r00tkit
شنبه 24 اردیبهشت 1390, 16:44 عصر
هر کی وقت کرد یه نگاهی به کد زیر بندازه ببیه چرا درست کار نمی کنه من که خودم گیج شدم
چیز ساده ای هستش فقط یه نمونه از کلاس AntiVirusProduct می سازه ( برای نشون دادن خودمون به windows security center
BOOL CreateInstance (IWbemServices *pWbemServices)
{
IWbemClassObject *pNewInstance = 0;
IWbemClassObject *pClassType = 0;
IWbemContext *pCtx = 0;
IWbemCallResult *pResult = 0;
VARIANT v;
// Get the class definition.
BSTR PathToClass = SysAllocString(L"AntiVirusProduct");
HRESULT hRes = pWbemServices->GetObject(PathToClass, 0, pCtx,
&pClassType, &pResult);
SysFreeString(PathToClass);
if(FAILED(hRes))
{
printf("filed to get class definition error code : 0x%x\n",hRes);
return FALSE;
}
// Create a new instance.
hRes=pClassType->SpawnInstance(0, &pNewInstance);
if(FAILED(hRes))
{
printf("filed to get class definition error code : 0x%x\n",hRes);
pClassType->Release();
return FALSE;
}
// Don't need the class any more
pClassType->Release();
VariantInit(&v);
// Set the Guid property (the key).
V_VT(&v) = VT_BSTR;
V_BSTR(&v) = SysAllocString(L"{385C2AD3-E043-4696-9BD2-961867F4734F}");
BSTR KeyProp = SysAllocString(L"instanceGuid");
hRes=pNewInstance->Put(KeyProp, 0, &v, 0);
if(FAILED(hRes))
{
printf("filed to put instanceGuid in new instance , error code : 0x%x\n",hRes);
pNewInstance->Release();
VariantClear(&v);
SysFreeString(KeyProp);
return FALSE;
}
SysFreeString(KeyProp);
VariantClear(&v);
// Set the displayName property.
V_VT(&v) = VT_BSTR;
V_BSTR(&v) = SysAllocString(L"geek1982");
KeyProp = SysAllocString(L"displayName");
hRes=pNewInstance->Put(KeyProp, 0, &v, 0);
if(FAILED(hRes))
{
printf("filed to put displayName in new instance , error code : 0x%x\n",hRes);
pNewInstance->Release();
SysFreeString(KeyProp);
VariantClear(&v);
return FALSE;
}
SysFreeString(KeyProp);
VariantClear(&v);
// Other properties acquire the 'default' value specified
// in the class definition unless otherwise modified here.
// Write the instance to WMI.
hRes = pWbemServices->PutInstance(pNewInstance, 0, pCtx, &pResult);
if(FAILED(hRes))
{
printf("filed to put displayName in new instance , error code : 0x%x\n",hRes);
return FALSE;
}
pNewInstance->Release();
return TRUE;
}
BOOL IsKBInstalled()
{
HRESULT hRes;
IWbemLocator *pIWbemLocator = NULL;
IWbemServices *pWbemServices = NULL;
IWbemClassObject *pIwbemClassObject=NULL;
//Initialize COM
hRes=CoInitializeEx(0, COINIT_MULTITHREADED);
if(FAILED(hRes))
{
printf("[-] Error with CoInitializeEx : 0x%x\n", hRes);
return FALSE;
}
//Registers security and sets the default security values for the process
hRes=CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_DEFAULT, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE,NULL);
if(FAILED(hRes))
{
printf("[-] Error with CoInitializeSecurity : 0x%x\n", hRes);
CoUninitialize();
return FALSE;
}
// Create IWbemLocator instance
hRes = CoCreateInstance (
CLSID_WbemAdministrativeLocator,
NULL ,
CLSCTX_INPROC_SERVER | CLSCTX_LOCAL_SERVER ,
IID_IUnknown ,
( void ** ) &pIWbemLocator
) ;
if (FAILED(hRes))
{
printf("filed to create instance error code : 0x%x\n",hRes);
CoUninitialize();
return FALSE;
}
// to obtain the initial namespace pointer to the IWbemServices interface
//with ConnectServer
hRes = pIWbemLocator->ConnectServer(
L"root\\SecurityCenter", // Namespace
NULL, // Userid
NULL, // PW
NULL, // Locale
0, // flags
NULL, // Authority
NULL, // Context
&pWbemServices
);
if (FAILED(hRes))
{
printf("failed to connect to namespace error code : 0x%x\n",hRes);
pIWbemLocator->Release();
CoUninitialize();
return FALSE;
}
//"create instance of antivirus"
CreateInstance(pWbemServices);
// relaase all resource
pWbemServices->Release();
pIWbemLocator->Release();
CoUninitialize();
return TRUE;
}
// Clean up
int main(int argc, char *argv[])
{
IsKBInstalled();
}
چیز ساده ای هستش فقط یه نمونه از کلاس AntiVirusProduct می سازه ( برای نشون دادن خودمون به windows security center
BOOL CreateInstance (IWbemServices *pWbemServices)
{
IWbemClassObject *pNewInstance = 0;
IWbemClassObject *pClassType = 0;
IWbemContext *pCtx = 0;
IWbemCallResult *pResult = 0;
VARIANT v;
// Get the class definition.
BSTR PathToClass = SysAllocString(L"AntiVirusProduct");
HRESULT hRes = pWbemServices->GetObject(PathToClass, 0, pCtx,
&pClassType, &pResult);
SysFreeString(PathToClass);
if(FAILED(hRes))
{
printf("filed to get class definition error code : 0x%x\n",hRes);
return FALSE;
}
// Create a new instance.
hRes=pClassType->SpawnInstance(0, &pNewInstance);
if(FAILED(hRes))
{
printf("filed to get class definition error code : 0x%x\n",hRes);
pClassType->Release();
return FALSE;
}
// Don't need the class any more
pClassType->Release();
VariantInit(&v);
// Set the Guid property (the key).
V_VT(&v) = VT_BSTR;
V_BSTR(&v) = SysAllocString(L"{385C2AD3-E043-4696-9BD2-961867F4734F}");
BSTR KeyProp = SysAllocString(L"instanceGuid");
hRes=pNewInstance->Put(KeyProp, 0, &v, 0);
if(FAILED(hRes))
{
printf("filed to put instanceGuid in new instance , error code : 0x%x\n",hRes);
pNewInstance->Release();
VariantClear(&v);
SysFreeString(KeyProp);
return FALSE;
}
SysFreeString(KeyProp);
VariantClear(&v);
// Set the displayName property.
V_VT(&v) = VT_BSTR;
V_BSTR(&v) = SysAllocString(L"geek1982");
KeyProp = SysAllocString(L"displayName");
hRes=pNewInstance->Put(KeyProp, 0, &v, 0);
if(FAILED(hRes))
{
printf("filed to put displayName in new instance , error code : 0x%x\n",hRes);
pNewInstance->Release();
SysFreeString(KeyProp);
VariantClear(&v);
return FALSE;
}
SysFreeString(KeyProp);
VariantClear(&v);
// Other properties acquire the 'default' value specified
// in the class definition unless otherwise modified here.
// Write the instance to WMI.
hRes = pWbemServices->PutInstance(pNewInstance, 0, pCtx, &pResult);
if(FAILED(hRes))
{
printf("filed to put displayName in new instance , error code : 0x%x\n",hRes);
return FALSE;
}
pNewInstance->Release();
return TRUE;
}
BOOL IsKBInstalled()
{
HRESULT hRes;
IWbemLocator *pIWbemLocator = NULL;
IWbemServices *pWbemServices = NULL;
IWbemClassObject *pIwbemClassObject=NULL;
//Initialize COM
hRes=CoInitializeEx(0, COINIT_MULTITHREADED);
if(FAILED(hRes))
{
printf("[-] Error with CoInitializeEx : 0x%x\n", hRes);
return FALSE;
}
//Registers security and sets the default security values for the process
hRes=CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_DEFAULT, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE,NULL);
if(FAILED(hRes))
{
printf("[-] Error with CoInitializeSecurity : 0x%x\n", hRes);
CoUninitialize();
return FALSE;
}
// Create IWbemLocator instance
hRes = CoCreateInstance (
CLSID_WbemAdministrativeLocator,
NULL ,
CLSCTX_INPROC_SERVER | CLSCTX_LOCAL_SERVER ,
IID_IUnknown ,
( void ** ) &pIWbemLocator
) ;
if (FAILED(hRes))
{
printf("filed to create instance error code : 0x%x\n",hRes);
CoUninitialize();
return FALSE;
}
// to obtain the initial namespace pointer to the IWbemServices interface
//with ConnectServer
hRes = pIWbemLocator->ConnectServer(
L"root\\SecurityCenter", // Namespace
NULL, // Userid
NULL, // PW
NULL, // Locale
0, // flags
NULL, // Authority
NULL, // Context
&pWbemServices
);
if (FAILED(hRes))
{
printf("failed to connect to namespace error code : 0x%x\n",hRes);
pIWbemLocator->Release();
CoUninitialize();
return FALSE;
}
//"create instance of antivirus"
CreateInstance(pWbemServices);
// relaase all resource
pWbemServices->Release();
pIWbemLocator->Release();
CoUninitialize();
return TRUE;
}
// Clean up
int main(int argc, char *argv[])
{
IsKBInstalled();
}