Announcement

Collapse
No announcement yet.

Probleme mit ifs.inc...

Collapse
X
Collapse
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Probleme mit ifs.inc...

    Hallo,

    folgender Quelltext bereit mir Probleme...

    <pre>
    ; DSperre.asm

    .386p

    ; .xlist
    ; .list

    include vmm.inc
    include vwin32.inc
    include shell.inc
    include ifsmgr.inc
    include ifs.inc

    DECLARE_VIRTUAL_DEVICE DSPERRE,1,0, DSPERRE_Control,\
    UNDEFINED_DEVICE_ID, UNDEFINED_INIT_ORDER

    ;================================================= ===========================
    ;
    ; D E V I C E C O N T R O L P R O C E D U R E
    ;
    ;================================================= ===========================

    Begin_control_dispatch DSPERRE
    ; hier werden die GLOBALEN Funktionen, die beim Start ausgeführt werden sollen
    ; aufgelistet:
    Control_Dispatch w32_DeviceIoControl, OnDeviceIoControl
    End_control_dispatch DSPERRE

    VxD_PAGEABLE_DATA_SEG
    pTitle dd ?
    pMessage dd ?
    VxD_PAGEABLE_DATA_ENDS

    VxD_PAGEABLE_CODE_SEG

    BeginProc OnDeviceIoControl
    assume esitr DIOCParams
    ; .if [esi].lpoOverlapped==0
    .if [esi].dwIoControlCode==DIOC_Open
    xor eax,eax
    .elseif [esi].dwIoControlCode==1

    ;--- Installs a file system API hook ---
    mov eax, OFFSET32 CreatefileHook ; Proc to redirect the API hook
    push eax
    VxDcall IFSMgr_InstallFileSystemApiHook ; Install the API hook
    add esp, 4
    or eax,eax
    jz Install_Error
    mov [PrevHook], eax

    ;--- DOS-BEEP: ---
    Push_Client_State
    VMMCall Begin_Nest_V86_Exec
    assume ebptr Client_Byte_Reg_Struc
    mov [ebp].Client_dl,7
    mov [ebp].Client_ah,2
    mov eax,21h
    VMMCall Exec_Int
    VMMCall End_Nest_Exec
    Pop_Client_State
    ;--- Beep Ende ---
    .endif
    ret
    EndProc OnDeviceIoControl

    ;---------------------------------------------------------------------------
    ;
    ; CreatefileHook
    ;
    ; Entry ('C' callable proc => parameters pushed on the stack) :
    ; ebp+1Ch : pir
    ; ebp+18h : CodePage
    ; ebp+14h : ResourceFlags
    ; ebp+10h : Drive
    ; ebp+0Ch : FunctionNum
    ; ebp+8 : FSDFnAddr
    ;
    ; Exit: - Clear the ir_ppath if the caller opens a file
    ; from the 'Favorites' directory or if it is MSHTML.DLL and
    ; return an 'access denied' message.
    ; - Clear both ir_pos and ir_length if the caller is
    ; an M$ app writing to a file and truncate it to 0 byte.
    ; - Restore the previous hook in chain.
    ; - Restore both ir_pos and ir_length to fool the app.
    ; - Modify the ret error code (ir_error).
    ;
    ;---------------------------------------------------------------------------

    BeginProc CreatefileHook

    push ebp
    mov ebp,esp
    sub esp,20h
    pushad

    call Clear_OpenWriteFlag ; clear M$ OpenWrite flag

    ; ------------------------------------------------
    ; Check if it is an open/create or write operation
    ; ------------------------------------------------

    cmp [ebp+0Ch], 24h ; Open/create file (IFSFN_OPEN)?
    jz GetOpenFileName
    cmp [ebp+0ch], 01h ; Write to file (IFSFN_WRITE)?
    jnz Quit
    mov OpenWriteFlag, 'W' ; set flag to M$ 'W'rite operation
    jmp GetTaskName ; and get the name of the app.

    ; ------------------------
    ; Get open file ASCII name
    ; ------------------------
    GetOpenFileName:

    mov OpenWriteFlag, 'O' ; set flag to M$ 'O'pen operation
    mov ebx, offset32 File_Name
    mov eax, [ebp+10h] ; get current drive (A=1, B=2
    Tags: None
  • #2
    <pre>
    cmp al, 0FFh
    jz NoDriveSpec
    add al, 40h
    mov [ebx], al
    inc ebx
    mov byte ptr [ebx], 3Ah
    inc ebx
    NodriveSpec:
    push 0 ; charSet (BCS_WANSI)
    push 0ffh ; maxLength
    mov eax, [ebp+1Ch]
    mov eax, [eax+0Ch]
    add eax, 4
    push eax ; pUniPath
    push ebx ; pBCSPath
    VxDcall UniToBCSPath
    add esp, 10h
    add ebx, eax
    mov byte ptr [ebx], 0 ; Make file name an ASCIIZ string

    ; -------------------------
    ; Check if it is Mshtml.dll
    ; -------------------------

    cmp [ebx-4], 'LLD.'
    jne TryNext
    cmp [ebx-8], 'LMTH'
    jne TryNext
    cmp word ptr [ebx-10], 'SM'
    je GoAhead ; ok that's the right one :-)

    ; -------------------------------------
    ; or check if it is an *.URL or *.INI file
    ; -------------------------------------

    TryNext:
    cmp [ebx-4], 'LRU.'
    je Gotcha
    cmp [ebx-4], 'INI.'
    je Gotcha
    call Clear_OpenWriteFlag
    jmp Quit ; Bad luck this time ;-)

    ; ----------------------------------------
    ; check if the '*.url' or '*.ini' file
    ; opened comes from the Favorites directory
    ; ----------------------------------------
    IsFileOK:
    VMMCall _lstrlen, <OFFSET32 Favorites_Path>
    mov String_Length, al
    mov byte ptr [File_Name+eax],0
    VMMCall _lstrcmpi, <OFFSET32 File_Name, OFFSET32 Favorites_Path>
    cmp eax, 0
    jz FileOK
    call Clear_OpenWriteFlag
    jmp Quit
    FileOK:
    mov al, String_Length
    mov byte ptr [File_Name+eax],'\'
    jmp Open ; Ready to go, so let's have fun!

    ; -------------
    ; Get task name
    ; -------------

    GetTaskName:

    VxDCall VWIN32_GetCurrentProcessHandle
    mov eax,[eax+38h]
    or al,7
    mov Selector,eax
    VmmCall Get_Sys_VM_Handle
    push Flags
    push Selector
    push ebx ; System VM handle
    VMMcall _SelectorMapFlat
    add esp, 0Ch ; Adjust stack
    add eax, 0F2h

    ; -----------------------------------------
    ; check if it is one of the following craps
    ; -----------------------------------------

    FrontPageExpress:
    cmp [eax], 70787046h ; Fpxpress.exe?
    jnz FrontPageExpl
    cmp [eax+4], 73736572h
    jz GoAhead

    Abort:
    call Clear_OpenWriteFlag
    jmp Quit

    ; -----------------------------
    ; now, here is the good part...
    ; -----------------------------

    GoAhead:
    mov eax, [ebp+1ch] ; Get IOREQ pointer.
    cmp OpenWriteFlag, 'O' ; M$ IFSFN_OPEN?
    jz Open
    cmp dword ptr [eax], 0 ; Check nb byte to write != 0
    jnz Write ; Go ahead
    call Clear_OpenWriteFlag ; or don't do nothing
    jmp Quit ; and leave.

    ; --------------------------------------------------------------------------------
    ; up the FS_WriteFile ir_pos and ir_length located at [IOREQ+24h] and [IOREQ]
    ; --------------------------------------------------------------------------------

    Write:
    mov

    Comment

    • #3
      <pre>
      mov ebx, [eax+24h] ; Save ir_pos (file pointer)
      mov FilePointer, ebx ; and
      mov ebx, [eax] ; ir_length (nb of bytes to write)
      mov NbByteToWrite, ebx ; to restore them later.
      mov dword ptr [eax+24h], 0 ; Clear them
      mov dword ptr [eax], 0 ;
      jmp Quit ; Call previous hook.

      ; --------------------------------------------------------
      ; up the FS_OpenFile ir_ppath located at [IOREQ+0ch]
      ; --------------------------------------------------------

      Open:
      mov dword ptr [eax+0Ch],0 ; clear ir_ppath

      ; ---------------------------------------------------
      ; Now we call the previous hook function in the chain
      ; ---------------------------------------------------

      Quit:
      popad
      push dword ptr [ebp+1Ch] ; push IOREQ pointer
      push dword ptr [ebp+18h]
      push dword ptr [ebp+14h]
      push dword ptr [ebp+10h]
      push dword ptr [ebp+0Ch]
      push dword ptr [ebp+8]
      mov eax,dword ptr [PrevHook]
      call dword ptr [eax] ; Previous hook
      add esp,00000018h ; Adjust stack

      ; ---------------------------------------
      ; check if we still have some work to do:
      ; ---------------------------------------

      cmp OpenWriteFlag,0 ; Open/Create or Write operation?
      jz Wedunnit ; no => quit

      mov eax, [ebp+1ch] ; Get IOREQ pointer
      cmp OpenWriteFlag, 'W' ; M$ IFSFN_WRITE?
      jz RestoreWriteValues

      OpenReturnValues: ; M$ IFSFN_OPEN:
      mov byte ptr [eax+1Ah],5 ; ir_error <= error code#5 (access denied)
      mov eax,5 ; Error ret code in eax too.
      jmp Wedunnit ; All done!

      RestoreWriteValues: ; M$ IFSFN_WRITE:
      push ebx ; Save ebx
      mov ebx, [NbByteToWrite] ; restore original ir_length.
      mov edx, ebx ; should be saved in edx too
      mov [eax], ebx ; and restore
      mov ebx, [FilePointer] ; ir_pos values to fool the app.
      mov [eax+24h], ebx ;
      pop ebx ; restore ebx
      xor eax, eax ; eax <= ret code#0 (no error)
      Wedunnit:
      leave ; Have a nice day...
      ret

      EndProc CreatefileHook

      ;
      ; Clear_OpenWriteFlag
      ;
      ; - Clear MS Open or Write flag
      ;
      ; Entry: nothing
      ;
      ; Exit : nothing
      ;
      ;---------------------------------------------------------------------------

      BeginProc Clear_OpenWriteFlag

      mov OpenwriteFlag, 0
      ret

      EndProc Clear_OpenWriteFlag

      ;================================================= ===========================
      ; V A R I A B L E S
      ;================================================= ===========================
      OpenWriteFlag db 0
      Selector dd 0
      Flags dd 0
      FilePointer dd 0
      NbByteToWrite dd 0
      PrevHook dd 0
      String_Length db 0
      FileHandle dd 0
      KeyHandle dd 0
      File_Name db 50h dup (0)
      Favorites_Path db 50h dup (0)

      VxD_PAGEABLE_CODE_ENDS

      en

      Comment

      • #4
        ...das Problem besteht darin, dass ich zum Beispiel beim Compilieren folgende Fehler erhalte:

        <pre>
        - syntax error in ifs.inc (271)
        - invalid instruction operands DSperre.asm (106)
        </pre>

        usw.

        Woran könnte es liegen?

        Tschüss Ti

        Comment

        • #5
          Der falsche Compiler =)<br>
          (oder falsche Compiler-Schalter... keine Batch zum Compilieren ?)

          Gruß Nic

          Comment

          • #6
            Hallo,

            eigentlich glaube ich das nicht, die Batch sieht in so aus:

            <pre>
            nmake -f start.mak
            del *.exp
            del *.lib
            del *.obj
            </pre>

            <pre>
            OBJECTS = DSperre.obj
            DSperre.vxd: $(OBJECTS) DSperre.def
            LINK.EXE @<<
            -VXD -OUTSPerre.vxd
            -DEFSperre.def
            $(OBJECTS)
            <<
            .asm.obj:
            set ML=-coff -DBLD_COFF -DIS_32 -W2 -c -Cx -Zm -DMASM6
            ml -Fo$*.obj $<
            DSPerre.obj: DSperre.asm
            </pre>

            obwohl es damit nicht funktioniert hat, weil keine "nmake-Datei" vorhanden ist, habe ich folgendes ausgeführt mit dem Resultat der oben beschriebenen Fehlermeldungen:
            <pre>
            ml -coff -c -Cx -DMASM6 -DBLD_COFF -DIS_32 DSperre.asm |more
            <br>--> Fehlermeldungen...<br><br>
            soweit bin ich erst gar nicht gekommen:<br>
            link DSperre.obj /vxd /defSperre.def
            </pre>

            Was mache ich falsch?

            Tschüss..

            Comment

            • #7
              nmake ist ein Tool (u.a.) von VC.
              Es werden meist (fast immer) diverse Umgebungsvariablen abgefragt.<br>
              Wenn Du das Platform SDK installiert hast (und die Umgebungsvaribalen im Setup hast registrieren lassen), dann kannste einfach eine Bach per Link im Startmenu auswählen (Build Environment).<br>
              folgende Vars sollten überprüft werden:<br>
              - APPVER<br>
              - TARGETOS<br>
              - Basemake<br>
              - <b>INCLUDE</b><br>
              - MSDevDir<br>
              - MSVCDir<br>

              Gruß Nico

              PS: nmake sollte/muß im Pfad liegen (siehe Build Environment Batch

              Comment

              Previous template Next
              Working...
              X