dll inject process i'm playing with. dll hooks closehandle() function. when closehandle called, following: 

int winapi detourclosehandle(handle hobject) {     outputdebugstringa("close hadnle");     char name[max_path];     getfinalpathnamebyhandle(hobject, name, max_path, file_name_normalized);     outputdebugstringa(name);      return oclosehandle(hobject); }

my goal in figure out handle open to, , if handle open process, use handle read processes memory. gets printed out when closehandle called paths random files application reads, noticed random ascii characters being printed @ times, "name" of handle opened to. this can seen here.

sometimes notice paths .exe files. not unusual, application i'm injecting read / @ binary files. question is, when see "name" returned getfinalpathnamebyhandle path exe file, how know if handle opened binary file itself, or if handle file opened actual running process name.

i insight ascii characters being printed are. thanks!

for random data print pasted, because uninitialized garbage in name array, should check getfinalpathnamebyhandle's return value before name:

dword ret = getfinalpathnamebyhandle(hobject, name, max_path, file_name_normalized); if (ret) {     outputdebugstringa(name); } else {     outputdebugstringa("getfinalpathnamebyhandle");     // check getlasterror() }

also, note getfinalpathnamebyhandle thake string tchar strings, , print via outputdebugstringa. suggest either use ansi version getfinalpathnamebyhandlea, or use tchar name[max_path]; , print outputdebugstring instead.


Comments

Post a Comment

Popular posts from this blog

Ansible - ERROR! the field 'hosts' is required but was not set -

-
i've error when launch playbook don't found why.... error! field 'hosts' required not set there main.yml : --- - hosts: hosts - vars: - elasticsearch_java_home: /usr/lib/jmv/jre-1.7.0 - elasticsearch_http_port: 8443 - tasks: - include: tasks/main.yml - handlers: - include: handlers/main.yml and /etc/ansible/hosts : [hosts] 10.23.108.182 10.23.108.183 10.23.108.184 10.23.108.185 when test ping, : [root@poste08-08-00 elasticsearch]# ansible hosts -m ping 10.23.108.183 | success => { "changed": false, "ping": "pong" } 10.23.108.182 | success => { "changed": false, "ping": "pong" } 10.23.108.185 | success => { "changed": false, "ping": "pong" } 10.23.108.184 | success => { "changed": false, "ping": "pong" } please, me :) regards, you have syntax error in playbook.
Read more

customize file_field button ruby on rails -

-
i'm trying rid of ugly button rails has default file upload. want add glyphicon <%= f.file_field :image_url, class:"glyphicon glyphicon-camera" %> this didn't work , have tried other things in different post saw on page, don't attach file. as suggested here bootstrap filestyle , can use bootstrap's filestyle style file upload buttons. step-1: add layout application.html.erb i have added bootstrap filestyle library cdn. should make sure have both jquery , boostrap loaded. <script type="text/javascript" src="https://cdn.jsdelivr.net/bootstrap.filestyle/1.1.0/js/bootstrap-filestyle.min.js"> </script> step-2: add corresponding js file: $(":file").filestyle({input: false}); step-3: image_url file field follows: <%= f.file_field :image_url,class: "filestyle", "data-input" => false %>
Read more

SoapUI on windows 10 - high DPI/4K scaling issue -

-
Image
soapui doesn't seem dpi-aware , displays small on high dpi screen (tiny text , buttons). other applications running fine (screen resolution 3840 x 2160). version : soapui 5.1.2 os : windows 10 i have tried: configure soapui run "disable display scaling on high dpi settings" - parts of soapui looking bigger , don't display (image) changing resolution changing font size (preferences > editor settings > select font...) therefore assume, soapui pretends dpi-aware, not scale itself. have same issue? this workaround until developers round making version dpi-aware. step 1: add registry key hkey_local_machine\software\microsoft\windows\currentversion\sidebyside\preferexternalmanifest (dword) 1 step 2: add manifest file 'soapui-5.2.1.exe.manifest' in same directory 'soapui-5.2.1.exe' content of manifest file: <?xml version="1.0" encoding="utf-8" standalone="yes"?> <assembly xml
Read more