From 2ff686a0eee43f2e5f02a424d752e8a1ff31ca20 Mon Sep 17 00:00:00 2001 From: Rodrigo Todescatto <90097545+Rodrigo-Todescatto@users.noreply.github.com> Date: Sun, 13 Oct 2024 16:17:52 -0300 Subject: [PATCH] Added CoreApplication in "hooks.h". --- dlls/kernelx/CoreApplicationX.cpp | 15 +++ dlls/kernelx/CoreApplicationX.h | 5 + dlls/kernelx/ICoreApplicationX.h | 1 - dlls/kernelx/hooks.h | 210 ++++++++++++++++++------------ 4 files changed, 145 insertions(+), 86 deletions(-) diff --git a/dlls/kernelx/CoreApplicationX.cpp b/dlls/kernelx/CoreApplicationX.cpp index efce3df..04d38df 100644 --- a/dlls/kernelx/CoreApplicationX.cpp +++ b/dlls/kernelx/CoreApplicationX.cpp @@ -4,6 +4,21 @@ #include "pch.h" #include "CoreApplicationX.h" +HRESULT CoreApplicationX::GetIids(ULONG* iidCount, IID** iids) +{ + return m_coreWindow->GetIids(iidCount, iids); +} + +HRESULT CoreApplicationX::GetRuntimeClassName(HSTRING* className) +{ + return m_coreWindow->GetRuntimeClassName(className); +} + +HRESULT CoreApplicationX::GetTrustLevel(TrustLevel* trustLevel) +{ + return m_coreWindow->GetTrustLevel(trustLevel); +} + INT32 CoreApplicationX::_abi_add_Resuming(__FIEventHandler_1_IInspectable* handler, EventRegistrationToken* token) { return m_IapplicationCore->add_Resuming(handler, token); diff --git a/dlls/kernelx/CoreApplicationX.h b/dlls/kernelx/CoreApplicationX.h index 35c77e3..4fdb2e2 100644 --- a/dlls/kernelx/CoreApplicationX.h +++ b/dlls/kernelx/CoreApplicationX.h @@ -12,9 +12,14 @@ public: CoreApplicationX(winrt::Windows::ApplicationModel::Core::CoreApplication* application) { m_applicationCore = reinterpret_cast(application); + m_IapplicationCore = reinterpret_cast(application); + m_coreWindow = reinterpret_cast(application); } public: + HRESULT GetIids(ULONG* iidCount, IID** iids) override; + HRESULT GetRuntimeClassName(HSTRING* className) override; + HRESULT GetTrustLevel(TrustLevel* trustLevel) override; INT32 _abi_add_Resuming(__FIEventHandler_1_IInspectable* handler, EventRegistrationToken* token) override; INT32 _abi_remove_Resuming(EventRegistrationToken token) override; INT32 _abi_add_Suspending(__FIEventHandler_1_Windows__CApplicationModel__CSuspendingEventArgs* handler, EventRegistrationToken* token) override; diff --git a/dlls/kernelx/ICoreApplicationX.h b/dlls/kernelx/ICoreApplicationX.h index 53d37fc..1d1ac6d 100644 --- a/dlls/kernelx/ICoreApplicationX.h +++ b/dlls/kernelx/ICoreApplicationX.h @@ -6,7 +6,6 @@ #include #include #include -#include using namespace ABI::Windows::ApplicationModel::Activation; diff --git a/dlls/kernelx/hooks.h b/dlls/kernelx/hooks.h index acda6b1..9c324d7 100644 --- a/dlls/kernelx/hooks.h +++ b/dlls/kernelx/hooks.h @@ -1,86 +1,126 @@ -// ReSharper disable CppInconsistentNaming -// ReSharper disable CppParameterMayBeConst -// ReSharper disable CppClangTidyClangDiagnosticMicrosoftCast -// ReSharper disable CppClangTidyClangDiagnosticUndefinedReinterpretCast -// ReSharper disable CppClangTidyClangDiagnosticShadow -// ReSharper disable CppClangTidyClangDiagnosticCastFunctionTypeStrict -// ReSharper disable CppFunctionalStyleCast -// ReSharper disable CppClangTidyClangDiagnosticCastAlign -// ReSharper disable CppClangTidyClangDiagnosticCastQual -// ReSharper disable CppZeroConstantCanBeReplacedWithNullptr -#pragma once - -inline bool IsClassName(HSTRING classId, const char* classIdName) -{ - const wchar_t* classIdString = WindowsGetStringRawBuffer(classId, nullptr); - std::wstring classIdWString(classIdString); - const std::string classIdStringUTF8(classIdWString.begin(), classIdWString.end()); - - return (classIdStringUTF8 == classIdName); -} - -typedef HRESULT(*DllGetForCurrentThreadFunc) (ICoreWindowStatic*, CoreWindow**); -typedef HRESULT(*DllGetActivationFactoryFunc) (HSTRING, IActivationFactory**); - -DllGetForCurrentThreadFunc pDllGetForCurrentThread = nullptr; -DllGetActivationFactoryFunc pDllGetActivationFactory = nullptr; - -HRESULT(STDMETHODCALLTYPE* TrueGetForCurrentThread)(ICoreWindowStatic* staticWindow, CoreWindow** window); -HRESULT(WINAPI* TrueRoGetActivationFactory)(HSTRING classId, REFIID iid, void** factory) = RoGetActivationFactory; - -inline HRESULT STDMETHODCALLTYPE GetForCurrentThread_Hook(ICoreWindowStatic* paramThis, CoreWindow** window) -{ - // ReSharper disable once CppLocalVariableMayBeConst - HRESULT hr = TrueGetForCurrentThread(paramThis, window); - - //*reinterpret_cast(window) = new CoreWindowX(*window); - auto p = *reinterpret_cast(window); - - p = new CoreWindowX(*window); - - return hr; -} - -inline HRESULT WINAPI RoGetActivationFactory_Hook(HSTRING classId, REFIID iid, void** factory) -{ - auto hr = TrueRoGetActivationFactory(classId, iid, factory); - - if (FAILED(hr)) - { - auto library = LoadPackagedLibrary(L"winrt_x.dll", 0); - - if (!library) library = LoadLibraryW(L"winrt_x.dll"); - - if (!library) return hr; - - pDllGetActivationFactory = reinterpret_cast - (GetProcAddress(library, "DllGetActivationFactory")); - - if (!pDllGetActivationFactory) - return hr; - - ComPtr _factory; - - - if (IsClassName(classId, "Windows.UI.Core.CoreWindow")) - { - ComPtr coreWindowStatic; - - hr = RoGetActivationFactory(HStringReference(RuntimeClass_Windows_UI_Core_CoreWindow).Get(), IID_PPV_ARGS(&coreWindowStatic)); - - *reinterpret_cast(&TrueGetForCurrentThread) = (*reinterpret_cast(coreWindowStatic.Get()))[6]; - - DetourAttach(&TrueGetForCurrentThread, GetForCurrentThread_Hook); - } - else - { - hr = pDllGetActivationFactory(classId, _factory.GetAddressOf()); - } - - if (FAILED(hr)) return hr; - - return _factory.CopyTo(iid, factory); - } - - return hr; +// ReSharper disable CppInconsistentNaming +// ReSharper disable CppParameterMayBeConst +// ReSharper disable CppClangTidyClangDiagnosticMicrosoftCast +// ReSharper disable CppClangTidyClangDiagnosticUndefinedReinterpretCast +// ReSharper disable CppClangTidyClangDiagnosticShadow +// ReSharper disable CppClangTidyClangDiagnosticCastFunctionTypeStrict +// ReSharper disable CppFunctionalStyleCast +// ReSharper disable CppClangTidyClangDiagnosticCastAlign +// ReSharper disable CppClangTidyClangDiagnosticCastQual +// ReSharper disable CppZeroConstantCanBeReplacedWithNullptr +#pragma once +#include +#include "CoreApplicationX.h" + +inline bool IsClassName(HSTRING classId, const char* classIdName) +{ + const wchar_t* classIdString = WindowsGetStringRawBuffer(classId, nullptr); + std::wstring classIdWString(classIdString); + const std::string classIdStringUTF8(classIdWString.begin(), classIdWString.end()); + + return (classIdStringUTF8 == classIdName); +} + +typedef HRESULT(*DllGetForCurrentThreadFunc) (ICoreWindowStatic*, CoreWindow**); +typedef HRESULT(*DllGetForCurrentThreadFunc_App) (ABI::Windows::ApplicationModel::Core::ICoreApplication*, winrt::Windows::ApplicationModel::Core::CoreApplication**); +typedef HRESULT(*DllGetActivationFactoryFunc) (HSTRING, IActivationFactory**); + +DllGetForCurrentThreadFunc pDllGetForCurrentThread = nullptr; +DllGetForCurrentThreadFunc_App pDllGetForCurrentThread_App = nullptr; +DllGetActivationFactoryFunc pDllGetActivationFactory = nullptr; + +HRESULT(STDMETHODCALLTYPE* TrueGetForCurrentThread_App)(ABI::Windows::ApplicationModel::Core::ICoreApplication* Iapplication, +winrt::Windows::ApplicationModel::Core::CoreApplication** Application); +HRESULT(STDMETHODCALLTYPE* TrueGetForCurrentThread)(ICoreWindowStatic* staticWindow, CoreWindow** window); +HRESULT(WINAPI* TrueRoGetActivationFactory)(HSTRING classId, REFIID iid, void** factory) = RoGetActivationFactory; + +inline HRESULT STDMETHODCALLTYPE GetForCurrentThread_Hook(ICoreWindowStatic* paramThis, CoreWindow** window) +{ + // ReSharper disable once CppLocalVariableMayBeConst + HRESULT hr = TrueGetForCurrentThread(paramThis, window); + + //*reinterpret_cast(window) = new CoreWindowX(*window); + auto p = *reinterpret_cast(window); + + p = new CoreWindowX(*window); + + return hr; +} + +inline HRESULT STDMETHODCALLTYPE GetForCurrentThread_Hook_App(ABI::Windows::ApplicationModel::Core::ICoreApplication* paramThis, + winrt::Windows::ApplicationModel::Core::CoreApplication** Application) +{ + // ReSharper disable once CppLocalVariableMayBeConst + HRESULT hrApp = TrueGetForCurrentThread_App(paramThis, Application); + + //*reinterpret_cast(Application) = new CoreApplicationX(*Application); + auto pApp = *reinterpret_cast(Application); + + pApp = new CoreApplicationX(*Application); + + return hrApp; +} + +inline HRESULT WINAPI RoGetActivationFactory_Hook(HSTRING classId, REFIID iid, void** factory) +{ + auto hr = TrueRoGetActivationFactory(classId, iid, factory); + + if (FAILED(hr)) + { + auto library = LoadPackagedLibrary(L"winrt_x.dll", 0); + + if (!library) library = LoadLibraryW(L"winrt_x.dll"); + + if (!library) return hr; + + pDllGetActivationFactory = reinterpret_cast + (GetProcAddress(library, "DllGetActivationFactory")); + + if (!pDllGetActivationFactory) + return hr; + + ComPtr _factory; + + + if (IsClassName(classId, "Windows.UI.Core.CoreWindow")) + { + ComPtr coreWindowStatic; + + hr = RoGetActivationFactory(HStringReference(RuntimeClass_Windows_UI_Core_CoreWindow).Get(), IID_PPV_ARGS(&coreWindowStatic)); + + *reinterpret_cast(&TrueGetForCurrentThread) = (*reinterpret_cast(coreWindowStatic.Get()))[6]; + + DetourAttach(&TrueGetForCurrentThread, GetForCurrentThread_Hook); + } + else + { + hr = pDllGetActivationFactory(classId, _factory.GetAddressOf()); + } + + if (FAILED(hr)) return hr; + + return _factory.CopyTo(iid, factory); + + if (IsClassName(classId, "Windows.ApplicationModel.Core.CoreApplication")) + { + ComPtr ICoreApplicationPtr; + + hr = RoGetActivationFactory(HStringReference(RuntimeClass_Windows_ApplicationModel_Core_CoreApplication).Get(), IID_PPV_ARGS(&ICoreApplicationPtr)); + + *reinterpret_cast(&TrueGetForCurrentThread_App) = (*reinterpret_cast(ICoreApplicationPtr.Get()))[6]; + + DetourAttach(&TrueGetForCurrentThread_App, GetForCurrentThread_Hook_App); + } + else + { + hr = pDllGetActivationFactory(classId, _factory.GetAddressOf()); + } + + if (FAILED(hr)) return hr; + + return _factory.CopyTo(iid, factory); + } + + return hr; + } \ No newline at end of file