BanMe
June 14th, 2009, 20:42
Code:
#define PORTNAME L"\\LpcInterceptPort"
DWORD WINAPI ModuleConnectClientServer(LPVOID)
{
SECURITY_QUALITY_OF_SERVICE SecurityQos;
REMOTE_PORT_VIEW ServerView;
UNICODE_STRING PortName;
LARGE_INTEGER SectionSize = {LARGE_MESSAGE_SIZE};
PORT_MESSAGE MessageHeader;
PORT_VIEW ClientView;
NTSTATUS Status = STATUS_SUCCESS;
HANDLE SectionHandle = NULL;
HANDLE PortHandle = NULL;
__try
{
Status = NtCreateSection(&SectionHandle,
SECTION_ALL_ACCESS,
NULL, // Backed by the pagefile
&SectionSize,
PAGE_EXECUTE_READWRITE,
SEC_COMMIT,
NULL);
if(!NT_SUCCESS(Status))
__leave;
RtlInitUnicodeString(&PortName, LpcPortName);
SecurityQos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
SecurityQos.ImpersonationLevel = SecurityImpersonation;
SecurityQos.EffectiveOnly = FALSE;
SecurityQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
ClientView.Length = sizeof(PORT_VIEW);
ClientView.SectionHandle = SectionHandle;
ClientView.SectionOffset = 0;
ClientView.ViewSize = LARGE_MESSAGE_SIZE;
ServerView.Length = sizeof(REMOTE_PORT_VIEW);
Status = NtConnectPort(&PortHandle,
&PortName,
&SecurityQos,
&ClientView,
&ServerView,
0,
NULL,
NULL);
if(!NT_SUCCESS(Status))
__leave;
InitializeMessageHeader(&MessageHeader, sizeof(PORT_MESSAGE), LPC_NEW_MESSAGE);
wcscpy((PWSTR)ServerView.ViewBase, L"Hello System...";
Status = NtRequestWaitReplyPort(PortHandle, &MessageHeader, &MessageHeader);
}
__finally
{
if(PortHandle != NULL)
NtClose(PortHandle);
if(SectionHandle != NULL)
NtClose(SectionHandle);
}
return 0;
}
this is gonna be updated frequently, hopefully I can get some tester/experimentors opions and ideas with this one
again this is just a basic test of communication :}this basic client is simply slightly modified stripped down version of lad client..
found here:http://www.zezula.net/en/prog/lpc.html
LARGE_MESSAGE_SIZE = some arbitrary size.. :]
regards BanMe