Logging improved

This commit is contained in:
binarymaster 2014-12-10 19:55:53 +03:00
parent cf53e9c984
commit 1febb524bc
2 changed files with 62 additions and 52 deletions

View File

@ -374,7 +374,7 @@ begin
if OverrideSL(pwszValueName, dw) then begin if OverrideSL(pwszValueName, dw) then begin
pdwValue^ := dw; pdwValue^ := dw;
Result := S_OK; Result := S_OK;
WriteLog('Rewrite: ' + IntToStr(pdwValue^)); WriteLog('Policy rewrite: ' + IntToStr(pdwValue^));
Exit; Exit;
end; end;
@ -387,9 +387,9 @@ begin
// get result // get result
Result := SLGetWindowsInformationDWORD(pwszValueName, pdwValue); Result := SLGetWindowsInformationDWORD(pwszValueName, pdwValue);
if Result = S_OK then if Result = S_OK then
WriteLog('Result: ' + IntToStr(pdwValue^)) WriteLog('Policy result: ' + IntToStr(pdwValue^))
else else
WriteLog('Failed'); WriteLog('Policy request failed');
// wrap it back // wrap it back
WriteProcessMemory(GetCurrentProcess, @SLGetWindowsInformationDWORD, WriteProcessMemory(GetCurrentProcess, @SLGetWindowsInformationDWORD,
@Stub_SLGetWindowsInformationDWORD, SizeOf(far_jmp), bw); @Stub_SLGetWindowsInformationDWORD, SizeOf(far_jmp), bw);
@ -408,7 +408,7 @@ begin
if OverrideSL(pwszValueName, dw) then begin if OverrideSL(pwszValueName, dw) then begin
pdwValue^ := dw; pdwValue^ := dw;
Result := S_OK; Result := S_OK;
WriteLog('Rewrite: ' + IntToStr(pdwValue^)); WriteLog('Policy rewrite: ' + IntToStr(pdwValue^));
Exit; Exit;
end; end;
@ -417,9 +417,9 @@ begin
Result := SLGetWindowsInformationDWORD(pwszValueName, pdwValue); Result := SLGetWindowsInformationDWORD(pwszValueName, pdwValue);
if Result = S_OK then if Result = S_OK then
WriteLog('Result: ' + IntToStr(pdwValue^)) WriteLog('Policy result: ' + IntToStr(pdwValue^))
else else
WriteLog('Failed'); WriteLog('Policy request failed');
end; end;
function New_Win8SL_CP(eax: DWORD; pdwValue: PDWORD; ecx: DWORD; pwszValueName: PWideChar): HRESULT; register; function New_Win8SL_CP(eax: DWORD; pdwValue: PDWORD; ecx: DWORD; pwszValueName: PWideChar): HRESULT; register;
@ -450,7 +450,7 @@ begin
lMaxUserSessions := nil; lMaxUserSessions := nil;
ulMaxDebugSessions := nil; ulMaxDebugSessions := nil;
bInitialized := nil; bInitialized := nil;
WriteLog('> CSLQuery::Initialize'); WriteLog('>>> CSLQuery::Initialize');
Sect := IntToStr(FV.Version.w.Major)+'.'+IntToStr(FV.Version.w.Minor)+'.'+ Sect := IntToStr(FV.Version.w.Major)+'.'+IntToStr(FV.Version.w.Minor)+'.'+
IntToStr(FV.Release)+'.'+IntToStr(FV.Build)+'-SLInit'; IntToStr(FV.Release)+'.'+IntToStr(FV.Build)+'-SLInit';
if INISectionExists(INI, Sect) then begin if INISectionExists(INI, Sect) then begin
@ -466,42 +466,43 @@ begin
if bServerSku <> nil then begin if bServerSku <> nil then begin
bServerSku^ := INIReadDWord(INI, 'SLInit', 'bServerSku', 1); bServerSku^ := INIReadDWord(INI, 'SLInit', 'bServerSku', 1);
WriteLog('[0x'+IntToHex(DWORD(bServerSku), 1)+'] bServerSku = ' + IntToStr(bServerSku^)); WriteLog('SLInit [0x'+IntToHex(DWORD(bServerSku), 1)+'] bServerSku = ' + IntToStr(bServerSku^));
end; end;
if bRemoteConnAllowed <> nil then begin if bRemoteConnAllowed <> nil then begin
bRemoteConnAllowed^ := INIReadDWord(INI, 'SLInit', 'bRemoteConnAllowed', 1); bRemoteConnAllowed^ := INIReadDWord(INI, 'SLInit', 'bRemoteConnAllowed', 1);
WriteLog('[0x'+IntToHex(DWORD(bRemoteConnAllowed), 1)+'] bRemoteConnAllowed = ' + IntToStr(bRemoteConnAllowed^)); WriteLog('SLInit [0x'+IntToHex(DWORD(bRemoteConnAllowed), 1)+'] bRemoteConnAllowed = ' + IntToStr(bRemoteConnAllowed^));
end; end;
if bFUSEnabled <> nil then begin if bFUSEnabled <> nil then begin
bFUSEnabled^ := INIReadDWord(INI, 'SLInit', 'bFUSEnabled', 1); bFUSEnabled^ := INIReadDWord(INI, 'SLInit', 'bFUSEnabled', 1);
WriteLog('[0x'+IntToHex(DWORD(bFUSEnabled), 1)+'] bFUSEnabled = ' + IntToStr(bFUSEnabled^)); WriteLog('SLInit [0x'+IntToHex(DWORD(bFUSEnabled), 1)+'] bFUSEnabled = ' + IntToStr(bFUSEnabled^));
end; end;
if bAppServerAllowed <> nil then begin if bAppServerAllowed <> nil then begin
bAppServerAllowed^ := INIReadDWord(INI, 'SLInit', 'bAppServerAllowed', 1); bAppServerAllowed^ := INIReadDWord(INI, 'SLInit', 'bAppServerAllowed', 1);
WriteLog('[0x'+IntToHex(DWORD(bAppServerAllowed), 1)+'] bAppServerAllowed = ' + IntToStr(bAppServerAllowed^)); WriteLog('SLInit [0x'+IntToHex(DWORD(bAppServerAllowed), 1)+'] bAppServerAllowed = ' + IntToStr(bAppServerAllowed^));
end; end;
if bMultimonAllowed <> nil then begin if bMultimonAllowed <> nil then begin
bMultimonAllowed^ := INIReadDWord(INI, 'SLInit', 'bMultimonAllowed', 1); bMultimonAllowed^ := INIReadDWord(INI, 'SLInit', 'bMultimonAllowed', 1);
WriteLog('[0x'+IntToHex(DWORD(bMultimonAllowed), 1)+'] bMultimonAllowed = ' + IntToStr(bMultimonAllowed^)); WriteLog('SLInit [0x'+IntToHex(DWORD(bMultimonAllowed), 1)+'] bMultimonAllowed = ' + IntToStr(bMultimonAllowed^));
end; end;
if lMaxUserSessions <> nil then begin if lMaxUserSessions <> nil then begin
lMaxUserSessions^ := INIReadDWord(INI, 'SLInit', 'lMaxUserSessions', 0); lMaxUserSessions^ := INIReadDWord(INI, 'SLInit', 'lMaxUserSessions', 0);
WriteLog('[0x'+IntToHex(DWORD(lMaxUserSessions), 1)+'] lMaxUserSessions = ' + IntToStr(lMaxUserSessions^)); WriteLog('SLInit [0x'+IntToHex(DWORD(lMaxUserSessions), 1)+'] lMaxUserSessions = ' + IntToStr(lMaxUserSessions^));
end; end;
if ulMaxDebugSessions <> nil then begin if ulMaxDebugSessions <> nil then begin
ulMaxDebugSessions^ := INIReadDWord(INI, 'SLInit', 'ulMaxDebugSessions', 0); ulMaxDebugSessions^ := INIReadDWord(INI, 'SLInit', 'ulMaxDebugSessions', 0);
WriteLog('[0x'+IntToHex(DWORD(ulMaxDebugSessions), 1)+'] ulMaxDebugSessions = ' + IntToStr(ulMaxDebugSessions^)); WriteLog('SLInit [0x'+IntToHex(DWORD(ulMaxDebugSessions), 1)+'] ulMaxDebugSessions = ' + IntToStr(ulMaxDebugSessions^));
end; end;
if bInitialized <> nil then begin if bInitialized <> nil then begin
bInitialized^ := INIReadDWord(INI, 'SLInit', 'bInitialized', 1); bInitialized^ := INIReadDWord(INI, 'SLInit', 'bInitialized', 1);
WriteLog('[0x'+IntToHex(DWORD(bInitialized), 1)+'] bInitialized = ' + IntToStr(bInitialized^)); WriteLog('SLInit [0x'+IntToHex(DWORD(bInitialized), 1)+'] bInitialized = ' + IntToStr(bInitialized^));
end; end;
Result := S_OK; Result := S_OK;
WriteLog('<<< CSLQuery::Initialize');
end; end;
procedure HookFunctions; procedure HookFunctions;
var var
Sect, FuncName: String; ConfigFile, Sect, FuncName: String;
V: DWORD; V: DWORD;
TS_Handle, SLC_Handle: THandle; TS_Handle, SLC_Handle: THandle;
TermSrvSize: DWORD; TermSrvSize: DWORD;
@ -520,14 +521,16 @@ begin
SLGetWindowsInformationDWORD := nil; SLGetWindowsInformationDWORD := nil;
WriteLog('Loading configuration...'); WriteLog('Loading configuration...');
INILoad(INI, ExtractFilePath(GetBinaryPath) + 'rdpwrap.ini'); ConfigFile := ExtractFilePath(GetBinaryPath) + 'rdpwrap.ini';
WriteLog('Configuration file: ' + ConfigFile);
INILoad(INI, ConfigFile);
if Length(INI) = 0 then begin if Length(INI) = 0 then begin
WriteLog('Error: Failed to load configuration'); WriteLog('Error: Failed to load configuration');
Exit; Exit;
end; end;
LogFile := INIReadString(INI, 'Main', 'LogFile', ExtractFilePath(GetBinaryPath) + 'rdpwrap.txt'); LogFile := INIReadString(INI, 'Main', 'LogFile', ExtractFilePath(GetBinaryPath) + 'rdpwrap.txt');
WriteLog('init'); WriteLog('Initializing RDP Wrapper...');
// load termsrv.dll and get functions // load termsrv.dll and get functions
TS_Handle := LoadLibrary('termsrv.dll'); TS_Handle := LoadLibrary('termsrv.dll');
@ -535,11 +538,13 @@ begin
WriteLog('Error: Failed to load Terminal Services library'); WriteLog('Error: Failed to load Terminal Services library');
Exit; Exit;
end; end;
WriteLog('Base addr: 0x'+IntToHex(TS_Handle, 8));
TSMain := GetProcAddress(TS_Handle, 'ServiceMain'); TSMain := GetProcAddress(TS_Handle, 'ServiceMain');
WriteLog('SvcMain: termsrv.dll+0x'+IntToHex(Cardinal(@TSMain) - TS_Handle, 1));
TSGlobals := GetProcAddress(TS_Handle, 'SvchostPushServiceGlobals'); TSGlobals := GetProcAddress(TS_Handle, 'SvchostPushServiceGlobals');
WriteLog('SvcGlobals: termsrv.dll+0x'+IntToHex(Cardinal(@TSGlobals) - TS_Handle, 1)); WriteLog(
'Base addr: 0x' + IntToHex(TS_Handle, 8) +
'SvcMain: termsrv.dll+0x' + IntToHex(Cardinal(@TSMain) - TS_Handle, 1) +
'SvcGlobals: termsrv.dll+0x' + IntToHex(Cardinal(@TSGlobals) - TS_Handle, 1)
);
V := 0; V := 0;
// check termsrv version // check termsrv version
@ -555,15 +560,17 @@ begin
Exit; Exit;
end; end;
WriteLog('Version: '+IntToStr(FV.Version.w.Major)+'.'+IntToStr(FV.Version.w.Minor)); WriteLog('Version: '+
WriteLog('Release: '+IntToStr(FV.Release)); IntToStr(FV.Version.w.Major)+'.'+
WriteLog('Build: '+IntToStr(FV.Build)); IntToStr(FV.Version.w.Minor)+'.'+
IntToStr(FV.Release)+'.'+
IntToStr(FV.Build));
// temporarily freeze threads // temporarily freeze threads
WriteLog('freeze'); WriteLog('Freezing threads...');
StopThreads(); StopThreads();
WriteLog('Loading patch codes...'); WriteLog('Caching patch codes...');
PatchList := INIReadSection(INI, 'PatchCodes'); PatchList := INIReadSection(INI, 'PatchCodes');
SetLength(Patch, Length(PatchList)); SetLength(Patch, Length(PatchList));
for I := 0 to Length(Patch) - 1 do begin for I := 0 to Length(Patch) - 1 do begin
@ -691,37 +698,38 @@ begin
end; end;
// unfreeze threads // unfreeze threads
WriteLog('resume'); WriteLog('Resumimg threads...');
RunThreads(); RunThreads();
end; end;
function TermServiceMain(dwArgc: DWORD; lpszArgv: PWideChar): DWORD; stdcall; function TermServiceMain(dwArgc: DWORD; lpszArgv: PWideChar): DWORD; stdcall;
begin begin
// wrap ServiceMain function // wrap ServiceMain function
WriteLog('> ServiceMain'); WriteLog('>>> ServiceMain');
if not IsHooked then if not IsHooked then
HookFunctions; HookFunctions;
Result := 0; Result := 0;
if @TSMain <> nil then if @TSMain <> nil then
Result := TSMain(dwArgc, lpszArgv); Result := TSMain(dwArgc, lpszArgv);
WriteLog('<<< ServiceMain');
end; end;
function TermServiceGlobals(lpGlobalData: Pointer): DWORD; stdcall; function TermServiceGlobals(lpGlobalData: Pointer): DWORD; stdcall;
begin begin
// wrap SvchostPushServiceGlobals function // wrap SvchostPushServiceGlobals function
WriteLog('> SvchostPushServiceGlobals'); WriteLog('>>> SvchostPushServiceGlobals');
if not IsHooked then if not IsHooked then
HookFunctions; HookFunctions;
Result := 0; Result := 0;
if @TSGlobals <> nil then if @TSGlobals <> nil then
Result := TSGlobals(lpGlobalData); Result := TSGlobals(lpGlobalData);
WriteLog('<<< SvchostPushServiceGlobals');
end; end;
// export section // export section
exports exports
TermServiceMain index 1 name 'ServiceMain'; TermServiceMain index 1 name 'ServiceMain',
exports
TermServiceGlobals index 2 name 'SvchostPushServiceGlobals'; TermServiceGlobals index 2 name 'SvchostPushServiceGlobals';
begin begin

View File

@ -290,7 +290,7 @@ HRESULT WINAPI New_SLGetWindowsInformationDWORD(PWSTR pwszValueName, DWORD *pdwV
*pdwValue = dw; *pdwValue = dw;
Log = new char[1024]; Log = new char[1024];
wsprintfA(Log, "Rewrite: %i\r\n", dw); wsprintfA(Log, "Policy rewrite: %i\r\n", dw);
WriteToLog(Log); WriteToLog(Log);
delete[] Log; delete[] Log;
@ -302,11 +302,11 @@ HRESULT WINAPI New_SLGetWindowsInformationDWORD(PWSTR pwszValueName, DWORD *pdwV
if (Result == S_OK) if (Result == S_OK)
{ {
Log = new char[1024]; Log = new char[1024];
wsprintfA(Log, "Result: %i\r\n", dw); wsprintfA(Log, "Policy result: %i\r\n", dw);
WriteToLog(Log); WriteToLog(Log);
delete[] Log; delete[] Log;
} else { } else {
WriteToLog("Failed\r\n"); WriteToLog("Policy request failed\r\n");
} }
WriteProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Stub_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw); WriteProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Stub_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw);
@ -336,7 +336,7 @@ HRESULT __fastcall New_Win8SL(PWSTR pwszValueName, DWORD *pdwValue)
*pdwValue = dw; *pdwValue = dw;
Log = new char[1024]; Log = new char[1024];
wsprintfA(Log, "Rewrite: %i\r\n", dw); wsprintfA(Log, "Policy rewrite: %i\r\n", dw);
WriteToLog(Log); WriteToLog(Log);
delete[] Log; delete[] Log;
@ -347,11 +347,11 @@ HRESULT __fastcall New_Win8SL(PWSTR pwszValueName, DWORD *pdwValue)
if (Result == S_OK) if (Result == S_OK)
{ {
Log = new char[1024]; Log = new char[1024];
wsprintfA(Log, "Result: %i\r\n", dw); wsprintfA(Log, "Policy result: %i\r\n", dw);
WriteToLog(Log); WriteToLog(Log);
delete[] Log; delete[] Log;
} else { } else {
WriteToLog("Failed\r\n"); WriteToLog("Policy request failed\r\n");
} }
return Result; return Result;
@ -382,7 +382,7 @@ HRESULT WINAPI New_CSLQuery_Initialize()
DWORD *ulMaxDebugSessions = NULL; DWORD *ulMaxDebugSessions = NULL;
DWORD *bInitialized = NULL; DWORD *bInitialized = NULL;
WriteToLog("> CSLQuery::Initialize\r\n"); WriteToLog(">>> CSLQuery::Initialize\r\n");
char *Sect; char *Sect;
Sect = new char[256]; Sect = new char[256];
@ -418,7 +418,7 @@ HRESULT WINAPI New_CSLQuery_Initialize()
*bServerSku = INIReadDWordHex(IniFile, "SLInit", "bServerSku", 1); *bServerSku = INIReadDWordHex(IniFile, "SLInit", "bServerSku", 1);
Log = new char[1024]; Log = new char[1024];
wsprintfA(Log, "[0x%p] bServerSku = %d\r\n", bServerSku, *bServerSku); wsprintfA(Log, "SLInit [0x%p] bServerSku = %d\r\n", bServerSku, *bServerSku);
WriteToLog(Log); WriteToLog(Log);
delete[] Log; delete[] Log;
} }
@ -427,7 +427,7 @@ HRESULT WINAPI New_CSLQuery_Initialize()
*bRemoteConnAllowed = INIReadDWordHex(IniFile, "SLInit", "bRemoteConnAllowed", 1); *bRemoteConnAllowed = INIReadDWordHex(IniFile, "SLInit", "bRemoteConnAllowed", 1);
Log = new char[1024]; Log = new char[1024];
wsprintfA(Log, "[0x%p] bRemoteConnAllowed = %d\r\n", bRemoteConnAllowed, *bRemoteConnAllowed); wsprintfA(Log, "SLInit [0x%p] bRemoteConnAllowed = %d\r\n", bRemoteConnAllowed, *bRemoteConnAllowed);
WriteToLog(Log); WriteToLog(Log);
delete[] Log; delete[] Log;
} }
@ -436,7 +436,7 @@ HRESULT WINAPI New_CSLQuery_Initialize()
*bFUSEnabled = INIReadDWordHex(IniFile, "SLInit", "bFUSEnabled", 1); *bFUSEnabled = INIReadDWordHex(IniFile, "SLInit", "bFUSEnabled", 1);
Log = new char[1024]; Log = new char[1024];
wsprintfA(Log, "[0x%p] bFUSEnabled = %d\r\n", bFUSEnabled, *bFUSEnabled); wsprintfA(Log, "SLInit [0x%p] bFUSEnabled = %d\r\n", bFUSEnabled, *bFUSEnabled);
WriteToLog(Log); WriteToLog(Log);
delete[] Log; delete[] Log;
} }
@ -445,7 +445,7 @@ HRESULT WINAPI New_CSLQuery_Initialize()
*bAppServerAllowed = INIReadDWordHex(IniFile, "SLInit", "bAppServerAllowed", 1); *bAppServerAllowed = INIReadDWordHex(IniFile, "SLInit", "bAppServerAllowed", 1);
Log = new char[1024]; Log = new char[1024];
wsprintfA(Log, "[0x%p] bAppServerAllowed = %d\r\n", bAppServerAllowed, *bAppServerAllowed); wsprintfA(Log, "SLInit [0x%p] bAppServerAllowed = %d\r\n", bAppServerAllowed, *bAppServerAllowed);
WriteToLog(Log); WriteToLog(Log);
delete[] Log; delete[] Log;
} }
@ -454,7 +454,7 @@ HRESULT WINAPI New_CSLQuery_Initialize()
*bMultimonAllowed = INIReadDWordHex(IniFile, "SLInit", "bMultimonAllowed", 1); *bMultimonAllowed = INIReadDWordHex(IniFile, "SLInit", "bMultimonAllowed", 1);
Log = new char[1024]; Log = new char[1024];
wsprintfA(Log, "[0x%p] bMultimonAllowed = %d\r\n", bMultimonAllowed, *bMultimonAllowed); wsprintfA(Log, "SLInit [0x%p] bMultimonAllowed = %d\r\n", bMultimonAllowed, *bMultimonAllowed);
WriteToLog(Log); WriteToLog(Log);
delete[] Log; delete[] Log;
} }
@ -463,7 +463,7 @@ HRESULT WINAPI New_CSLQuery_Initialize()
*lMaxUserSessions = INIReadDWordHex(IniFile, "SLInit", "lMaxUserSessions", 0); *lMaxUserSessions = INIReadDWordHex(IniFile, "SLInit", "lMaxUserSessions", 0);
Log = new char[1024]; Log = new char[1024];
wsprintfA(Log, "[0x%p] lMaxUserSessions = %d\r\n", lMaxUserSessions, *lMaxUserSessions); wsprintfA(Log, "SLInit [0x%p] lMaxUserSessions = %d\r\n", lMaxUserSessions, *lMaxUserSessions);
WriteToLog(Log); WriteToLog(Log);
delete[] Log; delete[] Log;
} }
@ -472,7 +472,7 @@ HRESULT WINAPI New_CSLQuery_Initialize()
*ulMaxDebugSessions = INIReadDWordHex(IniFile, "SLInit", "ulMaxDebugSessions", 0); *ulMaxDebugSessions = INIReadDWordHex(IniFile, "SLInit", "ulMaxDebugSessions", 0);
Log = new char[1024]; Log = new char[1024];
wsprintfA(Log, "[0x%p] ulMaxDebugSessions = %d\r\n", ulMaxDebugSessions, *ulMaxDebugSessions); wsprintfA(Log, "SLInit [0x%p] ulMaxDebugSessions = %d\r\n", ulMaxDebugSessions, *ulMaxDebugSessions);
WriteToLog(Log); WriteToLog(Log);
delete[] Log; delete[] Log;
} }
@ -481,10 +481,11 @@ HRESULT WINAPI New_CSLQuery_Initialize()
*bInitialized = INIReadDWordHex(IniFile, "SLInit", "bInitialized", 1); *bInitialized = INIReadDWordHex(IniFile, "SLInit", "bInitialized", 1);
Log = new char[1024]; Log = new char[1024];
wsprintfA(Log, "[0x%p] bInitialized = %d\r\n", bInitialized, *bInitialized); wsprintfA(Log, "SLInit [0x%p] bInitialized = %d\r\n", bInitialized, *bInitialized);
WriteToLog(Log); WriteToLog(Log);
delete[] Log; delete[] Log;
} }
WriteToLog("<<< CSLQuery::Initialize\r\n");
return S_OK; return S_OK;
} }
@ -521,7 +522,6 @@ void Hook()
delete[] Log; delete[] Log;
IniFile = new INI_FILE(ConfigFile); IniFile = new INI_FILE(ConfigFile);
// TODO: implement this // TODO: implement this
if (IniFile == NULL) if (IniFile == NULL)
{ {
@ -558,7 +558,7 @@ void Hook()
PLATFORM_DWORD TermSrvSize, SignPtr; PLATFORM_DWORD TermSrvSize, SignPtr;
FARJMP Jump; FARJMP Jump;
WriteToLog("init\r\n"); WriteToLog("Initializing RDP Wrapper...\r\n");
hTermSrv = LoadLibrary(L"termsrv.dll"); hTermSrv = LoadLibrary(L"termsrv.dll");
if (hTermSrv == 0) if (hTermSrv == 0)
@ -601,7 +601,7 @@ void Hook()
delete[] Log; delete[] Log;
// temporarily freeze threads // temporarily freeze threads
WriteToLog("freeze\r\n"); WriteToLog("Freezing threads...\r\n");
SetThreadsState(false); SetThreadsState(false);
bool Bool; bool Bool;
@ -845,23 +845,25 @@ void Hook()
} }
delete[] Sect; delete[] Sect;
WriteToLog("resume\r\n"); WriteToLog("Resumimg threads...\r\n");
SetThreadsState(true); SetThreadsState(true);
return; return;
} }
void WINAPI ServiceMain(DWORD dwArgc, LPTSTR *lpszArgv) void WINAPI ServiceMain(DWORD dwArgc, LPTSTR *lpszArgv)
{ {
WriteToLog("> ServiceMain\r\n"); WriteToLog(">>> ServiceMain\r\n");
if (!AlreadyHooked) Hook(); if (!AlreadyHooked) Hook();
if (_ServiceMain != NULL) _ServiceMain(dwArgc, lpszArgv); if (_ServiceMain != NULL) _ServiceMain(dwArgc, lpszArgv);
WriteToLog("<<< ServiceMain\r\n");
} }
void WINAPI SvchostPushServiceGlobals(void *lpGlobalData) void WINAPI SvchostPushServiceGlobals(void *lpGlobalData)
{ {
WriteToLog("> SvchostPushServiceGlobals\r\n"); WriteToLog(">>> SvchostPushServiceGlobals\r\n");
if (!AlreadyHooked) Hook(); if (!AlreadyHooked) Hook();
if (_SvchostPushServiceGlobals != NULL) _SvchostPushServiceGlobals(lpGlobalData); if (_SvchostPushServiceGlobals != NULL) _SvchostPushServiceGlobals(lpGlobalData);
WriteToLog("<<< SvchostPushServiceGlobals\r\n");
} }