Cool_Tools/KsDumper-11
1
0
Fork 0
mirror of https://github.com/mastercodeon314/KsDumper-11.git synced 2024-11-12 01:20:51 +01:00
Code Releases Activity

Driver and Splash screen update

Browse Source
This commit is contained in:
Mastercodeon 2023-01-22 22:06:08 -06:00
parent 726af1270d
commit e035c2740e
17 changed files with 1315 additions and 784 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
DarkControls/Controls/ProgressBarEx.cs
View File

@ -2,14 +2,21 @@
using System.Windows.Forms;
using System.Drawing;
using System.Drawing.Drawing2D;
using System.Runtime.InteropServices;
namespace DarkControls.Controls
{
public class ProgressBarEx : ProgressBar
{
private Timer _marqueeTimer;
public ProgressBarEx()
{
this.SetStyle(ControlStyles.UserPaint, true);
//_marqueeTimer = new Timer();
//_marqueeTimer.Interval = MarqueeAnimationSpeed;
//_marqueeTimer.Tick += new EventHandler(marqueeTimer_Tick);
//_marqueeTimer.Start();
}
protected override void OnPaintBackground(PaintEventArgs pevent)
@ -17,9 +24,47 @@ namespace DarkControls.Controls
// None... Helps control the flicker.
}
private void marqueeTimer_Tick(object sender, EventArgs e)
{
if (this.Style == ProgressBarStyle.Marquee) this.Invalidate();
}
protected override void OnPaint(PaintEventArgs e)
{
const int inset = 2; // A single inset value to control teh sizing of the inner rect.
if (this.Style == ProgressBarStyle.Marquee)
{
int blockWidth = 5;
int blockSpacing = 2;
int blockCount = (this.Width - 2) / (blockWidth + blockSpacing);
int offset = DateTime.Now.Second % (blockCount + blockSpacing);
using (Image offscreenImage = new Bitmap(this.Width, this.Height))
{
using (Graphics offscreen = Graphics.FromImage(offscreenImage))
{
offscreen.Clear(this.BackColor);
for (int i = 0; i < blockCount; i++)
{
int x = 2 + (i * (blockWidth + blockSpacing)) - offset;
int y = 2;
int width = blockWidth;
int height = this.Height - 4;
if (x + width > this.Width)
width = this.Width - x;
if (x < 2)
{
width -= 2 - x;
x = 2;
}
offscreen.FillRectangle(new SolidBrush(this.ForeColor), x, y, width, height);
}
e.Graphics.DrawImage(offscreenImage, 0, 0);
}
}
}
else
{
const int inset = 2; // A single inset value to control the sizing of the inner rect.
using (Image offscreenImage = new Bitmap(this.Width, this.Height))
{
@ -46,4 +91,5 @@ namespace DarkControls.Controls
}
}
}
}
}

14
KsDumper11.sln
View File

@ -15,6 +15,8 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DriverChecker", "DriverChecker\DriverChecker.csproj", "{0E2A2FA3-6443-49F7-9DD6-E66291C68D7F}"
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "KsDumperDriver", "KsDumperDriver\KsDumperDriver.vcxproj", "{8EADAB93-F111-43AF-9E10-2376AE515491}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
@ -61,6 +63,18 @@ Global
{0E2A2FA3-6443-49F7-9DD6-E66291C68D7F}.Release|x64.Build.0 = Release|Any CPU
{0E2A2FA3-6443-49F7-9DD6-E66291C68D7F}.Release|x86.ActiveCfg = Release|Any CPU
{0E2A2FA3-6443-49F7-9DD6-E66291C68D7F}.Release|x86.Build.0 = Release|Any CPU
{8EADAB93-F111-43AF-9E10-2376AE515491}.Debug|Any CPU.ActiveCfg = Debug|x64
{8EADAB93-F111-43AF-9E10-2376AE515491}.Debug|Any CPU.Build.0 = Debug|x64
{8EADAB93-F111-43AF-9E10-2376AE515491}.Debug|x64.ActiveCfg = Debug|x64
{8EADAB93-F111-43AF-9E10-2376AE515491}.Debug|x64.Build.0 = Debug|x64
{8EADAB93-F111-43AF-9E10-2376AE515491}.Debug|x86.ActiveCfg = Debug|x64
{8EADAB93-F111-43AF-9E10-2376AE515491}.Debug|x86.Build.0 = Debug|x64
{8EADAB93-F111-43AF-9E10-2376AE515491}.Release|Any CPU.ActiveCfg = Release|x64
{8EADAB93-F111-43AF-9E10-2376AE515491}.Release|Any CPU.Build.0 = Release|x64
{8EADAB93-F111-43AF-9E10-2376AE515491}.Release|x64.ActiveCfg = Release|x64
{8EADAB93-F111-43AF-9E10-2376AE515491}.Release|x64.Build.0 = Release|x64
{8EADAB93-F111-43AF-9E10-2376AE515491}.Release|x86.ActiveCfg = Release|x64
{8EADAB93-F111-43AF-9E10-2376AE515491}.Release|x86.Build.0 = Release|x64
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE

36
KsDumper11/Driver/DriverInterface.cs
View File

@ -8,6 +8,14 @@ namespace KsDumper11.Driver
// Token: 0x02000014 RID: 20
public class DriverInterface
{
public static bool IsDriverOpen(string registryPath)
{
IntPtr handle = WinApi.CreateFileA(registryPath, FileAccess.ReadWrite, FileShare.ReadWrite, IntPtr.Zero, FileMode.Open, (FileAttributes)0, IntPtr.Zero);
bool result = handle != WinApi.INVALID_HANDLE_VALUE;
WinApi.CloseHandle(handle);
return result;
}
// Token: 0x060000D9 RID: 217 RVA: 0x00005D59 File Offset: 0x00003F59
public DriverInterface(string registryPath)
{
@ -109,7 +117,35 @@ namespace KsDumper11.Driver
return flag2;
}
public bool UnloadDriver()
{
if (driverHandle != WinApi.INVALID_HANDLE_VALUE)
{
bool result = WinApi.DeviceIoControl(driverHandle, Operations.IO_UNLOAD_DRIVER, IntPtr.Zero, 0, IntPtr.Zero, 0, IntPtr.Zero, IntPtr.Zero);
this.Dispose();
return result;
}
return false;
}
// Token: 0x04000075 RID: 117
private readonly IntPtr driverHandle;
public void Dispose()
{
WinApi.CloseHandle(driverHandle);
}
~DriverInterface()
{
try
{
WinApi.CloseHandle(driverHandle);
}
catch (Exception ex)
{
return;
}
}
}
}

BIN
KsDumper11/Driver/KsDumperDriver.sys
View File

Binary file not shown.

22
KsDumper11/Driver/Operations.cs
View File

@ -1,55 +1,39 @@
using System;
using KsDumper11.Utility;
using static KsDumper11.Utility.WinApi;
namespace KsDumper11.Driver
{
// Token: 0x02000015 RID: 21
public static class Operations
{
// Token: 0x060000DE RID: 222 RVA: 0x00006004 File Offset: 0x00004204
private static uint CTL_CODE(int deviceType, int function, int method, int access)
{
return (uint)((deviceType << 16) | (access << 14) | (function << 2) | method);
}
// Token: 0x060000DF RID: 223 RVA: 0x00006025 File Offset: 0x00004225
// Note: this type is marked as 'beforefieldinit'.
static Operations()
{
}
// Token: 0x04000076 RID: 118
public static readonly uint IO_GET_PROCESS_LIST = Operations.CTL_CODE(WinApi.FILE_DEVICE_UNKNOWN, 5924, WinApi.METHOD_BUFFERED, WinApi.FILE_ANY_ACCESS);
// Token: 0x04000077 RID: 119
public static readonly uint IO_COPY_MEMORY = Operations.CTL_CODE(WinApi.FILE_DEVICE_UNKNOWN, 5925, WinApi.METHOD_BUFFERED, WinApi.FILE_ANY_ACCESS);
// Token: 0x02000038 RID: 56
public static readonly uint IO_UNLOAD_DRIVER = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x1726, METHOD_BUFFERED, FILE_ANY_ACCESS);
public struct KERNEL_PROCESS_LIST_OPERATION
{
// Token: 0x040001AE RID: 430
public ulong bufferAddress;
// Token: 0x040001AF RID: 431
public int bufferSize;
// Token: 0x040001B0 RID: 432
public int processCount;
}
// Token: 0x02000039 RID: 57
public struct KERNEL_COPY_MEMORY_OPERATION
{
// Token: 0x040001B1 RID: 433
public int targetProcessId;
// Token: 0x040001B2 RID: 434
public ulong targetAddress;
// Token: 0x040001B3 RID: 435
public ulong bufferAddress;
// Token: 0x040001B4 RID: 436
public int bufferSize;
}
}

27
KsDumper11/Dumper.Designer.cs generated
View File

@ -43,6 +43,7 @@
this.EntryPointHeader = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
this.ImageSizeHeader = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
this.ImageTypeHeader = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
this.closeDriverOnExitBox = new DarkControls.Controls.DarkCheckBox();
this.groupBox1.SuspendLayout();
this.contextMenuStrip1.SuspendLayout();
((System.ComponentModel.ISupportInitialize)(this.appIcon1)).BeginInit();
@ -130,6 +131,7 @@
//
this.appIcon1.AppIconImage = global::KsDumper11.Properties.Resources.icons8_crossed_axes_100;
this.appIcon1.DragForm = this;
this.appIcon1.Image = ((System.Drawing.Image)(resources.GetObject("appIcon1.Image")));
this.appIcon1.Location = new System.Drawing.Point(5, 4);
this.appIcon1.Name = "appIcon1";
this.appIcon1.Scale = 3.5F;
@ -142,7 +144,7 @@
this.fileDumpBtn.BackColor = System.Drawing.Color.FromArgb(((int)(((byte)(33)))), ((int)(((byte)(33)))), ((int)(((byte)(33)))));
this.fileDumpBtn.FlatStyle = System.Windows.Forms.FlatStyle.Flat;
this.fileDumpBtn.ForeColor = System.Drawing.Color.Silver;
this.fileDumpBtn.Location = new System.Drawing.Point(216, 49);
this.fileDumpBtn.Location = new System.Drawing.Point(227, 49);
this.fileDumpBtn.Name = "fileDumpBtn";
this.fileDumpBtn.Size = new System.Drawing.Size(75, 23);
this.fileDumpBtn.TabIndex = 1;
@ -180,7 +182,7 @@
this.refreshBtn.BackColor = System.Drawing.Color.FromArgb(((int)(((byte)(33)))), ((int)(((byte)(33)))), ((int)(((byte)(33)))));
this.refreshBtn.FlatStyle = System.Windows.Forms.FlatStyle.Flat;
this.refreshBtn.ForeColor = System.Drawing.Color.Silver;
this.refreshBtn.Location = new System.Drawing.Point(5, 49);
this.refreshBtn.Location = new System.Drawing.Point(12, 49);
this.refreshBtn.Name = "refreshBtn";
this.refreshBtn.Size = new System.Drawing.Size(75, 23);
this.refreshBtn.TabIndex = 10;
@ -196,7 +198,7 @@
this.autoRefreshCheckBox.CheckColor = System.Drawing.Color.CornflowerBlue;
this.autoRefreshCheckBox.FlatAppearance.BorderSize = 0;
this.autoRefreshCheckBox.FlatStyle = System.Windows.Forms.FlatStyle.Flat;
this.autoRefreshCheckBox.Location = new System.Drawing.Point(86, 46);
this.autoRefreshCheckBox.Location = new System.Drawing.Point(93, 49);
this.autoRefreshCheckBox.Name = "autoRefreshCheckBox";
this.autoRefreshCheckBox.Size = new System.Drawing.Size(98, 23);
this.autoRefreshCheckBox.TabIndex = 11;
@ -280,12 +282,30 @@
this.ImageTypeHeader.Text = "Image Type";
this.ImageTypeHeader.Width = 76;
//
// closeDriverOnExitBox
//
this.closeDriverOnExitBox.Appearance = System.Windows.Forms.Appearance.Button;
this.closeDriverOnExitBox.BoxBorderColor = System.Drawing.Color.DarkSlateBlue;
this.closeDriverOnExitBox.BoxFillColor = System.Drawing.Color.FromArgb(((int)(((byte)(33)))), ((int)(((byte)(33)))), ((int)(((byte)(33)))));
this.closeDriverOnExitBox.CheckColor = System.Drawing.Color.CornflowerBlue;
this.closeDriverOnExitBox.FlatAppearance.BorderSize = 0;
this.closeDriverOnExitBox.FlatStyle = System.Windows.Forms.FlatStyle.Flat;
this.closeDriverOnExitBox.Location = new System.Drawing.Point(723, 49);
this.closeDriverOnExitBox.Name = "closeDriverOnExitBox";
this.closeDriverOnExitBox.Size = new System.Drawing.Size(133, 23);
this.closeDriverOnExitBox.TabIndex = 13;
this.closeDriverOnExitBox.Text = "Close Driver on Exit";
this.closeDriverOnExitBox.TextAlign = System.Drawing.ContentAlignment.MiddleRight;
this.closeDriverOnExitBox.UseVisualStyleBackColor = true;
this.closeDriverOnExitBox.CheckedChanged += new System.EventHandler(this.closeDriverOnExitBox_CheckedChanged);
//
// Dumper
//
this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 13F);
this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
this.BackColor = System.Drawing.Color.FromArgb(((int)(((byte)(33)))), ((int)(((byte)(33)))), ((int)(((byte)(33)))));
this.ClientSize = new System.Drawing.Size(1009, 746);
this.Controls.Add(this.closeDriverOnExitBox);
this.Controls.Add(this.hideSystemProcessBtn);
this.Controls.Add(this.autoRefreshCheckBox);
this.Controls.Add(this.refreshBtn);
@ -384,5 +404,6 @@
// Token: 0x0400002A RID: 42
private global::System.Windows.Forms.Button hideSystemProcessBtn;
private DarkControls.Controls.DarkCheckBox closeDriverOnExitBox;
}
}

31
KsDumper11/Dumper.cs
View File

@ -97,10 +97,14 @@ namespace KsDumper11
[DllImport("ntdll.dll", SetLastError = true)]
private static extern int NtQueryInformationProcess(IntPtr processHandle, int processInformationClass, ref Dumper.PROCESS_BASIC_INFORMATION processInformation, uint processInformationLength, out int returnLength);
bool skip = false;
// Token: 0x06000012 RID: 18 RVA: 0x00002078 File Offset: 0x00000278
public Dumper()
{
this.InitializeComponent();
closeDriverOnExitBox.Checked = Properties.Settings.Default.closeDriverOnExitSettings;
this.FormClosing += Dumper_FormClosing;
this.appIcon1.DragForm = this;
base.FormBorderStyle = FormBorderStyle.None;
base.Region = Region.FromHrgn(Utils.CreateRoundRectRgn(0, 0, base.Width, base.Height, 10, 10));
@ -115,9 +119,24 @@ namespace KsDumper11
this.processList.ColumnWidthChanging += this.processList_ColumnWidthChanging;
this.driver = new DriverInterface("\\\\.\\KsDumper");
this.dumper = new ProcessDumper(this.driver);
this.LoadProcessList();
}
private void closeDriverOnExitBox_CheckedChanged(object sender, EventArgs e)
{
Properties.Settings.Default.closeDriverOnExitSettings = closeDriverOnExitBox.Checked;
Properties.Settings.Default.Save();
}
private void Dumper_FormClosing(object sender, FormClosingEventArgs e)
{
if (closeDriverOnExitBox.Checked)
{
driver.UnloadDriver();
}
}
// Token: 0x06000013 RID: 19 RVA: 0x000021C4 File Offset: 0x000003C4
protected override void WndProc(ref Message m)
{
@ -172,7 +191,7 @@ namespace KsDumper11
{
Logger.Log("Valid driver handle open", Array.Empty<object>());
bool sucess = false;
Task.Run(delegate()
Task.Run(delegate ()
{
Logger.Log("Dumping process...", Array.Empty<object>());
PEFile peFile;
@ -180,7 +199,7 @@ namespace KsDumper11
if (sucess)
{
Logger.Log("Sucess!", Array.Empty<object>());
this.Invoke(new Action(delegate()
this.Invoke(new Action(delegate ()
{
using (SaveFileDialog sfd = new SaveFileDialog())
{
@ -200,7 +219,7 @@ namespace KsDumper11
else
{
Logger.Log("Failure", Array.Empty<object>());
this.Invoke(new Action(delegate()
this.Invoke(new Action(delegate ()
{
MessageBox.Show("Unable to dump target process !", "Error", MessageBoxButtons.OK, MessageBoxIcon.Hand);
}));
@ -231,7 +250,7 @@ namespace KsDumper11
if (flag2)
{
Logger.Log("Sucess!", Array.Empty<object>());
base.Invoke(new Action(delegate()
base.Invoke(new Action(delegate ()
{
using (SaveFileDialog sfd = new SaveFileDialog())
{
@ -253,7 +272,7 @@ namespace KsDumper11
Logger.Log("Failure", Array.Empty<object>());
Logger.Log(process.ProcessName + " Killed", Array.Empty<object>());
this.KillProcess(process.Id);
base.Invoke(new Action(delegate()
base.Invoke(new Action(delegate ()
{
MessageBox.Show("Unable to dump target process !", "Error", MessageBoxButtons.OK, MessageBoxIcon.Hand);
}));
@ -280,7 +299,7 @@ namespace KsDumper11
// Token: 0x0600001A RID: 26 RVA: 0x00002520 File Offset: 0x00000720
private void Logger_OnLog(string message)
{
this.logsTextBox.Invoke(new Action(delegate()
this.logsTextBox.Invoke(new Action(delegate ()
{
this.logsTextBox.AppendText(message);
this.logsTextBox.Update();

2
KsDumper11/Dumper.resx
View File

@ -124,7 +124,7 @@
<data name="appIcon1.Image" type="System.Drawing.Bitmap, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
<value>
iVBORw0KGgoAAAANSUhEUgAAABwAAAAcCAYAAAByDd+UAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8
YQUAAAAJcEhZcwAACxEAAAsRAX9kX5EAAASJSURBVEhL7ZVrUJRVGMdfK7WaJhomMvvApQkhLnKHhQV2
YQUAAAAJcEhZcwAACxIAAAsSAdLdfvwAAASJSURBVEhL7ZVrUJRVGMdfK7WaJhomMvvApQkhLnKHhQV2
WWFZYDF2YRWWkOW2EkoiQQVoENhFRYRABBHiXojg1BgOiMOUM6iTOCjkNFLhTE3f+NQ0xVD/p3N2jlAw
CNjUJ39f9jn///95zp5333df6SH/OzYF9LwoV2Qt2SW8+DocHfbgiH0hJuxy0CYRrRPWUpjHMzzrkIOj
vFc4K2OXSo87Z6PTNZ/IMRvDTrvJ3nE3upyy0e9ioA0iNo9LKW3gniXDs6yH9/IZfJaILY97JrICi4g8

12
KsDumper11/KsDumper11.csproj
View File

@ -85,6 +85,9 @@
<ApplicationIcon>Default.ico</ApplicationIcon>
</PropertyGroup>
<ItemGroup>
<Reference Include="Dark Controls Mod">
<HintPath>..\..\NugetBackdoor\Dark Controls Mod\bin\Debug\Dark Controls Mod.dll</HintPath>
</Reference>
<Reference Include="System" />
<Reference Include="System.Core" />
<Reference Include="System.Xml.Linq" />
@ -98,6 +101,12 @@
<Reference Include="System.Xml" />
</ItemGroup>
<ItemGroup>
<Compile Include="SplashForm.cs">
<SubType>Form</SubType>
</Compile>
<Compile Include="SplashForm.Designer.cs">
<DependentUpon>SplashForm.cs</DependentUpon>
</Compile>
<Compile Include="Driver\DriverInterface.cs" />
<Compile Include="Driver\Operations.cs" />
<Compile Include="Dumper.cs">
@ -136,6 +145,9 @@
<Generator>ResXFileCodeGenerator</Generator>
<LastGenOutput>Resources.Designer.cs</LastGenOutput>
</EmbeddedResource>
<EmbeddedResource Include="SplashForm.resx">
<DependentUpon>SplashForm.cs</DependentUpon>
</EmbeddedResource>
<None Include="app.manifest" />
<None Include="Driver\KsDumperDriver.sys">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>

28
KsDumper11/Program.cs
View File

@ -14,10 +14,19 @@ namespace KsDumper11
[STAThread]
private static void Main()
{
Program.StartDriver();
Application.EnableVisualStyles();
Application.SetCompatibleTextRenderingDefault(false);
bool driverOpen = DriverInterface.IsDriverOpen("\\\\.\\KsDumper");
if (!driverOpen)
{
Application.Run(new SplashForm());
Application.Run(new Dumper());
}
else
{
Application.Run(new Dumper());
}
}
// Token: 0x0600004C RID: 76 RVA: 0x000042D0 File Offset: 0x000024D0
@ -35,29 +44,28 @@ namespace KsDumper11
outputStream = File.OpenWrite(logPath);
}
StreamWriter wr = new StreamWriter(outputStream);
bool driverOpen = new DriverInterface("\\\\.\\KsDumper").HasValidHandle();
bool driverOpen = DriverInterface.IsDriverOpen("\\\\.\\KsDumper");
if (!driverOpen)
{
ProcessStartInfo inf = new ProcessStartInfo(Environment.CurrentDirectory + "\\Driver\\kdu.exe", " -prv 1 -map .\\Driver\\KsDumperDriver.sys")
{
CreateNoWindow = true,
UseShellExecute = false,
RedirectStandardOutput = true,
RedirectStandardError = true
//RedirectStandardOutput = true,
//RedirectStandardError = true
};
Process proc = Process.Start(inf);
proc.OutputDataReceived += delegate(object sender, DataReceivedEventArgs e)
{
bool flag4 = !string.IsNullOrEmpty(e.Data);
if (flag4)
if (!string.IsNullOrEmpty(e.Data))
{
wr.WriteLine(e.Data);
}
};
proc.ErrorDataReceived += delegate(object sender, DataReceivedEventArgs e)
{
bool flag4 = !string.IsNullOrEmpty(e.Data);
if (flag4)
if (!string.IsNullOrEmpty(e.Data))
{
wr.WriteLine(e.Data);
}
@ -67,8 +75,8 @@ namespace KsDumper11
wr.Close();
outputStream.Close();
outputStream.Dispose();
bool flag3 = !new DriverInterface("\\\\.\\KsDumper").HasValidHandle();
if (flag3)
driverOpen = DriverInterface.IsDriverOpen("\\\\.\\KsDumper");
if (!driverOpen)
{
MessageBox.Show("Error! Tried to start driver, and it failed to start!");
Environment.Exit(0);

12
KsDumper11/Properties/Settings.Designer.cs generated
View File

@ -22,5 +22,17 @@ namespace KsDumper11.Properties {
return defaultInstance;
}
}
[global::System.Configuration.UserScopedSettingAttribute()]
[global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
[global::System.Configuration.DefaultSettingValueAttribute("False")]
public bool closeDriverOnExitSettings {
get {
return ((bool)(this["closeDriverOnExitSettings"]));
}
set {
this["closeDriverOnExitSettings"] = value;
}
}
}
}

8
KsDumper11/Properties/Settings.settings
View File

@ -1,5 +1,9 @@
<?xml version='1.0' encoding='utf-8'?>
<SettingsFile CurrentProfile="(Default)" GeneratedClassNamespace="KsDumperClient.Properties" GeneratedClassName="Settings" xmlns="http://schemas.microsoft.com/VisualStudio/2004/01/settings">
<SettingsFile xmlns="http://schemas.microsoft.com/VisualStudio/2004/01/settings" CurrentProfile="(Default)" GeneratedClassNamespace="KsDumper11.Properties" GeneratedClassName="Settings">
<Profiles />
<Settings />
<Settings>
<Setting Name="closeDriverOnExitSettings" Type="System.Boolean" Scope="User">
<Value Profile="(Default)">False</Value>
</Setting>
</Settings>
</SettingsFile>

91
KsDumper11/SplashForm.Designer.cs generated Normal file
View File

@ -0,0 +1,91 @@
namespace KsDumper11
{
partial class SplashForm
{
/// <summary>
/// Required designer variable.
/// </summary>
private System.ComponentModel.IContainer components = null;
/// <summary>
/// Clean up any resources being used.
/// </summary>
/// <param name="disposing">true if managed resources should be disposed; otherwise, false.</param>
protected override void Dispose(bool disposing)
{
if (disposing && (components != null))
{
components.Dispose();
}
base.Dispose(disposing);
}
#region Windows Form Designer generated code
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
this.progressBar = new DarkControls.ProgressBarEx();
this.statusLbl = new DarkControls.Controls.TransparentLabel();
this.transparentLabel1 = new DarkControls.Controls.TransparentLabel();
this.SuspendLayout();
//
// progressBar
//
this.progressBar.Location = new System.Drawing.Point(12, 108);
this.progressBar.Name = "progressBar";
this.progressBar.Size = new System.Drawing.Size(660, 23);
this.progressBar.Style = System.Windows.Forms.ProgressBarStyle.Continuous;
this.progressBar.TabIndex = 9;
//
// statusLbl
//
this.statusLbl.AutoSize = true;
this.statusLbl.Font = new System.Drawing.Font("Microsoft Sans Serif", 14.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0)));
this.statusLbl.Location = new System.Drawing.Point(12, 72);
this.statusLbl.Name = "statusLbl";
this.statusLbl.Size = new System.Drawing.Size(0, 24);
this.statusLbl.TabIndex = 10;
//
// transparentLabel1
//
this.transparentLabel1.AutoSize = true;
this.transparentLabel1.Font = new System.Drawing.Font("Microsoft Sans Serif", 21.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0)));
this.transparentLabel1.Location = new System.Drawing.Point(265, 9);
this.transparentLabel1.Name = "transparentLabel1";
this.transparentLabel1.Size = new System.Drawing.Size(193, 33);
this.transparentLabel1.TabIndex = 8;
this.transparentLabel1.Text = "KsDumper 11";
//
// SplashForm
//
this.AllowDrop = true;
this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 13F);
this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
this.BackColor = System.Drawing.Color.FromArgb(((int)(((byte)(33)))), ((int)(((byte)(33)))), ((int)(((byte)(33)))));
this.ClientSize = new System.Drawing.Size(684, 150);
this.Controls.Add(this.statusLbl);
this.Controls.Add(this.progressBar);
this.Controls.Add(this.transparentLabel1);
this.DoubleBuffered = true;
this.ForeColor = System.Drawing.Color.Silver;
this.FormBorderStyle = System.Windows.Forms.FormBorderStyle.None;
this.Name = "SplashForm";
this.StartPosition = System.Windows.Forms.FormStartPosition.CenterScreen;
this.Text = "Basic File Box";
this.Load += new System.EventHandler(this.SplashForm_Load);
this.ResumeLayout(false);
this.PerformLayout();
}
#endregion
private DarkControls.Controls.TransparentLabel transparentLabel1;
private DarkControls.ProgressBarEx progressBar;
private DarkControls.Controls.TransparentLabel statusLbl;
}
}

161
KsDumper11/SplashForm.cs Normal file
View File

@ -0,0 +1,161 @@
using System;
using System.IO;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Drawing.Drawing2D;
using System.Linq;
using System.Text;
using System.Threading;
using System.Threading.Tasks;
using System.Windows.Forms;
using System.Runtime.InteropServices;
using System.Diagnostics;
using DarkControls;
using KsDumper11.Driver;
namespace KsDumper11
{
public partial class SplashForm : Form
{
protected override CreateParams CreateParams
{
get
{
// Activate double buffering at the form level. All child controls will be double buffered as well.
CreateParams cp = base.CreateParams;
cp.ExStyle |= 0x02000000; // Turn on WS_EX_COMPOSITED
return cp;
}
}
private void StartDriver()
{
string logPath = Environment.CurrentDirectory + "\\driverLoading.log";
FileStream outputStream;
if (!File.Exists(logPath))
{
outputStream = File.Create(logPath);
UpdateStatus("Created log file...", 25);
}
else
{
outputStream = File.OpenWrite(logPath);
UpdateStatus("Opened log file...", 25);
}
StreamWriter wr = new StreamWriter(outputStream);
Thread.Sleep(750);
UpdateStatus("Starting driver...", 50);
ProcessStartInfo inf = new ProcessStartInfo(Environment.CurrentDirectory + "\\Driver\\kdu.exe", " -prv 1 -map .\\Driver\\KsDumperDriver.sys")
{
CreateNoWindow = true,
UseShellExecute = false,
//RedirectStandardOutput = true,
//RedirectStandardError = true
};
Process proc = Process.Start(inf);
proc.OutputDataReceived += delegate (object sender, DataReceivedEventArgs e)
{
if (!string.IsNullOrEmpty(e.Data))
{
wr.WriteLine(e.Data);
}
};
proc.ErrorDataReceived += delegate (object sender, DataReceivedEventArgs e)
{
if (!string.IsNullOrEmpty(e.Data))
{
wr.WriteLine(e.Data);
}
};
proc.WaitForExit();
wr.Flush();
wr.Close();
outputStream.Close();
outputStream.Dispose();
if (!DriverInterface.IsDriverOpen("\\\\.\\KsDumper"))
{
UpdateStatus("Driver failed to start! Exiting in 3s", 0);
Thread.Sleep(3000);
Environment.Exit(0);
}
UpdateStatus("Driver Started!...", 100);
Thread.Sleep(750);
LoadedDriver();
}
public SplashForm()
{
InitializeComponent();
this.FormBorderStyle = FormBorderStyle.None;
this.Region = Region.FromHrgn(Utils.CreateRoundRectRgn(0, 0, Width, Height, 10, 10));
}
private void SplashForm_Load(object sender, EventArgs e)
{
StartProgressBar();
Task.Run(() =>
{
StartDriver();
});
}
private void StartProgressBar()
{
progressBar.Style = ProgressBarStyle.Marquee;
progressBar.Show();
}
private void StopProgressBar()
{
progressBar.Style = ProgressBarStyle.Blocks;
}
public delegate void UpdateStatusDel(string txt, int progress);
public void UpdateStatus(string txt, int progress)
{
if (this.InvokeRequired)
{
this.Invoke(new UpdateStatusDel(UpdateStatus), new object[] { txt, progress });
}
else
{
this.statusLbl.Text = txt;
this.progressBar.Value = progress;
}
}
public delegate void LoadedDriverDel();
public void LoadedDriver()
{
if (this.InvokeRequired)
{
this.Invoke(new LoadedDriverDel(LoadedDriver), new object[] { });
}
else
{
StopProgressBar();
this.Close();
}
}
protected override void WndProc(ref Message m)
{
base.WndProc(ref m);
if (m.Msg == Utils.WM_NCHITTEST)
m.Result = (IntPtr)(Utils.HT_CAPTION);
}
}
}

120
KsDumper11/SplashForm.resx Normal file
View File

@ -0,0 +1,120 @@
<?xml version="1.0" encoding="utf-8"?>
<root>
<!--
Microsoft ResX Schema
Version 2.0
The primary goals of this format is to allow a simple XML format
that is mostly human readable. The generation and parsing of the
various data types are done through the TypeConverter classes
associated with the data types.
Example:
... ado.net/XML headers & schema ...
<resheader name="resmimetype">text/microsoft-resx</resheader>
<resheader name="version">2.0</resheader>
<resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
<resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
<data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
<data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
<data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
<value>[base64 mime encoded serialized .NET Framework object]</value>
</data>
<data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
<value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
<comment>This is a comment</comment>
</data>
There are any number of "resheader" rows that contain simple
name/value pairs.
Each data row contains a name, and value. The row also contains a
type or mimetype. Type corresponds to a .NET class that support
text/value conversion through the TypeConverter architecture.
Classes that don't support this are serialized and stored with the
mimetype set.
The mimetype is used for serialized objects, and tells the
ResXResourceReader how to depersist the object. This is currently not
extensible. For a given mimetype the value must be set accordingly:
Note - application/x-microsoft.net.object.binary.base64 is the format
that the ResXResourceWriter will generate, however the reader can
read any of the formats listed below.
mimetype: application/x-microsoft.net.object.binary.base64
value : The object must be serialized with
: System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
: and then encoded with base64 encoding.
mimetype: application/x-microsoft.net.object.soap.base64
value : The object must be serialized with
: System.Runtime.Serialization.Formatters.Soap.SoapFormatter
: and then encoded with base64 encoding.
mimetype: application/x-microsoft.net.object.bytearray.base64
value : The object must be serialized into a byte array
: using a System.ComponentModel.TypeConverter
: and then encoded with base64 encoding.
-->
<xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
<xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
<xsd:element name="root" msdata:IsDataSet="true">
<xsd:complexType>
<xsd:choice maxOccurs="unbounded">
<xsd:element name="metadata">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="value" type="xsd:string" minOccurs="0" />
</xsd:sequence>
<xsd:attribute name="name" use="required" type="xsd:string" />
<xsd:attribute name="type" type="xsd:string" />
<xsd:attribute name="mimetype" type="xsd:string" />
<xsd:attribute ref="xml:space" />
</xsd:complexType>
</xsd:element>
<xsd:element name="assembly">
<xsd:complexType>
<xsd:attribute name="alias" type="xsd:string" />
<xsd:attribute name="name" type="xsd:string" />
</xsd:complexType>
</xsd:element>
<xsd:element name="data">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
<xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
</xsd:sequence>
<xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
<xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
<xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
<xsd:attribute ref="xml:space" />
</xsd:complexType>
</xsd:element>
<xsd:element name="resheader">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
</xsd:sequence>
<xsd:attribute name="name" type="xsd:string" use="required" />
</xsd:complexType>
</xsd:element>
</xsd:choice>
</xsd:complexType>
</xsd:element>
</xsd:schema>
<resheader name="resmimetype">
<value>text/microsoft-resx</value>
</resheader>
<resheader name="version">
<value>2.0</value>
</resheader>
<resheader name="reader">
<value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
</resheader>
<resheader name="writer">
<value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
</resheader>
</root>

19
KsDumper11/Utility/WinApi.cs
View File

@ -5,37 +5,28 @@ using System.Text;
namespace KsDumper11.Utility
{
// Token: 0x02000008 RID: 8
public static class WinApi
{
// Token: 0x06000055 RID: 85
[DllImport("kernel32.dll")]
public static extern int CloseHandle(IntPtr handle);
[DllImport("kernel32.dll", CharSet = CharSet.Ansi, SetLastError = true)]
public static extern IntPtr CreateFileA([MarshalAs(UnmanagedType.LPStr)] string filename, [MarshalAs(UnmanagedType.U4)] FileAccess access, [MarshalAs(UnmanagedType.U4)] FileShare share, IntPtr securityAttributes, [MarshalAs(UnmanagedType.U4)] FileMode creationDisposition, [MarshalAs(UnmanagedType.U4)] FileAttributes flagsAndAttributes, IntPtr templateFile);
// Token: 0x06000056 RID: 86
[DllImport("kernel32.dll", CharSet = CharSet.Auto, ExactSpelling = true, SetLastError = true)]
public static extern bool DeviceIoControl(IntPtr hDevice, uint dwIoControlCode, IntPtr lpInBuffer, int nInBufferSize, IntPtr lpOutBuffer, int nOutBufferSize, IntPtr lpBytesReturned, IntPtr lpOverlapped);
// Token: 0x06000057 RID: 87
[DllImport("kernel32.dll")]
public static extern int GetLongPathName(string path, StringBuilder pszPath, int cchPath);
// Token: 0x06000058 RID: 88 RVA: 0x000044DE File Offset: 0x000026DE
// Note: this type is marked as 'beforefieldinit'.
static WinApi()
{
}
// Token: 0x04000036 RID: 54
public static readonly int FILE_DEVICE_UNKNOWN = 34;
// Token: 0x04000037 RID: 55
public static readonly int METHOD_BUFFERED = 0;
// Token: 0x04000038 RID: 56
public static readonly int FILE_ANY_ACCESS = 0;
// Token: 0x04000039 RID: 57
public static readonly IntPtr INVALID_HANDLE_VALUE = new IntPtr(-1);
}
}

12
KsDumper11/app.config
View File

@ -1,6 +1,18 @@
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<sectionGroup name="userSettings" type="System.Configuration.UserSettingsGroup, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" >
<section name="KsDumper11.Properties.Settings" type="System.Configuration.ClientSettingsSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" allowExeDefinition="MachineToLocalUser" requirePermission="false" />
</sectionGroup>
</configSections>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.8"/>
</startup>
<userSettings>
<KsDumper11.Properties.Settings>
<setting name="closeDriverOnExitSettings" serializeAs="String">
<value>False</value>
</setting>
</KsDumper11.Properties.Settings>
</userSettings>
</configuration>