Skip to content

Commit

Permalink
👀 Implement auto ifeo binary validation
Browse files Browse the repository at this point in the history
  • Loading branch information
@valnoxy
valnoxy committed Feb 9, 2023
1 parent 30b7095 commit f7456d1
Show file tree
Hide file tree
Showing 8 changed files with 322 additions and 67 deletions.
113 changes: 93 additions & 20 deletions GoAwayEdge/App.xaml.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,10 +35,15 @@ public void Application_Startup(object sender, StartupEventArgs e)
{
// Restart program and run as admin
var exeName = System.Diagnostics.Process.GetCurrentProcess().MainModule?.FileName;
ProcessStartInfo startInfo = new ProcessStartInfo(exeName);
startInfo.Verb = "runas";
startInfo.UseShellExecute = true;
System.Diagnostics.Process.Start(startInfo);
if (exeName != null)
{
var startInfo = new ProcessStartInfo(exeName)
{
Verb = "runas",
UseShellExecute = true
};
System.Diagnostics.Process.Start(startInfo);
}
Application.Current.Shutdown();
return;
}
Expand All @@ -52,16 +57,85 @@ public void Application_Startup(object sender, StartupEventArgs e)
Output.WriteLine("Please go away Edge!");
Output.WriteLine("Hooked into process via IFEO successfully.");
var argumentJoin = string.Join(",", args);

#if DEBUG
Clipboard.SetText(argumentJoin);
MessageBox.Show("The following args was redirected (copied to clipboard):\n\n" + argumentJoin, "Go away Edge", MessageBoxButton.OK, MessageBoxImage.Information);
MessageBox.Show("The following args was redirected (copied to clipboard):\n\n" + argumentJoin, "GoAwayEdge", MessageBoxButton.OK, MessageBoxImage.Information);
#endif
Output.WriteLine("Command line args:\n\n" + argumentJoin + "\n", ConsoleColor.Gray);

// Filter command line args
foreach (var arg in args)
{
if (arg.Contains("-ToastActivated"))
{
// Clicked on Toast notification, ignore it.
Environment.Exit(0);
}
if (arg.Contains("--update"))
{
var statusEnv = Common.Updater.InitEnv();
if (statusEnv == false) Environment.Exit(1);

// Validate IFEO bínary
var binaryStatus = Common.Updater.ValidateIfeoBinary();
switch (binaryStatus)
{
case 0: // validated
break;
case 1: // failed validation
if (IsAdministrator() == false)
{
var result = MessageBox.Show("The IFEO exclusion file needs to be updated. Update now?", "GoAwayEdge", MessageBoxButton.YesNo, MessageBoxImage.Information);
if (result == MessageBoxResult.Yes)
{
// Restart program and run as admin
var exeName = System.Diagnostics.Process.GetCurrentProcess().MainModule?.FileName;
if (exeName != null)
{
var startInfo = new ProcessStartInfo(exeName)
{
Verb = "runas",
UseShellExecute = true,
Arguments = "--update"
};
System.Diagnostics.Process.Start(startInfo);
}
Application.Current.Shutdown();
return;
}
Environment.Exit(0);
}
Updater.ModifyIfeoBinary(ModifyAction.Update);
break;
case 2: // missing
if (IsAdministrator() == false)
{
var result = MessageBox.Show("The IFEO exclusion file is missing and need to be copied. Copy now?", "GoAwayEdge", MessageBoxButton.YesNo, MessageBoxImage.Information);
if (result == MessageBoxResult.Yes)
{
// Restart program and run as admin
var exeName = System.Diagnostics.Process.GetCurrentProcess().MainModule?.FileName;
if (exeName != null)
{
var startInfo = new ProcessStartInfo(exeName)
{
Verb = "runas",
UseShellExecute = true,
Arguments = "--update"
};
System.Diagnostics.Process.Start(startInfo);
}
Application.Current.Shutdown();
return;
}
Environment.Exit(0);
}
Updater.ModifyIfeoBinary(ModifyAction.Create);
break;
}
Environment.Exit(0);
}
if (arg.Contains("microsoft-edge:"))
{
_url = arg;
Expand All @@ -83,16 +157,15 @@ public void Application_Startup(object sender, StartupEventArgs e)
};
}

if (e.Args.Length == 2 && arg.Contains("msedge.exe")) // Opens Edge normally
{
Process p = new Process();
p.StartInfo.FileName = "msedge_ifeo.exe";
p.StartInfo.Arguments = "";
p.StartInfo.UseShellExecute = true;
p.StartInfo.RedirectStandardOutput = false;
p.Start();
Environment.Exit(0);
}
if (e.Args.Length != 2 || !arg.Contains("msedge.exe")) continue; // Opens Edge normally

var p = new Process();
p.StartInfo.FileName = "msedge_ifeo.exe";
p.StartInfo.Arguments = "";
p.StartInfo.UseShellExecute = true;
p.StartInfo.RedirectStandardOutput = false;
p.Start();
Environment.Exit(0);
}

// Open URL in default browser
Expand All @@ -101,7 +174,7 @@ public void Application_Startup(object sender, StartupEventArgs e)
var parsed = ParsingUrl(_url);
Output.WriteLine("Opening URL in default browser:\n\n" + parsed + "\n", ConsoleColor.Gray);

Process p = new Process();
var p = new Process();
p.StartInfo.FileName = parsed;
p.StartInfo.Arguments = "";
p.StartInfo.UseShellExecute = true;
Expand Down Expand Up @@ -172,7 +245,7 @@ private static string DotSlash(string url)

try // Decode base64 string from url
{
Uri uri = new Uri(url);
var uri = new Uri(url);
var query = HttpUtility.ParseQueryString(uri.Query).Get("url");
var decoded = Encoding.UTF8.GetString(Convert.FromBase64String(query));
if (decoded != null)
Expand All @@ -187,8 +260,8 @@ private static string DotSlash(string url)

private static bool IsAdministrator()
{
WindowsIdentity identity = WindowsIdentity.GetCurrent();
WindowsPrincipal principal = new WindowsPrincipal(identity);
var identity = WindowsIdentity.GetCurrent();
var principal = new WindowsPrincipal(identity);
return principal.IsInRole(WindowsBuiltInRole.Administrator);
}
}
Expand Down
12 changes: 12 additions & 0 deletions GoAwayEdge/Common/Configuration.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,4 +25,16 @@ internal class Configuration
public static SearchEngine Search { get; set; }
public static bool Uninstall { get; set; }
}

internal enum ModifyAction
{
Create,
Update
}

internal class FileConfiguration
{
public static string EdgePath = "";
public static string IfeoPath = "";
}
}
136 changes: 136 additions & 0 deletions GoAwayEdge/Common/Updater.cs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,136 @@
using Microsoft.Win32;
using System;
using System.IO;
using System.Windows;
using Microsoft.Toolkit.Uwp.Notifications;
using System.Security.Cryptography;

namespace GoAwayEdge.Common
{
internal class Updater
{
/// <summary>
/// Initialize the current environment.
/// </summary>
/// <returns>
/// Boolean status of the initialization.
/// </returns>
public static bool InitEnv()
{
try
{
// Get Ifeo-Path
var key = Registry.LocalMachine.OpenSubKey(
@"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msedge.exe\0");
if (key == null)
{
Console.WriteLine("Registry key not found.");
return false;
}

var IfeoBinaryPath = (string)key.GetValue("FilterFullPath");
if (IfeoBinaryPath == null)
{
Console.WriteLine("FilterFullPath value not found.");
return false;
}

FileConfiguration.EdgePath = Path.GetDirectoryName(IfeoBinaryPath) + "\\msedge.exe";
FileConfiguration.IfeoPath = Path.GetDirectoryName(IfeoBinaryPath) + "\\msedge_ifeo.exe";
return true;
}
catch (Exception ex)
{
MessageBox.Show($"Initialization failed!\n{ex.Message}", "GoAwayEdge", MessageBoxButton.OK, MessageBoxImage.Error);
return false;
}
}

/// <summary>
/// Validates if the installed IFEO-Binary is identical with the Edge-Binary.
/// </summary>
/// <returns>
/// Integer value if the Binary is identical, not identical or missing.
/// 0 : true
/// 1 : false
/// 2 : missing
/// </returns>
public static int ValidateIfeoBinary()
{
// Get Ifeo-Path
var key = Registry.LocalMachine.OpenSubKey(@"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msedge.exe\0");
if (key == null)
{
Console.WriteLine("Registry key not found.");
return 2;
}

var IfeoBinaryPath = (string)key.GetValue("FilterFullPath");
if (IfeoBinaryPath == null)
{
Console.WriteLine("FilterFullPath value not found.");
return 2;
}

if (File.Exists(IfeoBinaryPath))
{
var EdgeBinaryPath = Path.GetDirectoryName(IfeoBinaryPath) + "\\msedge.exe";
IfeoBinaryPath = Path.GetDirectoryName(IfeoBinaryPath) + "\\msedge_ifeo.exe";

var edgeHash = CalculateMD5(EdgeBinaryPath);
var ifeoHash = CalculateMD5(IfeoBinaryPath);
#if DEBUG
if (edgeHash != ifeoHash)
MessageBox.Show($"The Edge Hash ({edgeHash}) and Ifeo Hash ({ifeoHash}) are not identical. Validation failed!", "GoAwayEdge", MessageBoxButton.OK, MessageBoxImage.Warning);
#endif

return edgeHash != ifeoHash ? 1 : 0;
}
else
{
Console.WriteLine($"FilterFullPath does not exist: {IfeoBinaryPath}");
return 2;
}
}

/// <summary>
/// Modifies the Ifeo Binary.
/// </summary>
public static void ModifyIfeoBinary(ModifyAction action)
{
switch (action)
{
case ModifyAction.Update:
case ModifyAction.Create:
{
try
{
File.Copy(FileConfiguration.EdgePath, FileConfiguration.IfeoPath, true);
new ToastContentBuilder()
.AddText("Update successful")
.AddText("The IFEO binary was successfully updated.")
.Show();
}
catch (Exception ex)
{
MessageBox.Show($"Update failed!\n{ex.Message}", "GoAwayEdge", MessageBoxButton.OK,
MessageBoxImage.Error);
}
break;
}
}
}

private static string CalculateMD5(string filename)
{
using (var md5 = MD5.Create())
{
using (var stream = File.OpenRead(filename))
{
var hash = md5.ComputeHash(stream);
return BitConverter.ToString(hash).Replace("-", "").ToLowerInvariant();
}
}
}
}
}
10 changes: 6 additions & 4 deletions GoAwayEdge/GoAwayEdge.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
<Project Sdk="Microsoft.NET.Sdk">
<Project Sdk="Microsoft.NET.Sdk">

<PropertyGroup>
<OutputType>WinExe</OutputType>
<TargetFramework>net7.0-windows</TargetFramework>
<TargetFramework>net7.0-windows10.0.18362.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
<PublishSingleFile>true</PublishSingleFile>
Expand All @@ -13,8 +13,8 @@
<AssemblyName>GoAwayEdge</AssemblyName>
<Company>Exploitox</Company>
<Authors>valnoxy</Authors>
<Version>1.0.1.12</Version>
<Copyright>Copyright (c) 2018 - 2022 Exploitox. All rights reserved.</Copyright>
<Version>1.0.2.26</Version>
<Copyright>Copyright (c) 2018 - 2023 Exploitox. All rights reserved.</Copyright>
<PackageProjectUrl>https://github.com/valnoxy/GoAwayEdge</PackageProjectUrl>
<RepositoryUrl>https://github.com/valnoxy/GoAwayEdge</RepositoryUrl>
<StartupObject>GoAwayEdge.App</StartupObject>
Expand All @@ -26,6 +26,8 @@
</ItemGroup>

<ItemGroup>
<PackageReference Include="Microsoft.Toolkit.Uwp.Notifications" Version="7.1.3" />
<PackageReference Include="TaskScheduler" Version="2.10.1" />
<PackageReference Include="WPF-UI" Version="2.0.3" />
</ItemGroup>

Expand Down
Loading

0 comments on commit f7456d1

Please sign in to comment.