Optimize kernel code, UI enhanced

onlyJinx · Aug 3, 2020 · 746f73a · 746f73a
1 parent f0f82f0
commit 746f73a
Show file tree

Hide file tree

Showing 12 changed files with 1,259 additions and 693 deletions.
diff --git a/src/OpenArk/OpenArk.vcxproj b/src/OpenArk/OpenArk.vcxproj
@@ -316,6 +316,7 @@
     <ClCompile Include="utilities\utilities.cpp" />
   </ItemGroup>
   <ItemGroup>
+    <QtUic Include="res\ui\memory-rw.ui" />
     <QtUic Include="ui\about.ui" />
     <QtUic Include="ui\bundler.ui" />
     <QtUic Include="ui\coderkit.ui" />
@@ -371,7 +372,12 @@
     <QtMoc Include="kernel\kernel.h" />
     <ClInclude Include="GeneratedFiles\ui_reverse.h" />
     <ClInclude Include="GeneratedFiles\ui_utilities.h" />
-    <ClInclude Include="kernel\driver\driver.h" />
+    <QtMoc Include="kernel\driver\driver.h">
+      <IncludePath Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">.\GeneratedFiles;.;$(QTDIR)\include;.\GeneratedFiles\$(ConfigurationName);$(QTDIR)\include\QtCore;$(QTDIR)\include\QtGui;$(QTDIR)\include\QtANGLE;$(QTDIR)\include\QtNetwork;$(QTDIR)\include\QtWidgets;$(QTDIR)\include\QtUiTools</IncludePath>
+      <IncludePath Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">.\GeneratedFiles;.;$(QTDIR)\include;.\GeneratedFiles\$(ConfigurationName);$(QTDIR)\include\QtCore;$(QTDIR)\include\QtGui;$(QTDIR)\include\QtANGLE;$(QTDIR)\include\QtNetwork;$(QTDIR)\include\QtWidgets;$(QTDIR)\include\QtUiTools</IncludePath>
+      <IncludePath Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">.\GeneratedFiles;.;$(QTDIR)\include;.\GeneratedFiles\$(ConfigurationName);$(QTDIR)\include\QtCore;$(QTDIR)\include\QtGui;$(QTDIR)\include\QtANGLE;$(QTDIR)\include\QtNetwork;$(QTDIR)\include\QtWidgets;$(QTDIR)\include\QtUiTools</IncludePath>
+      <IncludePath Condition="'$(Configuration)|$(Platform)'=='Release|x64'">.\GeneratedFiles;.;$(QTDIR)\include;.\GeneratedFiles\$(ConfigurationName);$(QTDIR)\include\QtCore;$(QTDIR)\include\QtGui;$(QTDIR)\include\QtANGLE;$(QTDIR)\include\QtNetwork;$(QTDIR)\include\QtWidgets;$(QTDIR)\include\QtUiTools</IncludePath>
+    </QtMoc>
     <QtMoc Include="kernel\network\network.h">
       <IncludePath Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">.\GeneratedFiles;.;$(QTDIR)\include;.\GeneratedFiles\$(ConfigurationName);$(QTDIR)\include\QtCore;$(QTDIR)\include\QtGui;$(QTDIR)\include\QtANGLE;$(QTDIR)\include\QtNetwork;$(QTDIR)\include\QtWidgets</IncludePath>
       <IncludePath Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">.\GeneratedFiles;.;$(QTDIR)\include;.\GeneratedFiles\$(ConfigurationName);$(QTDIR)\include\QtCore;$(QTDIR)\include\QtGui;$(QTDIR)\include\QtANGLE;$(QTDIR)\include\QtNetwork;$(QTDIR)\include\QtWidgets</IncludePath>

diff --git a/src/OpenArk/OpenArk.vcxproj.filters b/src/OpenArk/OpenArk.vcxproj.filters
@@ -329,6 +329,9 @@
     <QtMoc Include="kernel\memory\memory.h">
       <Filter>kernel\memory</Filter>
     </QtMoc>
+    <QtMoc Include="kernel\driver\driver.h">
+      <Filter>kernel\driver</Filter>
+    </QtMoc>
   </ItemGroup>
   <ItemGroup>
     <QtUic Include="ui\process-mgr.ui">
@@ -367,6 +370,9 @@
     <QtUic Include="ui\reverse.ui">
       <Filter>ui</Filter>
     </QtUic>
+    <QtUic Include="res\ui\memory-rw.ui">
+      <Filter>ui</Filter>
+    </QtUic>
   </ItemGroup>
   <ItemGroup>
     <ClInclude Include="GeneratedFiles\ui_about.h">
@@ -441,9 +447,6 @@
     <ClInclude Include="res\resource.h">
       <Filter>res</Filter>
     </ClInclude>
-    <ClInclude Include="kernel\driver\driver.h">
-      <Filter>kernel\driver</Filter>
-    </ClInclude>
     <ClInclude Include="kernel\notify\notify.h">
       <Filter>kernel\notify</Filter>
     </ClInclude>

diff --git a/src/OpenArk/common/ui-wrapper/ui-wrapper.h b/src/OpenArk/common/ui-wrapper/ui-wrapper.h
@@ -63,7 +63,7 @@ public slots:
 	QTabWidget *tabwidget_;
 };
 
-class CommonTabObject : public QObject {
+class CommonTabObject : public QWidget {
 	Q_OBJECT
 
 public:
@@ -94,6 +94,6 @@ public slots:
 	};
 	int maintab_id_;
 	int l2tab_id_;
-
+	
 	QTabWidget *tabwidget_;
 };
diff --git a/src/OpenArk/kernel/driver/driver.cpp b/src/OpenArk/kernel/driver/driver.cpp
@@ -21,6 +21,261 @@
 #include "Wincrypt.h"  
 #pragma comment(lib, "Crypt32.lib")
 
+struct {
+	int s = 0;
+	int name = s++;
+	int base = s++;
+	int path = s++;
+	int number = s++;
+	int desc = s++;
+	int ver = s++;
+	int corp = s++;
+} DRV;
+
+bool DriversSortFilterProxyModel::lessThan(const QModelIndex &left, const QModelIndex &right) const
+{
+	bool ok;
+	auto s1 = sourceModel()->data(left); auto s2 = sourceModel()->data(right);
+	auto column = left.column();
+	if ((column == DRV.base || column == DRV.number))
+		return s1.toString().toULongLong(&ok, 16) < s2.toString().toULongLong(&ok, 16);
+	return QString::compare(s1.toString(), s2.toString(), Qt::CaseInsensitive) < 0;
+}
+
+KernelDriver::KernelDriver()
+{
+
+}
+
+KernelDriver::~KernelDriver()
+{
+
+}
+
+void KernelDriver::onTabChanged(int index)
+{
+	switch (index) {
+	case TAB_KERNEL_DRIVERS:
+		ShowDrivers();
+		break;
+	default:
+		break;
+	}
+}
+
+bool KernelDriver::eventFilter(QObject *obj, QEvent *e)
+{
+	if (e->type() == QEvent::ContextMenu) {
+		QMenu *menu = nullptr;
+		if (obj == ui->driverView->viewport()) menu = drivers_menu_;
+		QContextMenuEvent *ctxevt = dynamic_cast<QContextMenuEvent*>(e);
+		if (ctxevt && menu) {
+			menu->move(ctxevt->globalPos());
+			menu->show();
+		}
+	}
+	return QWidget::eventFilter(obj, e);
+}
+
+void KernelDriver::ModuleInit(Ui::Kernel *mainui, Kernel *kernel)
+{
+	this->ui = mainui;
+	this->kernel_ = kernel;
+
+	Init(ui->tabDriver, TAB_KERNEL, KernelTabMemory);
+
+	InitDriversView();
+	InitDriverKitView();
+}
+
+void KernelDriver::InitDriversView()
+{
+	drivers_model_ = new QStandardItemModel;
+	QTreeView *view = ui->driverView;
+	proxy_drivers_ = new DriversSortFilterProxyModel(view);
+	proxy_drivers_->setSourceModel(drivers_model_);
+	proxy_drivers_->setDynamicSortFilter(true);
+	proxy_drivers_->setFilterKeyColumn(1);
+	view->setModel(proxy_drivers_);
+	view->selectionModel()->setModel(proxy_drivers_);
+	view->header()->setSortIndicator(-1, Qt::AscendingOrder);
+	view->setSortingEnabled(true);
+	view->viewport()->installEventFilter(this);
+	view->installEventFilter(this);
+	drivers_model_->setHorizontalHeaderLabels(QStringList() << tr("Name") << tr("Base") << tr("Path") << tr("Number") << tr("Description") << tr("Version") << tr("Company"));
+	view->setColumnWidth(DRV.name, 138);
+	view->setColumnWidth(DRV.base, 135);
+	view->setColumnWidth(DRV.path, 285);
+	view->setColumnWidth(DRV.number, 60);
+	view->setColumnWidth(DRV.desc, 180);
+	//dview->setColumnWidth(DRV.corp, 155);
+	view->setColumnWidth(DRV.ver, 120);
+	view->setEditTriggers(QAbstractItemView::NoEditTriggers);
+	drivers_menu_ = new QMenu();
+	drivers_menu_->addAction(tr("Refresh"), this, [&] { ShowDrivers(); });
+	drivers_menu_->addAction(tr("Copy"), this, [&] {
+		ClipboardCopyData(DriversItemData(GetCurViewColumn(ui->driverView)).toStdString());
+	});
+	drivers_menu_->addAction(tr("Sendto Scanner"), this, [&] {
+		kernel_->GetParent()->SetActiveTab(TAB_SCANNER);
+		emit kernel_->signalOpen(DriversItemData(DRV.path));
+	});
+	drivers_menu_->addAction(tr("Explore File"), this, [&] {
+		ExploreFile(DriversItemData(DRV.path));
+	});
+	drivers_menu_->addAction(tr("Properties..."), this, [&] {
+		WinShowProperties(DriversItemData(DRV.path).toStdWString());
+	});
+}
+
+void KernelDriver::InitDriverKitView()
+{
+	connect(ui->browseBtn, &QPushButton::clicked, this, [&]() {
+		QString file = QFileDialog::getOpenFileName(kernel_, tr("Open File"), "", tr("Driver Files (*.sys);;All Files (*.*)"));
+		kernel_->onOpenFile(file);
+	});
+	connect(ui->signBtn, SIGNAL(clicked()), this, SLOT(onSignDriver()));
+	connect(ui->installNormallyBtn, SIGNAL(clicked()), this, SLOT(onInstallNormallyDriver()));
+	connect(ui->installUnsignedBtn, SIGNAL(clicked()), this, SLOT(onInstallUnsignedDriver()));
+	connect(ui->installExpiredBtn, SIGNAL(clicked()), this, SLOT(onInstallExpiredDriver()));
+	connect(ui->uninstallBtn, SIGNAL(clicked()), this, SLOT(onUninstallDriver()));
+	connect(this, SIGNAL(signalOpen(QString)), kernel_->GetParent(), SLOT(onOpen(QString)));
+}
+
+
+void KernelDriver::onSignDriver()
+{
+	QString driver = ui->driverFileEdit->text();
+	if (SignExpiredDriver(driver)) {
+		ui->infoLabel->setText(tr("Sign ok..."));
+		ui->infoLabel->setStyleSheet("color:green");
+	}
+	else {
+		ui->infoLabel->setText(tr("Sign failed, open console window to view detail..."));
+		ui->infoLabel->setStyleSheet("color:red");
+	}
+}
+
+void KernelDriver::onInstallNormallyDriver()
+{
+	if (InstallDriver(ui->driverFileEdit->text(), ui->serviceEdit->text())) {
+		ui->infoLabel->setText(tr("Install ok..."));
+		ui->infoLabel->setStyleSheet("color:green");
+	}
+	else {
+		ui->infoLabel->setText(tr("Install failed, open console window to view detail..."));
+		ui->infoLabel->setStyleSheet("color:red");
+	}
+}
+
+void KernelDriver::onInstallUnsignedDriver()
+{
+	onSignDriver();
+	RECOVER_SIGN_TIME();
+	onInstallNormallyDriver();
+}
+
+void KernelDriver::onInstallExpiredDriver()
+{
+	RECOVER_SIGN_TIME();
+	onInstallNormallyDriver();
+}
+
+void KernelDriver::onUninstallDriver()
+{
+	if (UninstallDriver(ui->serviceEdit->text())) {
+		ui->infoLabel->setText(tr("Uninstall ok..."));
+		ui->infoLabel->setStyleSheet("color:green");
+	}
+	else {
+		ui->infoLabel->setText(tr("Uninstall failed, open console window to view detail..."));
+		ui->infoLabel->setStyleSheet("color:red");
+	}
+}
+
+bool KernelDriver::InstallDriver(QString driver, QString name)
+{
+	if (driver.isEmpty()) {
+		QERR_W("driver path is empty");
+		return false;
+	}
+	auto &&path = driver.toStdWString();
+	return UNONE::ObLoadDriverW(path, name.toStdWString());
+}
+
+bool KernelDriver::UninstallDriver(QString service)
+{
+	if (service.isEmpty()) {
+		QERR_W("service is empty");
+		return false;
+	}
+	return UNONE::ObUnloadDriverW(service.toStdWString());
+}
+
+void KernelDriver::ShowDrivers()
+{
+	DISABLE_RECOVER();
+	ClearItemModelData(drivers_model_, 0);
+
+	std::vector<LPVOID> drivers;
+	UNONE::ObGetDriverList(drivers);
+	int number = 0;
+	for (auto d : drivers) {
+		static int major = UNONE::OsMajorVer();
+		auto &&w_path = UNONE::ObGetDriverPathW(d);
+		if (major <= 5) {
+			if (UNONE::StrIndexIW(w_path, L"\\Windows") == 0) {
+				static auto &&drive = UNONE::OsEnvironmentW(L"%SystemDrive%");
+				w_path = drive + w_path;
+			}
+			else if (w_path.find(L'\\') == std::wstring::npos && w_path.find(L'/') == std::wstring::npos) {
+				static auto &&driverdir = UNONE::OsSystem32DirW() + L"\\drivers\\";
+				w_path = driverdir + w_path;
+			}
+		}
+
+		auto &&path = WStrToQ(w_path);
+		auto &&name = WStrToQ(UNONE::ObGetDriverNameW(d));
+
+		bool microsoft = true;
+		bool existed = true;
+		auto info = CacheGetFileBaseInfo(path);
+		if (info.desc.isEmpty()) {
+			if (!UNONE::FsIsExistedW(info.path.toStdWString())) {
+				info.desc = tr("[-] Driver file not existed!");
+				existed = false;
+			}
+		}
+		if (!info.corp.contains("Microsoft", Qt::CaseInsensitive)) { microsoft = false; }
+
+		auto name_item = new QStandardItem(name);
+		auto base_item = new QStandardItem(WStrToQ(UNONE::StrFormatW(L"0x%p", d)));
+		auto path_item = new QStandardItem(path);
+		auto number_item = new QStandardItem(QString("%1").arg(number));
+		auto desc_item = new QStandardItem(info.desc);
+		auto ver_item = new QStandardItem(info.ver);
+		auto corp_item = new QStandardItem(info.corp);
+
+		auto count = drivers_model_->rowCount();
+		drivers_model_->setItem(count, DRV.name, name_item);
+		drivers_model_->setItem(count, DRV.base, base_item);
+		drivers_model_->setItem(count, DRV.path, path_item);
+		drivers_model_->setItem(count, DRV.number, number_item);
+		drivers_model_->setItem(count, DRV.desc, desc_item);
+		drivers_model_->setItem(count, DRV.ver, ver_item);
+		drivers_model_->setItem(count, DRV.corp, corp_item);
+		if (!existed) SetLineBgColor(drivers_model_, count, Qt::red);
+		else if (!microsoft) SetLineBgColor(drivers_model_, count, QBrush(0xffffaa));
+		number++;
+	}
+}
+
+QString KernelDriver::DriversItemData(int column)
+{
+	return GetCurItemViewData(ui->driverView, column);
+}
+
+
 bool ImportPrivateKey(const std::string &private_key, WCHAR *passwd, WCHAR *category)
 {
 	bool ret = false;

diff --git a/src/OpenArk/kernel/driver/driver.h b/src/OpenArk/kernel/driver/driver.h
@@ -17,6 +17,55 @@
 #include "../../common/cpp-wrapper/cpp-wrapper.h"
 #include <QString>
 
+#pragma once
+#include <windows.h>
+#include <vector>
+#include "ui_kernel.h"
+#include "../kernel.h"
+#include "../common/common.h"
+
+class Ui::Kernel;
+class Kernel;
+
+PROXY_FILTER(DriversSortFilterProxyModel);
+class KernelDriver : public CommonTabObject {
+	Q_OBJECT
+
+public:
+	enum {
+		Region,
+		View,
+	};
+	KernelDriver();
+	~KernelDriver();
+public:
+	bool eventFilter(QObject *obj, QEvent *e);
+	void ModuleInit(Ui::Kernel *mainui, Kernel *kernel);
+	bool InstallDriver(QString driver, QString name);
+	bool UninstallDriver(QString service);
+
+private slots:
+	void onTabChanged(int index);
+	void onSignDriver();
+	void onInstallNormallyDriver();
+	void onInstallUnsignedDriver();
+	void onInstallExpiredDriver();
+	void onUninstallDriver();
+
+private:
+	void InitDriversView();
+	void InitDriverKitView();
+	void ShowDrivers();
+	QString DriversItemData(int column);
+
+private:
+	Ui::Kernel *ui;
+	Kernel *kernel_;
+	QMenu *drivers_menu_;
+	QStandardItemModel *drivers_model_;
+	DriversSortFilterProxyModel *proxy_drivers_;
+};
+
 bool SignExpiredDriver(QString driver);
 std::wstring ParseDriverPath(UCHAR *symlnk);