Skip to content

Commit

Permalink
dev131
Browse files Browse the repository at this point in the history 
Snapshot 02 Apr 2023
  • Loading branch information
@hfiref0x
hfiref0x committed Apr 2, 2023
1 parent f912996 commit 1011f68
Show file tree
Hide file tree
Showing 48 changed files with 374 additions and 197 deletions.
96 changes: 48 additions & 48 deletions KDU.sha256
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,8 +35,8 @@ ea0d8d42a5e7d7fb908c52351f99c69f2019c105d07a1f536756691ab2a74174 *Source\Hamakaz
888a436b666b00592d29e8a2e82a9b5c7f0c1d4890aaab8cb2f623181ad07092 *Source\Hamakaze\ipcsvc.h
703feb7327733000bdcadbdc41a0c7a09f92f1f12ccec7ea3071c6371f60c23d *Source\Hamakaze\KDU.vcxproj
a62576fdaf4fa1fa3782427c9662c7708af81a81b5703ce8d1a5d3bb4d680bde *Source\Hamakaze\KDU.vcxproj.filters
7bbc22af4258dd85e73313ea3186e5beb84151b1be26c2952f7cc260577b3491 *Source\Hamakaze\KDU.vcxproj.user
f71d5285d2ae5f7adf6dc0c46829d5c2e3ef4e721cb5999ea8c000032520669b *Source\Hamakaze\kduplist.h
04fe01159c935053a0c30805e1abf3c70d3b90ade08b19c1f2f3f450df32851a *Source\Hamakaze\KDU.vcxproj.user
44c6b48838a2ef2bd79e97acc46bf7b74e685790809f8f1ccbfc132ce6a1c6f1 *Source\Hamakaze\kduplist.h
4622665b799f0b2a5c77f4dfafc250c4d882fc3105cf9306fc888f678cd8563b *Source\Hamakaze\kduprov.cpp
13a842b3bc62995ab8071ae56df74065d6a1388fcda66884012c6d8addb94055 *Source\Hamakaze\kduprov.h
ace87ca919d2502c47d147814808e42b892b38cf9092aa69a3dad5f44da05323 *Source\Hamakaze\main.cpp
Expand All @@ -49,11 +49,11 @@ eb15810b52b16482f3a3a679fbeed102257bfa0416243e74fce5b634daf9b074 *Source\Hamakaz
c617a2090e51738ba9aadff46c573fcf57caada21219ed673ee0f8998e35a831 *Source\Hamakaze\shellcode.cpp
87c7274c6e821eb447ec87b63b0a058c59f0e64f0c109cfc1d529fb8e2f25150 *Source\Hamakaze\shellcode.h
5428b9eb02810dbc4bfd715ec657ee35a5e61e53079c65f05e1eea4f8a6fa4a0 *Source\Hamakaze\shellmasm.asm
f93495e8f5392a72ff23563303cc5dd31bd6a9f9cdd05b5edc684ab601d3a310 *Source\Hamakaze\shellstager.lst
1bc7b331c4d2be8d2b7686fee741954aa7c44f9b63f2001d451bb9d4ac6c2b61 *Source\Hamakaze\shellstager.lst
879eea1c38c0c408e3634d0ed2eeae2b8b21e1040b4b0988ea4d802de0ecd21e *Source\Hamakaze\sig.h
7f97a97deea91390c87c759869e069635be6a329ffc941d53da86cfa0ecf1522 *Source\Hamakaze\sup.cpp
a13d8320351de7e0366dc935271be1e53bd0e69fa02f3141de67cbf71e5f3155 *Source\Hamakaze\sup.h
69fc5422986ab04061534187cd268026be3eba3f38600a3a7b173ee6314b7549 *Source\Hamakaze\tests.cpp
7929468c37342fe58f43d91214be46ac6018188de6b5c5e0fcaecc1dfd09f5f3 *Source\Hamakaze\sup.cpp
58f0b7340b1334a3d729090f26b88ef8d2ff093a1640f29d81c25eaca3c250fc *Source\Hamakaze\sup.h
89e7b0a0869019d84f610c94f1208e986c57d118931ee5ac3f2eb6c0490f5301 *Source\Hamakaze\tests.cpp
ad77ae168188a9748713ab5f7532447ca50a539fa8ebbec5ac86b273696b028e *Source\Hamakaze\tests.h
8046da85c2f9853496b369fa63fe1b89d47583d5367db4a49edfd9f52426e6d7 *Source\Hamakaze\victim.cpp
5b82accd00d244d77f107a7b8ff0253548a463e642976c36f76e85649e60fe8e *Source\Hamakaze\victim.h
Expand All @@ -70,7 +70,7 @@ b1350783a851e6345b880c8a5313e871d2249aa5524f41406c52fa62483f2229 *Source\Hamakaz
015a6aff991174a881650c61fe1b28c5bfe3116a02a32abe5295ff389c5b7099 *Source\Hamakaze\idrv\atszio.h
515a1a8dfc78af4f8a3a1c832140b033ebc1064386f716729d6e626cde1d590b *Source\Hamakaze\idrv\dbk.cpp
24f81b4fdc1b924a36c981fb175b2dccebd7d029d6caed85fb731b74b22c7386 *Source\Hamakaze\idrv\dbk.h
e7a1432ad47fb4d73d9300a6fdc2ae4fa2906821db327c028fdff15c660e4690 *Source\Hamakaze\idrv\dbutil.cpp
7dd872a81007d7309eca434241d2703b97993b63538dca0c14a2eb46ab5bef64 *Source\Hamakaze\idrv\dbutil.cpp
ad955406989b80564e7e4cc400721e62d6d5c193e22037b075e07dd616f3c845 *Source\Hamakaze\idrv\dbutil.h
791a4d40f3f5076d0e6ed47e7db972f448ccc78ca578c35f11db637962c868a5 *Source\Hamakaze\idrv\directio64.cpp
73a97fa34df9c0733981536f2079d1eab89bfaf36b4c5d0003cb87d504764ec3 *Source\Hamakaze\idrv\directio64.h
Expand Down Expand Up @@ -111,7 +111,7 @@ de7bdf0bd4acec31c963b916331399bce23c155e3002f0a8152a4a36af13faf8 *Source\Hamakaz
37b29350e54c8521ac5d6aab8c29cf21ab3ef91f82724ea275dab5fec0381836 *Source\Hamakaze\res\SB_SMBUS_SDK.bin
2fc5df446424283a11aadd3348fcf1c597f915671ef54767bd50a076998833ad *Source\Hamakaze\res\Taigei32.bin
1232f65b57bc8732ead29a730308f6c67bc53a2f9fafd47f8c7cc4b4f676a9e9 *Source\Hamakaze\utils\GenAsIo2Unlock.exe
ed4006b58c2034270ea2e754b974ab1e255d117ade38dd9e81a78a30243a91d5 *Source\Shared\consts.h
2e406ac57cead150f2be8ca52628c36261d5148f16aa83704ce84c20fad70758 *Source\Shared\consts.h
f1122c2a5b1aedef180b0f28b61710cf1260d0a13f89bf60f1aa971106b20fc4 *Source\Shared\kdubase.h
e0ba365c8aa8e66fddd0f28bca4b827725911480fdcd968df2792c370f13ef42 *Source\Shared\ldr\ldr.cpp
37003367e625e218bf7e4c22850ac7d2efe926a6a832d29bc20a9f8b19a479af *Source\Shared\ldr\ldr.h
Expand Down Expand Up @@ -154,50 +154,50 @@ d563bd3017a274175ca6b7e8f93333a3e3ec096d1f3034acfa4e17d8b2420c99 *Source\Taigei\
c06a75b13f855a94d46616796e024c52b499f8f92cf00ccb571ddbc6ff574676 *Source\Taigei\Taigei.vcxproj.user
9e82ce97464b666dad14ffde32e5450a0974d1194ca68cd10e9b2611599dfc28 *Source\Tanikaze\export.def
5bbbcc6c275008ffdd765a3fa53ed3e4ae16ea51bf6ae66c2271f6f065ba0525 *Source\Tanikaze\main.cpp
8daf6cb5b74792712db6c7ded2328cd297b987870e84754edbdc52d43fc6d88e *Source\Tanikaze\resource.h
9fbf52142a304577ff4155e7c958def354b9ce145faa9f5501f9387822cd1630 *Source\Tanikaze\resource.rc
d0a290dd0dc73de74f21d0a06d5418e3e427af92abb297962bc183554906382e *Source\Tanikaze\tanikaze.h
ef7f71aa9e35fe4c6cc3c86236899c5eea285e97ecf47d28fd1cad5a82ae2aac *Source\Tanikaze\resource.h
daf30fb26aec2d7cd6aadb958a03017e9936bde412ba93a51ee83e933f2c2531 *Source\Tanikaze\resource.rc
37b48dc757b3d22a401c9566e38353b70d41e4ce25ebbe1543f3badedc6bdbe0 *Source\Tanikaze\tanikaze.h
ff036adba02e6fc3b28b9d19a2db5b4004a2973bead146470132a4782e58cdeb *Source\Tanikaze\Tanikaze.vcxproj
c17934d2254a6965a6a8f08ed5572e8ca8f2a5e319c126bd02435e2a5e7aebfe *Source\Tanikaze\Tanikaze.vcxproj.filters
c06a75b13f855a94d46616796e024c52b499f8f92cf00ccb571ddbc6ff574676 *Source\Tanikaze\Tanikaze.vcxproj.user
e5b34092e5966007527d8947c0ca7fd2743d15ef33dcbfa6350ccf4f25a39e2c *Source\Tanikaze\data\AsusCertService.bin
bf28fc1cf75228c4444d64505f45d064c963360ecfac030eeed61d07c71adb15 *Source\Tanikaze\data\dbutilcat.bin
4c1ba3e30bbe1948f54ee9dd531cb92e968d9a3c2bbd1ed22bdef17f0e7b3530 *Source\Tanikaze\data\dbutilinf.bin
5ad7c9ad80c6cf4511045502e7f3d8da401330baee1b998f39b3f1c73035e3fc *Source\Tanikaze\data\KMUEXE.bin
f8d9c5e43d7773acf0377ebbf37f579627bf071535e9c0a38b7fda1649c750ef *Source\Tanikaze\data\KMUSIG.bin
475a31cc31b610fc3c0c5fafb702db57317eac7114b298e80c472759cf872bda *Source\Tanikaze\drv\ALSysIO64.bin
9037d39509d73a7cf38ed40ece7f07dc4511e8eb47f4dcd6be53b9d251eb5a20 *Source\Tanikaze\drv\AMDRyzenMasterDriver.bin
be1350c61d6cffca82513ee2fc171bae05d21504079498a99b36a42e3d9f5c0b *Source\Tanikaze\drv\amsdk.bin
a4dfa521372c860c2fec697fb812b11c235059ebe0d7d67b177d18c94fb9d5f5 *Source\Tanikaze\drv\asio2.bin
d3f56d7e3152bcc6aa32ab7362cab2b2558455ca46aed303358c0563d5131958 *Source\Tanikaze\drv\AsIO3.bin
f35ca639b8401dffd10aae08c2a79d0dfcb2709d4088ad222381e92a2decd048 *Source\Tanikaze\drv\AsrDrv106.bin
207cd5287d1de9d2a67c0a8bfe1d60a6352044a74dbf60cfa67c6ab75c727259 *Source\Tanikaze\drv\ATSZIO64.bin
5e46458eff1cbba96b51d96edf2e83e56a412c91529d19c5ac7e4fda48068252 *Source\Tanikaze\drv\dbk64.bin
bbc4aef5747452a8f1f25e56ed4dd0d4e0e974de2fbe30f46c6c2e1f75569e3e *Source\Tanikaze\drv\DbUtil2_3.bin
6f654ce6fc41913707076409fd1847595ecb5a3c17fffb93ff9cce54261310ec *Source\Tanikaze\drv\dbutildrv2.bin
7bd7a152edbf57d34543e296455fda492e6ebbe7576cdad3b4b83ee68df34e4e *Source\Tanikaze\drv\DirectIo64.bin
4374308cca737db252ce897db1e3902acf105b59127c2a636789461d4992303d *Source\Tanikaze\drv\DirectIo64_2.bin
82ae0b60cfb1db183e11b2dd780616667f599e8cddcb10b0682b0d5fc3d0d934 *Source\Tanikaze\drv\ene2.bin
fd0e0357a6ec0f478f28f9e7edcdab4de3c1afdd60ddc2595b404c778eec0f77 *Source\Tanikaze\drv\EneIo64.bin
dd2ddd096b6fe4478d8faadc4646b85e02bd9ccd8d8611764a04bcca69ab0f38 *Source\Tanikaze\drv\EneTechIo64.bin
d01ab171487a56241bbc424b7e62766e1e2ffe474b588c3dfce08ae533bf1a50 *Source\Tanikaze\drv\gdrv.bin
a34ccc9d93d53fb7e43cdf7448211d67ddf3ec7fc8ee50994d45ce42fa5be9fe *Source\Tanikaze\drv\GLCKIO2.bin
df434c67e2e11b5e507d1fd96724c8e25a2fd1ee953ec229546ec07199d39a98 *Source\Tanikaze\drv\gmerdrv.bin
04996fd18302bc54f2727c1443e52cc15bdf8ecfbdda3368d0af84dc9b7c7c6d *Source\Tanikaze\drv\HW64.bin
19f5b948413d487fe1268dc44192e18c38b1c912077d5c22a6bc9e75859837f2 *Source\Tanikaze\drv\inpoutx64.bin
1e4ad240ffc5dca1ba78b17128506192e81793d21e114bdde940f9d7323023fd *Source\Tanikaze\drv\iQVM64.bin
3d525411632c8bc5d8fb6dd002d5cf16e2db21568642933a88a51e1e8633b506 *Source\Tanikaze\drv\kprocesshacker.bin
bddab9fc551c94a4254c4bb532223254f9f922c3586350ae6ba5d5ce46f4c338 *Source\Tanikaze\drv\lha.bin
328a955462eb3cb7afe5961a44703084e0a185a734faaff84e5b74e13a994732 *Source\Tanikaze\drv\mimidrv.bin
ab27dcd20a3a8a7b9c59767c2cddc176076f3bed4d639a93ac7bfd60f3d0e540 *Source\Tanikaze\drv\MsIo64.bin
66e6f0931f5796381704e9352b6f5c9b4b779bf224ab0f24ca2c7cd2204b661f *Source\Tanikaze\drv\Phymemx64.bin
e4537e65c80490987d400c6b4929ffc830c187c399ed72eb31a4f290c5dbec44 *Source\Tanikaze\drv\physmem.bin
8db0eaf0acadcf6f38d1b0d6f2d6b8542ec5ebaca730f177e644aac96a37526c *Source\Tanikaze\drv\procexp1627.bin
44ef6ddbb1a0ce9eef4cc573ee1e470836533600a4e443702468e052ba9d5ce5 *Source\Tanikaze\drv\procexp1702.bin
e2d4af8b8585d062f7c0ea90c94f94c1fcaefa8654f676b7becda0e554ca8779 *Source\Tanikaze\drv\RTCore64.bin
69f688c2479a955ee8e8e00475e2d2ba3c75d774e33f3443b0bbe27b1ab7e3e6 *Source\Tanikaze\drv\rtkio64.bin
9ef4ffcedee2f85c105b5a4e4fd394ddf5f91b1d50b35904f6ce496bed62ea88 *Source\Tanikaze\drv\SysDrv3S.bin
9075e85a4e4bc2c0ac3e40ec9c79e72eb1944a078dd0dc6a1fbb0ca0772489b4 *Source\Tanikaze\drv\WinRing0x64.bin
ec0b9df05af21c1749b8238a57060dd16fcfe49a97249270808681e636c5e4db *Source\Tanikaze\data\dbutilcat.bin
a509b58edbc20220f3c114212d228bc6296ea8eca3bca9344769af02b66c3f4b *Source\Tanikaze\data\dbutilinf.bin
1662d97595d9d4d32a8a6a5b6801612a0450cef01756abe6f99d079341319237 *Source\Tanikaze\data\KMUEXE.bin
a0c2ea8464afc3969054fb04f06d98102db43649558dc2df79159751584dfead *Source\Tanikaze\data\KMUSIG.bin
f94318863badfad0f1a8b8558cc82b1ba3bd6b4c35e5caa2010b609a9fb0a03a *Source\Tanikaze\drv\ALSysIO64.bin
fd3665bc7bf696f273c50db4dda3880d127e9532c2e39c7293b7aab7fb1ecea5 *Source\Tanikaze\drv\AMDRyzenMasterDriver.bin
75d46cc0362ebe030d8b57cc2fdfe990606037b59b3386ba4e91672d06cac916 *Source\Tanikaze\drv\amsdk.bin
279e75873431e6f5c0e6853a375d6870e4ece5641b0bf9814017cface0d1c578 *Source\Tanikaze\drv\asio2.bin
187343106e9a05ea326c6578c8617374db70074fe32cd645da6b444a8036ad9a *Source\Tanikaze\drv\AsIO3.bin
fcd17394501e63bdc918806ca677f8534164f6fc28a28512b8fd7e9e4ee00d06 *Source\Tanikaze\drv\AsrDrv106.bin
0376954771a6534516af9ddbf804043f3f82f49ecddce4bbe0eb9a3d48075c7a *Source\Tanikaze\drv\ATSZIO64.bin
9a0bf9ad5b6d8dab2c53ab025123bc940dffca43e1b77d02729f0cd61a320b10 *Source\Tanikaze\drv\dbk64.bin
73498474fc1c04abcac26bfee8db3a8fd09a6f4fa7d4e71b0acf4a24f9879381 *Source\Tanikaze\drv\DbUtil2_3.bin
b1a859a47da2d59ad86e19c5b380f20ae0d1164d1b0066847975f05e9d1f2fbd *Source\Tanikaze\drv\dbutildrv2.bin
8056321efe412aa1c1c890da741802f46daf1efd317ddf67314df0eba5c252be *Source\Tanikaze\drv\DirectIo64.bin
81d0c7dcfe8f305fd9084c2773b632c31ddf9c1f34daa7cae2f8f1ffd8663dc5 *Source\Tanikaze\drv\DirectIo64_2.bin
3876324d04df46b0f12d828fe96dd62fcd5d23d6f149d69e05c250f68f1b7fbe *Source\Tanikaze\drv\ene2.bin
f278ab9dde1659cc525c0c41c9424a403105e004a522632c4516b7bf1ec3d0e8 *Source\Tanikaze\drv\EneIo64.bin
7de6460e55e84d73815e3920a8672cccc6e7672c5a44217a1ddcb46ed2c3c474 *Source\Tanikaze\drv\EneTechIo64.bin
60eff111c90ed2fc16dc854da061f2c6319bb3364ce9f885fca20e9c56f5b047 *Source\Tanikaze\drv\gdrv.bin
c5b651bac36a7d439227af2232be397328d57e75599f32add57f4a11277a219a *Source\Tanikaze\drv\GLCKIO2.bin
6c1a166fa64c81d501ad508d41caea5dbf2e958b39ddd55c5cdc012750dfdb90 *Source\Tanikaze\drv\gmerdrv.bin
f38ba0267d978e1479ef5fc53678f04ff168956a8c800320879e3abf7c2d1ed5 *Source\Tanikaze\drv\HW64.bin
5ea549a1c527061ce433b876ef5ae841742ac54b5062867cd6c92852a0ee2912 *Source\Tanikaze\drv\inpoutx64.bin
9a3a6a2b2975501f989db56cff08a1ad265d96eec74e1a4a2561132b89b06ed0 *Source\Tanikaze\drv\iQVM64.bin
c86bcfa653d710e408d83c51319ac0649f51e15989e5136b91acfcbcc14ab655 *Source\Tanikaze\drv\kprocesshacker.bin
3823ac66c6c0659d31799bee32d976bcfbb80130b400b8be46ca4c9077672d6a *Source\Tanikaze\drv\lha.bin
9c79ef52aa8ea6040c00de76bb834ddb77a8c28c3d8c66b72de33239f2434992 *Source\Tanikaze\drv\mimidrv.bin
06aa822cebff0de0b36722390ee8cef47b1bb5db28a400ed506a4c197b3f4031 *Source\Tanikaze\drv\MsIo64.bin
387fd9ee1897f2efd38251771e403782958a908cc89ab76ed914508d67c768ba *Source\Tanikaze\drv\Phymemx64.bin
65bd88afaa388fe875bcc2bf74916ee15a1788e7c6a0ff29f06dd64401f6b892 *Source\Tanikaze\drv\physmem.bin
da50b62ddb5f8fe18edb2cb6ee1b597221eb7e29e349f0a690b8896dc279abc0 *Source\Tanikaze\drv\procexp1627.bin
fb4d3395a4faf996b41d73fffdff92bf56c06b5ba8eabcbfe64976d635b0dcc4 *Source\Tanikaze\drv\procexp1702.bin
043751f0684e9f1618435c471fcb7a2f5d260e8b4870d877dc1d53c646373d12 *Source\Tanikaze\drv\RTCore64.bin
169f51be2286a3e1cba9eef404ea6d71cdf7a4e8c62a00632a2ef0e695dc3408 *Source\Tanikaze\drv\rtkio64.bin
e6a14e0f4ab8fe6d03fc630428a8ee4b40d3d036a26e135e8ff5459ceaa3ea5d *Source\Tanikaze\drv\SysDrv3S.bin
722bb649f6174e8b7aa03f956e22fb700d8ce0e5931acee3019dcb49dce3dad4 *Source\Tanikaze\drv\WinRing0x64.bin
bf86c929ee9ee2bb88187e1d82bcddfe83375c73e6787b83a7e414dff691e35b *Source\Utils\readme.txt
c776bc97ee2fbe48d3e148bb37c887862e6de212d4391d6df9b5f149e40ed223 *Source\Utils\GenAsIo2Unlock\GenAsIo2Unlock.sln
c4a28bc43a63a40ff2d8699fa261ee1ced6783d199043484ea7921e8d078ea08 *Source\Utils\GenAsIo2Unlock\GenAsIo2Unlock.vcxproj
Expand Down
4 changes: 2 additions & 2 deletions Source/Hamakaze/KDU.vcxproj.user
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<LocalDebuggerCommandArguments>-prv 30 -map c:\install\dummy2.sys</LocalDebuggerCommandArguments>
<LocalDebuggerCommandArguments>-test</LocalDebuggerCommandArguments>
<DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<LocalDebuggerCommandArguments>-prv 30 -map c:\install\dummy2.sys</LocalDebuggerCommandArguments>
<LocalDebuggerCommandArguments>-prv 20 -map c:\makeexe\kdu\bin\dummy2.sys</LocalDebuggerCommandArguments>
<DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
</PropertyGroup>
</Project>
129 changes: 19 additions & 110 deletions Source/Hamakaze/idrv/dbutil.cpp
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
/*******************************************************************************
*
* (C) COPYRIGHT AUTHORS, 2022
* (C) COPYRIGHT AUTHORS, 2022 - 2023
*
* TITLE: DBUTIL.CPP
*
* VERSION: 1.27
* VERSION: 1.31
*
* DATE: 14 Nov 2022
* DATE: 24 Mar 2023
*
* Dell BIOS Utility driver routines.
*
Expand All @@ -21,113 +21,11 @@
#include "idrv/dbutil.h"

WCHAR g_DbUtilHardwareId[] = { L'R', L'O', L'O', L'T', L'\\', L'D', L'B', L'U', L't', L'i', L'l', L'D', L'r', L'v', L'2', 0, 0, 0, 0 };
HDEVINFO g_DbUtilDevInfo = NULL;
SP_DEVINFO_DATA g_DbUtilDevInfoData;

#define DBUTILCAT_FILE TEXT("dbutildrv2.cat")
#define DBUTILINF_FILE TEXT("dbutildrv2.inf")

/*
* DbUtilManageFiles
*
* Purpose:
*
* Drop or remove required files from disk in the current process directory.
*
*/
BOOL DbUtilManageFiles(
_In_ KDU_CONTEXT* Context,
_In_ BOOLEAN DoInstall
)
{
BOOL bResult = FALSE;
LPWSTR lpEnd;
LPWSTR lpFileName;

PUNICODE_STRING CurrentDirectory = &NtCurrentPeb()->ProcessParameters->CurrentDirectory.DosPath;
SIZE_T allocSize = 64 +
((_strlen(DBUTILCAT_FILE) + _strlen(DBUTILINF_FILE)) * sizeof(WCHAR)) +
CurrentDirectory->Length;

ULONG length, lastError = ERROR_SUCCESS;

if (DoInstall) {

//
// Drop DbUtilDrv2.
//
if (!KDUProvExtractVulnerableDriver(Context)) {
SetLastError(ERROR_INTERNAL_ERROR);
return FALSE;
}

//
// Drop cat and inf files.
//
lpFileName = (LPWSTR)supHeapAlloc(allocSize);
if (lpFileName) {

length = CurrentDirectory->Length / sizeof(WCHAR);

_strncpy(lpFileName,
length,
CurrentDirectory->Buffer,
length);

lpEnd = _strcat(lpFileName, L"\\");
_strcat(lpFileName, DBUTILCAT_FILE);
if (supExtractFileFromDB(Context->ModuleBase, lpFileName, IDR_DATA_DBUTILCAT)) {
*lpEnd = 0;
_strcat(lpFileName, DBUTILINF_FILE);
if (supExtractFileFromDB(Context->ModuleBase, lpFileName, IDR_DATA_DBUTILINF)) {

g_DbUtilDevInfo = NULL;

bResult = supSetupInstallDriverFromInf(lpFileName,
(PBYTE)&g_DbUtilHardwareId,
sizeof(g_DbUtilHardwareId),
&g_DbUtilDevInfo,
&g_DbUtilDevInfoData);

if (!bResult)
lastError = GetLastError();

}
}

supHeapFree(lpFileName);
}
}
else {

lpFileName = (LPWSTR)supHeapAlloc(allocSize);
if (lpFileName) {

length = CurrentDirectory->Length / sizeof(WCHAR);

_strncpy(lpFileName,
length,
CurrentDirectory->Buffer,
length);

lpEnd = _strcat(lpFileName, L"\\");
_strcat(lpFileName, DBUTILCAT_FILE);
DeleteFile(lpFileName);

*lpEnd = 0;

_strcat(lpFileName, DBUTILINF_FILE);
DeleteFile(lpFileName);

supHeapFree(lpFileName);
bResult = TRUE;
}

}

SetLastError(lastError);
return bResult;
}
SUP_SETUP_DRVPKG g_DbUtilPackage;

/*
* DbUtilStartVulnerableDriver
Expand Down Expand Up @@ -160,9 +58,20 @@ BOOL DbUtilStartVulnerableDriver(
//
// Driver is not loaded, load it.
//
RtlSecureZeroMemory(&g_DbUtilDevInfoData, sizeof(g_DbUtilDevInfoData));
bLoaded = DbUtilManageFiles(Context, TRUE);
RtlSecureZeroMemory(&g_DbUtilPackage, sizeof(g_DbUtilPackage));

g_DbUtilPackage.CatalogFile = DBUTILCAT_FILE;
g_DbUtilPackage.CatalogFileResourceId = IDR_DATA_DBUTILCAT;

g_DbUtilPackage.InfFile = DBUTILINF_FILE;
g_DbUtilPackage.InfFileResourceId = IDR_DATA_DBUTILINF;

g_DbUtilPackage.Hwid = (BYTE*)&g_DbUtilHardwareId;
g_DbUtilPackage.HwidLength = sizeof(g_DbUtilHardwareId);

g_DbUtilPackage.InstallFlags = INSTALLFLAG_FORCE | INSTALLFLAG_NONINTERACTIVE;

bLoaded = supSetupManageDriverPackage(Context, TRUE, &g_DbUtilPackage);
}

//
Expand Down Expand Up @@ -194,8 +103,8 @@ VOID DbUtilStopVulnerableDriver(
{
LPWSTR lpFullFileName = Context->DriverFileName;

supSetupRemoveDriver(g_DbUtilDevInfo, &g_DbUtilDevInfoData);
DbUtilManageFiles(Context, FALSE);
supSetupRemoveDriver(g_DbUtilPackage.DeviceInfo, &g_DbUtilPackage.DeviceInfoData);
supSetupManageDriverPackage(Context, FALSE, &g_DbUtilPackage);

if (supDeleteFileWithWait(1000, 5, lpFullFileName))
printf_s("[+] Vulnerable driver file removed\r\n");
Expand Down
4 changes: 2 additions & 2 deletions Source/Hamakaze/kduplist.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,9 @@
*
* TITLE: KDUPLIST.H
*
* VERSION: 1.30
* VERSION: 1.31
*
* DATE: 21 Mar 2023
* DATE: 24 Mar 2023
*
* Providers global list.
*
Expand Down
Loading

0 comments on commit 1011f68

Please sign in to comment.