IntroVirt/CreateProcessW_8hh_source.html

/*

 * Copyright 2021 Assured Information Security, Inc.

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *         http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

/* This file is automatically generated. Do not edit. */

#pragma once


#include <cstdint>

#include <introvirt/core/memory/guest_ptr.hh>

#include <introvirt/windows/libraries/WindowsFunctionCall.hh>

#include <introvirt/windows/libraries/kernel32/types/PROCESS_INFORMATION.hh>

#include <introvirt/windows/libraries/kernel32/types/STARTUPINFOW.hh>

#include <ostream>

#include <string>


namespace introvirt {

namespace windows {

namespace kernel32 {


class CreateProcessW final : public WindowsFunctionCall {

  public:

    guest_ptr<char16_t[]> pApplicationName() const;

    void pApplicationName(const guest_ptr<char16_t[]>& pApplicationName);


    guest_ptr<char16_t[]> pCommandLine() const;

    void pCommandLine(const guest_ptr<char16_t[]>& pCommandLine);


    guest_ptr<void> pProcessAttributes() const;

    void pProcessAttributes(const guest_ptr<void>& pProcessAttributes);


    guest_ptr<void> pThreadAttributes() const;

    void pThreadAttributes(const guest_ptr<void>& pThreadAttributes);


    bool bInheritHandles() const;

    void bInheritHandles(bool bInheritHandles);


    uint32_t dwCreationFlags() const;

    void dwCreationFlags(uint32_t dwCreationFlags);


    guest_ptr<void> pEnvironment() const;

    void pEnvironment(const guest_ptr<void>& pEnvironment);


    guest_ptr<char16_t[]> pCurrentDirectory() const;

    void pCurrentDirectory(const guest_ptr<char16_t[]>& pCurrentDirectory);


    guest_ptr<void> pStartupInfo() const;

    void pStartupInfo(const guest_ptr<void>& pStartupInfo);

    std::shared_ptr<STARTUPINFOW> StartupInfo();


    guest_ptr<void> pProcessInformation() const;

    void pProcessInformation(const guest_ptr<void>& pProcessInformation);

    std::shared_ptr<PROCESS_INFORMATION> ProcessInformation();


    const std::string& function_name() const override;

    const std::string& library_name() const override;

    void write(std::ostream& os = std::cout) const override;

    Json::Value json() const override;


    bool result() const;

    void result(bool result);


    CreateProcessW(Event& event);

    ~CreateProcessW() override;


    /* Injection helper */

    static bool

    inject(const guest_ptr<char16_t[]>& pApplicationName, const guest_ptr<char16_t[]>& pCommandLine,

           const guest_ptr<void>& pProcessAttributes, const guest_ptr<void>& pThreadAttributes,

           bool bInheritHandles, uint32_t dwCreationFlags, const guest_ptr<void>& pEnvironment,

           const guest_ptr<char16_t[]>& pCurrentDirectory, const guest_ptr<void>& pStartupInfo,

           const guest_ptr<void>& pProcessInformation);


    static constexpr int ArgumentCount = 10;

    inline static const std::string LibraryName = "kernel32";

    inline static const std::string FunctionName = "CreateProcessW";


  private:

    /* Injection constructor */

    CreateProcessW(Event& event, const guest_ptr<char16_t[]>& pApplicationName,

                   const guest_ptr<char16_t[]>& pCommandLine,

                   const guest_ptr<void>& pProcessAttributes,

                   const guest_ptr<void>& pThreadAttributes, bool bInheritHandles,

                   uint32_t dwCreationFlags, const guest_ptr<void>& pEnvironment,

                   const guest_ptr<char16_t[]>& pCurrentDirectory,

                   const guest_ptr<void>& pStartupInfo, const guest_ptr<void>& pProcessInformation);


  private:

    guest_ptr<void> pApplicationName_;

    guest_ptr<void> pCommandLine_;

    mutable guest_ptr<void> pProcessAttributes_;

    mutable guest_ptr<void> pThreadAttributes_;

    bool bInheritHandles_;

    uint32_t dwCreationFlags_;

    mutable guest_ptr<void> pEnvironment_;

    guest_ptr<void> pCurrentDirectory_;

    guest_ptr<void> pStartupInfo_;

    guest_ptr<void> pProcessInformation_;

};


} // namespace kernel32

} // namespace windows

} // namespace introvirt

STARTUPINFOW.hh

WindowsFunctionCall.hh

introvirt::Event
Interface class for hypervisor events.
Definition Event.hh:43

introvirt::basic_guest_ptr
Definition guest_ptr.hh:88

introvirt::windows::WindowsFunctionCall
Definition WindowsFunctionCall.hh:31

introvirt::windows::kernel32::CreateProcessW
Handler for kernel32!CreateProcessW.
Definition CreateProcessW.hh:37

introvirt::windows::kernel32::CreateProcessW::StartupInfo
std::shared_ptr< STARTUPINFOW > StartupInfo()

introvirt::windows::kernel32::CreateProcessW::pCommandLine
void pCommandLine(const guest_ptr< char16_t[]> &pCommandLine)

introvirt::windows::kernel32::CreateProcessW::pThreadAttributes
guest_ptr< void > pThreadAttributes() const

introvirt::windows::kernel32::CreateProcessW::~CreateProcessW
~CreateProcessW() override

introvirt::windows::kernel32::CreateProcessW::pCurrentDirectory
void pCurrentDirectory(const guest_ptr< char16_t[]> &pCurrentDirectory)

introvirt::windows::kernel32::CreateProcessW::pProcessInformation
guest_ptr< void > pProcessInformation() const

introvirt::windows::kernel32::CreateProcessW::library_name
const std::string & library_name() const override
Get the name of the library this call is for.

introvirt::windows::kernel32::CreateProcessW::bInheritHandles
bool bInheritHandles() const

introvirt::windows::kernel32::CreateProcessW::pStartupInfo
void pStartupInfo(const guest_ptr< void > &pStartupInfo)

introvirt::windows::kernel32::CreateProcessW::inject
static bool inject(const guest_ptr< char16_t[]> &pApplicationName, const guest_ptr< char16_t[]> &pCommandLine, const guest_ptr< void > &pProcessAttributes, const guest_ptr< void > &pThreadAttributes, bool bInheritHandles, uint32_t dwCreationFlags, const guest_ptr< void > &pEnvironment, const guest_ptr< char16_t[]> &pCurrentDirectory, const guest_ptr< void > &pStartupInfo, const guest_ptr< void > &pProcessInformation)

introvirt::windows::kernel32::CreateProcessW::pProcessInformation
void pProcessInformation(const guest_ptr< void > &pProcessInformation)

introvirt::windows::kernel32::CreateProcessW::write
void write(std::ostream &os=std::cout) const override
Write out a textual representation of the function for display.

introvirt::windows::kernel32::CreateProcessW::CreateProcessW
CreateProcessW(Event &event)

introvirt::windows::kernel32::CreateProcessW::function_name
const std::string & function_name() const override
Get the function name.

introvirt::windows::kernel32::CreateProcessW::LibraryName
static const std::string LibraryName
Definition CreateProcessW.hh:91

introvirt::windows::kernel32::CreateProcessW::pApplicationName
void pApplicationName(const guest_ptr< char16_t[]> &pApplicationName)

introvirt::windows::kernel32::CreateProcessW::FunctionName
static const std::string FunctionName
Definition CreateProcessW.hh:92

introvirt::windows::kernel32::CreateProcessW::bInheritHandles
void bInheritHandles(bool bInheritHandles)

introvirt::windows::kernel32::CreateProcessW::dwCreationFlags
void dwCreationFlags(uint32_t dwCreationFlags)

introvirt::windows::kernel32::CreateProcessW::pProcessAttributes
void pProcessAttributes(const guest_ptr< void > &pProcessAttributes)

introvirt::windows::kernel32::CreateProcessW::pCurrentDirectory
guest_ptr< char16_t[]> pCurrentDirectory() const

introvirt::windows::kernel32::CreateProcessW::ArgumentCount
static constexpr int ArgumentCount
Definition CreateProcessW.hh:90

introvirt::windows::kernel32::CreateProcessW::pApplicationName
guest_ptr< char16_t[]> pApplicationName() const

introvirt::windows::kernel32::CreateProcessW::result
bool result() const

introvirt::windows::kernel32::CreateProcessW::json
Json::Value json() const override
Get the function as Json.

introvirt::windows::kernel32::CreateProcessW::pCommandLine
guest_ptr< char16_t[]> pCommandLine() const

introvirt::windows::kernel32::CreateProcessW::pEnvironment
guest_ptr< void > pEnvironment() const

introvirt::windows::kernel32::CreateProcessW::pEnvironment
void pEnvironment(const guest_ptr< void > &pEnvironment)

introvirt::windows::kernel32::CreateProcessW::ProcessInformation
std::shared_ptr< PROCESS_INFORMATION > ProcessInformation()

introvirt::windows::kernel32::CreateProcessW::pThreadAttributes
void pThreadAttributes(const guest_ptr< void > &pThreadAttributes)

introvirt::windows::kernel32::CreateProcessW::pStartupInfo
guest_ptr< void > pStartupInfo() const

introvirt::windows::kernel32::CreateProcessW::result
void result(bool result)

introvirt::windows::kernel32::CreateProcessW::dwCreationFlags
uint32_t dwCreationFlags() const

introvirt::windows::kernel32::CreateProcessW::pProcessAttributes
guest_ptr< void > pProcessAttributes() const

guest_ptr.hh
Type-safe guest virtual address pointer and guest_ptr template.

PROCESS_INFORMATION.hh

introvirt
Core IntroVirt classes.
Definition Cr0.hh:20