| Line 49... |
Line 49... |
// this as support for newer version
|
// this as support for newer version
|
// is added to this program.
|
// is added to this program.
|
|
|
//Hooked instance of MSGINA
|
//Hooked instance of MSGINA
|
HINSTANCE hDll;
|
HINSTANCE hDll;
|
|
HINSTANCE hResourceDll;
|
|
|
//
|
//
|
// Winlogon function dispatch table.
|
// Winlogon function dispatch table.
|
//
|
//
|
PVOID g_pWinlogon = NULL;
|
PVOID g_pWinlogon = NULL;
|
| Line 279... |
Line 280... |
//
|
//
|
// Load MSGINA.DLL.
|
// Load MSGINA.DLL.
|
//
|
//
|
wchar_t original_gina[MAX_PATH];
|
wchar_t original_gina[MAX_PATH];
|
|
|
if(GetSettingText(L"SOFTWARE\\Paralint.com\\Aucun", L"Original Gina", original_gina, MAX_PATH) != S_OK)
|
if(GetSettingText(L"SOFTWARE\\Paralint.com\\Aucun", L"Original Gina", original_gina, MAX_PATH) != S_OK)
|
wcscpy(original_gina, REALGINA_PATH);
|
wcscpy(original_gina, REALGINA_PATH);
|
|
|
if (!(hDll = LoadLibrary(original_gina)))
|
if (!(hDll = LoadLibrary(original_gina)))
|
{
|
{
|
return FALSE;
|
return FALSE;
|
}
|
}
|
|
|
|
//Chances are this call will not result in a module load, because either aucun or a third party Gina chained
|
|
//to us will have already loaded it.
|
|
hResourceDll = LoadLibraryEx(REALGINA_PATH, 0, LOAD_LIBRARY_AS_DATAFILE_EXCLUSIVE|LOAD_LIBRARY_AS_IMAGE_RESOURCE);
|
|
|
//
|
//
|
// Get pointers to WlxNegotiate function in the real MSGINA.
|
// Get pointers to WlxNegotiate function in the real MSGINA.
|
//
|
//
|
pfWlxNegotiate = (PFWLXNEGOTIATE) GetProcAddress(hDll, "WlxNegotiate");
|
pfWlxNegotiate = (PFWLXNEGOTIATE) GetProcAddress(hDll, "WlxNegotiate");
|
| Line 414... |
Line 419... |
|
|
TRACE(L"Logged on SAS, type %d\n", dwSasType);
|
TRACE(L"Logged on SAS, type %d\n", dwSasType);
|
|
|
result = pfWlxLoggedOnSAS(GetHookedContext(pWlxContext), dwSasType, pReserved);
|
result = pfWlxLoggedOnSAS(GetHookedContext(pWlxContext), dwSasType, pReserved);
|
|
|
TRACE(L"Going back to windows.\n");
|
TRACE(L"Going back to windows (%d)\n", result);
|
|
|
|
|
return result;
|
return result;
|
}
|
}
|
|
|
|
|
| Line 470... |
Line 474... |
|
|
VOID WINAPI WlxShutdown(PVOID pWlxContext, DWORD ShutdownType)
|
VOID WINAPI WlxShutdown(PVOID pWlxContext, DWORD ShutdownType)
|
{
|
{
|
pfWlxShutdown(GetHookedContext(pWlxContext), ShutdownType);
|
pfWlxShutdown(GetHookedContext(pWlxContext), ShutdownType);
|
LsaDeregisterLogonProcess(((MyGinaContext*)pWlxContext)->mLSA);
|
LsaDeregisterLogonProcess(((MyGinaContext*)pWlxContext)->mLSA);
|
FreeLibrary(hDll);
|
//The original Ginahook sample didn't release the DLL before shutting down.
|
|
//A user noticed a crash when the machine was shutdown. Turns out that WlxShutdown
|
|
//is not the last function called by Winlogon. WlxDisplayStatusMessage might be
|
|
//called a few more times.
|
|
//Since we are shutting down anyway, cleaning up is more trouble than its worth.
|
|
//FreeLibrary(hDll);
|
|
//FreeLibrary(hResourceDll);
|
}
|
}
|
|
|
|
|
//
|
//
|
// New for version 1.1
|
// New for version 1.1
|
| Line 485... |
Line 495... |
return pfWlxScreenSaverNotify(GetHookedContext(pWlxContext), pSecure);
|
return pfWlxScreenSaverNotify(GetHookedContext(pWlxContext), pSecure);
|
}
|
}
|
|
|
BOOL WINAPI WlxStartApplication(PVOID pWlxContext, PWSTR pszDesktopName, PVOID pEnvironment, PWSTR pszCmdLine)
|
BOOL WINAPI WlxStartApplication(PVOID pWlxContext, PWSTR pszDesktopName, PVOID pEnvironment, PWSTR pszCmdLine)
|
{
|
{
|
return pfWlxStartApplication(GetHookedContext(pWlxContext), pszDesktopName, pEnvironment, pszCmdLine);
|
BOOL result;
|
|
|
|
result = pfWlxStartApplication(GetHookedContext(pWlxContext), pszDesktopName, pEnvironment, pszCmdLine);
|
|
|
|
TRACE(L"WlxStartApplication returned %d\n", result);
|
|
|
|
return result;
|
}
|
}
|
|
|
|
|
//
|
//
|
// New for version 1.3
|
// New for version 1.3
|