rtt.c rename global variables and move them up, indentation fixes

This commit is contained in:
Alberto Ortega 2021-11-07 18:13:55 +01:00
parent 04191954f6
commit febe5028d0

View File

@ -15,6 +15,16 @@
/* Duration of each check */
#define MAX_DURATION 3000
/* Some RTT global variables */
HHOOK rtt_hook;
BOOL rtt_is_success = FALSE;
BOOL rtt_is_timeout = FALSE;
BOOL rtt_is_within_rect = FALSE;
/* Tracks the point in time of last click */
u_int64 rtt_last = 0;
/* Default double click time in milliseconds */
u_int rtt_double_click_time = 500;
/*
* Checks, for the presence of a mouse device.
*
@ -114,20 +124,17 @@ VOID CALLBACK timer_proc() {
PostMessageA(NULL, WM_CUSTOM, 0, 0);
}
HHOOK hook;
BOOL is_success = FALSE;
/*
* Callback for a low-level mouse hook, which checks, if a single click occurs.
*/
LRESULT CALLBACK single_click_proc(int nCode, WPARAM wParam, LPARAM lp) {
if (nCode >= 0) {
if (wParam == WM_LBUTTONUP) {
is_success = TRUE;
rtt_is_success = TRUE;
PostMessageA(NULL, WM_CUSTOM, 0 , 0);
}
}
return CallNextHookEx(hook, nCode, wParam, lp);
return CallNextHookEx(rtt_hook, nCode, wParam, lp);
}
/*
@ -155,30 +162,23 @@ u_int64 get_current_time_in_millis(){
return ms;
}
/* Tracks the point in time of last click */
u_int64 last = 0;
/* Default double click time in milliseconds */
u_int double_click_time = 500;
/*
* Callback for a low-level mouse hook, which checks, if a double click occurs.
* The presence of a double click is assumed if two clicks are observed within
* the time frame double_click_time.
* the time frame rtt_double_click_time.
*/
LRESULT CALLBACK double_click_proc(int code, WPARAM wp, LPARAM lp) {
if (code >= 0) {
if (wp == WM_LBUTTONDOWN) {
u_int64 now = get_current_time_in_millis();
if((now - last) < double_click_time){
is_success = TRUE;
if((now - rtt_last) < rtt_double_click_time){
rtt_is_success = TRUE;
PostMessageA(NULL, WM_CUSTOM, 0 , 0);
}
last = now;
rtt_last = now;
}
}
return CallNextHookEx(hook, code, wp, lp);
return CallNextHookEx(rtt_hook, code, wp, lp);
}
/*
@ -186,7 +186,7 @@ LRESULT CALLBACK double_click_proc(int code, WPARAM wp, LPARAM lp) {
*/
int install_hook(LRESULT CALLBACK (*callback)(int code, WPARAM wp, LPARAM lp)){
SetTimer(NULL, 0, MAX_DURATION, (TIMERPROC) &timer_proc);
hook = SetWindowsHookEx(WH_MOUSE_LL, callback, NULL, 0);
rtt_hook = SetWindowsHookEx(WH_MOUSE_LL, callback, NULL, 0);
MSG msg;
while (GetMessage(&msg, NULL, 0, 0) > 0) {
@ -201,13 +201,14 @@ int install_hook(LRESULT CALLBACK (*callback)(int code, WPARAM wp, LPARAM lp)){
/* Clean up */
KillTimer(NULL, 0);
UnhookWindowsHookEx(hook);
UnhookWindowsHookEx(rtt_hook);
if (is_success)
if (rtt_is_success)
return FALSE;
return TRUE;
}
/*
* Checks for a single click with a technique used in the UpClicker trojan.
* See https://webcache.googleusercontent.com/search?q=cache:NeVZ4J1Y-cQJ:https://www.fireeye.com/blog/threat-research/2012/12/dont-click-the-left-mouse-button-trojan-upclicker.html+&cd=1&hl=en&ct=clnk&gl=de
@ -230,14 +231,11 @@ int rtt_mouse_click() {
*/
int rtt_mouse_double_click() {
/* Determines double click time set on system */
double_click_time = GetDoubleClickTime();
rtt_double_click_time = GetDoubleClickTime();
/* Checks, if a double click occurs */
return install_hook(&double_click_proc);
}
BOOL is_timeout = FALSE;
BOOL is_within_rect = FALSE;
LRESULT CALLBACK timed_dialog_proc(HWND hwnd, UINT msg, WPARAM wp, LPARAM lp) {
RECT rect;
@ -266,7 +264,7 @@ LRESULT CALLBACK timed_dialog_proc(HWND hwnd, UINT msg, WPARAM wp, LPARAM lp) {
break;
case WM_TIMER:
is_timeout = TRUE;
rtt_is_timeout = TRUE;
DestroyWindow(hwnd);
break;
@ -283,7 +281,7 @@ LRESULT CALLBACK timed_dialog_proc(HWND hwnd, UINT msg, WPARAM wp, LPARAM lp) {
if (p.x >= rect.left && p.x <= rect.right && p.y >= rect.top
&& p.y <= rect.bottom)
is_within_rect = TRUE;
rtt_is_within_rect = TRUE;
}
/* Destroys and recreates a new window on "Ok" */
@ -305,6 +303,7 @@ LRESULT CALLBACK timed_dialog_proc(HWND hwnd, UINT msg, WPARAM wp, LPARAM lp) {
return DefWindowProcW(hwnd, msg, wp, lp);
}
/*
* Displays a dialog and waits for interaction
*/
@ -344,9 +343,9 @@ int confirm_dialog(BOOL is_plausibility_check) {
DispatchMessage(&msg);
}
if (!is_timeout) {
if (!rtt_is_timeout) {
if (is_plausibility_check)
return !is_within_rect;
return !rtt_is_within_rect;
else
return FALSE;
}