I tried the code below. It requests ejection when the device name contains "San", because I have plugged in a SanDisk USB drive. However it fails, and the reason seems to be PNP_VetoIllegalDeviceRequest. I looked up the reason, and this page says it is
The device does not support the specified operation.
But I can manually eject the SanDisk using Windows' menu, so the reason seems absurd. Did I call the function correctly? Do I need to call something else before calling CM_Request_Device_Eject?
The output was
....
SanDisk Ultra USB Device
Removing Sandisk
rejected.
type:8
name:USBSTOR\Disk&Ven_SanDisk&Prod_Ultra&Rev_1.00\....
The code was (the value of Devinst was 3)
if (wcsstr(buffer, L"San") != 0)
{
wcout << "Removing Sandisk" << endl;
PNP_VETO_TYPE vType;
WCHAR vName[MAX_PATH];
result = CM_Request_Device_Eject(Devinst, &vType, vName, MAX_PATH, NULL);
if (result == CR_SUCCESS)
{
cout << "ejected" << endl;
}
else
{
wcout << "rejected." << endl;
wcout << "type:"<< vType << endl;
wcout << "name:" << vName << endl;
}
}
After searching the web, I have found this page: https://www.winvistatips.com/threads/removal-of-usb-disk.179677/
The questioner had the exact same error, and there was a reply that said that he needs to call that function to the parent node, not the USB disk node. So, I modified the code like below, and it worked.
DEVINST parent;
CM_Get_Parent(&parent, Devinst, NULL);
PNP_VETO_TYPE vType;
WCHAR vName[MAX_PATH];
result = CM_Request_Device_Eject(parent, &vType, vName, MAX_PATH, NULL);
Related
I am stuck in a tight spot and I need some help with some C++ code. This is my first attempt at doing C++ and it born mostly from necessity at this point.
I am trying (unsuccessfully it feels) to build a native NAN module for Node.JS that will be used by an Electron app on Windows.
I need it to return the WinHttpDetectAutoProxyConfigUrl when the users Proxy configuration is set to Auto Detect.
I have built this exact thing in C# for another application and it works seamlessly in our distributed user BYOD environment. However in this case I do not wish to be dependent on the dot.net framework unnecessarily.
Right know I am at the extent of my knowledge when it comes to C++ as most of my knowledge over the years has thus far been theoretical. I am hoping that someone that actually works in C++ daily can look at my code and help correct the error that is happening.
I have been trying to debug using the “std::cout” in VSCode.
As you can see from the output at the bottom of the image, that some of it appears to be working and the code is dropping into the “Get Auto URL” IF block as expected. However the output is very iritic (“�����”) and nothing like the wpad.dat URL I was expecting to see returned from the wpad protocol implemented by the winhttp.dll.
My Problem:
It is as though the result is blank and then the “char buffer[2083];” is being sent to the stdOut and the characters are all encoded wrong.
Any help on this would be very helpful so thanks in advance.
Please see the code below.
main.cpp
#include <nan.h>
#include <Windows.h>
#include <Winhttp.h>
#include <iostream>
#pragma comment(lib, "winhttp.lib")
using namespace std;
// NAN_METHOD is a Nan macro enabling convenient way of creating native node functions.
// It takes a method's name as a param. By C++ convention, I used the Capital cased name.
NAN_METHOD(AutoProxyConfigUrl) {
cout << "AutoProxyConfigUrl" << "\n";
v8::Isolate* isolate = info.GetIsolate(); // args.GetIsolate();
LPWSTR strConfigUrl = NULL;
WINHTTP_CURRENT_USER_IE_PROXY_CONFIG MyProxyConfig;
if(!WinHttpGetIEProxyConfigForCurrentUser(&MyProxyConfig))
{
//check the error DWORD Err = GetLastError();
DWORD Err = GetLastError();
cout << "WinHttpGetIEProxyConfigForCurrentUser failed with the following error number: " << Err << "\n";
switch (Err)
{
case ERROR_FILE_NOT_FOUND:
cout << "The error is ERROR_FILE_NOT_FOUND" << "\n";
break;
case ERROR_WINHTTP_INTERNAL_ERROR:
cout << "ERROR_WINHTTP_INTERNAL_ERROR" << "\n";
break;
case ERROR_NOT_ENOUGH_MEMORY:
cout << "ERROR_NOT_ENOUGH_MEMORY" << "\n";
break;
default:
cout << "Look up error in header file." << "\n";
break;
}//end switch
//TODO this might not be a good idea but it is worth trying
strConfigUrl = L"http://wpad/wpad.dat"; //Default to Fallback wpad
}//end if
else
{
//no error so check the proxy settings and free any strings
cout << "Auto Detect is: " << MyProxyConfig.fAutoDetect << "\n";
if(MyProxyConfig.fAutoDetect){
cout << "Get Auto URL" << "\n";
if (!WinHttpDetectAutoProxyConfigUrl(WINHTTP_AUTO_DETECT_TYPE_DHCP | WINHTTP_AUTO_DETECT_TYPE_DNS_A, &strConfigUrl))
{
cout << "Error getting URL" << "\n";
//This error message is not necessarily a problem and can be ignored if you are using direct connection. you get this error if you are having direct connection.
//check the error DWORD Err = GetLastError();
DWORD Err = GetLastError();
if (ERROR_WINHTTP_AUTODETECTION_FAILED == Err)
{
strConfigUrl = L"http://wpad/wpad.dat"; //Default to Fallback wpad
}
//TODO work out what to do with the other errors
}
}
if(NULL != MyProxyConfig.lpszAutoConfigUrl)
{
wcout << "AutoConfigURL (MyProxyConfig.lpszAutoConfigUrl) is: " << MyProxyConfig.lpszAutoConfigUrl << "\n";
GlobalFree(MyProxyConfig.lpszAutoConfigUrl);
}
if(NULL != MyProxyConfig.lpszProxy)
{
wcout << "AutoConfigURL (MyProxyConfig.lpszProxy) is: " << MyProxyConfig.lpszProxy << "\n";
GlobalFree(MyProxyConfig.lpszProxy);
}
if(NULL != MyProxyConfig.lpszProxyBypass)
{
wcout << "AutoConfigURL is: " << MyProxyConfig.lpszProxyBypass << "\n";
GlobalFree(MyProxyConfig.lpszProxyBypass);
}
}//end else
//cout << "strConfigUrl" << strConfigUrl << "\n";
char buffer[2083];
wcstombs( buffer, strConfigUrl, wcslen(strConfigUrl) ); // Need wcslen to compute the length of the string
// convert it to string
std::string returnUrl(buffer);
// Create an instance of V8's String type
auto message = Nan::New(returnUrl).ToLocalChecked();
// 'info' is a macro's "implicit" parameter - it's a bridge object between C++ and JavaScript runtimes
// You would use info to both extract the parameters passed to a function as well as set the return value.
info.GetReturnValue().Set(message);
if(strConfigUrl)
GlobalFree(strConfigUrl);
}
// Module initialization logic
NAN_MODULE_INIT(Initialize) {
// Export the `Hello` function (equivalent to `export function Hello (...)` in JS)
NAN_EXPORT(target, AutoProxyConfigUrl);
}
// Create the module called "addon" and initialize it with `Initialize` function (created with NAN_MODULE_INIT macro)
NODE_MODULE(proxyautodetect, Initialize);
main.js
// note that the compiled addon is placed under following path
//const {AutoProxyConfigUrl} = require('./build/Release/proxyautodetect.node');
const {AutoProxyConfigUrl} = require('./build/Debug/proxyautodetect.node');
// `Hello` function returns a string, so we have to console.log it!
console.log(AutoProxyConfigUrl());
Build and Run output:
C:\Code\Work\wpad-auto-detect>if not defined npm_config_node_gyp (node "C:\Program Files\nodejs\node_modules\npm\node_modules\npm-lifecycle\node-gyp-bin\\..\..\node_modules\node-gyp\bin\node-gyp.js" rebuild --debug ) else (node "C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\bin\node-gyp.js" rebuild --debug )
Building the projects in this solution one at a time. To enable parallel build, please add the "/m" switch.
main.cpp
win_delay_load_hook.cc
Creating library C:\Code\Work\wpad-auto-detect\build\Debug\proxyautodetect.lib and object C:\Code\Work\wpad-auto-detect\build\Debug\proxyautodet
ect.exp
proxyautodetect.vcxproj -> C:\Code\Work\wpad-auto-detect\build\Debug\\proxyautodetect.node
PS C:\Code\Work\wpad-auto-detect> npm start
> proxyautodetect#1.0.0 start C:\Code\Work\wpad-auto-detect
> node main.js
AutoProxyConfigUrl
Auto Detect is: 1
Get Auto URL
"
"��������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������1��J╗
PS C:\Code\Work\wpad-auto-detect>
Image of code output
I did a sort of Trim
int urlLen = wcslen(strConfigUrl) ;
#if DEBUG
cout << "strConfigUrl wcslen : " << urlLen << "\n";
#endif
char buffer[2083]; //This is the max length a URL can be in IE
wcstombs( buffer, strConfigUrl, wcslen(strConfigUrl) ); // Need wcslen to compute the length of the string
// convert it to string
std::string returnUrl(buffer);
// Create an instance of V8's String type and Return only the Length needed so kind of Trim the extra char
auto message = Nan::New(returnUrl.substr(0, urlLen)).ToLocalChecked();
I know this code is sloppy, but I'm wondering why when I'm using the ReadProcessMemory() function I can't see the string stored in the relevant address.
//If the game window is open then this function grabs the process ID.
if(FinderCheck)
{
DWORD procID;
GetWindowThreadProcessId(hwnd, &procID);
//All so access you can read and write to process memory.
HANDLE handle = OpenProcess(PROCESS_ALL_ACCESS,FALSE,procID);
if(procID = NULL)
{
cout << "Error: Failed to Obtain Process ID" << endl;
}
else
{
while(true)
{
//To read the process memory this line writes the memory data to buffer
//Remember to change the address every time you boot the process or it will not work.
ReadProcessMemory(handle, (PBYTE*)0xDC8F1AA904,&Cursor,sizeof(Cursor),0);
cout << Cursor << endl;
cout << "Test" << endl;
Sleep(500);
}
}
if(procID = NULL)
Sadly, this if statement will always evaluate to false, you are missing the second "=". This also means that from this point procID is NULL.
What about the rest of the code? Can you show us how the definition of the Cursor looks like and how do you implemented operator<<?
In efforts to learn more C++, I have chosen - you know - something fun to do and that is writing to random application's memory. The code I have written seems to work on all applications but I am having difficulties getting it to work with Google Chrome tabs.
What I am trying to do is simply change my score on Slope (on y8.com) for which I have the memory address with the help of cheat engine. The problem seems to be retrieving the Process ID of the tab. Using Chrome's Task Manager, I translated the tab's address to hex, opened the process in cheat engine and found the score address.
Here the problem comes. Whenever I use GetWindowThreadProcessId(window, &processID); cout << processID, it doesn't print the ID which can be seen in chrome's task manager for the game's tab. In fact, it prints the ID of chrome as a whole (which I know because in chrome's task manager, "chrome" has that ID). And the score cannot be written to or read from chrome's processID. If I ignore this problem, buffer seems to always print as 0.. no changes.
I am very new to this, and expect myself not to know what I am talking about. If you test the game yourself, you'll have to find the address that your chrome is using at the time. But here's the code (I have commented out the WriteProcessMemory and put Read just so I get it working before I write anything):
#include <iostream>
#include <string>
#include <Windows.h>
using namespace std;
int main() {
int buffer = 0;
LPVOID address = (LPVOID)0x15E7E1B0FB8/*(0x000000000192DFA0 + 0x0000291D8FE04000 + 0x18)*/;
cout << "Begin playing the game and wait for the 0 score to appear" << endl;
HWND window = FindWindow(NULL, "Slope Game - Play online at Y8.com");
if (window) {
cout << "Game found running! You ready to hax?" << endl;
DWORD processID = 11180;
GetWindowThreadProcessId(window, &processID);
HANDLE handle = OpenProcess(PROCESS_ALL_ACCESS, false, processID);
if (handle) {
/*string hackedScoreInput = "0";
cout << "Desired Score: " << flush; getline(cin, hackedScoreInput);
int hackedScore = stoi(hackedScoreInput);
int suc = WriteProcessMemory(handle, address, &hackedScore, sizeof(hackedScore), NULL);
if (suc > 0) {
cout << "HAXED!" << endl;
CloseHandle(handle);
}
else {
cerr << GetLastError() << endl;
cerr << hackedScore << " of size: " << sizeof(hackedScore) << endl;
return 3;
}*/
while (true) {
ReadProcessMemory(handle, address, &buffer, sizeof(buffer), NULL);
cout << buffer << " at adress: " << processID << endl;
Sleep(100);
system("CLS");
}
}
else {
cerr << "Could not open the process" << endl;
return 2;
}
}
else {
cerr << "Error! Could not find window!" << endl;
Sleep(3000);
return 1;
}
return 0;
}
What's wrong with the code?
Modern browsers use multiple processes and there is no rule that says that a browser tab HWND has to be owned by the process where the web page "runs".
Some browser implementations might have one main process that hosts the UI including all tabs but the actual web page content might be rendered to a shared bitmap/memory in a different process where it is safe to run scripts etc.
Chrome is open source so you could take a look and see if there is a way to find out which render process renders a certain tab by looking at the child processes command line arguments.
Been stuck for a few hours making a (simple) dll injector that takes a .dll file and a process as arguments and then injects said .dll into the process, and I'm about to start tearing my hair out.
It doesn't function properly, and for no obvious reason either. The dll simply won't load into the process, but without any error messages being displayed. I did the exact same thing but with ANSI functions instead of Unicode and it worked like a charm, which after some testing is leading me to believe it's PROBABLY a problem with the file path not being loaded properly but I have no idea why.
I've attached my entire source code below and added some comments to hopefully clarify somewhat. And like I said, if I'm right, then the important part should start somewhere around:
//Get the full path of our dll and store it in a variable
Help a bro out.
#include <iostream>
#include <Windows.h>
#include <TlHelp32.h>
using namespace std;
int main()
{
HANDLE hSnapshot, hProc = NULL;
PROCESSENTRY32 PE32;
PE32.dwSize = sizeof(PROCESSENTRY32);
WCHAR injProcName[100] = {NULL}, injDllName[100] = {NULL};
//Let user input options
cout << "Dll injector started!" << endl << "Please enter the name of the dll you would like to inject: ";
wcin >> injDllName;
cout << "Enter the name of the target process: ";
wcin >> injProcName;
//Create snapshot
hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
Process32First(hSnapshot, &PE32);
//Load the first process into PE32 and loop to see if target process is running
do {
if(wcscmp(PE32.szExeFile, injProcName) == 0) {
wcout << PE32.szExeFile << " found!" << endl;
wcout << "Attempting to open " << injProcName << ".." << endl;
hProc = OpenProcess(PROCESS_ALL_ACCESS, FALSE, PE32.th32ProcessID);
if(!hProc)
{
cout << "Failed to open process!" << endl;
return 1;
}
break;
}
}
while(Process32Next(hSnapshot, &PE32));
if(!hProc) {
cout << "Unable to locate process!" << endl;
return 1;
}
cout << "Process successfully opened!" << endl;
//Get the full path of our dll and store it in a variable
WCHAR DllPath[MAX_PATH] = {NULL};
GetFullPathName(injDllName, MAX_PATH, DllPath, NULL);
wcout << DllPath << endl;
//Allocate memory in target process
cout << "Allocating memory.." << endl;
LPVOID DllMemAddr = VirtualAllocEx(hProc,
NULL,
wcslen(DllPath),
MEM_COMMIT|MEM_RESERVE,
PAGE_READWRITE);
//Write our path into target process memory
wcout << "Writing dll to target process.." << endl;
WriteProcessMemory(hProc,
DllMemAddr,
DllPath,
wcslen(DllPath),
NULL);
//Get the memory address of LoadLibraryW
LPVOID LoadAddr = GetProcAddress(GetModuleHandle(L"kernel32.dll"), "LoadLibraryW");
//Finally, start a new thread with the address of LoadLibraryW and our dll path as argument
cout << "Executing dll in remote process.." << endl;
CreateRemoteThread(hProc,
NULL,
NULL,
(LPTHREAD_START_ROUTINE)LoadAddr,
DllMemAddr,
NULL,
NULL);
cout << "Dll sucessfully injected!" << endl;
cin.get();
return 0;
}
wcslen returns length in wchar_t units. But VirtualAllocEx and WriteProcessMemory receive a length in byte units. So you only write half the string, because wchar_t is two bytes wide. And you did not write the null terminator.
You need to pass (wcslen(DllPath)+1)*sizeof(wchar_t).
Incidentally, your ANSI code was probably broken too because, presumably, it also missed the null terminator. But you probably got away with it by chance.
A little error checking would not go amis, while we are in the business of looking at your code. And initialising DllPath is a little pointless when you follow it with the call to GetFullPathName.
GetLastError tells me I'm getting the "The program issued a command but the command length is incorrect." error when calling Process32First() (see code below). I found one post that looked helpful (http://social.msdn.microsoft.com/Forums/is/vcgeneral/thread/6f43716f-fdd3-4c92-bfba-6a23178c32bf), but I'm not sure if this is my problem.
I've tried building a program that includes only "stdafx.h", <iostream>, <Windows.h> and <TlHelp32.h> to test __alignof(PROCESSENTRY32), but I still get a value of 4. Not sure if that's correct or not.
Here is the code that's failing:
HANDLE hProcess;
PROCESSENTRY32 pe32;
cout << "Size of PROCESSENTRY32 is: " << sizeof(PROCESSENTRY32) << "\r\n"; // 556
cout << "Align of PROCESSENTRY32 is: " << __alignof(PROCESSENTRY32) << "\r\n"; // 4
if ( !(hProcess = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)) ) {
cout << "CreateToolhelp32Snapshot() failed: " << GetLastError() << "\r\n";
return (HANDLE)NULL;
} else {
cout << "CreateToolhelp32Snapshot() succeeded.\r\n";
}
if (Process32First(hProcess, &pe32)) {
do {
cout << pe32.th32ModuleID;
} while (Process32Next(hProcess, &pe32));
} else {
cout << "Process32First() failed: " << GetLastError() << "\r\n";
}
From the docs on Process32First:
The calling application must set the dwSize member of PROCESSENTRY32 to the size, in bytes, of the structure.
I don't see you doing that in your code, and I suspect it's the problem. Fix it:
pe32.dwSize = sizeof pe32;
if (Process32First(...))
The reasoning behind this mandatory action for many of the winapi structures is for the flexibility to add more onto the structure later on, but let functions know which version is being used by checking against known sizes of previous versions.