Created
April 30, 2021 09:46
-
-
Save nefarius/85c737da316ca5b68169a29f6e71d770 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Use e.g. https://github.com/dotnet/pinvoke/ | |
// Install-Package PInvoke.Kernel32 | |
using (var handle = Kernel32.CreateFile("\\\\.\\HidHide", | |
Kernel32.ACCESS_MASK.GenericRight.GENERIC_READ, | |
Kernel32.FileShare.FILE_SHARE_READ | Kernel32.FileShare.FILE_SHARE_WRITE, | |
IntPtr.Zero, Kernel32.CreationDisposition.OPEN_EXISTING, | |
Kernel32.CreateFileFlags.FILE_ATTRIBUTE_NORMAL, | |
Kernel32.SafeObjectHandle.Null | |
)) | |
{ | |
var buffer = IntPtr.Zero; | |
// List of allowed application paths | |
IList<string> paths = new List<string>(); | |
// Get existing list of allowed applications | |
// This is important to not discard entries other processes potentially made | |
// Always get the current list before altering/submitting it | |
try | |
{ | |
// Get required buffer size | |
// Check return value for success | |
Kernel32.DeviceIoControl( | |
handle, | |
unchecked((int) IOCTL_GET_WHITELIST), | |
IntPtr.Zero, | |
0, | |
IntPtr.Zero, | |
0, | |
out var required, | |
IntPtr.Zero | |
); | |
buffer = Marshal.AllocHGlobal(required); | |
// Get actual buffer content | |
// Check return value for success | |
Kernel32.DeviceIoControl( | |
handle, | |
unchecked((int) IOCTL_GET_WHITELIST), | |
IntPtr.Zero, | |
0, | |
buffer, | |
required, | |
out _, | |
IntPtr.Zero | |
); | |
// Store existing allow-list in a more manageable "C#" fashion | |
paths = buffer.MultiSzPointerToStringArray(required).ToList(); | |
} | |
finally | |
{ | |
Marshal.FreeHGlobal(buffer); | |
} | |
// Manipulate allow-list and submit it | |
try | |
{ | |
buffer = paths | |
.Concat(new[] // Add our own instance paths to the existing list | |
{ | |
// Add application stored on multiple mounted folders | |
VolumeHelper.PathToDosDevicePath(@"D:\test-junction\subdir\another\deep\SCPUser.exe"), | |
// Add development build of DS4Windows | |
VolumeHelper.PathToDosDevicePath( | |
@"D:\Development\GitHub\DS4Windows\DS4Windows\bin\x64\Debug\DS4Windows.exe") | |
}) | |
.Distinct() // Remove duplicates, if any | |
.StringArrayToMultiSzPointer(out var length); // Convert to usable buffer | |
// Submit new list | |
// Check return value for success | |
Kernel32.DeviceIoControl( | |
handle, | |
unchecked((int) IOCTL_SET_WHITELIST), | |
buffer, | |
length, | |
IntPtr.Zero, | |
0, | |
out _, | |
IntPtr.Zero | |
); | |
} | |
finally | |
{ | |
Marshal.FreeHGlobal(buffer); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment