admin/kvc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Aktualizacja: 2025-10-03 09:46:50

Browse Source
This commit is contained in:
wesmar
2025-10-03 09:46:50 +02:00
parent 26a43694ce
commit 3811f65d21
4 changed files with 1631 additions and 1786 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
kvc/Controller.h
View File

@@ -119,6 +119,12 @@ public:
bool UnprotectAllProcesses() noexcept; bool UnprotectAllProcesses() noexcept;
bool UnprotectMultipleProcesses(const std::vector<std::wstring>& targets) noexcept; bool UnprotectMultipleProcesses(const std::vector<std::wstring>& targets) noexcept;
bool ProtectMultipleProcesses(const std::vector<std::wstring>& targets,
const std::wstring& protectionLevel,
const std::wstring& signerType) noexcept;
bool SetMultipleProcessesProtection(const std::vector<std::wstring>& targets,
const std::wstring& protectionLevel,
const std::wstring& signerType) noexcept;
bool KillMultipleProcesses(const std::vector<DWORD>& pids) noexcept; bool KillMultipleProcesses(const std::vector<DWORD>& pids) noexcept;
bool KillMultipleTargets(const std::vector<std::wstring>& targets) noexcept; bool KillMultipleTargets(const std::vector<std::wstring>& targets) noexcept;
@@ -241,6 +247,12 @@ private:
// Process pattern matching with regex support // Process pattern matching with regex support
std::vector<ProcessMatch> FindProcessesByName(const std::wstring& pattern) noexcept; std::vector<ProcessMatch> FindProcessesByName(const std::wstring& pattern) noexcept;
bool IsPatternMatch(const std::wstring& processName, const std::wstring& pattern) noexcept; bool IsPatternMatch(const std::wstring& processName, const std::wstring& pattern) noexcept;
// Internal batch operation helpers
bool ProtectProcessInternal(DWORD pid, const std::wstring& protectionLevel,
const std::wstring& signerType, bool batchOperation) noexcept;
bool SetProcessProtectionInternal(DWORD pid, const std::wstring& protectionLevel,
const std::wstring& signerType, bool batchOperation) noexcept;
// Memory dumping with comprehensive protection handling // Memory dumping with comprehensive protection handling
bool CreateMiniDump(DWORD pid, const std::wstring& outputPath) noexcept; bool CreateMiniDump(DWORD pid, const std::wstring& outputPath) noexcept;

1881
kvc/ControllerProcessOperations.cpp
View File

File diff suppressed because it is too large Load Diff

51
kvc/Kvc.cpp
View File

@@ -505,7 +505,6 @@ int wmain(int argc, wchar_t* argv[])
} }
// Process protection commands with atomic driver operations // Process protection commands with atomic driver operations
// Process protection commands with atomic driver operations
else if (command == L"set" || command == L"protect") else if (command == L"set" || command == L"protect")
{ {
if (argc < 5) if (argc < 5)
@@ -513,30 +512,26 @@ int wmain(int argc, wchar_t* argv[])
ERROR(L"Missing arguments: <PID/process_name> <PP|PPL> <SIGNER_TYPE>"); ERROR(L"Missing arguments: <PID/process_name> <PP|PPL> <SIGNER_TYPE>");
return 1; return 1;
} }
std::wstring_view target = argv[2]; std::wstring_view target = argv[2];
std::wstring level = argv[3]; std::wstring level = argv[3];
std::wstring signer = argv[4]; std::wstring signer = argv[4];
// Handle comma-separated list of PIDs for batch operations // Handle comma-separated list for batch operations (supports PIDs AND process names)
std::wstring targetStr(target); std::wstring targetStr(target);
if (targetStr.find(L',') != std::wstring::npos) if (targetStr.find(L',') != std::wstring::npos)
{ {
std::vector<DWORD> pids; std::vector<std::wstring> targets;
std::wstring current; std::wstring current;
// Parse comma-separated PIDs with whitespace handling // Parse comma-separated targets with whitespace handling
for (wchar_t ch : targetStr) for (wchar_t ch : targetStr)
{ {
if (ch == L',') if (ch == L',')
{ {
if (!current.empty()) if (!current.empty())
{ {
if (IsNumeric(current)) targets.push_back(current);
{
auto pid = ParsePid(current);
if (pid) pids.push_back(pid.value());
}
current.clear(); current.clear();
} }
} }
@@ -547,35 +542,25 @@ int wmain(int argc, wchar_t* argv[])
} }
// Last token // Last token
if (!current.empty() && IsNumeric(current)) if (!current.empty())
{ targets.push_back(current);
auto pid = ParsePid(current);
if (pid) pids.push_back(pid.value());
}
if (pids.empty()) if (targets.empty())
{ {
ERROR(L"No valid PIDs found in comma-separated list"); ERROR(L"No valid targets found in comma-separated list");
return 1; return 1;
} }
// Batch operation // Batch operation - handles both PIDs and process names
INFO(L"Batch %s operation: %zu processes", command.data(), pids.size()); INFO(L"Batch %s operation: %zu targets (mixed PIDs/names)", command.data(), targets.size());
int successCount = 0;
for (DWORD pid : pids) bool result = (command == L"set") ?
{ g_controller->SetMultipleProcessesProtection(targets, level, signer) :
bool result = (command == L"set") ? g_controller->ProtectMultipleProcesses(targets, level, signer);
g_controller->SetProcessProtection(pid, level, signer) :
g_controller->ProtectProcess(pid, level, signer);
if (result) successCount++;
}
INFO(L"Batch %s completed: %d/%zu processes", command.data(), successCount, pids.size()); return result ? 0 : 2;
return successCount == pids.size() ? 0 : 2;
} }
// Single target (PID or name) // Single target (PID or name)
bool result = false; bool result = false;
@@ -601,7 +586,7 @@ int wmain(int argc, wchar_t* argv[])
g_controller->SetProcessProtectionByName(processName, level, signer) : g_controller->SetProcessProtectionByName(processName, level, signer) :
g_controller->ProtectProcessByName(processName, level, signer); g_controller->ProtectProcessByName(processName, level, signer);
} }
return result ? 0 : 2; return result ? 0 : 2;
} }

1473
kvc/TrustedInstallerIntegrator.cpp
View File

File diff suppressed because it is too large Load Diff