├── .gitignore
├── DarkControls
├── BlankForm.Designer.cs
├── BlankForm.cs
├── BlankForm.resx
├── Controls
│ ├── AppIcon.cs
│ ├── CloseButton.cs
│ ├── CustomCheckedListBox.cs
│ ├── CustomScrollBar.cs
│ ├── CustomStatusStrip.cs
│ ├── DarkButton.cs
│ ├── DarkCheckBox.cs
│ ├── DarkListView.cs
│ ├── DarkSelectFileButton.cs
│ ├── DarkTextBox.cs
│ ├── FlatComboBox.cs
│ ├── FlatScrollBar.cs
│ ├── FlatScrollBar1.cs
│ ├── MaximizeButton.cs
│ ├── MinimizeButton.cs
│ ├── NoFocusCueBotton.cs
│ ├── ProgressBarEx.cs
│ ├── SimpleColorTransforms.cs
│ ├── TransparentLabel.cs
│ ├── VisualStudioTabControl.cs
│ └── WindowsDefaultTitleBarButton.cs
├── DarkControls.csproj
├── Properties
│ ├── AssemblyInfo.cs
│ ├── Resources.Designer.cs
│ └── Resources.resx
├── Utils.cs
├── icons8-crossed-axes-100.png
└── selectFileBtn.Image.png
├── DriverInterface
├── BSOD.cs
├── CancelableTask.cs
├── CrashMon.cs
├── Driver
│ ├── KsDumperDriver.sys
│ ├── ManualLoader.bat
│ ├── Taigei64.dll
│ ├── drv64.dll
│ └── kdu.exe
├── DriverInterface.csproj
├── KduProvider.cs
├── KduProviderSettings.cs
├── KduSelfExtract.cs
├── KduWrapper.cs
├── KsDumperDriverInterface.cs
├── Operations.cs
├── PE
│ ├── 32
│ │ ├── PE32File.cs
│ │ └── PE32Header.cs
│ ├── 64
│ │ ├── PE64File.cs
│ │ └── PE64Header.cs
│ ├── DOSHeader.cs
│ ├── NativePEStructs.cs
│ ├── PEFile.cs
│ └── PESection.cs
├── ProcessDumper.cs
├── ProcessSummary.cs
├── Properties
│ ├── AssemblyInfo.cs
│ ├── Resources.Designer.cs
│ └── Resources.resx
├── Utility
│ ├── Logger.cs
│ ├── MarshalUtility.cs
│ ├── ProcessListView.cs
│ └── WinApi.cs
└── packages.config
├── KsDumper11.sln
├── KsDumper11
├── Default.ico
├── Driver
│ ├── KsDumperDriver.sys
│ ├── ManualLoader.bat
│ ├── Taigei64.dll
│ ├── drv64.dll
│ └── kdu.exe
├── DumperForm.Designer.cs
├── DumperForm.cs
├── DumperForm.resx
├── JsonSettings.cs
├── JsonSettingsManager.cs
├── KsDumper11.csproj
├── LabelDrawer.cs
├── ProcessDumper.cs
├── ProcessSummary.cs
├── Program.cs
├── Properties
│ ├── AssemblyInfo.cs
│ ├── Resources.Designer.cs
│ ├── Resources.cs
│ ├── Resources.resources
│ ├── Resources.resx
│ ├── Settings.Designer.cs
│ └── Settings.settings
├── ProviderSelector.Designer.cs
├── ProviderSelector.cs
├── ProviderSelector.resx
├── SnifferBypass.cs
├── StartDriver.cs
├── Trigger.Designer.cs
├── Trigger.cs
├── Trigger.resx
├── TriggerForm.Designer.cs
├── TriggerForm.cs
├── TriggerForm.resx
├── Turn_OFF_Microsoft_Vulnerable_Driver_Blocklist.reg
├── Turn_ON_Microsoft_Vulnerable_Driver_Blocklist.reg
├── app.manifest
├── icons8-crossed-axes-100.png
└── packages.config
├── KsDumperDriver
├── Driver.c
├── KsDumperDriver.vcxproj
├── KsDumperDriver.vcxproj.filters
├── NTUndocumented.h
├── ProcessLister.c
├── ProcessLister.h
├── UserModeBridge.h
├── Utility.c
└── Utility.h
├── README.md
└── Version.json
/DarkControls/BlankForm.Designer.cs:
--------------------------------------------------------------------------------
1 | namespace DarkControls
2 | {
3 | partial class BlankForm
4 | {
5 | ///
6 | /// Required designer variable.
7 | ///
8 | private System.ComponentModel.IContainer components = null;
9 |
10 | ///
11 | /// Clean up any resources being used.
12 | ///
13 | /// true if managed resources should be disposed; otherwise, false.
14 | protected override void Dispose(bool disposing)
15 | {
16 | if (disposing && (components != null))
17 | {
18 | components.Dispose();
19 | }
20 | base.Dispose(disposing);
21 | }
22 |
23 | #region Windows Form Designer generated code
24 |
25 | ///
26 | /// Required method for Designer support - do not modify
27 | /// the contents of this method with the code editor.
28 | ///
29 | private void InitializeComponent()
30 | {
31 | System.ComponentModel.ComponentResourceManager resources = new System.ComponentModel.ComponentResourceManager(typeof(BlankForm));
32 | this.transparentLabel1 = new DarkControls.Controls.TransparentLabel();
33 | this.closeBtn = new DarkControls.Controls.WindowsDefaultTitleBarButton();
34 | this.appIcon1 = new DarkControls.Controls.AppIcon();
35 | ((System.ComponentModel.ISupportInitialize)(this.appIcon1)).BeginInit();
36 | this.SuspendLayout();
37 | //
38 | // transparentLabel1
39 | //
40 | this.transparentLabel1.Font = new System.Drawing.Font("Microsoft Sans Serif", 12F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0)));
41 | this.transparentLabel1.Location = new System.Drawing.Point(32, 4);
42 | this.transparentLabel1.Name = "transparentLabel1";
43 | this.transparentLabel1.Size = new System.Drawing.Size(108, 20);
44 | this.transparentLabel1.TabIndex = 8;
45 | this.transparentLabel1.Text = "Form1";
46 | //
47 | // closeBtn
48 | //
49 | this.closeBtn.ButtonType = DarkControls.Controls.WindowsDefaultTitleBarButton.Type.Close;
50 | this.closeBtn.ClickColor = System.Drawing.Color.Red;
51 | this.closeBtn.ClickIconColor = System.Drawing.Color.Black;
52 | this.closeBtn.HoverColor = System.Drawing.Color.OrangeRed;
53 | this.closeBtn.HoverIconColor = System.Drawing.Color.Black;
54 | this.closeBtn.IconColor = System.Drawing.Color.Black;
55 | this.closeBtn.IconLineThickness = 2;
56 | this.closeBtn.Location = new System.Drawing.Point(776, 0);
57 | this.closeBtn.Name = "closeBtn";
58 | this.closeBtn.Size = new System.Drawing.Size(40, 40);
59 | this.closeBtn.TabIndex = 7;
60 | this.closeBtn.Text = "windowsDefaultTitleBarButton1";
61 | this.closeBtn.UseVisualStyleBackColor = true;
62 | //
63 | // appIcon1
64 | //
65 | this.appIcon1.AppIconImage = ((System.Drawing.Image)(resources.GetObject("appIcon1.AppIconImage")));
66 | this.appIcon1.Image = ((System.Drawing.Image)(resources.GetObject("appIcon1.Image")));
67 | this.appIcon1.Location = new System.Drawing.Point(0, 1);
68 | this.appIcon1.Name = "appIcon1";
69 | this.appIcon1.Scale = 3.5F;
70 | this.appIcon1.Size = new System.Drawing.Size(28, 28);
71 | this.appIcon1.TabIndex = 9;
72 | this.appIcon1.TabStop = false;
73 | //
74 | // Form1
75 | //
76 | this.AllowDrop = true;
77 | this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 13F);
78 | this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
79 | this.BackColor = System.Drawing.Color.FromArgb(((int)(((byte)(33)))), ((int)(((byte)(33)))), ((int)(((byte)(33)))));
80 | this.ClientSize = new System.Drawing.Size(816, 489);
81 | this.Controls.Add(this.appIcon1);
82 | this.Controls.Add(this.transparentLabel1);
83 | this.Controls.Add(this.closeBtn);
84 | this.DoubleBuffered = true;
85 | this.ForeColor = System.Drawing.Color.Silver;
86 | this.FormBorderStyle = System.Windows.Forms.FormBorderStyle.None;
87 | this.Name = "Form1";
88 | this.Text = "Basic File Box";
89 | ((System.ComponentModel.ISupportInitialize)(this.appIcon1)).EndInit();
90 | this.ResumeLayout(false);
91 |
92 | }
93 |
94 | #endregion
95 | private DarkControls.Controls.WindowsDefaultTitleBarButton closeBtn;
96 | private DarkControls.Controls.TransparentLabel transparentLabel1;
97 | private DarkControls.Controls.AppIcon appIcon1;
98 | }
99 | }
100 |
101 |
--------------------------------------------------------------------------------
/DarkControls/BlankForm.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.IO;
3 | using System.Collections.Generic;
4 | using System.ComponentModel;
5 | using System.Data;
6 | using System.Drawing;
7 | using System.Drawing.Drawing2D;
8 | using System.Linq;
9 | using System.Text;
10 | using System.Threading.Tasks;
11 | using System.Windows.Forms;
12 | using System.Runtime.InteropServices;
13 | using System.Diagnostics;
14 | using DarkControls;
15 |
16 | namespace DarkControls
17 | {
18 | public partial class BlankForm : Form
19 | {
20 | protected override CreateParams CreateParams
21 | {
22 | get
23 | {
24 | // Activate double buffering at the form level. All child controls will be double buffered as well.
25 | CreateParams cp = base.CreateParams;
26 | cp.ExStyle |= 0x02000000; // Turn on WS_EX_COMPOSITED
27 | return cp;
28 | }
29 | }
30 |
31 | public BlankForm()
32 | {
33 |
34 | InitializeComponent();
35 |
36 | this.FormBorderStyle = FormBorderStyle.None;
37 | this.Region = Region.FromHrgn(Utils.CreateRoundRectRgn(0, 0, Width, Height, 10, 10));
38 | this.closeBtn.Region = Region.FromHrgn(Utils.CreateRoundRectRgn(0, 0, closeBtn.Width, closeBtn.Height, 10, 10));
39 | }
40 |
41 | protected override void WndProc(ref Message m)
42 | {
43 | base.WndProc(ref m);
44 | if (m.Msg == Utils.WM_NCHITTEST)
45 | m.Result = (IntPtr)(Utils.HT_CAPTION);
46 | }
47 | }
48 | }
49 |
--------------------------------------------------------------------------------
/DarkControls/Controls/AppIcon.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 | using System.Drawing;
6 | using System.Threading.Tasks;
7 | using System.Windows.Forms;
8 | using System.Drawing.Drawing2D;
9 | using System.Drawing.Imaging;
10 | using System.ComponentModel;
11 |
12 | namespace DarkControls.Controls
13 | {
14 | public class AppIcon : PictureBox
15 | {
16 | private float _Scale = 3.5f;
17 |
18 | [
19 | Description("The value used to scale down the icon"),
20 | DefaultValue("3.5"),
21 | RefreshProperties(RefreshProperties.All)
22 | ]
23 | public float Scale
24 | {
25 | get
26 | {
27 | return _Scale;
28 | }
29 | set
30 | {
31 | _Scale = value;
32 | SizeF sz = calcImgSize();
33 | this.Image = ResizeImage(appIconImg, (int)sz.Width, (int)sz.Height);
34 | base.Size = new Size((int)sz.Width, (int)sz.Height);
35 | }
36 | }
37 |
38 | [
39 | DefaultValue("50, 50"),
40 | RefreshProperties(RefreshProperties.All)
41 | ]
42 | public new Size Size
43 | {
44 | get
45 | {
46 | return base.Size;
47 | }
48 | set
49 | {
50 | //SizeF sz = calcImgSize();
51 | //this.Image = ResizeImage(appIconImg, (int)sz.Width, (int)sz.Height);
52 | //base.Size = new Size((int)sz.Width, (int)sz.Height);
53 | base.Size = value;
54 | }
55 | }
56 | private bool drag = false; // determine if we should be moving the form
57 | private Point startPoint = new Point(0, 0); // also for the moving
58 | public Form DragForm { get; set; } = null;
59 |
60 | private Image appIconImg = Properties.Resources.icons8_crossed_axes_100;
61 |
62 | [
63 | Description("The image that will be used for the icon"),
64 | RefreshProperties(RefreshProperties.All)
65 | ]
66 | public Image AppIconImage
67 | {
68 | get
69 | {
70 | return appIconImg;
71 | }
72 | set
73 | {
74 | appIconImg = value;
75 | }
76 | }
77 |
78 | public AppIcon()
79 | {
80 | SetStyle(ControlStyles.SupportsTransparentBackColor, true);
81 | BackColor = Color.FromArgb(33, 33, 33);
82 |
83 | this.MouseDown += AppLogo_MouseDown;
84 | this.MouseUp += AppLogo_MouseUp;
85 | this.MouseMove += AppLogo_MouseMove;
86 | SizeF sz = calcImgSize();
87 | //this.Image = ResizeImage(appIconImg, (int)sz.Width, (int)sz.Height);
88 | //this.Size = new Size((int)sz.Width, (int)sz.Height);
89 |
90 | if (this.DesignMode == false)
91 | {
92 | if (DragForm != null) DragForm.Load += DragForm_Load;
93 | }
94 | }
95 |
96 | private SizeF calcImgSize()
97 | {
98 | float scale = 3.5f;
99 | SizeF sz = new SizeF(appIconImg.Width, appIconImg.Height);
100 | float x = sz.Width / (float)scale;
101 | float y = sz.Height / (float)scale;
102 | return new SizeF(x, y);
103 | }
104 |
105 | private void DragForm_Load(object sender, EventArgs e)
106 | {
107 | SizeF sz = calcImgSize();
108 | //this.Image = ResizeImage(appIconImg, (int)sz.Width, (int)sz.Height);
109 | //this.Size = new Size((int)sz.Width, (int)sz.Height);
110 | this.Invalidate();
111 | }
112 |
113 | private void AppLogo_MouseMove(object sender, MouseEventArgs e)
114 | {
115 | if (this.drag)
116 | { // if we should be dragging it, we need to figure out some movement
117 | Point p1 = new Point(e.X, e.Y);
118 | Point p2 = DragForm.PointToScreen(p1);
119 | Point p3 = new Point(p2.X - this.startPoint.X,
120 | p2.Y - this.startPoint.Y);
121 | DragForm.Location = p3;
122 | }
123 | }
124 |
125 | private void AppLogo_MouseUp(object sender, MouseEventArgs e)
126 | {
127 | if (e.Button == MouseButtons.Left)
128 | {
129 | this.drag = false;
130 | }
131 | }
132 |
133 | private void AppLogo_MouseDown(object sender, MouseEventArgs e)
134 | {
135 | if (e.Button == MouseButtons.Left)
136 | {
137 | this.startPoint = e.Location;
138 | this.drag = true;
139 | }
140 | }
141 |
142 | ///
143 | /// Resize the image to the specified width and height.
144 | ///
145 | /// The image to resize.
146 | /// The width to resize to.
147 | /// The height to resize to.
148 | /// The resized image.
149 | public static Bitmap ResizeImage(Image image, int width, int height)
150 | {
151 | var destRect = new Rectangle(0, 0, width, height);
152 | var destImage = new Bitmap(width, height);
153 |
154 | destImage.MakeTransparent();
155 |
156 | destImage.SetResolution(image.HorizontalResolution, image.VerticalResolution);
157 |
158 | using (var graphics = Graphics.FromImage(destImage))
159 | {
160 | graphics.CompositingMode = CompositingMode.SourceCopy;
161 | graphics.CompositingQuality = CompositingQuality.HighQuality;
162 | graphics.InterpolationMode = InterpolationMode.HighQualityBicubic;
163 | graphics.SmoothingMode = SmoothingMode.HighQuality;
164 | graphics.PixelOffsetMode = PixelOffsetMode.HighQuality;
165 |
166 | using (var wrapMode = new ImageAttributes())
167 | {
168 | //Color cl = Color.White;
169 | wrapMode.SetColorKey(Color.FromArgb(230, 230, 230), Color.White, ColorAdjustType.Bitmap);
170 | wrapMode.SetWrapMode(WrapMode.TileFlipXY);
171 | graphics.DrawImage(image, destRect, 0, 0, image.Width, image.Height, GraphicsUnit.Pixel, wrapMode);
172 | }
173 | }
174 |
175 | return destImage;
176 | }
177 | }
178 | }
179 |
--------------------------------------------------------------------------------
/DarkControls/Controls/CloseButton.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 | using System.Threading.Tasks;
6 |
7 | namespace DarkControls.Controls
8 | {
9 | public class CloseButton : WindowsDefaultTitleBarButton
10 | {
11 | public CloseButton()
12 | {
13 | this.ButtonType = DarkControls.Controls.WindowsDefaultTitleBarButton.Type.Close;
14 | this.ClickColor = System.Drawing.Color.Red;
15 | this.ClickIconColor = System.Drawing.Color.Black;
16 | this.HoverColor = System.Drawing.Color.OrangeRed;
17 | this.HoverIconColor = System.Drawing.Color.Black;
18 | this.IconColor = System.Drawing.Color.Black;
19 | this.IconLineThickness = 2;
20 | this.Size = new System.Drawing.Size(40, 40);
21 | this.UseVisualStyleBackColor = true;
22 | }
23 | }
24 | }
25 |
--------------------------------------------------------------------------------
/DarkControls/Controls/CustomCheckedListBox.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 | using System.Threading.Tasks;
6 | using System.Windows.Forms;
7 | using System.Drawing;
8 | using System.Drawing.Text;
9 | using System.Drawing.Drawing2D;
10 |
11 | namespace DarkControls.Controls
12 | {
13 | public class CustomCheckedListBox : CheckedListBox
14 | {
15 | public CustomCheckedListBox()
16 | {
17 | //this.SetStyle(
18 | // ControlStyles.OptimizedDoubleBuffer |
19 | // ControlStyles.ResizeRedraw,
20 | // //ControlStyles.UserPaint,
21 | // true);
22 | //this.DrawMode = DrawMode.OwnerDrawFixed;
23 |
24 | this.BackColor = System.Drawing.Color.FromArgb(((int)(((byte)(33)))), ((int)(((byte)(33)))), ((int)(((byte)(33)))));
25 | this.ForeColor = Color.Silver;
26 | this.BorderStyle = System.Windows.Forms.BorderStyle.FixedSingle;
27 | this.CheckedItemColor = System.Drawing.Color.Silver;
28 | this.CheckOnClick = true;
29 | }
30 |
31 |
32 |
33 | protected override void OnPaint(PaintEventArgs e)
34 | {
35 | Region iRegion = new Region(e.ClipRectangle);
36 | e.Graphics.FillRegion(new SolidBrush(this.BackColor), iRegion);
37 | if (this.Items.Count > 0)
38 | {
39 | for (int i = 0; i < this.Items.Count; ++i)
40 | {
41 | System.Drawing.Rectangle irect = this.GetItemRectangle(i);
42 | if (e.ClipRectangle.IntersectsWith(irect))
43 | {
44 | if ((this.SelectionMode == SelectionMode.One && this.SelectedIndex == i)
45 | || (this.SelectionMode == SelectionMode.MultiSimple && this.SelectedIndices.Contains(i))
46 | || (this.SelectionMode == SelectionMode.MultiExtended && this.SelectedIndices.Contains(i)))
47 | {
48 | OnDrawItem(new DrawItemEventArgs(e.Graphics, this.Font,
49 | irect, i,
50 | DrawItemState.Selected, this.ForeColor,
51 | this.BackColor));
52 | }
53 | else
54 | {
55 | OnDrawItem(new DrawItemEventArgs(e.Graphics, this.Font,
56 | irect, i,
57 | DrawItemState.Default, this.ForeColor,
58 | this.BackColor));
59 | }
60 | iRegion.Complement(irect);
61 | }
62 | }
63 | }
64 | base.OnPaint(e);
65 | }
66 |
67 | protected override void OnDrawItem(DrawItemEventArgs e)
68 | {
69 | Size checkSize = CheckBoxRenderer.GetGlyphSize(e.Graphics, System.Windows.Forms.VisualStyles.CheckBoxState.CheckedNormal);
70 | int dx = (e.Bounds.Height - checkSize.Width) / 2;
71 | e.DrawBackground();
72 | //e.DrawFocusRectangle();
73 | if (this.Items.Count > 0)
74 | {
75 | //var isChecked = GetItemChecked(e.Index) ? CheckState.Checked : CheckState.Unchecked;
76 | bool isChecked = GetItemChecked(e.Index);//For some reason e.State doesn't work so we have to do this instead.
77 | //CheckBoxRenderer.DrawCheckBox(e.Graphics, new Point(dx, e.Bounds.Top + dx), isChecked ? System.Windows.Forms.VisualStyles.CheckBoxState.CheckedNormal : System.Windows.Forms.VisualStyles.CheckBoxState.UncheckedNormal);
78 | DarkCheckBox.DrawCheckBox(e.Graphics, new Point(dx, e.Bounds.Top + dx), this.GetItemCheckState(e.Index));
79 | using (StringFormat sf = new StringFormat { LineAlignment = StringAlignment.Center })
80 | {
81 | using (Brush brush = new SolidBrush(isChecked ? CheckedItemColor : ForeColor))
82 | {
83 | e.Graphics.DrawString(Items[e.Index].ToString(), Font, brush, new Rectangle(e.Bounds.Height, e.Bounds.Top, e.Bounds.Width - e.Bounds.Height, e.Bounds.Height), sf);
84 | }
85 | }
86 | }
87 |
88 | //base.OnDrawItem(e);
89 | }
90 | Color checkedItemColor = Color.Green;
91 | public Color CheckedItemColor
92 | {
93 | get { return checkedItemColor; }
94 | set
95 | {
96 | checkedItemColor = value;
97 | //Invalidate();
98 | }
99 | }
100 | }
101 | }
102 |
--------------------------------------------------------------------------------
/DarkControls/Controls/CustomStatusStrip.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Drawing;
4 | using System.Linq;
5 | using System.Text;
6 | using System.Threading.Tasks;
7 | using System.Windows.Forms;
8 |
9 | namespace DarkControls.Controls
10 | {
11 | public class CustomStatusStrip : StatusStrip
12 | {
13 | protected override void OnPaint(PaintEventArgs e)
14 | {
15 | // Set the background color to RGB value 33, 33, 33
16 | this.BackColor = Color.FromArgb(33, 33, 33);
17 |
18 | // Set the foreground color to Silver
19 | this.ForeColor = Color.Silver;
20 |
21 | e.Graphics.Clear(this.BackColor);
22 |
23 | // Call the base OnPaint method to handle the actual rendering
24 | base.OnPaint(e);
25 | }
26 |
27 | //protected override void OnRender (ToolStripRenderEventArgs e)
28 | //{
29 | // // Set the background color to RGB value 33, 33, 33
30 | // e.Graphics.Clear(Color.FromArgb(33, 33, 33));
31 | // base.OnRenderToolStripBackground(e);
32 | //}
33 |
34 | //protected override void OnRenderToolStripContentPanelBackground(ToolStripContentPanelRenderEventArgs e)
35 | //{
36 | // e.Graphics.Clear(Color.FromArgb(33, 33, 33));
37 | // base.OnRenderToolStripContentPanelBackground(e);
38 | //}
39 |
40 | //protected override void OnRenderItem(ToolStripItemRenderEventArgs e)
41 | //{
42 | // // Set the background color to RGB value 33, 33, 33
43 | // e.Item.BackColor = Color.FromArgb(33, 33, 33);
44 |
45 | // // Set the foreground color to Silver
46 | // e.Item.ForeColor = Color.Silver;
47 |
48 | // // Call the base OnRenderItem method to handle the actual rendering
49 | // base.OnRenderItem(e);
50 | //}
51 | }
52 | }
53 |
--------------------------------------------------------------------------------
/DarkControls/Controls/DarkButton.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 | using System.Threading.Tasks;
6 | using System.Windows.Forms;
7 | using System.Drawing;
8 |
9 | namespace DarkControls.Controls
10 | {
11 | public class DarkButton : Button
12 | {
13 | public DarkButton()
14 | {
15 | this.BackColor = Color.FromArgb(33, 33, 33);
16 | this.ForeColor = Color.Silver;
17 |
18 | this.Size = new Size(75, 23);
19 | this.FlatStyle = System.Windows.Forms.FlatStyle.Flat;
20 | this.UseVisualStyleBackColor = true;
21 |
22 | //this.Region = Region.FromHrgn(Utils.CreateRoundRectRgn(0, 0, Width, Height, 25, 25));
23 | }
24 |
25 | protected override void OnEnabledChanged(EventArgs e)
26 | {
27 | if (this.Enabled)
28 | {
29 | this.ForeColor = Color.Silver;
30 | this.Update();
31 | this.Invalidate();
32 | }
33 | else
34 | {
35 | this.ForeColor = Color.FromArgb(Color.Silver.R - 32, Color.Silver.G - 32, Color.Silver.B - 32);
36 | this.Update();
37 | this.Invalidate();
38 | }
39 |
40 | base.OnEnabledChanged(e);
41 | }
42 | }
43 | }
44 |
--------------------------------------------------------------------------------
/DarkControls/Controls/DarkListView.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Drawing;
4 | using System.Linq;
5 | using System.Text;
6 | using System.Threading.Tasks;
7 | using System.Windows.Forms;
8 |
9 | namespace DarkControls.Controls
10 | {
11 | public class DarkListView : ListView
12 | {
13 | public DarkListView()
14 | {
15 | this.BackColor = Color.FromArgb(33, 33, 33);
16 | this.ForeColor = Color.Silver;
17 | this.DoubleBuffered = true;
18 | //this.SetStyle(ControlStyles.UserPaint, true);
19 | this.SetStyle(ControlStyles.DoubleBuffer, true);
20 | //this.SetStyle(ControlStyles.AllPaintingInWmPaint, true);
21 |
22 | System.Windows.Forms.ListView view = this;
23 |
24 | colorListViewHeader(ref view, this.BackColor, this.ForeColor);
25 | }
26 |
27 | public static void colorListViewHeader(ref System.Windows.Forms.ListView list, Color backColor, Color foreColor)
28 | {
29 | list.OwnerDraw = true;
30 | list.DrawColumnHeader +=
31 | new DrawListViewColumnHeaderEventHandler
32 | (
33 | (sender, e) => headerDraw(sender, e, backColor, foreColor)
34 | );
35 | list.DrawItem += new DrawListViewItemEventHandler(bodyDraw);
36 | }
37 |
38 | private static void headerDraw(object sender, DrawListViewColumnHeaderEventArgs e, Color backColor, Color foreColor)
39 | {
40 | using (SolidBrush backBrush = new SolidBrush(backColor))
41 | {
42 | e.Graphics.FillRectangle(backBrush, e.Bounds);
43 | }
44 |
45 | using (SolidBrush foreBrush = new SolidBrush(foreColor))
46 | {
47 | e.Graphics.DrawString(e.Header.Text, e.Font, foreBrush, e.Bounds);
48 | }
49 | }
50 |
51 | private static void bodyDraw(object sender, DrawListViewItemEventArgs e)
52 | {
53 | e.DrawDefault = true;
54 | }
55 |
56 | protected override void OnPaint(PaintEventArgs e)
57 | {
58 | base.OnPaint(e);
59 | }
60 | }
61 | }
62 |
--------------------------------------------------------------------------------
/DarkControls/Controls/DarkSelectFileButton.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 | using System.Threading.Tasks;
6 | using System.Windows.Forms;
7 | using System.Drawing;
8 |
9 | namespace DarkControls.Controls
10 | {
11 | public class DarkSelectFileButton : Button
12 | {
13 | public DarkSelectFileButton()
14 | {
15 | this.BackColor = Color.FromArgb(33, 33, 33);
16 | this.ForeColor = Color.Silver;
17 | this.FlatAppearance.BorderColor = System.Drawing.Color.Silver;
18 | this.FlatAppearance.BorderSize = 0;
19 | this.FlatAppearance.MouseOverBackColor = System.Drawing.Color.Silver;
20 | this.Image = Properties.Resources.selectFileBtn_Image;
21 | this.Size = new Size(75, 23);
22 | this.FlatStyle = System.Windows.Forms.FlatStyle.Flat;
23 | this.UseVisualStyleBackColor = true;
24 | }
25 | }
26 | }
27 |
--------------------------------------------------------------------------------
/DarkControls/Controls/DarkTextBox.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 | using System.Threading.Tasks;
6 | using System.Windows.Forms;
7 | using System.Drawing;
8 | using System.Windows.Forms.VisualStyles;
9 | using System.Diagnostics;
10 |
11 | namespace DarkControls.Controls
12 | {
13 | public class DarkTextBox : System.Windows.Forms.TextBox
14 | {
15 | public DarkTextBox()
16 | {
17 | // Initialize the renderer
18 |
19 | this.BackColor = System.Drawing.Color.FromArgb(((int)(((byte)(33)))), ((int)(((byte)(33)))), ((int)(((byte)(33)))));
20 | this.ForeColor = Color.Silver;
21 |
22 | this.BorderStyle = System.Windows.Forms.BorderStyle.FixedSingle;
23 | this.SetStyle(
24 | ControlStyles.AllPaintingInWmPaint |
25 | ControlStyles.DoubleBuffer, true);
26 | }
27 |
28 | protected override void OnPaint(PaintEventArgs e)
29 | {
30 | //Debugger.Break();
31 | if (ScrollBarRenderer.IsSupported)
32 | {
33 | //Debugger.Break();
34 | // Draw the custom scrollbar
35 | ScrollBarRenderer.DrawUpperVerticalTrack(e.Graphics, new Rectangle(this.Right - 18, this.Top, 18, this.Height), ScrollBarState.Normal);
36 | ScrollBarRenderer.DrawLowerVerticalTrack(e.Graphics, new Rectangle(this.Right - 18, this.Top, 18, this.Height), ScrollBarState.Normal);
37 | ScrollBarRenderer.DrawVerticalThumb(e.Graphics, new Rectangle(this.Right - 18, this.Top, 18, this.Height), ScrollBarState.Normal);
38 | ScrollBarRenderer.DrawVerticalThumbGrip(e.Graphics, new Rectangle(this.Right - 18, this.Top, 18, this.Height), ScrollBarState.Normal);
39 | }
40 |
41 | base.OnPaint(e);
42 | }
43 |
44 | //protected override void WndProc(ref Message m)
45 | //{
46 | // base.WndProc(ref m);
47 | // if (m.Msg == 0x00F7)
48 | // {
49 | // m.Result = (IntPtr)1;
50 | // }
51 | //}
52 | }
53 | }
54 |
--------------------------------------------------------------------------------
/DarkControls/Controls/FlatComboBox.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.ComponentModel;
3 | using System.Drawing;
4 | using System.Runtime.InteropServices;
5 | using System.Windows.Forms;
6 |
7 | namespace DarkControls.Controls
8 | {
9 | public class FlatComboBox : ComboBox
10 | {
11 | private Color borderColor = Color.Gray;
12 | [DefaultValue(typeof(Color), "Gray")]
13 | public Color BorderColor
14 | {
15 | get { return borderColor; }
16 | set
17 | {
18 | if (borderColor != value)
19 | {
20 | borderColor = value;
21 | Invalidate();
22 | }
23 | }
24 | }
25 | private Color buttonColor = Color.LightGray;
26 | [DefaultValue(typeof(Color), "LightGray")]
27 | public Color ButtonColor
28 | {
29 | get { return buttonColor; }
30 | set
31 | {
32 | if (buttonColor != value)
33 | {
34 | buttonColor = value;
35 | Invalidate();
36 | }
37 | }
38 | }
39 | protected override void WndProc(ref Message m)
40 | {
41 | if (m.Msg == WM_PAINT && DropDownStyle != ComboBoxStyle.Simple)
42 | {
43 | var clientRect = ClientRectangle;
44 | var dropDownButtonWidth = SystemInformation.HorizontalScrollBarArrowWidth;
45 | var outerBorder = new Rectangle(clientRect.Location,
46 | new Size(clientRect.Width - 1, clientRect.Height - 1));
47 | var innerBorder = new Rectangle(outerBorder.X + 1, outerBorder.Y + 1,
48 | outerBorder.Width - dropDownButtonWidth - 2, outerBorder.Height - 2);
49 | var innerInnerBorder = new Rectangle(innerBorder.X + 1, innerBorder.Y + 1,
50 | innerBorder.Width - 2, innerBorder.Height - 2);
51 | var dropDownRect = new Rectangle(innerBorder.Right + 1, innerBorder.Y,
52 | dropDownButtonWidth, innerBorder.Height + 1);
53 | if (RightToLeft == RightToLeft.Yes)
54 | {
55 | innerBorder.X = clientRect.Width - innerBorder.Right;
56 | innerInnerBorder.X = clientRect.Width - innerInnerBorder.Right;
57 | dropDownRect.X = clientRect.Width - dropDownRect.Right;
58 | dropDownRect.Width += 1;
59 | }
60 | var innerBorderColor = Enabled ? BackColor : SystemColors.Control;
61 | var outerBorderColor = Enabled ? BorderColor : SystemColors.ControlDark;
62 | var buttonColor = Enabled ? ButtonColor : SystemColors.Control;
63 | var middle = new Point(dropDownRect.Left + dropDownRect.Width / 2,
64 | dropDownRect.Top + dropDownRect.Height / 2);
65 | var arrow = new Point[]
66 | {
67 | new Point(middle.X - 3, middle.Y - 2),
68 | new Point(middle.X + 4, middle.Y - 2),
69 | new Point(middle.X, middle.Y + 2)
70 | };
71 | var ps = new PAINTSTRUCT();
72 | bool shoulEndPaint = false;
73 | IntPtr dc;
74 | if (m.WParam == IntPtr.Zero)
75 | {
76 | dc = BeginPaint(Handle, ref ps);
77 | m.WParam = dc;
78 | shoulEndPaint = true;
79 | }
80 | else
81 | {
82 | dc = m.WParam;
83 | }
84 | var rgn = CreateRectRgn(innerInnerBorder.Left, innerInnerBorder.Top,
85 | innerInnerBorder.Right, innerInnerBorder.Bottom);
86 | SelectClipRgn(dc, rgn);
87 | DefWndProc(ref m);
88 | DeleteObject(rgn);
89 | rgn = CreateRectRgn(clientRect.Left, clientRect.Top,
90 | clientRect.Right, clientRect.Bottom);
91 | SelectClipRgn(dc, rgn);
92 | using (var g = Graphics.FromHdc(dc))
93 | {
94 | using (var b = new SolidBrush(buttonColor))
95 | {
96 | g.FillRectangle(b, dropDownRect);
97 | }
98 | using (var b = new SolidBrush(outerBorderColor))
99 | {
100 | g.FillPolygon(b, arrow);
101 | }
102 | using (var p = new Pen(innerBorderColor))
103 | {
104 | g.DrawRectangle(p, innerBorder);
105 | g.DrawRectangle(p, innerInnerBorder);
106 | }
107 | using (var p = new Pen(outerBorderColor))
108 | {
109 | g.DrawRectangle(p, outerBorder);
110 | }
111 | }
112 | if (shoulEndPaint)
113 | EndPaint(Handle, ref ps);
114 | DeleteObject(rgn);
115 | }
116 | else
117 | base.WndProc(ref m);
118 | }
119 |
120 | private const int WM_PAINT = 0xF;
121 | [StructLayout(LayoutKind.Sequential)]
122 | public struct RECT
123 | {
124 | public int L, T, R, B;
125 | }
126 | [StructLayout(LayoutKind.Sequential)]
127 | public struct PAINTSTRUCT
128 | {
129 | public IntPtr hdc;
130 | public bool fErase;
131 | public int rcPaint_left;
132 | public int rcPaint_top;
133 | public int rcPaint_right;
134 | public int rcPaint_bottom;
135 | public bool fRestore;
136 | public bool fIncUpdate;
137 | public int reserved1;
138 | public int reserved2;
139 | public int reserved3;
140 | public int reserved4;
141 | public int reserved5;
142 | public int reserved6;
143 | public int reserved7;
144 | public int reserved8;
145 | }
146 | [DllImport("user32.dll")]
147 | private static extern IntPtr BeginPaint(IntPtr hWnd,
148 | [In, Out] ref PAINTSTRUCT lpPaint);
149 |
150 | [DllImport("user32.dll")]
151 | private static extern bool EndPaint(IntPtr hWnd, ref PAINTSTRUCT lpPaint);
152 |
153 | [DllImport("gdi32.dll")]
154 | public static extern int SelectClipRgn(IntPtr hDC, IntPtr hRgn);
155 |
156 | [DllImport("user32.dll")]
157 | public static extern int GetUpdateRgn(IntPtr hwnd, IntPtr hrgn, bool fErase);
158 | public enum RegionFlags
159 | {
160 | ERROR = 0,
161 | NULLREGION = 1,
162 | SIMPLEREGION = 2,
163 | COMPLEXREGION = 3,
164 | }
165 | [DllImport("gdi32.dll")]
166 | internal static extern bool DeleteObject(IntPtr hObject);
167 |
168 | [DllImport("gdi32.dll")]
169 | private static extern IntPtr CreateRectRgn(int x1, int y1, int x2, int y2);
170 | }
171 | }
172 |
--------------------------------------------------------------------------------
/DarkControls/Controls/FlatScrollBar.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 | using System.Threading.Tasks;
6 |
7 | namespace DarkControls.Controls
8 | {
9 | internal class FlatScrollBar
10 | {
11 | }
12 | }
13 |
--------------------------------------------------------------------------------
/DarkControls/Controls/MaximizeButton.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 | using System.Threading.Tasks;
6 |
7 | namespace DarkControls.Controls
8 | {
9 | public class MaximizeButton : WindowsDefaultTitleBarButton
10 | {
11 | public MaximizeButton()
12 | {
13 | this.ButtonType = DarkControls.Controls.WindowsDefaultTitleBarButton.Type.Maximize;
14 | this.ClickColor = System.Drawing.Color.DodgerBlue;
15 | this.ClickIconColor = System.Drawing.Color.Black;
16 | this.HoverColor = System.Drawing.Color.SkyBlue;
17 | this.HoverIconColor = System.Drawing.Color.Black;
18 | this.IconColor = System.Drawing.Color.Black;
19 | this.IconLineThickness = 2;
20 | this.Size = new System.Drawing.Size(40, 40);
21 | this.UseVisualStyleBackColor = true;
22 | }
23 | }
24 | }
25 |
--------------------------------------------------------------------------------
/DarkControls/Controls/MinimizeButton.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 | using System.Threading.Tasks;
6 |
7 | namespace DarkControls.Controls
8 | {
9 | public class MinimizeButton : WindowsDefaultTitleBarButton
10 | {
11 | public MinimizeButton()
12 | {
13 | this.ButtonType = DarkControls.Controls.WindowsDefaultTitleBarButton.Type.Minimize;
14 | this.ClickColor = System.Drawing.Color.DodgerBlue;
15 | this.ClickIconColor = System.Drawing.Color.Black;
16 | this.HoverColor = System.Drawing.Color.SkyBlue;
17 | this.HoverIconColor = System.Drawing.Color.Black;
18 | this.IconColor = System.Drawing.Color.Black;
19 | this.IconLineThickness = 2;
20 | this.Size = new System.Drawing.Size(40, 40);
21 | this.UseVisualStyleBackColor = true;
22 | }
23 | }
24 | }
25 |
--------------------------------------------------------------------------------
/DarkControls/Controls/NoFocusCueBotton.cs:
--------------------------------------------------------------------------------
1 | using System.ComponentModel;
2 | using System.Windows.Forms;
3 |
4 | namespace DarkControls.Controls
5 | {
6 | ///
7 | /// Modified button which has no focus rectangles when the form which contains this button loses fucus while the button was focused.
8 | ///
9 | [ToolboxItem(typeof(NoFocusCueBotton))]
10 | public class NoFocusCueBotton : Button
11 | {
12 | protected override bool ShowFocusCues => false;
13 |
14 | ///
15 | /// Creates a new instance of a
16 | ///
17 | public NoFocusCueBotton() { }
18 |
19 | public override void NotifyDefault(bool value)
20 | {
21 | base.NotifyDefault(false);
22 | }
23 | }
24 | }
--------------------------------------------------------------------------------
/DarkControls/Controls/ProgressBarEx.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Windows.Forms;
3 | using System.Drawing;
4 | using System.Drawing.Drawing2D;
5 |
6 | namespace DarkControls.Controls
7 | {
8 | public class ProgressBarEx : ProgressBar
9 | {
10 | public ProgressBarEx()
11 | {
12 | this.SetStyle(ControlStyles.UserPaint, true);
13 | }
14 |
15 | protected override void OnPaintBackground(PaintEventArgs pevent)
16 | {
17 | // None... Helps control the flicker.
18 | }
19 |
20 | protected override void OnPaint(PaintEventArgs e)
21 | {
22 | const int inset = 2; // A single inset value to control teh sizing of the inner rect.
23 |
24 | using (Image offscreenImage = new Bitmap(this.Width, this.Height))
25 | {
26 | using (Graphics offscreen = Graphics.FromImage(offscreenImage))
27 | {
28 | offscreen.Clear(this.BackColor);
29 | Rectangle rect = new Rectangle(0, 0, this.Width, this.Height);
30 | offscreen.DrawRectangle(new Pen(Color.Silver, 2), rect);
31 |
32 | //if (ProgressBarRenderer.IsSupported)
33 | // ProgressBarRenderer.DrawHorizontalBar(offscreen, rect);
34 |
35 | rect.Inflate(new Size(-inset, -inset)); // Deflate inner rect.
36 | rect.Width = (int)(rect.Width * ((double)this.Value / this.Maximum));
37 | if (rect.Width == 0) rect.Width = 1; // Can't draw rec with width of 0.
38 |
39 | //LinearGradientBrush brush = new LinearGradientBrush(rect, this.BackColor, this.ForeColor, LinearGradientMode.Horizontal);
40 | SolidBrush brush = new SolidBrush(this.ForeColor);
41 |
42 | offscreen.FillRectangle(brush, inset, inset, rect.Width, rect.Height);
43 |
44 | e.Graphics.DrawImage(offscreenImage, 0, 0);
45 | }
46 | }
47 | }
48 | }
49 | }
50 |
--------------------------------------------------------------------------------
/DarkControls/Controls/TransparentLabel.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 | using System.Threading.Tasks;
6 | using System.Windows.Forms;
7 |
8 | namespace DarkControls.Controls
9 | {
10 | public class TransparentLabel : Label
11 | {
12 | protected override void WndProc(ref Message m)
13 | {
14 | const int WM_NCHITTEST = 0x0084;
15 | const int HTTRANSPARENT = (-1);
16 |
17 | if (m.Msg == WM_NCHITTEST)
18 | {
19 | m.Result = (IntPtr)HTTRANSPARENT;
20 | }
21 | else
22 | {
23 | base.WndProc(ref m);
24 | }
25 | }
26 | }
27 | }
28 |
--------------------------------------------------------------------------------
/DarkControls/DarkControls.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | AnyCPU
7 | {66C94ACB-63C7-42A3-9D83-A3801CED4F1C}
8 | Library
9 | Properties
10 | DarkControls
11 | DarkControls
12 | v4.8
13 | 512
14 | true
15 |
16 |
17 |
18 | true
19 | full
20 | false
21 | bin\x86\Debug\
22 | DEBUG;TRACE
23 | prompt
24 | 4
25 |
26 |
27 | pdbonly
28 | true
29 | bin\Release\
30 | TRACE
31 | prompt
32 | 4
33 |
34 |
35 | true
36 | bin\x64\Debug\
37 | DEBUG;TRACE
38 | full
39 | x64
40 | 7.3
41 | prompt
42 | true
43 |
44 |
45 | bin\Release\x64\
46 | TRACE
47 | true
48 | pdbonly
49 | AnyCPU
50 | 7.3
51 | prompt
52 |
53 |
54 | true
55 | bin\x86\Debug\
56 | DEBUG;TRACE
57 | full
58 | x86
59 | 7.3
60 | prompt
61 |
62 |
63 | bin\x86\Release\
64 | TRACE
65 | true
66 | pdbonly
67 | x86
68 | 7.3
69 | prompt
70 |
71 |
72 |
73 |
74 |
75 |
76 |
77 |
78 |
79 |
80 |
81 |
82 |
83 |
84 |
85 |
86 |
87 | Component
88 |
89 |
90 | Component
91 |
92 |
93 | Component
94 |
95 |
96 | Component
97 |
98 |
99 | Component
100 |
101 |
102 | Component
103 |
104 |
105 | Component
106 |
107 |
108 | Component
109 |
110 |
111 | Component
112 |
113 |
114 | Component
115 |
116 |
117 |
118 |
119 | Component
120 |
121 |
122 | Component
123 |
124 |
125 | Component
126 |
127 |
128 | Component
129 |
130 |
131 |
132 | Component
133 |
134 |
135 | Component
136 |
137 |
138 | Component
139 |
140 |
141 | Form
142 |
143 |
144 |
145 | Component
146 |
147 |
148 |
149 | True
150 | True
151 | Resources.resx
152 |
153 |
154 |
155 |
156 |
157 |
158 |
159 |
160 | Designer
161 |
162 |
163 | ResXFileCodeGenerator
164 | Resources.Designer.cs
165 |
166 |
167 |
168 |
169 |
170 |
171 |
--------------------------------------------------------------------------------
/DarkControls/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("Lib")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("Lib")]
13 | [assembly: AssemblyCopyright("Copyright © 2023")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | [assembly: Guid("66c94acb-63c7-42a3-9d83-a3801ced4f1c")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/DarkControls/Properties/Resources.Designer.cs:
--------------------------------------------------------------------------------
1 | //------------------------------------------------------------------------------
2 | //
3 | // This code was generated by a tool.
4 | // Runtime Version:4.0.30319.42000
5 | //
6 | // Changes to this file may cause incorrect behavior and will be lost if
7 | // the code is regenerated.
8 | //
9 | //------------------------------------------------------------------------------
10 |
11 | namespace DarkControls.Properties {
12 | using System;
13 |
14 |
15 | ///
16 | /// A strongly-typed resource class, for looking up localized strings, etc.
17 | ///
18 | // This class was auto-generated by the StronglyTypedResourceBuilder
19 | // class via a tool like ResGen or Visual Studio.
20 | // To add or remove a member, edit your .ResX file then rerun ResGen
21 | // with the /str option, or rebuild your VS project.
22 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "17.0.0.0")]
23 | [global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
24 | [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
25 | internal class Resources {
26 |
27 | private static global::System.Resources.ResourceManager resourceMan;
28 |
29 | private static global::System.Globalization.CultureInfo resourceCulture;
30 |
31 | [global::System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode")]
32 | internal Resources() {
33 | }
34 |
35 | ///
36 | /// Returns the cached ResourceManager instance used by this class.
37 | ///
38 | [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)]
39 | internal static global::System.Resources.ResourceManager ResourceManager {
40 | get {
41 | if (object.ReferenceEquals(resourceMan, null)) {
42 | global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("DarkControls.Properties.Resources", typeof(Resources).Assembly);
43 | resourceMan = temp;
44 | }
45 | return resourceMan;
46 | }
47 | }
48 |
49 | ///
50 | /// Overrides the current thread's CurrentUICulture property for all
51 | /// resource lookups using this strongly typed resource class.
52 | ///
53 | [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)]
54 | internal static global::System.Globalization.CultureInfo Culture {
55 | get {
56 | return resourceCulture;
57 | }
58 | set {
59 | resourceCulture = value;
60 | }
61 | }
62 |
63 | ///
64 | /// Looks up a localized resource of type System.Drawing.Bitmap.
65 | ///
66 | internal static System.Drawing.Bitmap appIcon1_AppIconImage {
67 | get {
68 | object obj = ResourceManager.GetObject("appIcon1.AppIconImage", resourceCulture);
69 | return ((System.Drawing.Bitmap)(obj));
70 | }
71 | }
72 |
73 | ///
74 | /// Looks up a localized resource of type System.Drawing.Bitmap.
75 | ///
76 | internal static System.Drawing.Bitmap appIcon1_Image {
77 | get {
78 | object obj = ResourceManager.GetObject("appIcon1.Image", resourceCulture);
79 | return ((System.Drawing.Bitmap)(obj));
80 | }
81 | }
82 |
83 | ///
84 | /// Looks up a localized resource of type System.Drawing.Bitmap.
85 | ///
86 | internal static System.Drawing.Bitmap icons8_crossed_axes_100 {
87 | get {
88 | object obj = ResourceManager.GetObject("icons8_crossed_axes_100", resourceCulture);
89 | return ((System.Drawing.Bitmap)(obj));
90 | }
91 | }
92 |
93 | ///
94 | /// Looks up a localized resource of type System.Drawing.Bitmap.
95 | ///
96 | internal static System.Drawing.Bitmap selectFileBtn_Image {
97 | get {
98 | object obj = ResourceManager.GetObject("selectFileBtn_Image", resourceCulture);
99 | return ((System.Drawing.Bitmap)(obj));
100 | }
101 | }
102 | }
103 | }
104 |
--------------------------------------------------------------------------------
/DarkControls/Utils.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Runtime.InteropServices;
5 | using System.Text;
6 | using System.Threading.Tasks;
7 |
8 | namespace DarkControls
9 | {
10 | public class Utils
11 | {
12 | [DllImport("Gdi32.dll", EntryPoint = "CreateRoundRectRgn")]
13 | public static extern IntPtr CreateRoundRectRgn
14 | (
15 | int nLeftRect, // x-coordinate of upper-left corner
16 | int nTopRect, // y-coordinate of upper-left corner
17 | int nRightRect, // x-coordinate of lower-right corner
18 | int nBottomRect, // y-coordinate of lower-right corner
19 | int nWidthEllipse, // width of ellipse
20 | int nHeightEllipse // height of ellipse
21 | );
22 |
23 | public static int WM_NCHITTEST = 0x84;
24 | public static int HT_CAPTION = 0x2;
25 | }
26 | }
27 |
--------------------------------------------------------------------------------
/DarkControls/icons8-crossed-axes-100.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mastercodeon314/KsDumper-11/00a760faac5132606d0d0e01b9f29748894c2167/DarkControls/icons8-crossed-axes-100.png
--------------------------------------------------------------------------------
/DarkControls/selectFileBtn.Image.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mastercodeon314/KsDumper-11/00a760faac5132606d0d0e01b9f29748894c2167/DarkControls/selectFileBtn.Image.png
--------------------------------------------------------------------------------
/DriverInterface/BSOD.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Diagnostics;
4 | using System.Linq;
5 | using System.Text;
6 | using System.Threading.Tasks;
7 |
8 | namespace KsDumper11
9 | {
10 | public class BSOD
11 | {
12 | public static bool JustHappened()
13 | {
14 | List detectedCrashTimes = new List();
15 |
16 | string eventLogName = "System";
17 |
18 | EventLog eventLog = new EventLog();
19 | eventLog.Log = eventLogName;
20 |
21 | foreach (EventLogEntry log in eventLog.Entries)
22 | {
23 | if (log.EventID == 1001)
24 | {
25 | detectedCrashTimes.Add(log.TimeGenerated);
26 | }
27 | }
28 |
29 | detectedCrashTimes = detectedCrashTimes.OrderByDescending(x => x).ToList();
30 |
31 | foreach (DateTime crashTime in detectedCrashTimes)
32 | {
33 | if (CheckIfWithinFiveMinutes(crashTime, 5))
34 | {
35 | return true;
36 | }
37 | }
38 |
39 | return false;
40 | }
41 |
42 | static bool CheckIfWithinFiveMinutes(DateTime dateTimeToCheck, int minutesAgo)
43 | {
44 | // Get the current time
45 | DateTime currentTime = DateTime.Now;
46 |
47 | // Calculate the time difference
48 | TimeSpan timeDifference = currentTime - dateTimeToCheck;
49 |
50 | // Check if the time difference is within 5 minutes
51 | if (timeDifference.TotalMinutes <= minutesAgo)
52 | {
53 | return true;
54 | }
55 | else
56 | {
57 | return false;
58 | }
59 | }
60 | }
61 | }
62 |
--------------------------------------------------------------------------------
/DriverInterface/CancelableTask.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 | using System.Threading;
6 | using System.Threading.Tasks;
7 |
8 | public class CancelableTask
9 | {
10 | private CancellationTokenSource cancellationTokenSource;
11 |
12 | public CancelableTask(CancellationToken cancellationToken)
13 | {
14 | cancellationTokenSource = new CancellationTokenSource();
15 | cancellationToken.Register(() => cancellationTokenSource.Cancel());
16 | }
17 |
18 | public Task CreateTask(Func taskFunction)
19 | {
20 | var taskCompletionSource = new TaskCompletionSource();
21 |
22 | Task.Run(() =>
23 | {
24 | try
25 | {
26 | T result = taskFunction(cancellationTokenSource.Token);
27 | taskCompletionSource.TrySetResult(result);
28 | }
29 | catch (OperationCanceledException)
30 | {
31 | taskCompletionSource.TrySetCanceled();
32 | }
33 | catch (Exception ex)
34 | {
35 | taskCompletionSource.TrySetException(ex);
36 | }
37 | });
38 |
39 | return taskCompletionSource.Task;
40 | }
41 |
42 | public void Cancel()
43 | {
44 | cancellationTokenSource.Cancel();
45 | }
46 | }
47 |
48 |
--------------------------------------------------------------------------------
/DriverInterface/CrashMon.cs:
--------------------------------------------------------------------------------
1 | using Newtonsoft.Json;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.IO;
5 | using System.Linq;
6 | using System.Runtime.InteropServices;
7 | using System.Text;
8 | using System.Threading.Tasks;
9 | using static System.Net.Mime.MediaTypeNames;
10 |
11 | namespace KsDumper11
12 | {
13 | public class CrashMon
14 | {
15 | [DllImport("kernel32.dll", SetLastError = true)]
16 | private static extern bool FlushFileBuffers(IntPtr handle);
17 |
18 | private int _checkingProvider = -1;
19 | public int CheckingProvider
20 | {
21 | get
22 | {
23 | return _checkingProvider;
24 | }
25 | set
26 | {
27 | _checkingProvider = value;
28 | Save();
29 | }
30 | }
31 |
32 | string savePath = KduSelfExtract.AssemblyDirectory + @"\\Setings.json";
33 |
34 | public CrashMon()
35 | {
36 | if (File.Exists(savePath))
37 | {
38 | _checkingProvider = JsonConvert.DeserializeObject(File.ReadAllText(savePath));
39 | }
40 | else
41 | {
42 | _checkingProvider = -1;
43 | }
44 | }
45 |
46 | private void Save()
47 | {
48 | string json = JsonConvert.SerializeObject(_checkingProvider);
49 |
50 | if (!File.Exists(savePath))
51 | {
52 | FileStream fs = File.Create(savePath);
53 | StreamWriter sw = new StreamWriter(fs);
54 | sw.Write(json);
55 | sw.Flush();
56 | FlushFileBuffers(fs.Handle);
57 | sw.Close();
58 | sw.Dispose();
59 | }
60 | else
61 | {
62 | File.Delete(savePath);
63 | FileStream fs = File.Create(savePath);
64 | StreamWriter sw = new StreamWriter(fs);
65 | sw.Write(json);
66 | sw.Flush();
67 | FlushFileBuffers(fs.Handle);
68 | sw.Close();
69 | sw.Dispose();
70 | }
71 | }
72 | }
73 | }
74 |
--------------------------------------------------------------------------------
/DriverInterface/Driver/KsDumperDriver.sys:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mastercodeon314/KsDumper-11/00a760faac5132606d0d0e01b9f29748894c2167/DriverInterface/Driver/KsDumperDriver.sys
--------------------------------------------------------------------------------
/DriverInterface/Driver/ManualLoader.bat:
--------------------------------------------------------------------------------
1 | kdu.exe -prv 1 -map KsDumperDriver.sys
2 | pause
--------------------------------------------------------------------------------
/DriverInterface/Driver/Taigei64.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mastercodeon314/KsDumper-11/00a760faac5132606d0d0e01b9f29748894c2167/DriverInterface/Driver/Taigei64.dll
--------------------------------------------------------------------------------
/DriverInterface/Driver/drv64.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mastercodeon314/KsDumper-11/00a760faac5132606d0d0e01b9f29748894c2167/DriverInterface/Driver/drv64.dll
--------------------------------------------------------------------------------
/DriverInterface/Driver/kdu.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mastercodeon314/KsDumper-11/00a760faac5132606d0d0e01b9f29748894c2167/DriverInterface/Driver/kdu.exe
--------------------------------------------------------------------------------
/DriverInterface/DriverInterface.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | AnyCPU
7 | {6F8B2A35-060D-4EB1-A6BA-A3057179304B}
8 | Library
9 | Properties
10 | DriverInterface
11 | DriverInterface
12 | v4.8
13 | 512
14 | true
15 |
16 |
17 | true
18 | full
19 | false
20 | bin\Debug\
21 | DEBUG;TRACE
22 | prompt
23 | 4
24 |
25 |
26 | pdbonly
27 | true
28 | bin\x86\Release\
29 | TRACE
30 | prompt
31 | 4
32 |
33 |
34 |
35 | ..\packages\Newtonsoft.Json.13.0.3\lib\net45\Newtonsoft.Json.dll
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 | True
71 | True
72 | Resources.resx
73 |
74 |
75 |
76 |
77 | Component
78 |
79 |
80 |
81 |
82 |
83 |
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 |
92 | ResXFileCodeGenerator
93 | Resources.Designer.cs
94 |
95 |
96 |
97 |
--------------------------------------------------------------------------------
/DriverInterface/KduProvider.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Diagnostics;
4 | using System.Linq;
5 | using System.Text;
6 | using System.Threading.Tasks;
7 |
8 | namespace KsDumper11
9 | {
10 | public class KduProvider
11 | {
12 | public int ProviderIndex { get; set; }
13 |
14 | public string ProviderName { get; set; }
15 | public string DriverName { get; set; }
16 | public string DeviceName { get; set; }
17 | public string SignerName { get; set; }
18 | public bool IsWHQL_Signed { get; set; }
19 | public string ShellcodeSupportMask { get; set; }
20 |
21 | public string MaxWindowsBuild { get; set; }
22 | public string MinWindowsBuild { get; set; }
23 |
24 | public string[] ExtraInfo { get; set; }
25 |
26 | public bool IsNonWorking
27 | {
28 | get
29 | {
30 | return this.ProviderName.Contains("NOT WORKING");
31 | }
32 | }
33 |
34 | public bool IsWorking
35 | {
36 | get
37 | {
38 | return this.ProviderName.Contains("WORKING");
39 | }
40 | }
41 |
42 |
43 | public KduProvider()
44 | {
45 | }
46 |
47 | public KduProvider(string provider)
48 | {
49 | processProvider(provider);
50 | }
51 |
52 | private void processProvider(string prov)
53 | {
54 | string[] lines = prov.Split('\n');
55 |
56 | string id = lines[0].Split(',')[0];
57 |
58 | ProviderIndex = int.Parse(id);
59 |
60 | string[] provInfo = lines[1].Split(',');
61 |
62 | ProviderName = provInfo[0];
63 |
64 | string drvName = provInfo[1].Trim().Replace("DriverName ", "").Replace('"'.ToString(), "");
65 | string devName = provInfo[2].Trim().Replace("DeviceName ", "").Replace('"'.ToString(), "");
66 | DriverName = drvName;
67 | DeviceName = devName;
68 |
69 | string signer = lines[2].Trim().Replace("Signed by: ", "").Replace('"'.ToString(), "");
70 | SignerName = signer;
71 |
72 | string shellCodeMask = lines[3].Trim().Replace("Shellcode support mask: ", "").Replace('"'.ToString(), "");
73 | ShellcodeSupportMask = shellCodeMask;
74 |
75 | foreach (string ln in lines)
76 | {
77 | if (ln.Contains("Driver is WHQL signed"))
78 | {
79 | IsWHQL_Signed = true;
80 | }
81 |
82 | if (ln.StartsWith("Maximum Windows build undefined"))
83 | {
84 | MaxWindowsBuild = "No Restrictions";
85 | }
86 |
87 | if (ln.StartsWith("Maximum supported Windows build: "))
88 | {
89 | MaxWindowsBuild = ln.Replace("Maximum supported Windows build: ", "");
90 | }
91 |
92 | if (ln.StartsWith("Minimum supported Windows build: "))
93 | {
94 | MinWindowsBuild = ln.Replace("Minimum supported Windows build: ", "");
95 | }
96 | }
97 |
98 | List extraInfoLines = new List();
99 |
100 | for (int i = 4; i < lines.Length; i++)
101 | {
102 | if (lines[i].StartsWith("Minimum"))
103 | {
104 | break;
105 | }
106 | else if (!lines[i].Contains("Driver is WHQL signed"))
107 | {
108 | extraInfoLines.Add(lines[i]);
109 | }
110 | }
111 |
112 | ExtraInfo = extraInfoLines.ToArray();
113 | }
114 | }
115 | }
116 |
--------------------------------------------------------------------------------
/DriverInterface/KduProviderSettings.cs:
--------------------------------------------------------------------------------
1 | using KsDumper11;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Linq;
5 | using System.Text;
6 | using System.Threading.Tasks;
7 |
8 | namespace KsDumper11
9 | {
10 | public class KduProviderSettings
11 | {
12 | public List Providers { get; set; }
13 |
14 | public int DefaultProvider { get; set; } = -1;
15 | }
16 | }
17 |
--------------------------------------------------------------------------------
/DriverInterface/KduSelfExtract.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.Win32;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Diagnostics;
5 | using System.IO;
6 | using System.Linq;
7 | using System.Reflection;
8 | using System.Runtime.CompilerServices;
9 | using System.Text;
10 | using System.Threading.Tasks;
11 |
12 | namespace KsDumper11
13 | {
14 | public class KduSelfExtract
15 | {
16 | public static void DisableDriverBlockList()
17 | {
18 | RegistryKey configKey = Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Control\CI\Config", true);
19 |
20 | if (configKey == null)
21 | {
22 | configKey = Registry.LocalMachine.CreateSubKey(@"SYSTEM\CurrentControlSet\Control\CI\Config");
23 | }
24 |
25 | if (configKey != null)
26 | {
27 | if (configKey.GetValue("VulnerableDriverBlocklistEnable") == null)
28 | {
29 | configKey.SetValue("VulnerableDriverBlocklistEnable", 0);
30 | }
31 | }
32 | }
33 |
34 | static string asmDir = "";
35 | static string driverDir = "";
36 | static KduSelfExtract()
37 | {
38 | DisableDriverBlockList();
39 |
40 | asmDir = AssemblyDirectory;
41 | driverDir = asmDir + @"\Driver";
42 | }
43 | public static string AssemblyDirectory
44 | {
45 | get
46 | {
47 | string codeBase = Assembly.GetExecutingAssembly().CodeBase;
48 | UriBuilder uri = new UriBuilder(codeBase);
49 | string path = Uri.UnescapeDataString(uri.Path);
50 | return Path.GetDirectoryName(path);
51 | }
52 | }
53 |
54 | public static string KduPath
55 | {
56 | get
57 | {
58 | return driverDir + @"\kdu.exe";
59 | }
60 | }
61 |
62 | private static bool Extracted()
63 | {
64 | bool result = false;
65 |
66 | string driverPath = driverDir + @"\KsDumperDriver.sys";
67 | string kduPath = driverDir + @"\kdu.exe";
68 | string drv64Path = driverDir + @"\drv64.dll";
69 | string taigei64Path = driverDir + @"\Taigei64.dll";
70 |
71 | if (!Directory.Exists(driverDir))
72 | {
73 | return false;
74 | }
75 | else
76 | {
77 | if (!File.Exists(driverPath))
78 | {
79 | return false;
80 | }
81 | else
82 | {
83 | result = true;
84 | }
85 |
86 | if (!File.Exists(kduPath))
87 | {
88 | return false;
89 | }
90 | else
91 | {
92 | result = true;
93 | }
94 |
95 | if (!File.Exists(drv64Path))
96 | {
97 | return false;
98 | }
99 | else
100 | {
101 | result = true;
102 | }
103 |
104 | if (!File.Exists(taigei64Path))
105 | {
106 | return false;
107 | }
108 | else
109 | {
110 | result = true;
111 | }
112 | }
113 | return result;
114 | }
115 |
116 | public static void Extract()
117 | {
118 | if (!Extracted())
119 | {
120 | string asmDir = AssemblyDirectory;
121 | string driverDir = asmDir + @"\Driver";
122 | if (!Directory.Exists(driverDir))
123 | {
124 | Directory.CreateDirectory(driverDir);
125 | }
126 |
127 | string driverPath = driverDir + @"\KsDumperDriver.sys";
128 | string kduPath = driverDir + @"\kdu.exe";
129 | string drv64Path = driverDir + @"\drv64.dll";
130 | string taigei64Path = driverDir + @"\Taigei64.dll";
131 |
132 | if (!File.Exists(driverPath))
133 | {
134 | File.WriteAllBytes(driverPath, DriverInterface.Properties.Resources.KsDumperDriver);
135 | }
136 |
137 | if (!File.Exists(kduPath))
138 | {
139 | File.WriteAllBytes(kduPath, DriverInterface.Properties.Resources.kdu);
140 | }
141 |
142 | if (!File.Exists(drv64Path))
143 | {
144 | File.WriteAllBytes(drv64Path, DriverInterface.Properties.Resources.drv64);
145 | }
146 |
147 | if (!File.Exists(taigei64Path))
148 | {
149 | File.WriteAllBytes(taigei64Path, DriverInterface.Properties.Resources.Taigei64);
150 | }
151 | }
152 | }
153 | }
154 | }
155 |
--------------------------------------------------------------------------------
/DriverInterface/KsDumperDriverInterface.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.IO;
3 | using System.Runtime.InteropServices;
4 | using KsDumper11.Utility;
5 |
6 | namespace KsDumper11.Driver
7 | {
8 | public class KsDumperDriverInterface
9 | {
10 | public static KsDumperDriverInterface OpenKsDumperDriver()
11 | {
12 | return new KsDumperDriverInterface("\\\\.\\KsDumper");
13 | }
14 | public static bool IsDriverOpen(string driverPath)
15 | {
16 | IntPtr handle = WinApi.CreateFileA(driverPath, FileAccess.ReadWrite, FileShare.ReadWrite, IntPtr.Zero, FileMode.Open, (FileAttributes)0, IntPtr.Zero);
17 | bool result = handle != WinApi.INVALID_HANDLE_VALUE;
18 | WinApi.CloseHandle(handle);
19 | return result;
20 | }
21 |
22 | public KsDumperDriverInterface(string registryPath)
23 | {
24 | this.driverHandle = WinApi.CreateFileA(registryPath, FileAccess.ReadWrite, FileShare.ReadWrite, IntPtr.Zero, FileMode.Open, (FileAttributes)0, IntPtr.Zero);
25 | }
26 |
27 | public bool HasValidHandle()
28 | {
29 | return this.driverHandle != WinApi.INVALID_HANDLE_VALUE;
30 | }
31 |
32 | public bool GetProcessSummaryList(out ProcessSummary[] result)
33 | {
34 | result = new ProcessSummary[0];
35 | bool flag = this.driverHandle != WinApi.INVALID_HANDLE_VALUE;
36 | if (flag)
37 | {
38 | int requiredBufferSize = this.GetProcessListRequiredBufferSize();
39 | bool flag2 = requiredBufferSize > 0;
40 | if (flag2)
41 | {
42 | IntPtr bufferPointer = MarshalUtility.AllocZeroFilled(requiredBufferSize);
43 | Operations.KERNEL_PROCESS_LIST_OPERATION operation = new Operations.KERNEL_PROCESS_LIST_OPERATION
44 | {
45 | bufferAddress = (ulong)bufferPointer.ToInt64(),
46 | bufferSize = requiredBufferSize
47 | };
48 | IntPtr operationPointer = MarshalUtility.CopyStructToMemory(operation);
49 | int operationSize = Marshal.SizeOf();
50 | bool flag3 = WinApi.DeviceIoControl(this.driverHandle, Operations.IO_GET_PROCESS_LIST, operationPointer, operationSize, operationPointer, operationSize, IntPtr.Zero, IntPtr.Zero);
51 | if (flag3)
52 | {
53 | operation = MarshalUtility.GetStructFromMemory(operationPointer, true);
54 | bool flag4 = operation.processCount > 0;
55 | if (flag4)
56 | {
57 | byte[] managedBuffer = new byte[requiredBufferSize];
58 | Marshal.Copy(bufferPointer, managedBuffer, 0, requiredBufferSize);
59 | Marshal.FreeHGlobal(bufferPointer);
60 | result = new ProcessSummary[operation.processCount];
61 | using (BinaryReader reader = new BinaryReader(new MemoryStream(managedBuffer)))
62 | {
63 | for (int i = 0; i < result.Length; i++)
64 | {
65 | result[i] = ProcessSummary.FromStream(reader);
66 | }
67 | }
68 | return true;
69 | }
70 | }
71 | }
72 | }
73 | return false;
74 | }
75 |
76 | private int GetProcessListRequiredBufferSize()
77 | {
78 | IntPtr operationPointer = MarshalUtility.AllocEmptyStruct();
79 | int operationSize = Marshal.SizeOf();
80 | bool flag = WinApi.DeviceIoControl(this.driverHandle, Operations.IO_GET_PROCESS_LIST, operationPointer, operationSize, operationPointer, operationSize, IntPtr.Zero, IntPtr.Zero);
81 | if (flag)
82 | {
83 | Operations.KERNEL_PROCESS_LIST_OPERATION operation = MarshalUtility.GetStructFromMemory(operationPointer, true);
84 | bool flag2 = operation.processCount == 0 && operation.bufferSize > 0;
85 | if (flag2)
86 | {
87 | return operation.bufferSize;
88 | }
89 | }
90 | return 0;
91 | }
92 |
93 | public bool CopyVirtualMemory(int targetProcessId, IntPtr targetAddress, IntPtr bufferAddress, int bufferSize)
94 | {
95 | bool flag = this.driverHandle != WinApi.INVALID_HANDLE_VALUE;
96 | bool flag2;
97 | if (flag)
98 | {
99 | Operations.KERNEL_COPY_MEMORY_OPERATION operation = new Operations.KERNEL_COPY_MEMORY_OPERATION
100 | {
101 | targetProcessId = targetProcessId,
102 | targetAddress = (ulong)targetAddress.ToInt64(),
103 | bufferAddress = (ulong)bufferAddress.ToInt64(),
104 | bufferSize = bufferSize
105 | };
106 | IntPtr operationPointer = MarshalUtility.CopyStructToMemory(operation);
107 | bool result = WinApi.DeviceIoControl(this.driverHandle, Operations.IO_COPY_MEMORY, operationPointer, Marshal.SizeOf(), IntPtr.Zero, 0, IntPtr.Zero, IntPtr.Zero);
108 | Marshal.FreeHGlobal(operationPointer);
109 | flag2 = result;
110 | }
111 | else
112 | {
113 | flag2 = false;
114 | }
115 | return flag2;
116 | }
117 |
118 | public bool UnloadDriver()
119 | {
120 | if (driverHandle != WinApi.INVALID_HANDLE_VALUE)
121 | {
122 | bool result = WinApi.DeviceIoControl(driverHandle, Operations.IO_UNLOAD_DRIVER, IntPtr.Zero, 0, IntPtr.Zero, 0, IntPtr.Zero, IntPtr.Zero);
123 | this.Dispose();
124 | return result;
125 | }
126 | return false;
127 | }
128 |
129 | private readonly IntPtr driverHandle;
130 |
131 | public void Dispose()
132 | {
133 | try
134 | {
135 | WinApi.CloseHandle(driverHandle);
136 | }
137 | catch (Exception ex)
138 | {
139 | return;
140 | }
141 | }
142 |
143 | ~KsDumperDriverInterface()
144 | {
145 | try
146 | {
147 | WinApi.CloseHandle(driverHandle);
148 | }
149 | catch (Exception ex)
150 | {
151 | return;
152 | }
153 | }
154 | }
155 | }
156 |
--------------------------------------------------------------------------------
/DriverInterface/Operations.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using KsDumper11.Utility;
3 | using static KsDumper11.Utility.WinApi;
4 |
5 | namespace KsDumper11.Driver
6 | {
7 | public static class Operations
8 | {
9 | private static uint CTL_CODE(int deviceType, int function, int method, int access)
10 | {
11 | return (uint)((deviceType << 16) | (access << 14) | (function << 2) | method);
12 | }
13 |
14 | public static readonly uint IO_GET_PROCESS_LIST = Operations.CTL_CODE(WinApi.FILE_DEVICE_UNKNOWN, 5924, WinApi.METHOD_BUFFERED, WinApi.FILE_ANY_ACCESS);
15 |
16 | public static readonly uint IO_COPY_MEMORY = Operations.CTL_CODE(WinApi.FILE_DEVICE_UNKNOWN, 5925, WinApi.METHOD_BUFFERED, WinApi.FILE_ANY_ACCESS);
17 |
18 | public static readonly uint IO_UNLOAD_DRIVER = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x1726, METHOD_BUFFERED, FILE_ANY_ACCESS);
19 |
20 | public struct KERNEL_PROCESS_LIST_OPERATION
21 | {
22 | public ulong bufferAddress;
23 |
24 | public int bufferSize;
25 |
26 | public int processCount;
27 | }
28 |
29 | public struct KERNEL_COPY_MEMORY_OPERATION
30 | {
31 | public int targetProcessId;
32 |
33 | public ulong targetAddress;
34 |
35 | public ulong bufferAddress;
36 |
37 | public int bufferSize;
38 | }
39 | }
40 | }
41 |
--------------------------------------------------------------------------------
/DriverInterface/PE/32/PE32File.cs:
--------------------------------------------------------------------------------
1 | using System.IO;
2 | using System.Runtime.InteropServices;
3 |
4 | using static KsDumper11.PE.NativePEStructs;
5 |
6 | namespace KsDumper11.PE
7 | {
8 | public class PE32File : PEFile
9 | {
10 | public DOSHeader DOSHeader { get; private set; }
11 |
12 | public byte[] DOS_Stub { get; private set; }
13 |
14 | public PE32Header PEHeader { get; private set; }
15 |
16 | public PE32File(IMAGE_DOS_HEADER dosHeader, IMAGE_NT_HEADERS32 peHeader, byte[] dosStub)
17 | {
18 | Type = PEType.PE32;
19 | DOSHeader = DOSHeader.FromNativeStruct(dosHeader);
20 | PEHeader = PE32Header.FromNativeStruct(peHeader);
21 | Sections = new PESection[peHeader.FileHeader.NumberOfSections];
22 | DOS_Stub = dosStub;
23 | }
24 |
25 | public override void SaveToDisk(string fileName)
26 | {
27 | try
28 | {
29 | using (BinaryWriter writer = new BinaryWriter(new FileStream(fileName, FileMode.Create, FileAccess.Write)))
30 | {
31 | DOSHeader.AppendToStream(writer);
32 | writer.Write(DOS_Stub);
33 | PEHeader.AppendToStream(writer);
34 | AppendSections(writer);
35 | }
36 | }
37 | catch { }
38 | }
39 |
40 | public override int GetFirstSectionHeaderOffset()
41 | {
42 | return Marshal.OffsetOf("OptionalHeader").ToInt32() +
43 | PEHeader.FileHeader.SizeOfOptionalHeader;
44 | }
45 |
46 | public override void AlignSectionHeaders()
47 | {
48 | int newFileSize = DOSHeader.e_lfanew + 0x4 +
49 | Marshal.SizeOf() +
50 | PEHeader.FileHeader.SizeOfOptionalHeader +
51 | (PEHeader.FileHeader.NumberOfSections * Marshal.SizeOf());
52 |
53 | OrderSectionsBy(s => s.Header.PointerToRawData);
54 |
55 | for (int i = 0; i < Sections.Length; i++)
56 | {
57 | Sections[i].Header.VirtualAddress = AlignValue(Sections[i].Header.VirtualAddress, PEHeader.OptionalHeader.SectionAlignment);
58 | Sections[i].Header.VirtualSize = AlignValue(Sections[i].Header.VirtualSize, PEHeader.OptionalHeader.SectionAlignment);
59 | Sections[i].Header.PointerToRawData = AlignValue((uint)newFileSize, PEHeader.OptionalHeader.FileAlignment);
60 | Sections[i].Header.SizeOfRawData = AlignValue((uint)Sections[i].DataSize, PEHeader.OptionalHeader.FileAlignment);
61 |
62 | newFileSize = (int)(Sections[i].Header.PointerToRawData + Sections[i].Header.SizeOfRawData);
63 | }
64 |
65 | OrderSectionsBy(s => s.Header.VirtualAddress);
66 | }
67 |
68 | public override void FixPEHeader()
69 | {
70 | PEHeader.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT].VirtualAddress = 0;
71 | PEHeader.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT].Size = 0;
72 |
73 | for (uint i = PEHeader.OptionalHeader.NumberOfRvaAndSizes; i < IMAGE_NUMBEROF_DIRECTORY_ENTRIES; i++)
74 | {
75 | PEHeader.OptionalHeader.DataDirectory[i].VirtualAddress = 0;
76 | PEHeader.OptionalHeader.DataDirectory[i].Size = 0;
77 | }
78 |
79 | PEHeader.OptionalHeader.NumberOfRvaAndSizes = IMAGE_NUMBEROF_DIRECTORY_ENTRIES;
80 | PEHeader.FileHeader.SizeOfOptionalHeader = (ushort)Marshal.SizeOf();
81 | FixSizeOfImage();
82 |
83 | int size = DOSHeader.e_lfanew + 0x4 + Marshal.SizeOf();
84 | PEHeader.OptionalHeader.SizeOfHeaders = AlignValue((uint)(size + PEHeader.FileHeader.SizeOfOptionalHeader + (PEHeader.FileHeader.NumberOfSections * Marshal.SizeOf())), PEHeader.OptionalHeader.FileAlignment);
85 |
86 | RemoveIatDirectory();
87 | }
88 |
89 | private uint AlignValue(uint value, uint alignment)
90 | {
91 | return ((value + alignment - 1) / alignment) * alignment;
92 | }
93 |
94 | private void FixSizeOfImage()
95 | {
96 | uint lastSize = 0;
97 |
98 | for (int i = 0; i < PEHeader.FileHeader.NumberOfSections; i++)
99 | {
100 | if (Sections[i].Header.VirtualAddress + Sections[i].Header.VirtualSize > lastSize)
101 | {
102 | lastSize = Sections[i].Header.VirtualAddress + Sections[i].Header.VirtualSize;
103 | }
104 | }
105 | PEHeader.OptionalHeader.SizeOfImage = lastSize;
106 | }
107 |
108 | private void RemoveIatDirectory()
109 | {
110 | uint iatDataAddress = PEHeader.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IAT].VirtualAddress;
111 |
112 | PEHeader.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IAT].VirtualAddress = 0;
113 | PEHeader.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IAT].Size = 0;
114 |
115 | if (iatDataAddress != 0)
116 | {
117 | for (int i = 0; i < PEHeader.FileHeader.NumberOfSections; i++)
118 | {
119 | if (Sections[i].Header.VirtualAddress <= iatDataAddress &&
120 | Sections[i].Header.VirtualAddress + Sections[i].Header.VirtualSize > iatDataAddress)
121 | {
122 | Sections[i].Header.Characteristics |= DataSectionFlags.MemoryRead | DataSectionFlags.MemoryWrite;
123 | }
124 | }
125 | }
126 | }
127 | }
128 | }
129 |
--------------------------------------------------------------------------------
/DriverInterface/PE/64/PE64File.cs:
--------------------------------------------------------------------------------
1 | using System.IO;
2 | using System.Runtime.InteropServices;
3 |
4 | using static KsDumper11.PE.NativePEStructs;
5 |
6 | namespace KsDumper11.PE
7 | {
8 | public class PE64File : PEFile
9 | {
10 | public DOSHeader DOSHeader { get; private set; }
11 |
12 | public byte[] DOS_Stub { get; private set; }
13 |
14 | public PE64Header PEHeader { get; private set; }
15 |
16 | public PE64File(IMAGE_DOS_HEADER dosHeader, IMAGE_NT_HEADERS64 peHeader, byte[] dosStub)
17 | {
18 | Type = PEType.PE64;
19 | DOSHeader = DOSHeader.FromNativeStruct(dosHeader);
20 | PEHeader = PE64Header.FromNativeStruct(peHeader);
21 | Sections = new PESection[peHeader.FileHeader.NumberOfSections];
22 | DOS_Stub = dosStub;
23 | }
24 |
25 | public override void SaveToDisk(string fileName)
26 | {
27 | try
28 | {
29 | using (BinaryWriter writer = new BinaryWriter(new FileStream(fileName, FileMode.Create, FileAccess.Write)))
30 | {
31 | DOSHeader.AppendToStream(writer);
32 | writer.Write(DOS_Stub);
33 | PEHeader.AppendToStream(writer);
34 | AppendSections(writer);
35 | }
36 | }
37 | catch { }
38 | }
39 |
40 | public override int GetFirstSectionHeaderOffset()
41 | {
42 | return Marshal.OffsetOf("OptionalHeader").ToInt32() +
43 | PEHeader.FileHeader.SizeOfOptionalHeader;
44 | }
45 |
46 | public override void AlignSectionHeaders()
47 | {
48 | int newFileSize = DOSHeader.e_lfanew + 0x4 +
49 | Marshal.SizeOf() +
50 | PEHeader.FileHeader.SizeOfOptionalHeader +
51 | (PEHeader.FileHeader.NumberOfSections * Marshal.SizeOf());
52 |
53 | OrderSectionsBy(s => s.Header.PointerToRawData);
54 |
55 | for (int i = 0; i < Sections.Length; i++)
56 | {
57 | Sections[i].Header.VirtualAddress = AlignValue(Sections[i].Header.VirtualAddress, PEHeader.OptionalHeader.SectionAlignment);
58 | Sections[i].Header.VirtualSize = AlignValue(Sections[i].Header.VirtualSize, PEHeader.OptionalHeader.SectionAlignment);
59 | Sections[i].Header.PointerToRawData = AlignValue((uint)newFileSize, PEHeader.OptionalHeader.FileAlignment);
60 | Sections[i].Header.SizeOfRawData = AlignValue((uint)Sections[i].DataSize, PEHeader.OptionalHeader.FileAlignment);
61 |
62 | newFileSize = (int)(Sections[i].Header.PointerToRawData + Sections[i].Header.SizeOfRawData);
63 | }
64 |
65 | OrderSectionsBy(s => s.Header.VirtualAddress);
66 | }
67 |
68 | public override void FixPEHeader()
69 | {
70 | PEHeader.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT].VirtualAddress = 0;
71 | PEHeader.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT].Size = 0;
72 |
73 | for (uint i = PEHeader.OptionalHeader.NumberOfRvaAndSizes; i < IMAGE_NUMBEROF_DIRECTORY_ENTRIES; i++)
74 | {
75 | PEHeader.OptionalHeader.DataDirectory[i].VirtualAddress = 0;
76 | PEHeader.OptionalHeader.DataDirectory[i].Size = 0;
77 | }
78 |
79 | PEHeader.OptionalHeader.NumberOfRvaAndSizes = IMAGE_NUMBEROF_DIRECTORY_ENTRIES;
80 | PEHeader.FileHeader.SizeOfOptionalHeader = (ushort)Marshal.SizeOf();
81 | FixSizeOfImage();
82 |
83 | int size = DOSHeader.e_lfanew + 0x4 + Marshal.SizeOf();
84 | PEHeader.OptionalHeader.SizeOfHeaders = AlignValue((uint)(size + PEHeader.FileHeader.SizeOfOptionalHeader + (PEHeader.FileHeader.NumberOfSections * Marshal.SizeOf())), PEHeader.OptionalHeader.FileAlignment);
85 |
86 | RemoveIatDirectory();
87 | }
88 |
89 | private uint AlignValue(uint value, uint alignment)
90 | {
91 | return ((value + alignment - 1) / alignment) * alignment;
92 | }
93 |
94 | private void FixSizeOfImage()
95 | {
96 | uint lastSize = 0;
97 |
98 | for (int i = 0; i < PEHeader.FileHeader.NumberOfSections; i++)
99 | {
100 | if (Sections[i].Header.VirtualAddress + Sections[i].Header.VirtualSize > lastSize)
101 | {
102 | lastSize = Sections[i].Header.VirtualAddress + Sections[i].Header.VirtualSize;
103 | }
104 | }
105 | PEHeader.OptionalHeader.SizeOfImage = lastSize;
106 | }
107 |
108 | private void RemoveIatDirectory()
109 | {
110 | uint iatDataAddress = PEHeader.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IAT].VirtualAddress;
111 |
112 | PEHeader.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IAT].VirtualAddress = 0;
113 | PEHeader.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IAT].Size = 0;
114 |
115 | if (iatDataAddress != 0)
116 | {
117 | for (int i = 0; i < PEHeader.FileHeader.NumberOfSections; i++)
118 | {
119 | if (Sections[i].Header.VirtualAddress <= iatDataAddress &&
120 | Sections[i].Header.VirtualAddress + Sections[i].Header.VirtualSize > iatDataAddress)
121 | {
122 | Sections[i].Header.Characteristics |= DataSectionFlags.MemoryRead | DataSectionFlags.MemoryWrite;
123 | }
124 | }
125 | }
126 | }
127 | }
128 | }
129 |
--------------------------------------------------------------------------------
/DriverInterface/PE/DOSHeader.cs:
--------------------------------------------------------------------------------
1 | using System.IO;
2 |
3 | using static KsDumper11.PE.NativePEStructs;
4 |
5 | namespace KsDumper11.PE
6 | {
7 | public class DOSHeader
8 | {
9 | public string e_magic { get; set; }
10 | public ushort e_cblp { get; set; }
11 | public ushort e_cp { get; set; }
12 | public ushort e_crlc { get; set; }
13 | public ushort e_cparhdr { get; set; }
14 | public ushort e_minalloc { get; set; }
15 | public ushort e_maxalloc { get; set; }
16 | public ushort e_ss { get; set; }
17 | public ushort e_sp { get; set; }
18 | public ushort e_csum { get; set; }
19 | public ushort e_ip { get; set; }
20 | public ushort e_cs { get; set; }
21 | public ushort e_lfarlc { get; set; }
22 | public ushort e_ovno { get; set; }
23 | public ushort[] e_res1 { get; set; }
24 | public ushort e_oemid { get; set; }
25 | public ushort e_oeminfo { get; set; }
26 | public ushort[] e_res2 { get; set; }
27 | public int e_lfanew { get; set; }
28 |
29 | public void AppendToStream(BinaryWriter writer)
30 | {
31 | writer.Write(e_magic.ToCharArray());
32 | writer.Write(e_cblp);
33 | writer.Write(e_cp);
34 | writer.Write(e_crlc);
35 | writer.Write(e_cparhdr);
36 | writer.Write(e_minalloc);
37 | writer.Write(e_maxalloc);
38 | writer.Write(e_ss);
39 | writer.Write(e_sp);
40 | writer.Write(e_csum);
41 | writer.Write(e_ip);
42 | writer.Write(e_cs);
43 | writer.Write(e_lfarlc);
44 | writer.Write(e_ovno);
45 |
46 | for (int i = 0; i < e_res1.Length; i++)
47 | {
48 | writer.Write(e_res1[i]);
49 | }
50 | writer.Write(e_oemid);
51 | writer.Write(e_oeminfo);
52 |
53 | for (int i = 0; i < e_res2.Length; i++)
54 | {
55 | writer.Write(e_res2[i]);
56 | }
57 | writer.Write(e_lfanew);
58 | }
59 |
60 | public static DOSHeader FromNativeStruct(IMAGE_DOS_HEADER nativeStruct)
61 | {
62 | return new DOSHeader
63 | {
64 | e_magic = new string(nativeStruct.e_magic),
65 | e_cblp = nativeStruct.e_cblp,
66 | e_cp = nativeStruct.e_cp,
67 | e_crlc = nativeStruct.e_crlc,
68 | e_cparhdr = nativeStruct.e_cparhdr,
69 | e_minalloc = nativeStruct.e_minalloc,
70 | e_maxalloc = nativeStruct.e_maxalloc,
71 | e_ss = nativeStruct.e_ss,
72 | e_sp = nativeStruct.e_sp,
73 | e_csum = nativeStruct.e_csum,
74 | e_ip = nativeStruct.e_ip,
75 | e_cs = nativeStruct.e_cs,
76 | e_lfarlc = nativeStruct.e_lfarlc,
77 | e_ovno = nativeStruct.e_ovno,
78 | e_res1 = nativeStruct.e_res1,
79 | e_oemid = nativeStruct.e_oemid,
80 | e_oeminfo = nativeStruct.e_oeminfo,
81 | e_res2 = nativeStruct.e_res2,
82 | e_lfanew = nativeStruct.e_lfanew
83 | };
84 | }
85 | }
86 | }
87 |
--------------------------------------------------------------------------------
/DriverInterface/PE/PEFile.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.IO;
3 | using System.Linq;
4 |
5 | namespace KsDumper11.PE
6 | {
7 | public abstract class PEFile
8 | {
9 | public PEType Type { get; protected set; }
10 |
11 | public PESection[] Sections { get; protected set; }
12 |
13 |
14 | public abstract int GetFirstSectionHeaderOffset();
15 |
16 | public abstract void AlignSectionHeaders();
17 |
18 | public abstract void FixPEHeader();
19 |
20 | public abstract void SaveToDisk(string fileName);
21 |
22 | protected void AppendSections(BinaryWriter writer)
23 | {
24 | foreach (var sectionHeader in Sections.Select(s => s.Header))
25 | {
26 | sectionHeader.AppendToStream(writer);
27 | }
28 |
29 | foreach (var section in Sections)
30 | {
31 | if (section.Header.PointerToRawData > 0)
32 | {
33 | if (section.Header.PointerToRawData > writer.BaseStream.Position)
34 | {
35 | long prePaddingSize = section.Header.PointerToRawData - writer.BaseStream.Position;
36 | writer.Write(new byte[prePaddingSize]);
37 | }
38 |
39 | if (section.DataSize > 0)
40 | {
41 | writer.Write(section.Content);
42 |
43 | if (section.DataSize < section.Header.SizeOfRawData)
44 | {
45 | long postPaddingSize = section.Header.SizeOfRawData - section.DataSize;
46 | writer.Write(new byte[postPaddingSize]);
47 | }
48 | }
49 | }
50 | }
51 | }
52 |
53 | protected void OrderSectionsBy(Func orderFunction)
54 | {
55 | Sections = Sections.OrderBy(orderFunction).ToArray();
56 | }
57 |
58 | public enum PEType
59 | {
60 | PE32,
61 | PE64
62 | }
63 | }
64 | }
65 |
--------------------------------------------------------------------------------
/DriverInterface/PE/PESection.cs:
--------------------------------------------------------------------------------
1 | using System.IO;
2 |
3 | using static KsDumper11.PE.NativePEStructs;
4 |
5 | namespace KsDumper11.PE
6 | {
7 | public class PESection
8 | {
9 | public PESectionHeader Header { get; set; }
10 |
11 | public byte[] Content { get; set; }
12 |
13 | public int InitialSize { get; set; }
14 |
15 | public int DataSize { get; set; }
16 |
17 | public class PESectionHeader
18 | {
19 | public string Name { get; set; }
20 |
21 | public uint VirtualSize { get; set; }
22 |
23 | public uint VirtualAddress { get; set; }
24 |
25 | public uint SizeOfRawData { get; set; }
26 |
27 | public uint PointerToRawData { get; set; }
28 |
29 | public uint PointerToRelocations { get; set; }
30 |
31 | public uint PointerToLinenumbers { get; set; }
32 |
33 | public ushort NumberOfRelocations { get; set; }
34 |
35 | public ushort NumberOfLinenumbers { get; set; }
36 |
37 | public DataSectionFlags Characteristics { get; set; }
38 |
39 |
40 | public void AppendToStream(BinaryWriter writer)
41 | {
42 | writer.Write(Name.ToCharArray());
43 | writer.Write(VirtualSize);
44 | writer.Write(VirtualAddress);
45 | writer.Write(SizeOfRawData);
46 | writer.Write(PointerToRawData);
47 | writer.Write(PointerToRelocations);
48 | writer.Write(PointerToLinenumbers);
49 | writer.Write(NumberOfRelocations);
50 | writer.Write(NumberOfLinenumbers);
51 | writer.Write((uint)Characteristics);
52 | }
53 |
54 | public static PESectionHeader FromNativeStruct(IMAGE_SECTION_HEADER nativeStruct)
55 | {
56 | return new PESectionHeader
57 | {
58 | Name = nativeStruct.SectionName,
59 | VirtualSize = nativeStruct.VirtualSize,
60 | VirtualAddress = nativeStruct.VirtualAddress,
61 | SizeOfRawData = nativeStruct.SizeOfRawData,
62 | PointerToRawData = nativeStruct.PointerToRawData,
63 | PointerToRelocations = nativeStruct.PointerToRelocations,
64 | PointerToLinenumbers = nativeStruct.PointerToLinenumbers,
65 | NumberOfRelocations = nativeStruct.NumberOfRelocations,
66 | NumberOfLinenumbers = nativeStruct.NumberOfLinenumbers,
67 | Characteristics = nativeStruct.Characteristics
68 | };
69 | }
70 | }
71 | }
72 | }
73 |
--------------------------------------------------------------------------------
/DriverInterface/ProcessSummary.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Diagnostics;
3 | using System.IO;
4 | using System.Runtime.CompilerServices;
5 | using System.Text;
6 | using KsDumper11.Driver;
7 | using KsDumper11.Utility;
8 |
9 | namespace KsDumper11
10 | {
11 | // Token: 0x02000004 RID: 4
12 | public class ProcessSummary
13 | {
14 | // Token: 0x17000002 RID: 2
15 | // (get) Token: 0x06000039 RID: 57 RVA: 0x00004089 File Offset: 0x00002289
16 | // (set) Token: 0x0600003A RID: 58 RVA: 0x00004091 File Offset: 0x00002291
17 | public int ProcessId { get; set; }
18 |
19 | // Token: 0x17000003 RID: 3
20 | // (get) Token: 0x0600003B RID: 59 RVA: 0x0000409A File Offset: 0x0000229A
21 | // (set) Token: 0x0600003C RID: 60 RVA: 0x000040A2 File Offset: 0x000022A2
22 | public string ProcessName { get; set; }
23 |
24 | // Token: 0x17000004 RID: 4
25 | // (get) Token: 0x0600003D RID: 61 RVA: 0x000040AB File Offset: 0x000022AB
26 | // (set) Token: 0x0600003E RID: 62 RVA: 0x000040B3 File Offset: 0x000022B3
27 | public ulong MainModuleBase { get; set; }
28 |
29 | // Token: 0x17000005 RID: 5
30 | // (get) Token: 0x0600003F RID: 63 RVA: 0x000040BC File Offset: 0x000022BC
31 | // (set) Token: 0x06000040 RID: 64 RVA: 0x000040C4 File Offset: 0x000022C4
32 | public string MainModuleFileName { get; set; }
33 |
34 | // Token: 0x17000006 RID: 6
35 | // (get) Token: 0x06000041 RID: 65 RVA: 0x000040CD File Offset: 0x000022CD
36 | // (set) Token: 0x06000042 RID: 66 RVA: 0x000040D5 File Offset: 0x000022D5
37 | public uint MainModuleImageSize { get; set; }
38 |
39 | // Token: 0x17000007 RID: 7
40 | // (get) Token: 0x06000043 RID: 67 RVA: 0x000040DE File Offset: 0x000022DE
41 | // (set) Token: 0x06000044 RID: 68 RVA: 0x000040E6 File Offset: 0x000022E6
42 | public ulong MainModuleEntryPoint { get; set; }
43 |
44 | // Token: 0x17000008 RID: 8
45 | // (get) Token: 0x06000045 RID: 69 RVA: 0x000040EF File Offset: 0x000022EF
46 | // (set) Token: 0x06000046 RID: 70 RVA: 0x000040F7 File Offset: 0x000022F7
47 | public bool IsWOW64 { get; set; }
48 |
49 | // Token: 0x06000047 RID: 71 RVA: 0x00004100 File Offset: 0x00002300
50 | public static ProcessSummary ProcessSummaryFromID(KsDumperDriverInterface driver, string processName)
51 | {
52 | ProcessSummary result = null;
53 | ProcessSummary[] processes;
54 | driver.GetProcessSummaryList(out processes);
55 | bool flag = processes != null;
56 | if (flag)
57 | {
58 | foreach (ProcessSummary process in processes)
59 | {
60 | bool flag2 = process.ProcessName.ToLower().Contains(processName.ToLower());
61 | if (flag2)
62 | {
63 | Logger.Log(process.ProcessName + " " + processName, Array.Empty