diff --git a/kdmapper/kdmapper.vcxproj b/kdmapper/kdmapper.vcxproj
index fce3f3e..2cf8ce1 100644
--- a/kdmapper/kdmapper.vcxproj
+++ b/kdmapper/kdmapper.vcxproj
@@ -83,14 +83,15 @@
Level4
- MaxSpeed
+ Disabled
true
true
stdcpp17
- true
+ false
RequireAdministrator
+ version.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)
diff --git a/kdmapper/kdmapper.vcxproj.user b/kdmapper/kdmapper.vcxproj.user
deleted file mode 100644
index 6e2aec7..0000000
--- a/kdmapper/kdmapper.vcxproj.user
+++ /dev/null
@@ -1,4 +0,0 @@
-
-
-
-
\ No newline at end of file
diff --git a/kdmapper/service.cpp b/kdmapper/service.cpp
index 5971699..7c73c1f 100644
--- a/kdmapper/service.cpp
+++ b/kdmapper/service.cpp
@@ -1,12 +1,92 @@
#include "service.hpp"
+
+bool ExistOtherService(SC_HANDLE service_manager) {
+ DWORD spaceNeeded = 0;
+ DWORD numServices = 0;
+ if (!EnumServicesStatus(service_manager, SERVICE_DRIVER, SERVICE_STATE_ALL, NULL, 0, &spaceNeeded, &numServices, 0) && GetLastError() != ERROR_MORE_DATA) {
+ printf("Can't enum service list error code: %d!!\n",GetLastError());
+ return true;
+ }
+ spaceNeeded += sizeof(ENUM_SERVICE_STATUSA);
+ LPENUM_SERVICE_STATUSA buffer = (LPENUM_SERVICE_STATUSA)new BYTE[spaceNeeded];
+
+ if (EnumServicesStatus(service_manager, SERVICE_DRIVER, SERVICE_STATE_ALL, buffer, spaceNeeded, &spaceNeeded, &numServices, 0)) {
+ for (DWORD i = 0; i < numServices; i++) {
+ ENUM_SERVICE_STATUSA service = buffer[i];
+ SC_HANDLE service_handle = OpenService(service_manager, service.lpServiceName, SERVICE_QUERY_CONFIG);
+ if (service_handle) {
+ LPQUERY_SERVICE_CONFIGA config = (LPQUERY_SERVICE_CONFIGA)new BYTE[8096]; //8096 = max size of QUERY_SERVICE_CONFIGA
+ DWORD needed = 0;
+ if (QueryServiceConfig(service_handle, config, 8096, &needed)) {
+ if (strstr(config->lpBinaryPathName, intel_driver::driver_name)) {
+ delete[] buffer;
+ printf("WARNING: Service called '%s' have same file name!!\n", config->lpDisplayName);
+ CloseServiceHandle(service_handle);
+ return false;
+ }
+ }
+ else {
+ printf("Note: Error query service %s error code: %d\n", service.lpServiceName, GetLastError());
+ }
+ CloseServiceHandle(service_handle);
+ }
+
+ }
+ delete[] buffer;
+ return false; //no equal services we can continue
+ }
+ delete[] buffer;
+ printf("Can't enum service list!!\n");
+ return true;
+
+}
+
+bool ExistsValorantService(SC_HANDLE service_manager) {
+ DWORD spaceNeeded = 0;
+ DWORD numServices = 0;
+ if (!EnumServicesStatus(service_manager, SERVICE_DRIVER, SERVICE_STATE_ALL, NULL, 0, &spaceNeeded, &numServices, 0) && GetLastError() != ERROR_MORE_DATA) {
+ printf("Can't enum service list error code: %d!!\n", GetLastError());
+ return true;
+ }
+ spaceNeeded += sizeof(ENUM_SERVICE_STATUSA);
+ LPENUM_SERVICE_STATUSA buffer = (LPENUM_SERVICE_STATUSA)new BYTE[spaceNeeded];
+
+ if (EnumServicesStatus(service_manager, SERVICE_DRIVER, SERVICE_STATE_ALL, buffer, spaceNeeded, &spaceNeeded, &numServices, 0)) {
+ for (DWORD i = 0; i < numServices; i++) {
+ ENUM_SERVICE_STATUSA service = buffer[i];
+ if (strstr(service.lpServiceName,"vgk")) {
+ if ((service.ServiceStatus.dwCurrentState == SERVICE_RUNNING || service.ServiceStatus.dwCurrentState == SERVICE_START_PENDING)) {
+ printf("Valorant service running, kdmapper stoped to prevent BSOD!!\n");
+ return true;
+ }
+
+ }
+ }
+ delete[] buffer;
+ return false; //no valorant service found
+ }
+ delete[] buffer;
+ printf("Can't enum service list!!\n");
+ return true;
+}
+
bool service::RegisterAndStart(const std::string& driver_path)
{
const std::string driver_name = std::filesystem::path(driver_path).filename().string();
- const SC_HANDLE sc_manager_handle = OpenSCManager(nullptr, nullptr, SC_MANAGER_CREATE_SERVICE);
+ const SC_HANDLE sc_manager_handle = OpenSCManager(nullptr, nullptr, SC_MANAGER_ALL_ACCESS);
- if (!sc_manager_handle)
+ if (!sc_manager_handle) {
+ printf("Can't open service manager\n");
return false;
+ }
+ if (ExistOtherService(sc_manager_handle)) {
+ return false;
+ }
+
+ if (ExistsValorantService(sc_manager_handle)) {
+ return false;
+ }
SC_HANDLE service_handle = CreateService(sc_manager_handle, driver_name.c_str(), driver_name.c_str(), SERVICE_START | SERVICE_STOP | DELETE, SERVICE_KERNEL_DRIVER, SERVICE_DEMAND_START, SERVICE_ERROR_IGNORE, driver_path.c_str(), nullptr, nullptr, nullptr, nullptr, nullptr);
@@ -16,6 +96,7 @@ bool service::RegisterAndStart(const std::string& driver_path)
if (!service_handle)
{
+ printf("Can't create the vulnerable service, check your AV!!\n");
CloseServiceHandle(sc_manager_handle);
return false;
}
@@ -25,7 +106,9 @@ bool service::RegisterAndStart(const std::string& driver_path)
CloseServiceHandle(service_handle);
CloseServiceHandle(sc_manager_handle);
-
+ if (!result) {
+ printf("Can't start the vulnerable service, check your AV!!\n");
+ }
return result;
}
diff --git a/kdmapper/service.hpp b/kdmapper/service.hpp
index 49ff9da..42ef645 100644
--- a/kdmapper/service.hpp
+++ b/kdmapper/service.hpp
@@ -2,6 +2,7 @@
#include
#include
#include
+#include "intel_driver.hpp"
namespace service
{