GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → apriorit → SvcHostDemo

apriorit / SvcHostDemo

Licence: MIT license
Demo service that runs in svchost.exe

Programming Languages

C++
36643 projects - #6 most used programming language
CMake
9771 projects
Batchfile
5799 projects

Labels

demowinapiwindows-servicesvchostundocumented

Projects that are alternatives of or similar to SvcHostDemo

SocketHook
Socket hook is an injector based on EasyHook (win only) which redirect the traffic to your local server.
Stars: ✭ 38 (-37.7%)
Mutual labels:  winapi, windows-service
UniWindowController
Makes your Unity window transparent and allows files dropping
Stars: ✭ 148 (+142.62%)
Mutual labels:  winapi
Winapi
A simple, direct, ultra-thin CLR library for high-performance Win32 Native Interop
Stars: ✭ 636 (+942.62%)
Mutual labels:  winapi
Winlamb
A lightweight modern C++11 library for Win32 API, using lambdas to handle Windows messages.
Stars: ✭ 157 (+157.38%)
Mutual labels:  winapi
Winapi Rs
Rust bindings to Windows API
Stars: ✭ 1,237 (+1927.87%)
Mutual labels:  winapi
Windows Hacks
Creative and unusual things that can be done with the Windows API.
Stars: ✭ 2,171 (+3459.02%)
Mutual labels:  winapi
Memoryjs
Read and write process memory in Node.js (Windows API functions exposed via Node bindings)
Stars: ✭ 371 (+508.2%)
Mutual labels:  winapi
GetConsoleHistoryAndOutput
An Incident Response tool to extract console command history and screen output buffer
Stars: ✭ 41 (-32.79%)
Mutual labels:  winapi
Injectopi
A set of tutorials about code injection for Windows.
Stars: ✭ 237 (+288.52%)
Mutual labels:  winapi
Win32 Programming
Win32编程
Stars: ✭ 151 (+147.54%)
Mutual labels:  winapi
Ai tetris
AI 俄罗斯方块(C++)
Stars: ✭ 150 (+145.9%)
Mutual labels:  winapi
Keylogger
A powerful C keylogger for Windows.
Stars: ✭ 89 (+45.9%)
Mutual labels:  winapi
Xdpw
XD Pascal: A small embeddable self-hosting Pascal compiler for Windows. Supports Go-style methods and interfaces
Stars: ✭ 199 (+226.23%)
Mutual labels:  winapi
Qtdirect3d
QDirect3DWidget implementation similar to the built-in QOpenGLWidget
Stars: ✭ 60 (-1.64%)
Mutual labels:  winapi
pulseaudio-win32
An up-to-date PulseAudio build for Windows with an installer, service, socket support, bug fixes, and new features.
Stars: ✭ 38 (-37.7%)
Mutual labels:  windows-service
Vanara
A set of .NET libraries for Windows implementing PInvoke calls to many native Windows APIs with supporting wrappers.
Stars: ✭ 544 (+791.8%)
Mutual labels:  winapi
Vac Hooks
Hook WinAPI functions used by Valve Anti-Cheat. Log calls and intercept arguments & return values. DLL written in C.
Stars: ✭ 103 (+68.85%)
Mutual labels:  winapi
Mctrl
C library providing set of additional user interface controls for Windows, intended to be complementary to standard Win32API controls from USER32.DLL and COMCTL32.DLL.
Stars: ✭ 169 (+177.05%)
Mutual labels:  winapi
ino
In 'n Out - See what goes in and comes out of PEs
Stars: ✭ 28 (-54.1%)
Mutual labels:  winapi
Topper
🎩 Simple Windows Service helper (Topshelf-based, Azure Web Job capable)
Stars: ✭ 28 (-54.1%)
Mutual labels:  windows-service
View All Similar Projects ➔

SvcHostDemo

Demo service that runs in svchost.exe

Introduction

svchost.exe is designed to save system resources by combining several services into one process. So a service is written as a dll and not as an exe file. Note that Microsoft do not recommend to host 3rd-party services into svchost.exe and its interface is undocumented (thus it may be changed in future). This project is just a demo for academic and research purpose.

Registration info

Group registration

Services are combined into groups. Each group has one instance of svchost.exe process. Groups are registered in the registry:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
Name Type Description
<group> REG_MULTI_SZ List of services

Group name is passed as a command-line parameter:

%SystemRoot%\System32\svchost.exe -k <group>

Service registration

A service has to be registered with the following type and image:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\<service>]
Name Type Value
ImagePath REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k <group>
Type REG_DWORD 0x20 (shared)

and specify its dll in the parameters key:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\<service>\Parameters]
Name Type Value
ServiceDll REG_EXPAND_SZ <path to dll>

Dll entry point

A dll has to export the following function:

VOID WINAPI ServiceMain(DWORD dwArgc, LPCWSTR* lpszArgv)

This function is very similar to the ServiceMain in a standard service.

How to run the sample

  • build with cmake
cmake -Hsrc -Bbuild64 -G"Visual Studio 14 2015 Win64"
cmake --build build64 --config RelWithDebInfo -- /m /v:m
  • copy SvcHostDemo.dll to system32
  • run install from src/Scripts
  • run start from src/Scripts
  • run stop from src/Scripts
  • run uninstall from src/Scripts
  • delete SvcHostDemo.dll from system32
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].