BoxedApp Blog

BoxedApp SDK 2.1, BoxedApp Packer 2.2

---

• Author: Artem A. Razin
• June 16, 2009
• Category: BoxedApp Packer, BoxedApp Packer Release, BoxedApp SDK, BoxedApp SDK Release, C++, Delphi, examples, use cases

Released new versions of products of the BoxedApp series: BoxedApp SDK 2.1, BoxedApp Packer 2.2.
[ Download demo versions ]


Briefly on what has been done:

• Virtual registry editor in BoxedApp Packer
• API for intercepting functions
• Minor improvements

Virtual registry editor in BoxedApp Packer

Formerly, all virtual registry operations were carried out in users’ plugins. If it was required to create even a single virtual registry key, one needed to create a plugin, which would use the BoxedApp SDK functions.

Now BoxedApp Packer contains a full-fledged virtual registry editor. Literally with a couple of mouse clicks you can create the virtual keys you need and specify the parameter values.

[ back to top ]

API for intercepting functions

To create a virtual file system / registry, BoxedApp SDK (this, by the way, is exactly what applications created with BoxedApp Packer use) uses the interception of system functions technique. A number of original ideas have allowed us to create an interception system compatible with any environment, and now the part of SDK that is in charge of the interception has become accessible to developers – SDK users.

Now BoxedApp SDK can be considered as a full-value alternative to Microsoft’s Detours.

Be reminded that BoxedApp SDK supports 32-bit and 64-bit environments and also can be statically linked to applications that use VC++ / Delphi of any versions. And, of course, SDK can be used in any development environment that supports the use of DLL.

A couple of examples in C++ and Delphi that disable creating and opening the file named “1.txt”:

typedef HANDLE (WINAPI *P_CreateFileW)(
	LPCWSTR lpFileName,
	DWORD dwDesiredAccess,
	DWORD dwShareMode,
	LPSECURITY_ATTRIBUTES lpSecurityAttributes,
	DWORD dwCreationDisposition,
	DWORD dwFlagsAndAttributes,
	HANDLE hTemplateFile);
P_CreateFileW g_pCreateFileW;

HANDLE WINAPI My_CreateFileW(
	LPCWSTR lpFileName,
	DWORD dwDesiredAccess,
	DWORD dwShareMode,
	LPSECURITY_ATTRIBUTES lpSecurityAttributes,
	DWORD dwCreationDisposition,
	DWORD dwFlagsAndAttributes,
	HANDLE hTemplateFile)
{
	if (0 == lstrcmpiW(lpFileName, L"1.txt"))
	{
		SetLastError(ERROR_FILE_EXISTS);
		return INVALID_HANDLE_VALUE;
	}
	else
		return g_pCreateFileW(
				lpFileName,
				dwDesiredAccess,
				dwShareMode,
				lpSecurityAttributes,
				dwCreationDisposition,
				dwFlagsAndAttributes,
				hTemplateFile);
}
...
BoxedAppSDK_Init();

PVOID pCreateFileW = GetProcAddress(GetModuleHandle(_T("kernel32.dll")), "CreateFileW");

HANDLE hHook__CreateFileW = BoxedAppSDK_HookFunction(pCreateFileW, &My_CreateFileW, TRUE);

g_pCreateFileW = (P_CreateFileW)BoxedAppSDK_GetOriginalFunction(hHook__CreateFileW);

FILE* f = fopen("1.txt", "r");

// f is NULL
...

BoxedAppSDK_UnhookFunction(hHook__CreateFileW);

Delphi version of the same idea:

type
TCreateFileW = 
   function(lpFileName: PWideChar;
            dwDesiredAccess, dwShareMode: Integer;
            lpSecurityAttributes: PSecurityAttributes;
            dwCreationDisposition, dwFlagsAndAttributes: DWORD;
            hTemplateFile: THandle): THandle; stdcall;

var
   OriginalCreateFileW: TCreateFileW;

function My_CreateFileW(
         lpFileName: PWideChar;
         dwDesiredAccess, dwShareMode: Integer;
         lpSecurityAttributes: PSecurityAttributes;
         dwCreationDisposition, dwFlagsAndAttributes: DWORD;
         hTemplateFile: THandle): THandle; stdcall;
begin
   if 0 = lstrcmpiW(lpFileName, '1.txt') then
   begin
      Result := INVALID_HANDLE_VALUE;
      SetLastError(ERROR_ALREADY_EXISTS);
   end
   else
      Result := 
        OriginalCreateFileW(
           lpFileName, 
           dwDesiredAccess,
           dwShareMode, 
           lpSecurityAttributes, 
           dwCreationDisposition, 
           dwFlagsAndAttributes, 
           hTemplateFile);
end;

var
   pCreateFileW: Pointer;
   hHook__CreateFileW: THandle;

begin
  Application.Initialize;

  BoxedAppSDK_Init;

  pCreateFileW := GetProcAddress(GetModuleHandle('kernel32.dll'), 'CreateFileW');
  hHook__CreateFileW := BoxedAppSDK_HookFunction(pCreateFileW, @My_CreateFileW, TRUE);
  OriginalCreateFileW := BoxedAppSDK_GetOriginalFunction(hHook__CreateFileW);

  // This line produces an exception because we prevent creating / opening '1.txt'
  TFileStream.Create('1.txt', fmCreate or fmOpenRead);

  BoxedAppSDK_UnhookFunction(hHook__CreateFileW);
end.

[ back to top ]

Minor improvements

• Added support for the FILE_FLAG_DELETE_ON_CLOSE flag for virtual files
• Fixed minor problems with launching virtual executable files created with Delphi
• Created a more flexible system for storing virtual files in the memory

[ back to top ]

[ Download demo versions ]

• No Responses
• Leave a comment...
• Comment Feeds