diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e8f6e1b --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +build +USBPcapCMD/build +USBPcapDriver/build +.vs diff --git a/USBPcap.sln b/USBPcap.sln new file mode 100644 index 0000000..23e2d65 --- /dev/null +++ b/USBPcap.sln @@ -0,0 +1,57 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio Version 17 +VisualStudioVersion = 17.6.33815.320 +MinimumVisualStudioVersion = 10.0.40219.1 +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "USBPcap", "USBPcapDriver\USBPcap.vcxproj", "{9C54EF34-97C5-44BA-BBA6-5B2385C53F64}" +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "USBPcapCMD", "USBPcapCMD\USBPcapCMD.vcxproj", "{B2537488-6872-4FF7-8E80-E71BB57AD3BE}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|ARM64 = Debug|ARM64 + Debug|x64 = Debug|x64 + Debug|x86 = Debug|x86 + Release|ARM64 = Release|ARM64 + Release|x64 = Release|x64 + Release|x86 = Release|x86 + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Debug|ARM64.ActiveCfg = Debug|ARM64 + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Debug|ARM64.Build.0 = Debug|ARM64 + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Debug|ARM64.Deploy.0 = Debug|ARM64 + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Debug|x64.ActiveCfg = Debug|x64 + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Debug|x64.Build.0 = Debug|x64 + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Debug|x64.Deploy.0 = Debug|x64 + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Debug|x86.ActiveCfg = Debug|Win32 + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Debug|x86.Build.0 = Debug|Win32 + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Debug|x86.Deploy.0 = Debug|Win32 + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Release|ARM64.ActiveCfg = Release|ARM64 + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Release|ARM64.Build.0 = Release|ARM64 + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Release|ARM64.Deploy.0 = Release|ARM64 + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Release|x64.ActiveCfg = Release|x64 + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Release|x64.Build.0 = Release|x64 + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Release|x64.Deploy.0 = Release|x64 + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Release|x86.ActiveCfg = Release|x64 + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Release|x86.Build.0 = Release|x64 + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64}.Release|x86.Deploy.0 = Release|x64 + {B2537488-6872-4FF7-8E80-E71BB57AD3BE}.Debug|ARM64.ActiveCfg = Debug|ARM64 + {B2537488-6872-4FF7-8E80-E71BB57AD3BE}.Debug|ARM64.Build.0 = Debug|ARM64 + {B2537488-6872-4FF7-8E80-E71BB57AD3BE}.Debug|x64.ActiveCfg = Debug|x64 + {B2537488-6872-4FF7-8E80-E71BB57AD3BE}.Debug|x64.Build.0 = Debug|x64 + {B2537488-6872-4FF7-8E80-E71BB57AD3BE}.Debug|x86.ActiveCfg = Debug|Win32 + {B2537488-6872-4FF7-8E80-E71BB57AD3BE}.Debug|x86.Build.0 = Debug|Win32 + {B2537488-6872-4FF7-8E80-E71BB57AD3BE}.Release|ARM64.ActiveCfg = Release|ARM64 + {B2537488-6872-4FF7-8E80-E71BB57AD3BE}.Release|ARM64.Build.0 = Release|ARM64 + {B2537488-6872-4FF7-8E80-E71BB57AD3BE}.Release|x64.ActiveCfg = Release|x64 + {B2537488-6872-4FF7-8E80-E71BB57AD3BE}.Release|x64.Build.0 = Release|x64 + {B2537488-6872-4FF7-8E80-E71BB57AD3BE}.Release|x86.ActiveCfg = Release|Win32 + {B2537488-6872-4FF7-8E80-E71BB57AD3BE}.Release|x86.Build.0 = Release|Win32 + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection + GlobalSection(ExtensibilityGlobals) = postSolution + SolutionGuid = {5F2D536B-9C6E-4755-9E31-7795CEA12E12} + EndGlobalSection +EndGlobal diff --git a/USBPcapCMD/USBPcapCMD.manifest b/USBPcapCMD/USBPcapCMD.manifest index 7e3424b..86820f8 100644 --- a/USBPcapCMD/USBPcapCMD.manifest +++ b/USBPcapCMD/USBPcapCMD.manifest @@ -2,9 +2,9 @@ - + USBPcapCMD diff --git a/USBPcapCMD/USBPcapCMD.vcxproj b/USBPcapCMD/USBPcapCMD.vcxproj new file mode 100644 index 0000000..04af522 --- /dev/null +++ b/USBPcapCMD/USBPcapCMD.vcxproj @@ -0,0 +1,205 @@ + + + + + Debug + ARM64 + + + Debug + Win32 + + + Release + ARM64 + + + Release + Win32 + + + Debug + x64 + + + Release + x64 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 17.0 + Win32Proj + {b2537488-6872-4ff7-8e80-e71bb57ad3be} + USBPcapCMD + 10.0 + + + + Application + v143 + Unicode + + + true + + + false + + + + + + + + + + + + $(VC_IncludePath);$(WindowsSDK_IncludePath);..\USBPcapDriver\include + $(SolutionDir)build\cmd\$(Platform)\$(ConfigurationName)\ + build\$(Platform)\$(ConfigurationName)\ + + + + Level3 + true + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + true + + + Windows + true + $(CoreLibraryDependencies);Cfgmgr32.lib;Setupapi.lib;%(AdditionalDependencies) + + + + + + + + + Level3 + true + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + true + + + Windows + true + $(CoreLibraryDependencies);Cfgmgr32.lib;Setupapi.lib;%(AdditionalDependencies) + + + + + + + + + Level3 + true + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + true + + + Windows + true + true + true + + + $(CoreLibraryDependencies);Cfgmgr32.lib;Setupapi.lib;%(AdditionalDependencies) + + + + + + + Level3 + true + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + true + + + Windows + true + true + true + + + $(CoreLibraryDependencies);Cfgmgr32.lib;Setupapi.lib;%(AdditionalDependencies) + + + + + + + Level3 + true + _DEBUG;_CONSOLE;%(PreprocessorDefinitions) + true + + + Windows + true + $(CoreLibraryDependencies);Cfgmgr32.lib;Setupapi.lib;%(AdditionalDependencies) + + + + + + + + + Level3 + true + true + true + NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + true + + + Windows + true + true + true + + + $(CoreLibraryDependencies);Cfgmgr32.lib;Setupapi.lib;%(AdditionalDependencies) + + + + + + + + diff --git a/USBPcapCMD/USBPcapCMD.vcxproj.filters b/USBPcapCMD/USBPcapCMD.vcxproj.filters new file mode 100644 index 0000000..c4ef0fd --- /dev/null +++ b/USBPcapCMD/USBPcapCMD.vcxproj.filters @@ -0,0 +1,77 @@ + + + + + {4FC737F1-C7A5-4376-A066-2A32D752A2FF} + cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx + + + {93995380-89BD-4b04-88EB-625FBE52EBFB} + h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd + + + {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} + rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms + + + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + + + + + + Resource Files + + + diff --git a/USBPcapCMD/USBPcapCMD.vcxproj.user b/USBPcapCMD/USBPcapCMD.vcxproj.user new file mode 100644 index 0000000..88a5509 --- /dev/null +++ b/USBPcapCMD/USBPcapCMD.vcxproj.user @@ -0,0 +1,4 @@ + + + + \ No newline at end of file diff --git a/USBPcapCMD/getopt.c b/USBPcapCMD/getopt.c index 21e094e..75681fa 100644 --- a/USBPcapCMD/getopt.c +++ b/USBPcapCMD/getopt.c @@ -54,7 +54,7 @@ #include #include #include -#include +#include "getopt.h" #include #include #include diff --git a/USBPcapDriver/USBPcap.inf b/USBPcapDriver/USBPcap.inf new file mode 100644 index 0000000..9e882ae --- /dev/null +++ b/USBPcapDriver/USBPcap.inf @@ -0,0 +1,56 @@ +[Version] +Signature = "$WINDOWS NT$" +Class = USB +ClassGuid = {36FC9E60-C465-11CF-8056-444553540000} +DriverPackageType = ClassFilter +Provider = %PROVIDER% +CatalogFile.NTx86 = USBPcapx86.cat +CatalogFile.NTamd64 = USBPcapamd64.cat +CatalogFile.NTarm64 = USBPcaparm64.cat + +[DestinationDirs] +DefaultDestDir = 12 + +[SourceDisksNames] +1 = %DiskId1%,,,"." + +[SourceDisksFiles] +USBPcap.sys = 1,, + +[DefaultInstall.NT$ARCH$] +CopyFiles = @USBPcap.sys +AddReg = USBPcap.AddReg + +[DefaultUninstall.NT$ARCH$] +DelFiles = @USBPcap.sys +DelReg = USBPcap.DelReg +LegacyUninstall = 1 + +[USBPcap.AddReg] +;Add USBPcap to UpperFilters +HKLM, System\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}, UpperFilters, 0x00010008, USBPcap + +[USBPcap.DelReg] +;Delete USBPcap from UpperFilters +HKLM, System\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}, UpperFilters, 0x00018002, USBPcap + +[DefaultInstall.NT$ARCH$.Services] +AddService = USBPcap,,Service.AddService + +[DefaultUninstall.NT$ARCH$.Services] +DelService = USBPcap,0x00000200 + +[Service.AddService] +DisplayName = %USBPcap.SvcDesc% +ServiceType = 1 ; SERVICE_KERNEL_DRIVER +StartType = 3 ; SERVICE_DEMAND_START +ErrorControl = 2 ; SERVICE_ERROR_SEVERE +ServiceBinary = %12%\USBPcap.sys + +[Strings] +PROVIDER = "USBPcap" +StdMfg = "USBPcap Developers" +DiskId1 = "USBPcap Installation Disk #1" +USBPcap.DeviceDesc = "USBPcap Filter Driver" +USBPcap.SvcDesc = "USBPcap Capture Service" + diff --git a/USBPcapDriver/USBPcap.user b/USBPcapDriver/USBPcap.user new file mode 100644 index 0000000..88a5509 --- /dev/null +++ b/USBPcapDriver/USBPcap.user @@ -0,0 +1,4 @@ + + + + \ No newline at end of file diff --git a/USBPcapDriver/USBPcap.vcxproj b/USBPcapDriver/USBPcap.vcxproj new file mode 100644 index 0000000..07f0619 --- /dev/null +++ b/USBPcapDriver/USBPcap.vcxproj @@ -0,0 +1,144 @@ + + + + + Release + x64 + + + Debug + x64 + + + Release + ARM64 + + + Debug + ARM64 + + + Release + Win32 + + + Debug + Win32 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + {9C54EF34-97C5-44BA-BBA6-5B2385C53F64} + {497e31cb-056b-4f31-abb8-447fd55ee5a5} + v4.5 + 12.0 + Debug + x64 + USBPcap + USBPcap + $(LatestTargetPlatformVersion) + + + + Windows10 + WindowsKernelModeDriver10.0 + Driver + KMDF + Universal + + + false + + + true + + + + + + + + + + + DbgengKernelDebugger + $(IncludePath) + $(VC_IncludePath);$(WindowsSDK_IncludePath); + $(SolutionDir)build\driver\$(Platform)\$(ConfigurationName)\ + build\$(Platform)\$(ConfigurationName)\ + http://sha256timestamp.ws.symantec.com/sha256/timestamp + true + + + + true + true + true + false + %(AdditionalIncludeDirectories) + + + sha256 + /as /td sha256 /tr "http://sha256timestamp.ws.symantec.com/sha256/timestamp" %(AdditionalOptions) + + + $(DDK_LIB_PATH)wdmsec.lib;$(DDK_LIB_PATH)usbd.lib;%(AdditionalDependencies) + + + true + + + + + true + true + true + false + + + sha256 + /as /tr "http://sha256timestamp.ws.symantec.com/sha256/timestamp" /td sha256 %(AdditionalOptions) + + + true + oldnames.lib;%(IgnoreSpecificDefaultLibraries) + FxDriverEntry + $(DDK_LIB_PATH)wdmsec.lib;$(DDK_LIB_PATH)usbd.lib;%(AdditionalDependencies) + + + + + + + + + + + + diff --git a/USBPcapDriver/USBPcap.vcxproj.filters b/USBPcapDriver/USBPcap.vcxproj.filters new file mode 100644 index 0000000..be729c0 --- /dev/null +++ b/USBPcapDriver/USBPcap.vcxproj.filters @@ -0,0 +1,93 @@ + + + + + {4FC737F1-C7A5-4376-A066-2A32D752A2FF} + cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx + + + {93995380-89BD-4b04-88EB-625FBE52EBFB} + h;hpp;hxx;hm;inl;inc;xsd + + + {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} + rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms + + + {8E41214B-6785-4CFE-B992-037D68949A14} + inf;inv;inx;mof;mc; + + + + + Driver Files + + + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + diff --git a/USBPcapDriver/USBPcap.vcxproj.user b/USBPcapDriver/USBPcap.vcxproj.user new file mode 100644 index 0000000..062f390 --- /dev/null +++ b/USBPcapDriver/USBPcap.vcxproj.user @@ -0,0 +1,6 @@ + + + + ..\certificates\USBPcapTestCert.pfx + + \ No newline at end of file