From e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 10 Apr 2024 22:34:10 +0200 Subject: Adding upstream version 4.2.2. Signed-off-by: Daniel Baumann --- epan/dissectors/pidl/svcctl/svcctl.cnf | 127 +++++ epan/dissectors/pidl/svcctl/svcctl.idl | 868 +++++++++++++++++++++++++++++++++ 2 files changed, 995 insertions(+) create mode 100644 epan/dissectors/pidl/svcctl/svcctl.cnf create mode 100644 epan/dissectors/pidl/svcctl/svcctl.idl (limited to 'epan/dissectors/pidl/svcctl') diff --git a/epan/dissectors/pidl/svcctl/svcctl.cnf b/epan/dissectors/pidl/svcctl/svcctl.cnf new file mode 100644 index 00000000..ce624d55 --- /dev/null +++ b/epan/dissectors/pidl/svcctl/svcctl.cnf @@ -0,0 +1,127 @@ +# Conformance file for svcctl + +HF_FIELD hf_svcctl_service_buffer_size "Buffer Size" "svcctl.services.buffer_size" FT_UINT32 BASE_DEC NULL 0 NULL HFILL +HF_FIELD hf_svcctl_service_referent_id "Referent ID(offset)" "svcctl.ENUM_SERVICE_STATUSW.referent_id" FT_UINT32 BASE_DEC NULL 0 NULL HFILL + +MANUAL svcctl_dissect_EnumServicesStatusW_response + +ETT_FIELD ett_svcctl_service +ETT_FIELD ett_svcctl_service_name +ETT_FIELD ett_svcctl_display_name + +NOEMIT svcctl_dissect_element_EnumServicesStatusW_services +NOEMIT svcctl_dissect_element_EnumServicesStatusW_bytes_needed +NOEMIT svcctl_dissect_element_EnumServicesStatusW_services_returned + +CODE START + +/* ENUM_SERVICE_STATUSW Caveats + https://github.com/fortra/impacket/blob/4888172ce638910104da4bda2c3301c24e17564c/impacket/dcerpc/v5/scmr.py#L1274 +*/ +static int +svcctl_dissect_struct_ENUM_SERVICE_STATUSW_ptr(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, guint8 *drep, int hf_index, gint starting_offset); +static int +svcctl_dissect_struct_ENUM_SERVICE_STATUSW_ptr(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, guint8 *drep, int hf_index, gint starting_offset) +{ + proto_item *item = NULL; + proto_tree *tree = NULL; + proto_tree *tr = NULL; + int old_offset; + guint32 _referent_id = 0; + + ALIGN_TO_5_BYTES; + + old_offset = offset; + + if (parent_tree) { + item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, ENC_NA); + tree = proto_item_add_subtree(item, ett_svcctl_ENUM_SERVICE_STATUSW); + } + + // Service Name + tr = proto_tree_add_subtree(tree, tvb, offset, 4, ett_svcctl_service_name, NULL, "Pointer to Service Name"); + offset = PIDL_dissect_uint32_val(tvb, offset, pinfo, tr, di, drep, hf_svcctl_service_referent_id, 0, &_referent_id); + dissect_null_term_wstring(tvb, starting_offset + _referent_id, pinfo, tr, drep, hf_svcctl_ENUM_SERVICE_STATUSW_service_name , 0); + + // Display Name + tr = proto_tree_add_subtree(tree, tvb, offset, 4, ett_svcctl_display_name, NULL, "Pointer to Display Name"); + offset = PIDL_dissect_uint32_val(tvb, offset, pinfo, tr, di, drep, hf_svcctl_service_referent_id, 0, &_referent_id); + dissect_null_term_wstring(tvb, starting_offset + _referent_id, pinfo, tr, drep, hf_svcctl_ENUM_SERVICE_STATUSW_display_name , 0); + + // Status + offset = svcctl_dissect_element_ENUM_SERVICE_STATUSW_status(tvb, offset, pinfo, tree, di, drep); + + proto_item_set_len(item, offset-old_offset); + + if (di->call_data->flags & DCERPC_IS_NDR64) { + ALIGN_TO_5_BYTES; + } + + return offset; +} + +/* REnumServicesStatusW + https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-scmr/22b4ff3d-29c6-481f-b598-8ce66a46944a +*/ +static int +svcctl_dissect_EnumServicesStatusW_response(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +{ + guint32 status; + guint32 services_returned= 0; + proto_item *item; + proto_tree *tr = NULL; + gint services_buffer_offset; + gint payload_starting_offset = offset; + guint64 buffer_size = 0; + + ALIGN_TO_5_BYTES + + di->dcerpc_procedure_name="EnumServicesStatusW"; + + tr = proto_tree_add_subtree(tree, tvb, offset, 0, ett_svcctl_service, &item, "Pointer to Services Status"); + + // Services Buffer Size + offset = dissect_ndr_uint3264(tvb, offset, pinfo, tr, di, drep, hf_svcctl_service_buffer_size, &buffer_size); + services_buffer_offset = offset; + + offset += (int)buffer_size; + + proto_item_set_len(item, offset-payload_starting_offset); + + ALIGN_TO_4_BYTES + + // Bytes Needed + offset = PIDL_dissect_uint32(tvb, offset, pinfo, tree, di, drep, hf_svcctl_svcctl_EnumServicesStatusW_bytes_needed, 0); + + // Services Returned + offset = PIDL_dissect_uint32_val( tvb, offset, pinfo, tree, di, drep + , hf_svcctl_svcctl_EnumServicesStatusW_services_returned + , 0, &services_returned); + + // Services + if (services_returned > 0){ + payload_starting_offset = services_buffer_offset; + for(unsigned idx = 0; idx < services_returned ; ++idx){ + services_buffer_offset = svcctl_dissect_struct_ENUM_SERVICE_STATUSW_ptr( tvb, services_buffer_offset + , pinfo, tr, di, drep + , hf_svcctl_svcctl_EnumDependentServicesW_service_status + , payload_starting_offset); + } + dissect_deferred_pointers(pinfo, tvb, services_buffer_offset, di, drep); + } + + // Resume Index + offset = svcctl_dissect_element_EnumServicesStatusW_resume_index(tvb, offset, pinfo, tree, di, drep); + + offset = dissect_deferred_pointers(pinfo, tvb, offset, di, drep); + + // Return status + offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep, hf_svcctl_werror, &status); + + if (status != 0) + col_append_fstr(pinfo->cinfo, COL_INFO, ", Error: %s", val_to_str(status, WERR_errors, "Unknown DOS error 0x%08x")); + + return offset; +} + +CODE END diff --git a/epan/dissectors/pidl/svcctl/svcctl.idl b/epan/dissectors/pidl/svcctl/svcctl.idl new file mode 100644 index 00000000..b6d2118d --- /dev/null +++ b/epan/dissectors/pidl/svcctl/svcctl.idl @@ -0,0 +1,868 @@ +#include "idl_types.h" + +/* + svcctl interface definitions +*/ +[ uuid("367abb81-9844-35f1-ad32-98f038001003"), + version(2.0), + pointer_default(unique), + endpoint("ncacn_np:[\\pipe\\svcctl]", "ncalrpc:"), + helpstring("Service Control") +] +interface svcctl +{ + typedef bitmap security_secinfo security_secinfo; + + const int MAX_SERVICE_NAME_LENGTH = 256; + const short SC_MAX_DEPEND_SIZE = 4 * 1024; + const short SC_MAX_NAME_LENGTH = MAX_SERVICE_NAME_LENGTH + 1; + const short SC_MAX_PATH_LENGTH = 32 * 1024; + const short SC_MAX_PWD_SIZE = 514; + const short SC_MAX_COMPUTER_NAME_LENGTH = 1024; + const short SC_MAX_ACCOUNT_NAME_LENGTH = 2 * 1024; + const short SC_MAX_COMMENT_LENGTH = 128; + const short SC_MAX_ARGUMENT_LENGTH = 1024; + const short SC_MAX_ARGUMENTS = 1024; + + typedef struct { + uint32 is_locked; + [string,charset(UTF16)] uint16 *lock_owner; + uint32 lock_duration; + } SERVICE_LOCK_STATUS; + + typedef [v1_enum] enum { + SVCCTL_STOPPED = 0x00000001, + SVCCTL_START_PENDING = 0x00000002, + SVCCTL_STOP_PENDING = 0x00000003, + SVCCTL_RUNNING = 0x00000004, + SVCCTL_CONTINUE_PENDING = 0x00000005, + SVCCTL_PAUSE_PENDING = 0x00000006, + SVCCTL_PAUSED = 0x00000007 + } svcctl_ServiceStatus; + + typedef [v1_enum] enum { + SERVICE_TYPE_KERNEL_DRIVER = 0x00000001, + SERVICE_TYPE_FS_DRIVER = 0x00000002, + SERVICE_TYPE_ADAPTER = 0x00000004, + SERVICE_TYPE_RECOGNIZER_DRIVER = 0x00000008, + SERVICE_TYPE_DRIVER=SERVICE_TYPE_KERNEL_DRIVER|SERVICE_TYPE_FS_DRIVER|SERVICE_TYPE_RECOGNIZER_DRIVER, + SERVICE_TYPE_WIN32_OWN_PROCESS = 0x00000010, + SERVICE_TYPE_WIN32_SHARE_PROCESS = 0x00000020, + SERVICE_TYPE_USER_OWN_PROCESS = 0x00000050, + SERVICE_TYPE_USER_SHARE_PROCESS = 0x00000060, + SERVICE_TYPE_WIN32=SERVICE_TYPE_WIN32_OWN_PROCESS|SERVICE_TYPE_WIN32_SHARE_PROCESS, + SERVICE_TYPE_INTERACTIVE_PROCESS = 0x00000100 + } svcctl_ServiceType; + + const int SVCCTL_ACCEPT_NONE = 0x00000000; + + typedef [bitmap32bit] bitmap { + SERVICE_ACCEPT_STOP = 0x00000001, + SERVICE_ACCEPT_PAUSE_CONTINUE = 0x00000002, + SERVICE_ACCEPT_SHUTDOWN = 0x00000004, + SERVICE_ACCEPT_PARAMCHANGE = 0x00000008, + SERVICE_ACCEPT_NETBINDCHANGE = 0x00000010, + SERVICE_ACCEPT_HARDWAREPROFILECHANGE = 0x00000020, + SERVICE_ACCEPT_POWEREVENT = 0x00000040, + SERVICE_ACCEPT_SESSIONCHANGE = 0x00000080, + SERVICE_ACCEPT_PRESHUTDOWN = 0x00000100, + SERVICE_ACCEPT_TIMECHANGE = 0x00000200, + SERVICE_ACCEPT_TRIGGEREVENT = 0x00000400, + SERVICE_ACCEPT_USERMODEREBOOT = 0x00000800 + } svcctl_ControlsAccepted; + + typedef struct { + svcctl_ServiceType type; + svcctl_ServiceStatus state; + svcctl_ControlsAccepted controls_accepted; + WERROR win32_exit_code; + uint32 service_exit_code; + uint32 check_point; + uint32 wait_hint; + } SERVICE_STATUS; + + typedef [v1_enum] enum { + SERVICE_RUNS_IN_NONSYSTEM_ORNOTRUNNING = 0x00000000, + SERVICE_RUNS_IN_SYSTEM_PROCESS = 0x00000001 + } svcctl_ServiceFlags; + + typedef [public] struct { + svcctl_ServiceType type; + svcctl_ServiceStatus state; + svcctl_ControlsAccepted controls_accepted; + WERROR win32_exit_code; + uint32 service_exit_code; + uint32 check_point; + uint32 wait_hint; + uint32 process_id; + svcctl_ServiceFlags service_flags; + } SERVICE_STATUS_PROCESS; + + /* ENUM_SERVICE_STATUSW + https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-scmr/79f17326-c138-4fbc-8170-5c11c4b3ca79 + */ + typedef [public,gensize] struct { + nstring *service_name; + nstring *display_name; + SERVICE_STATUS status; + } ENUM_SERVICE_STATUSW; + + typedef [public,gensize] struct { + astring *service_name; + astring *display_name; + SERVICE_STATUS status; + } ENUM_SERVICE_STATUSA; + + /* Service Controls + https://learn.microsoft.com/en-us/windows/win32/api/winsvc/nf-winsvc-controlservice + Range 128 to 255 - User-defined control code + */ + typedef [v1_enum] enum { + SVCCTL_CONTROL_STOP = 0x00000001, + SVCCTL_CONTROL_PAUSE = 0x00000002, + SVCCTL_CONTROL_CONTINUE = 0x00000003, + SVCCTL_CONTROL_INTERROGATE = 0x00000004, + SVCCTL_CONTROL_SHUTDOWN = 0x00000005, + SERVICE_CONTROL_PARAMCHANGE = 0x00000006, + SERVICE_CONTROL_NETBINDADD = 0x00000007, + SERVICE_CONTROL_NETBINDREMOVE = 0x00000008, + SERVICE_CONTROL_NETBINDENABLE = 0x00000009, + SERVICE_CONTROL_NETBINDDISABLE = 0x0000000A + } SERVICE_CONTROL; + + typedef [v1_enum] enum { + SVCCTL_SVC_ERROR_IGNORE = 0x00000000, + SVCCTL_SVC_ERROR_NORMAL = 0x00000001, + SVCCTL_SVC_ERROR_CRITICAL = 0x00000002, + SVCCTL_SVC_ERROR_SEVERE = 0x00000003 + } svcctl_ErrorControl; + + typedef [v1_enum] enum { + SVCCTL_BOOT_START = 0x00000000, + SVCCTL_SYSTEM_START = 0x00000001, + SVCCTL_AUTO_START = 0x00000002, + SVCCTL_DEMAND_START = 0x00000003, + SVCCTL_DISABLED = 0x00000004 + } svcctl_StartType; + + typedef [v1_enum] enum { + SERVICE_STATE_ACTIVE = 0x00000001, + SERVICE_STATE_INACTIVE = 0x00000002, + SERVICE_STATE_ALL = ( SERVICE_STATE_ACTIVE | SERVICE_STATE_INACTIVE ) + } svcctl_ServiceState; + + /* Service Control Manager Bits */ + typedef [bitmap32bit] bitmap { + SC_RIGHT_MGR_CONNECT = 0x00000001, + SC_RIGHT_MGR_CREATE_SERVICE = 0x00000002, + SC_RIGHT_MGR_ENUMERATE_SERVICE = 0x00000004, + SC_RIGHT_MGR_LOCK = 0x00000008, + SC_RIGHT_MGR_QUERY_LOCK_STATUS = 0x00000010, + SC_RIGHT_MGR_MODIFY_BOOT_CONFIG = 0x00000020, + SC_RIGHT_MGR_ALL_ACCESS = 0x000F003F + } svcctl_MgrAccessMask; + + const int SC_MANAGER_READ_ACCESS = + (SEC_STD_READ_CONTROL | + SC_RIGHT_MGR_CONNECT | + SC_RIGHT_MGR_ENUMERATE_SERVICE | + SC_RIGHT_MGR_QUERY_LOCK_STATUS); + + const int SC_MANAGER_EXECUTE_ACCESS = SC_MANAGER_READ_ACCESS; + + const int SC_MANAGER_WRITE_ACCESS = + (SEC_STD_REQUIRED | + SC_MANAGER_READ_ACCESS | + SC_RIGHT_MGR_CREATE_SERVICE | + SC_RIGHT_MGR_LOCK | + SC_RIGHT_MGR_MODIFY_BOOT_CONFIG); + + const int SC_MANAGER_ALL_ACCESS = SC_MANAGER_WRITE_ACCESS; + + + /* Service Object Bits */ + typedef [bitmap32bit] bitmap { + SC_RIGHT_SVC_QUERY_CONFIG = 0x00000001, + SC_RIGHT_SVC_CHANGE_CONFIG = 0x00000002, + SC_RIGHT_SVC_QUERY_STATUS = 0x00000004, + SC_RIGHT_SVC_ENUMERATE_DEPENDENTS = 0x00000008, + SC_RIGHT_SVC_START = 0x00000010, + SC_RIGHT_SVC_STOP = 0x00000020, + SC_RIGHT_SVC_PAUSE_CONTINUE = 0x00000040, + SC_RIGHT_SVC_INTERROGATE = 0x00000080, + SC_RIGHT_SVC_USER_DEFINED_CONTROL = 0x00000100 + } svcctl_ServiceAccessMask; + + const int SERVICE_READ_ACCESS = + (SEC_STD_READ_CONTROL | + SC_RIGHT_SVC_ENUMERATE_DEPENDENTS | + SC_RIGHT_SVC_INTERROGATE | + SC_RIGHT_SVC_QUERY_CONFIG | + SC_RIGHT_SVC_QUERY_STATUS | + SC_RIGHT_SVC_USER_DEFINED_CONTROL); + + const int SERVICE_EXECUTE_ACCESS = + (SERVICE_READ_ACCESS | + SC_RIGHT_SVC_START | + SC_RIGHT_SVC_STOP | + SC_RIGHT_SVC_PAUSE_CONTINUE); + + const int SERVICE_WRITE_ACCESS = + (SEC_STD_REQUIRED | + SERVICE_READ_ACCESS | + SERVICE_EXECUTE_ACCESS | + SC_RIGHT_SVC_CHANGE_CONFIG); + + const int SERVICE_ALL_ACCESS = SERVICE_WRITE_ACCESS; + + typedef [public,gensize] struct { + svcctl_ServiceType service_type; + svcctl_StartType start_type; + svcctl_ErrorControl error_control; + [string,charset(UTF16),range(0,8192)] uint16 *executablepath; + [string,charset(UTF16),range(0,8192)] uint16 *loadordergroup; + uint32 tag_id; + [string,charset(UTF16),range(0,8192)] uint16 *dependencies; + [string,charset(UTF16),range(0,8192)] uint16 *startname; + [string,charset(UTF16),range(0,8192)] uint16 *displayname; + } QUERY_SERVICE_CONFIG; + + const int SC_MAX_ARGUMENT_LENGTH = 1024; + const int SC_MAX_ARGUMENTS = 1024; + + typedef struct { + [string,charset(UTF16),range(0,SC_MAX_ARGUMENT_LENGTH)] uint16 *string; + } svcctl_ArgumentString; + + typedef struct { + [string,charset(ASCII),range(0,SC_MAX_ARGUMENT_LENGTH)] uint8 *string; + } svcctl_ArgumentStringA; + + typedef [v1_enum] enum { + SERVICE_CONFIG_DESCRIPTION = 0x00000001, + SERVICE_CONFIG_FAILURE_ACTIONS = 0x00000002 + } svcctl_ConfigLevel; + + typedef [v1_enum] enum { + SVC_STATUS_PROCESS_INFO = 0x00000000 + } svcctl_StatusLevel; + + /*****************/ + /* Function 0x00 */ + WERROR svcctl_CloseServiceHandle( + [in,out,ref] policy_handle *object_handle + ); + + /*****************/ + /* Function 0x01 */ + WERROR svcctl_ControlService( + [in,ref] policy_handle *service_handle, + [in] SERVICE_CONTROL control, + [out,ref] SERVICE_STATUS *service_status + ); + + /*****************/ + /* Function 0x02 */ + WERROR svcctl_DeleteService( + [in,ref] policy_handle *service_handle + ); + + /*****************/ + /* Function 0x03 */ + WERROR svcctl_LockServiceDatabase( + [in,ref] policy_handle *scm_handle, + [out,ref] policy_handle *lock_handle + ); + + /*****************/ + /* Function 0x04 */ + WERROR svcctl_QueryServiceObjectSecurity( + [in] policy_handle *service_handle, + [in] security_secinfo security_flags, + [out,ref,size_is(offered)] uint8 *security_descriptor, + [in,range(0,0x40000)] uint32 offered, + [out,ref,range(0,0x40000)] uint32 *bytes_needed + ); + + /*****************/ + /* Function 0x05 */ + WERROR svcctl_SetServiceObjectSecurity( + [in] policy_handle *service_handle, + [in] security_secinfo security_flags, + [in,ref,size_is(offered)] uint8 *security_descriptor, + [in] uint32 offered + ); + + /*****************/ + /* Function 0x06 */ + WERROR svcctl_QueryServiceStatus( + [in,ref] policy_handle *service_handle, + [out,ref] SERVICE_STATUS *service_status + ); + + /*****************/ + /* Function 0x07 */ + WERROR svcctl_SetServiceStatus( + [in,ref] policy_handle *service_handle, + [in,ref] SERVICE_STATUS *service_status + ); + + /*****************/ + /* Function 0x08 */ + WERROR svcctl_UnlockServiceDatabase( + [in,out,ref] policy_handle *lock_handle + ); + + /*****************/ + /* Function 0x09 */ + WERROR svcctl_NotifyBootConfigStatus( + [in, string, unique, charset(UTF16)] uint16 *machine_name, + [in] boolean32 boot_acceptable + ); + + /*****************/ + /* Internal Function 0x0a */ + WERROR svcctl_SCSetServiceBitsW( + [in,ref] policy_handle *service_handle, + [in] uint32 service_bits, + [in] boolean32 set_bits_on, + [in] boolean32 update_immediately, + [in, string, unique, charset(UTF16)] uint16 *lpString + ); + + /*****************/ + /* Function 0x0b */ + WERROR svcctl_ChangeServiceConfigW( + [in,ref] policy_handle *service_handle, + [in] svcctl_ServiceType service_type, + [in] svcctl_StartType start_type, + [in] svcctl_ErrorControl error_control, + [in,unique,string,charset(UTF16)] uint16 *binary_path, + [in,unique,string,charset(UTF16)] uint16 *load_order_group, + [in,out,unique] uint32 *tag_id, + [in,unique,size_is(dwDependSize),string,charset(UTF16)] uint16 *dependencies, + [in,range(0, SC_MAX_DEPEND_SIZE)] uint32 dwDependSize, + [in,unique,range(0, SC_MAX_ACCOUNT_NAME_LENGTH),string,charset(UTF16)] uint16 *service_start_name, + [in,unique,size_is(dwPwSize),string,charset(UTF16)] uint16 *password, + [in,range(0, SC_MAX_PWD_SIZE)] uint32 dwPwSize, + [in,unique,range(0, SC_MAX_NAME_LENGTH),string,charset(UTF16)] uint16 *display_name + ); + + /*****************/ + /* Function 0x0c */ + WERROR svcctl_CreateServiceW( + [in,ref] policy_handle *scm_handle, + [in,string,charset(UTF16)] uint16 ServiceName[], + [in,unique,string,charset(UTF16)] uint16 *DisplayName, + [in] uint32 desired_access, + [in] svcctl_ServiceType service_type, + [in] svcctl_StartType start_type, + [in] svcctl_ErrorControl error_control, + [in,string,charset(UTF16)] uint16 binary_path[], + [in,unique,string,charset(UTF16)] uint16 *LoadOrderGroup, + [in,out,unique] uint32 *tag_id, + [in,unique,size_is(dependencies_size)] uint8 *dependencies, + [in] uint32 dependencies_size, + [in,unique,string,charset(UTF16)] uint16 *service_start_name, + [in,unique,size_is(password_size)] uint8 *password, + [in] uint32 password_size, + [out,ref] policy_handle *service_handle + ); + + /*****************/ + /* Function 0x0d */ + WERROR svcctl_EnumDependentServicesW( + [in,ref] policy_handle *service_handle, + [in] svcctl_ServiceState service_state, + [out,ref,size_is(offered)] ENUM_SERVICE_STATUSW *service_status, + [in,range(0,0x40000)] uint32 offered, + [out,ref,range(0,0x40000)] uint32 *bytesneeded, + [out,ref,range(0,0x40000)] uint32 *services_returned + ); + + /*****************/ + /* Function 0x0e */ + WERROR svcctl_EnumServicesStatusW( + [in,ref] policy_handle *scm_handle, + [in] svcctl_ServiceType service_type, + [in] svcctl_ServiceState service_state, + [out,ref,size_is(offered)] uint8 *services, + [in,range(0,0x40000)] uint32 offered, + [out,ref,range(0,0x40000)] uint32 *bytes_needed, + [out,ref,range(0,0x40000)] uint32 *services_returned, + [in,out,unique] uint32 *resume_index + ); + + /*****************/ + /* Function 0x0f */ + WERROR svcctl_OpenSCManagerW( + [in,unique,string,charset(UTF16)] uint16 *MachineName, + [in,unique,string,charset(UTF16)] uint16 *DatabaseName, + [in] svcctl_MgrAccessMask access_mask, + [out,ref] policy_handle *scm_handle + ); + + /*****************/ + /* Function 0x10 */ + WERROR svcctl_OpenServiceW( + [in,ref] policy_handle *scm_handle, + [in,string,charset(UTF16)] uint16 ServiceName[], + [in] svcctl_ServiceAccessMask access_mask, + [out,ref] policy_handle *service_handle + ); + + /*****************/ + /* Function 0x11 */ + WERROR svcctl_QueryServiceConfigW( + [in,ref] policy_handle *service_handle, + [out] QUERY_SERVICE_CONFIG *service_config, + [in,range(0,8192)] uint32 offered, + [out,ref,range(0,8192)] uint32 *needed + ); + + /*****************/ + /* Function 0x12 */ + WERROR svcctl_QueryServiceLockStatusW( + [in,ref] policy_handle *scm_handle, + [out,ref] SERVICE_LOCK_STATUS *lock_status, + [in] uint32 offered, + [out,ref] uint32 *needed + ); + + /*****************/ + /* Function 0x13 */ + WERROR svcctl_StartServiceW( + [in,ref] policy_handle *service_handle, + [in,range(0,SC_MAX_ARGUMENTS)] uint32 NumArgs, + [in,unique,size_is(NumArgs)] svcctl_ArgumentString *Arguments + ); + + /*****************/ + /* Function 0x14 */ + WERROR svcctl_GetServiceDisplayNameW( + [in,ref] policy_handle *scm_handle, + [in,unique,string,charset(UTF16)] uint16 *service_name, + [out,ref,string,charset(UTF16)] uint16 **display_name, + [in,out,unique] uint32 *display_name_length + ); + + /*****************/ + /* Function 0x15 */ + WERROR svcctl_GetServiceKeyNameW( + [in,ref] policy_handle *scm_handle, + [in,unique,string,charset(UTF16)] uint16 *display_name, + [out,ref,string,charset(UTF16)] uint16 **service_name, + [in,out,unique] uint32 *service_name_length + ); + + /*****************/ + /* Function 0x16 */ + WERROR svcctl_SCSetServiceBitsA( + [in,ref] policy_handle *handle, + [in] uint32 service_bits, + [in] boolean32 set_bits_on, + [in] boolean32 update_immediately, + [in, string, unique, charset(UTF16)] uint16 *lpString + ); + + /*****************/ + /* Function 0x17 */ + WERROR svcctl_ChangeServiceConfigA( + [in,ref] policy_handle *service_handle, + [in] svcctl_ServiceType service_type, + [in] svcctl_StartType start_type, + [in] svcctl_ErrorControl error_control, + [in,unique] astring *binary_path, + [in,unique] astring *load_order_group, + [in,out,unique] uint32 *tag_id, + [in,unique] astring *dependencies, + [in,unique] astring *service_start_name, + [in,unique] astring *password, + [in,unique] astring *display_name + ); + + /*****************/ + /* Function 0x18 */ + WERROR svcctl_CreateServiceA( + [in,ref] policy_handle *scm_handle, + [in,string,charset(ASCII)] uint8 ServiceName[], + [in,unique,string,charset(ASCII)] uint8 *DisplayName, + [in] uint32 desired_access, + [in] svcctl_ServiceType service_type, + [in] svcctl_StartType start_type, + [in] svcctl_ErrorControl error_control, + [in,string,charset(ASCII)] uint8 binary_path[], + [in,unique,string,charset(ASCII)] uint8 *LoadOrderGroupKey, + [in,out,unique] uint32 *tag_id, + [in,unique,size_is(dependencies_size)] astring *dependencies, + [in] uint32 dependencies_size, + [in,string,unique,charset(ASCII)] uint8 *service_start_name, + [in,unique,size_is(password_size)] uint8 *password, + [in] uint32 password_size, + [out,ref] policy_handle *service_handle + ); + + /*****************/ + /* Function 0x19 */ + WERROR svcctl_EnumDependentServicesA( + [in,ref] policy_handle *service_handle, + [in] svcctl_ServiceState state, + [out,ref] ENUM_SERVICE_STATUSA *service_status, + [in] uint32 offered, + [out,ref] uint32 *needed, + [out,ref] uint32 *services_returned + ); + + /*****************/ + /* Function 0x1a */ + WERROR svcctl_EnumServicesStatusA( + [in,ref] policy_handle *scm_handle, + [in] svcctl_ServiceType service_type, + [in] svcctl_ServiceState service_state, + [in] uint32 offered, + [out,size_is(offered)] uint8 service[*], + [out,ref] uint32 *needed, + [out,ref] uint32 *services_returned, + [in,out,unique] uint32 *resume_handle + ); + + /*****************/ + /* Function 0x1b */ + WERROR svcctl_OpenSCManagerA( + [in,unique,string,charset(ASCII)] uint8 *MachineName, + [in,unique,string,charset(ASCII)] uint8 *DatabaseName, + [in] svcctl_MgrAccessMask access_mask, + [out,ref] policy_handle *scm_handle + ); + + /*****************/ + /* Function 0x1c */ + WERROR svcctl_OpenServiceA( + [in,ref] policy_handle *scm_handle, + [in,string,charset(ASCII)] uint8 ServiceName[], + [in] svcctl_MgrAccessMask access_mask, + [out,ref] policy_handle *service_handle + ); + + /*****************/ + /* Function 0x1d */ + WERROR svcctl_QueryServiceConfigA( + [in,ref] policy_handle *service_handle, + [out, size_is(cbBufSize)] uint8 query[], /* TODO: QUERYU_SERVICE_CONFIG */ + [in] uint32 offered, + [out,ref] uint32 *needed + ); + + /*****************/ + /* Function 0x1e */ + WERROR svcctl_QueryServiceLockStatusA( + [in,ref] policy_handle *scm_handle, + [out,ref] SERVICE_LOCK_STATUS *lock_status, + [in] uint32 offered, + [out,ref] uint32 *needed + ); + + /*****************/ + /* Function 0x1f */ + WERROR svcctl_StartServiceA( + [in,ref] policy_handle *service_handle, + [in] uint32 NumArgs, + [in,unique,size_is(NumArgs)] svcctl_ArgumentStringA *Arguments + ); + + /*****************/ + /* Function 0x20 */ + WERROR svcctl_GetServiceDisplayNameA( + [in,ref] policy_handle *handle, + [in,unique] astring *service_name, + [out,ref,string,charset(ASCII)] uint8 **display_name, + [in,out,unique] uint32 *display_name_length + ); + + /*****************/ + /* Function 0x21 */ + WERROR svcctl_GetServiceKeyNameA( + [in,ref] policy_handle *scm_handle, + [in,unique] astring *service_name, + [out,ref,string,charset(ASCII)] uint8 **key_name, + [in,out,unique] uint32 *display_name_length + ); + + /*****************/ + /* Function 0x22 */ + WERROR svcctl_GetCurrentGroupeStateW( + [in,ref] policy_handle *handle, + [in, string, unique, charset(UTF16)] uint16 *lpLoadOrderGroup, + [out,ref] uint32 *state + ); + + /*****************/ + /* Function 0x23 */ + WERROR svcctl_EnumServiceGroupW( + [in] policy_handle *scm_handle, + [in] svcctl_ServiceType service_type, + [in] svcctl_ServiceState service_state, + [out, size_is(cbBufSize)] uint8 lpBuffer[], + [in, range(0, 1024 * 256)] uint32 cbBufSize, + [out,range(0, 1024 * 256)] uint32 *pcbBytesNeeded, + [out,range(0, 1024 * 256)] uint32 *lpServicesReturned, + [in,out,unique] uint32 *ResumeIndex, + [in,string,unique,range(0, SC_MAX_NAME_LENGTH),charset(UTF16)] uint16 *pszGroupName + ); + + /*****************/ + /* Function 0x24 */ + WERROR svcctl_ChangeServiceConfig2A( + [in,ref] policy_handle *service_handle, + [in] uint32 info_level, + [in,unique] uint8 *info /* TODO */ + ); + + /*****************/ + /* Function 0x25 */ + WERROR svcctl_ChangeServiceConfig2W( + [in,ref] policy_handle *handle, + [in] uint32 info_level, + [in,unique] uint8 *info /* TODO */ + ); + + /*****************/ + /* Function 0x26 */ + WERROR svcctl_QueryServiceConfig2A( + [in,ref] policy_handle *handle, + [in] svcctl_ConfigLevel info_level, + [out, size_is(offered)] uint8 buffer[], /* TODO */ + [in] uint32 offered, + [out,ref] uint32 *needed + ); + + /*****************/ + /* Function 0x27 */ + WERROR svcctl_QueryServiceConfig2W( + [in,ref] policy_handle *handle, + [in] svcctl_ConfigLevel info_level, + [out,ref,size_is(offered)] uint8 *buffer, /* TODO */ + [in,range(0,8192)] uint32 offered, + [out,ref,range(0,8192)] uint32 *needed + ); + + /*****************/ + /* Function 0x28 */ + WERROR svcctl_QueryServiceStatusEx( + [in,ref] policy_handle *handle, + [in] svcctl_StatusLevel info_level, + [out,ref,size_is(offered)] uint8 *buffer, /* TODO */ + [in,range(0,8192)] uint32 offered, + [out,ref,range(0,8192)] uint32 *needed + ); + + /*****************/ + /* Function 0x29 */ + WERROR EnumServicesStatusExA( + [in,ref] policy_handle *scm_handle, + [in] uint32 info_level, /* TODO */ + [in] svcctl_ServiceType service_type, + [in] svcctl_ServiceState state, + [out, size_is(offered)] uint8 services[], + [in] uint32 offered, + [out,ref] uint32 *needed, + [out,ref] uint32 *service_returned, + [in,out,unique] uint32 *resume_handle, + [out,ref,string,charset(UTF16)] uint16 **group_name + ); + + /*****************/ + /* Function 0x2a */ + WERROR EnumServicesStatusExW( + [in,ref] policy_handle *scmanager, + [in] uint32 info_level, /* TODO */ + [in] svcctl_ServiceType service_type, + [in] svcctl_ServiceState state, + [out,ref,size_is(offered)] uint8 *services, + [in,range(0,0x40000)] uint32 offered, + [out,ref,range(0,0x40000)] uint32 *needed, + [out,ref,range(0,0x40000)] uint32 *service_returned, + [in,out,unique,range(0,0x40000)] uint32 *resume_handle, + [in,unique,string,charset(UTF16)] uint16 *group_name + ); + + /*****************/ + /* Function 0x2b */ + [todo] WERROR svcctl_ScBroadcastServiceControlMessage( + ); + + /*****************/ + /* Function 0x2c */ + WERROR svcctl_CreateServiceWOW64A( + [in,ref] policy_handle *scm_handle, + [in,string,charset(ASCII)] uint8 ServiceName[], + [in,unique,string,charset(ASCII)] uint8 *DisplayName, + [in] uint32 desired_access, + [in] svcctl_ServiceType service_type, + [in] svcctl_StartType start_type, + [in] svcctl_ErrorControl error_control, + [in,string,charset(ASCII)] uint8 binary_path[], + [in,unique,string,charset(ASCII)] uint8 *LoadOrderGroupKey, + [in,out,unique] uint32 *tag_id, + [in,unique,size_is(dependencies_size)] astring *dependencies, + [in] uint32 dependencies_size, + [in,unique,string,charset(ASCII)] uint8 *service_start_name, + [in,unique,size_is(password_size)] uint8 *password, + [in] uint32 password_size, + [out,ref] policy_handle *handle + ); + + /*****************/ + /* Function 0x2d */ + WERROR svcctl_CreateServiceWOW64W( + [in,ref] policy_handle *scm_handle, + [in,string,charset(UTF16)] uint16 ServiceName[], + [in,unique,string,charset(UTF16)] uint16 *DisplayName, + [in] uint32 desired_access, + [in] svcctl_ServiceType service_type, + [in] svcctl_StartType start_type, + [in] svcctl_ErrorControl error_control, + [in,string,charset(UTF16)] uint16 binary_path[], + [in,unique,string,charset(UTF16)] uint16 *LoadOrderGroupKey, + [in,out,unique] uint32 *tag_id, + [in,unique,size_is(dependencies_size)] uint8 *dependencies, + [in] uint32 dependencies_size, + [in,unique,string,charset(UTF16)] uint16 *service_start_name, + [in,unique,size_is(password_size)] uint8 *password, + [in] uint32 password_size, + [out,ref] policy_handle *handle + ); + + /*****************/ + /* Function 0x2e */ + [todo] WERROR svcctl_ScQueryServiceTagInfo( + ); + + /*****************/ + /* Function 0x2f */ + [todo] WERROR svcctl_NotifyServiceStatusChange( + ); + + /*****************/ + /* Function 0x30 */ + [todo] WERROR svcctl_GetNotifyResults( + ); + + /*****************/ + /* Function 0x31 */ + [todo] WERROR svcctl_CloseNotifyHandle( + ); + + /*****************/ + /* Function 0x32 */ + [todo] WERROR svcctl_ControlServiceExA( + ); + + /*****************/ + /* Function 0x33 */ + [todo] WERROR svcctl_ControlServiceExW( + ); + + /*****************/ + /* Function 0x34 */ + [todo] WERROR svcctl_ScSendPnPMessage( + ); + + /*****************/ + /* Function 0x35 */ + [todo] WERROR svcctl_ScValidatePnPService( + ); + + /*****************/ + /* Function 0x36 */ + [todo] WERROR svcctl_ScOpenServiceStatusHandle( + ); + + /*****************/ + /* Function 0x37 */ + [todo] WERROR svcctl_ScQueryServiceConfig( + ); + + /*****************/ + /* Function 0x38 */ + WERROR svcctl_QueryServiceConfigEx( + [in,ref] policy_handle *service_handle, + [in] uint32 info_level + /*[out] SC_RPC_CONFIG_INFOW *pInfo - TODO */ + ); + + /*****************/ + /* Function 0x39 */ + [todo] WERROR svcctl_ScRegisterPreshutdownRestart( + ); + + /*****************/ + /* Function 0x3a */ + [todo] WERROR svcctl_ScReparseServiceDatabase( + ); + + /*****************/ + /* Function 0x3b */ + [todo] WERROR svcctl_QueryUserServiceName( + ); + + /*****************/ + /* Function 0x3c */ + WERROR svcctl_CreateWowService( + [in,ref] policy_handle *scm_handle, + [in,string,charset(UTF16)] uint16 ServiceName[], + [in,unique,string,charset(UTF16)] uint16 *DisplayName, + [in] uint32 desired_access, + [in] uint32 service_type, + [in] svcctl_StartType start_type, + [in] svcctl_ErrorControl error_control, + [in,string,charset(UTF16)] uint16 binary_path[], + [in,unique,string,charset(UTF16)] uint16 *LoadOrderGroupKey, + [in,out,unique] uint32 *tag_id, + [in,unique,size_is(dependencies_size)] uint8 *dependencies, + [in] uint32 dependencies_size, + [in,unique,string,charset(UTF16)] uint16 *service_start_name, + [in,unique,size_is(password_size)] uint8 *password, + [in] uint32 password_size, + [in] uint16 service_wow_type, + [out,ref] policy_handle *handle + ); + + /*****************/ + /* Function 0x3d */ + [todo] WERROR svcctl_GetServiceRegistryStateKey( + ); + + /*****************/ + /* Function 0x3e */ + [todo] WERROR svcctl_GetServiceDirectory( + ); + + /*****************/ + /* Function 0x3f */ + [todo] WERROR svcctl_GetServiceProcessToken( + ); + + /*****************/ + /* Function 0x40 */ + + /* https://learn.microsoft.com/en-us/windows/win32/midl/handle-t + * Parameters of type handle_t (primitive handle parameters) are not transmitted on the network. + */ + WERROR svcctl_OpenSCManager2( + /*[in,ref] handle_t *binding_handle,*/ + [in,string,unique,charset(UTF16)] uint16 *database_name, + [in] uint32 desired_access, + [out,ref] policy_handle *handle + ); + + /*****************/ + /* Function 0x41 */ + [todo] WERROR svcctl_GetSharedServiceRegistryStateKey( + ); + + /*****************/ + /* Function 0x42 */ + [todo] WERROR svcctl_GetSharedServiceDirectory( + ); +} -- cgit v1.2.3