I need to open a certain named pipe so I can fuzz test it, however my test code does not have access to the same data used to generate the name of the named pipe. However I can recognize the name of the pipe and then use that name to open up the pipe for fuzzing.
I used this forum post to start enumerating names of the handles on the system:
http://forum.sysinternals.com/howto-enumerate-handles_topic18892.html
However it seems that won't work with named pipes for some reason.
TL;DR: What API(s) do I need to use to list the names of all named pipes in the current process on Windows?
This will enumerate all named pipes in the system, or at the very least put you a step in the right direction.
This works in MinGW when built with -fpermissive. It should work with similar settings in MSVC.
#ifndef _WIN32_WINNT
// Windows XP
#define _WIN32_WINNT 0x0501
#endif
#include <Windows.h>
#include <Psapi.h>
// mycreatepipeex.c is at http://www.davehart.net/remote/PipeEx.c
// I created a simple header based on that.
#include "mycreatepipeex.h"
#include <iostream>
#include <cstdio>
#include <errno.h>
void EnumeratePipes()
{
WIN32_FIND_DATA FindFileData;
HANDLE hFind;
#define TARGET_PREFIX "//./pipe/"
const char *target = TARGET_PREFIX "*";
memset(&FindFileData, 0, sizeof(FindFileData));
hFind = FindFirstFileA(target, &FindFileData);
if (hFind == INVALID_HANDLE_VALUE)
{
std::cerr << "FindFirstFileA() failed: " << GetLastError() << std::endl;
return;
}
else
{
do
{
std::cout << "Pipe: " << TARGET_PREFIX << FindFileData.cFileName << std::endl;
}
while (FindNextFile(hFind, &FindFileData));
FindClose(hFind);
}
#undef TARGET_PREFIX
return;
}
int main(int argc, char**argv)
{
HANDLE read = INVALID_HANDLE_VALUE;
HANDLE write = INVALID_HANDLE_VALUE;
unsigned char pipe_name[MAX_PATH+1];
BOOL success = MyCreatePipeEx(&read, &write, NULL, 0, 0, 0, pipe_name);
EnumeratePipes();
if ( success == FALSE )
{
std::cerr << "MyCreatePipeEx() failed: " << GetLastError() << std::endl;
return 1;
}
FILE *f = fopen((const char*)pipe_name, "rwb");
if ( f == NULL )
{
std::cerr << "fopen(\"" << pipe_name << "\") failed: " << (int)errno << std::endl;
}
CloseHandle(read);
CloseHandle(write);
return 0;
}
Related
I've been following a DirectInput tutorial and am having trouble printing a list of DirectInput device product names to a Windows console.
I'm using VS19's C++ compiler and am compiling with UNICODE defined. Since tszProductName is of type TCHAR which resolves to WCHAR I followed this stack overflow answer to allow the windows console to print unicode while also avoiding mixing wcout with cout in the same program.
Before I made those changes nothing was printed. Now the console prints '쳌' repeatedly for each device name. I tried switching from Unicode to Multibyte and going back to cout to no avail. Here is the code in question.
#define DIRECTINPUT_VERSION 0x0800
#include <dinput.h>
#pragma comment (lib,"dinput8.lib")
#pragma comment (lib,"dxguid.lib")
#include <windows.h>
#include <iostream>
#include <string>
#include <vector>
#include <locale.h>
#include <clocale>
#include <io.h>
#include <stdio.h>
#include <fcntl.h>
#include <stdlib.h>
IDirectInput8* dev;
std::vector<LPDIRECTINPUTDEVICE8> gameControllers;
BOOL CALLBACK enumGameControllers(LPCDIDEVICEINSTANCE devInst, LPVOID pvRef) {
LPDIRECTINPUTDEVICE8 gameController;
if (FAILED(dev->CreateDevice(devInst->guidInstance, &gameController, NULL)))
return DIENUM_CONTINUE;
else {
gameControllers.push_back(gameController);
return DIENUM_CONTINUE;
}
}
int wmain(int argc, wchar_t* argv[]) {
HANDLE hConsole = GetStdHandle(STD_OUTPUT_HANDLE);
char* a = setlocale(LC_ALL, "en-US.UTF8");
SetConsoleOutputCP(CP_UTF8);
SetConsoleCP(CP_UTF8);
CONSOLE_FONT_INFOEX fontInfo;
fontInfo.cbSize = sizeof(fontInfo);
fontInfo.FontFamily = 20;
fontInfo.FontWeight = 400;
fontInfo.nFont = 0;
const wchar_t myFont[] = L"Lucida Console";
fontInfo.dwFontSize = { 8, 16 };
std::copy(myFont, myFont + _countof(myFont), fontInfo.FaceName);
SetCurrentConsoleFontEx(hConsole, false, &fontInfo);
if (FAILED(DirectInput8Create(GetModuleHandle(NULL), DIRECTINPUT_VERSION, IID_IDirectInput8, (void**)&dev, NULL))) {
std::wcout << L"Critical error: Unable to create the main DirectInput 8 COM object!\n";
return 1;
}
if (FAILED(dev->EnumDevices(DI8DEVCLASS_GAMECTRL, &enumGameControllers, NULL, DIEDFL_ATTACHEDONLY))) {
std::wcout << L"Critical error: Unable to enumerate input devices!\n";
return 1;
}
if (gameControllers.empty()) {
std::wcout << L"No peripherals found\n";
return 1;
}
int count = 1;
std::wcout << L"Number of devices: " << gameControllers.size() << std::endl;
for (LPDIRECTINPUTDEVICE8 i : gameControllers) {
DIDEVICEINSTANCE deviceInfo;
i->GetDeviceInfo(&deviceInfo);
std::wcout << L"Device Number " << count << L": ";
std::wcout << deviceInfo.tszProductName << std::endl;
if (FAILED(i->SetCooperativeLevel(GetConsoleWindow(), DISCL_BACKGROUND | DISCL_EXCLUSIVE))) {
std::wcout << L"Cooperative level could not be set\n";
return 1;
}
++count;
}
return 0;
}
Thanks in advance for any suggestions and/or solutions.
DIDEVICEINSTANCE deviceInfo;
i->GetDeviceInfo(&deviceInfo);
Problems with this code are that:
DIDEVICEINSTANCE::dwSize is not initialized as required, and
the return value of IDirectInputDevice8::GetDeviceInfo is not checked for errors.
Change to the following, instead.
DIDEVICEINSTANCE deviceInfo = { sizeof(DIDEVICEINSTANCE) };
if(i->GetDeviceInfo(&deviceInfo) != DI_OK) { /* call failed, handle error */ }
I'm trying to entirely disable the keyboard using the windows SetupAPI.
At present I can remove the keyboard successfully with no issues using the DIF_REMOVE function like so:
#include <windows.h>
#include <SetupAPI.h>
#include <iostream>
#include <string>
const std::string keyboard_device_instance_path("<my_path_here>"); // Win7
HDEVINFO DeviceInfoSet = ::SetupDiGetClassDevs(nullptr, nullptr, nullptr, DIGCF_ALLCLASSES | DIGCF_ALLCLASSES);
SP_DEVINFO_DATA DeviceInfoData;
::ZeroMemory(&DeviceInfoData, sizeof(SP_DEVINFO_DATA));
DeviceInfoData.cbSize = sizeof(SP_DEVINFO_DATA);
DWORD DeviceIndex = 0;
std::vector<char> DeviceInstanceId(128, '\0');
DWORD RequiredSize = 0;
// Query all devices
while (::SetupDiEnumDeviceInfo(DeviceInfoSet, DeviceIndex++, &DeviceInfoData))
{
// Find the Keyboard
if (::SetupDiGetDeviceInstanceIdA(DeviceInfoSet, &DeviceInfoData, &DeviceInstanceId[0], DWORD(DeviceInstanceId.size()), &RequiredSize))
{
if (keyboard_device_instance_path == &DeviceInstanceId[0])
{
std::cout << "Breaking keyboard\n";
if (!SetupDiCallClassInstaller(DIF_REMOVE, DeviceInfoSet, &DeviceInfoData))
{
std::cerr << "Failed to remove keyboard: " << ::GetLastError() << '.' << std::endl;
}
}
After disabling it, I want to re-enable the keyboard when a condition is met. For this I naturally looked to 'DIF_UNREMOVE' but have had no success.
Here is the code that attempts to re-enable the keyboard:
SP_UNREMOVEDEVICE_PARAMS UnRemoveParams;
UnRemoveParams.ClassInstallHeader.cbSize = sizeof(SP_CLASSINSTALL_HEADER);
UnRemoveParams.ClassInstallHeader.InstallFunction = DIF_UNREMOVE;
UnRemoveParams.Scope = DI_UNREMOVEDEVICE_CONFIGSPECIFIC;
UnRemoveParams.HwProfile = 0;
if (::SetupDiSetClassInstallParams(DeviceInfoSet, &DeviceInfoData, &UnRemoveParams.ClassInstallHeader, sizeof(UnRemoveParams)))
{
std::cout << "Fixing keyboard\n";
if (!SetupDiCallClassInstaller(DIF_UNREMOVE, DeviceInfoSet, &DeviceInfoData))
{
std::cerr << "Failed to re-enable keyboard: " << ::GetLastError() << std::endl;
}
}
This code is used in the while loop immediately after the removal code. I get an error "No such device installed". What is the correct way to do this? I can only use headers supported by windowsXP
I eventually solved this by instead re-enumerating the systems hardware devices like so:
DWORD pdnDevInst = 0;
if (CM_Locate_DevNodeA(PDEVINST(&pdnDevInst), NULL, CM_LOCATE_DEVNODE_NORMAL) != CR_SUCCESS)
{
std::cout << "Failed to revive keyboard\n";
}
else if (CM_Reenumerate_DevNode(pdnDevInst, CM_REENUMERATE_NORMAL) != CR_SUCCESS)
{
std::cout << "Failed to revive keyboard: Renumerate dev node Error\n";
}
How to retrieve process handle by using application name in c++?
Is there any windows API is there?
Example: Sample.exe
I have to get the handle of this sample.exe and I need to call Terminate process on that handle.
Any one suggest a good solution for this.
Note: its should support winxp and win8
Thanks in Advance
You should use toolhelp API's:
HANDLE OpenProcessByName(LPCTSTR Name, DWORD dwAccess)
{
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hSnap != INVALID_HANDLE_VALUE)
{
PROCESSENTRY32 pe;
ZeroMemory(&pe, sizeof(PROCESSENTRY32));
pe.dwSize = sizeof(PROCESSENTRY32);
Process32First(hSnap, &pe);
do
{
if (!lstrcmpi(pe.szExeFile, Name))
{
return OpenProcess(dwAccess, 0, pe.th32ProcessID);
}
} while (Process32Next(hSnap, &pe));
}
return INVALID_HANDLE_VALUE;
}
For example:
#include <windows.h>
#include <tlhelp32.h>
//...
int main()
{
HANDLE hFire = OpenProcessByName("firefox.exe", PROCESS_VM_READ);
cout << "Handle: " << hFire << endl;
CloseHandle(hFire);
cin.get();
return 0;
}
But you should be careful because if there are more than 1 copy of process you will get a handle of the first. To handle all processes in "return OpenProcess" use call of some function like Handler(OpenProcess(dwAccess, 0, pe.th32ProcessID)):
void Handler(HANDLE hndl)
{
//... work with your Handle
CloseHandle(hndl);
}
//...
if (!lstrcmpi(pe.szExeFile, Name))
{
Handler(OpenProcess(dwAccess, 0, pe.th32ProcessID)):
}
//...
To fetch the process name from process id see quiestions: get process name from process id (win32) or How to get the process name in C++
Enumerate process documentation https://msdn.microsoft.com/en-us/library/windows/desktop/ms682629%28v=vs.85%29.aspx Example code: https://msdn.microsoft.com/ru-ru/library/windows/desktop/ms682623%28v=vs.85%29.aspx
EDIT: There is solution that does not have problem "return the hanlde of the first matching found, whereas there may be multiple instances". This solution return array of pairs ProcessId and names, and you can select that you need in simple loop.
#include <windows.h>
#include <tlhelp32.h>
#include <iostream>
#include <utility>
#include <vector>
#include <string>
#include <map>
typedef std::pair<DWORD,std::string> ProcessVectorEntry;
typedef std::vector<ProcessVectorEntry> ProcessVector;
void getProcessInformation( ProcessVector& processVector ) {
HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if(hSnapshot) {
PROCESSENTRY32 pe32;
pe32.dwSize = sizeof(PROCESSENTRY32);
if(Process32First(hSnapshot, &pe32)) {
do {
processVector.push_back( ProcessVectorEntry( pe32.th32ProcessID, pe32.szExeFile ) );
} while(Process32Next(hSnapshot, &pe32));
}
CloseHandle(hSnapshot);
}
}
And simple search in main
int main() {
std::string search = "firefox.exe";
ProcessVector processVector;
getProcessInformation( processVector );
std::cout << "Process IDs contains " << search << " in name:" << std::endl;
for( int i=0; i<processVector.size(); ++i )
if( processVector[i].second.find(search) != std::string::npos )
std::cout << processVector[i].first << std::endl;
return 0;
}
I have been trying to write a file in path returned by SHGetFolderPath . But as File Is created, it has been given Write Protected. Following is my Code:
#include <Windows.h>
#include <Shlobj.h>
#include <iostream>
#include <Shlwapi.h>
int main()
{
HANDLE hfile;
TCHAR szPath[MAX_PATH];
char dataBuffer[] = "Some data to write here";
DWORD dwBytesWritten = 0;
if(SUCCEEDED(SHGetFolderPath(NULL,CSIDL_COMMON_APPDATA,NULL,0, szPath)))
{
std::cout << szPath << std::endl;
PathAppend(szPath,TEXT("lpa"));
std::cout << szPath << std::endl;
PathAppend(szPath,TEXT("config"));
std::cout << szPath << std::endl;
CreateDirectory(szPath, NULL);
PathAppend(szPath, TEXT("lpa.config"));
std::cout << szPath << std::endl;
hfile = CreateFile(szPath,GENERIC_READ|GENERIC_WRITE,0,NULL,CREATE_NEW,FILE_ATTRIBUTE_NORMAL,NULL);
/*WriteFile(hfile,dataBuffer,(DWORD)strlen(dataBuffer),&dwBytesWritten,NULL);
std::cout << szPath <<std::endl;*/
}
}
The code creates a file in C:\ProgramData\lpa\config\lpa.config but editing the file pops up dialog saying WriteProtection. What am I doing wrong here?
Yes, When you run VS instance with Admin privileges, special permissions are assigned to the created file. Either run as the program as Non-Admin or use SECURITY_DESCRIPTOR so that other user can access the file.
Creating a Security Descriptor for a New Object in C++
the example in the link shows how a registry key is created, you can put CreateFile() instead.
I solved the issue by using CSIDL_LOCAL_APPDATA instead of CSIDL_COMMON_APPDATA . I have the modified code given as below:
#include <Windows.h>
#include <Shlobj.h>
#include <iostream>
#include <Shlwapi.h>
int main()
{
HANDLE hfile;
TCHAR szPath[MAX_PATH];
char dataBuffer[] = "Some data to write here";
DWORD dwBytesWritten = 0;
if(SUCCEEDED(SHGetFolderPath(NULL,CSIDL_LOCAL_APPDATA,NULL,0, szPath)))
{
std::cout << szPath << std::endl;
PathAppend(szPath,TEXT("lpa"));
if(!CreateDirectory(szPath, NULL))
{
std::cout << "Create directory failed" <<std::endl;
}
std::cout << szPath << std::endl;
PathAppend(szPath,TEXT("config"));
if(!CreateDirectory(szPath, NULL))
{
std::cout << "Create directory failed" <<std::endl;
}
std::cout << szPath << std::endl;
PathAppend(szPath, TEXT("lpa.config"));
std::cout << szPath << std::endl;
hfile = CreateFile(szPath,GENERIC_READ|GENERIC_WRITE,FILE_SHARE_READ|FILE_SHARE_WRITE,NULL,CREATE_NEW,FILE_ATTRIBUTE_NORMAL,NULL);
WriteFile(hfile,dataBuffer,(DWORD)strlen(dataBuffer),&dwBytesWritten,NULL);
std::cout << szPath <<std::endl;
}
}
i would like to find a way detecting the type of the media in my optical drive (e.g. DVD+R, DVD-R, DVD-RW, CD+R, etc.) using a simple function in C++ on windows.
The function should not require Admin privilege.
EDIT
I implemented the following code:
#include <windows.h>
#include <winioctl.h>
#include <stdio.h>
#include <iostream>
#include <sstream>
#include <imapi2.h>
#include <imapi2fs.h>
#include <imapi2error.h>
#include <imapi2fserror.h>
int main(int argc, char *argv[])
{
IDiscFormat2Data* discFormatData = NULL;
HRESULT hr;
CoInitialize ( NULL );
hr = CoCreateInstance( __uuidof(MsftDiscFormat2Data),
NULL,
CLSCTX_ALL,
__uuidof(IDiscFormat2Data),
(void**)&discFormatData);
if ( SUCCEEDED(hr) )
{
IMAPI_MEDIA_PHYSICAL_TYPE mediaType = IMAPI_MEDIA_TYPE_UNKNOWN;
hr = discFormatData->get_CurrentPhysicalMediaType(&mediaType);
if ( SUCCEEDED(hr) )
{
std::cout << "MediaPhysicalType: " << mediaType << std::endl;
}
else
{
std::stringstream str;
str << "get_CurrentPhysicalMediaType() failed with the error: 0x";
str << std::hex << hr << ".";
std::cout << str.str() << std::endl;
}
// Release the interface.
// Tell the COM object that we're done with it.
discFormatData->Release();
}
else
{
std::stringstream str;
str << "CoCreateInstance() failed with the error: 0x" << std::hex << hr;
std::cout << str.str() << std::endl;
}
cin.get();
return 0;
}
at the moment my problem is that i get the following error: E_IMAPI_RECORDER_REQUIRED which means
"The request requires a current disc recorder to be selected."
Assuming i have at least two optical drivers, how can i differ between them?
Any ideas?
On Windows 2000 and later, you can use IOCTL_CDROM_GET_CONFIGURATION with the SCSI_GET_CONFIGURATION_REQUEST_TYPE_CURRENT flag to query an optical device for its current profile, which will tell you which type of disc (CD, DVD+-R/W, HDDVD, BluRay, etc) has been inserted, if any. On earlier versions, you will have to manually send SCSI MMC commands directly to the device to query the same info.