SHARE
TWEET

Untitled

a guest Jul 20th, 2019 70 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #include <iostream>
  2. #include <locale>
  3. #include <codecvt>
  4. #include <string>
  5.  
  6. #include <Windows.h>
  7. #include <WinBase.h>
  8. #include <io.h>
  9. #include <fcntl.h>
  10.  
  11. void getADS_find(const std::wstring& filename) {
  12.     WIN32_FIND_STREAM_DATA fileData, streamData;
  13.     constexpr DWORD reserved = 0;
  14.  
  15.     HANDLE file = FindFirstStreamW(filename.c_str(), FindStreamInfoStandard, &fileData, reserved);
  16.     if (file == INVALID_HANDLE_VALUE)
  17.         return;
  18.  
  19.     while (FindNextStreamW(file, &streamData)) {
  20.         std::wcout << L"\t" << streamData.cStreamName << L"\t(size: " << streamData.StreamSize.QuadPart << L")" << std::endl;
  21.     }
  22. }
  23.  
  24. namespace {
  25.     constexpr auto ALTERNATE_DATA_STREAM = 0x4;
  26. }
  27.  
  28. void getADS_backup(const std::wstring& filename) {
  29.     HANDLE file = CreateFileW(filename.c_str(), GENERIC_READ, FILE_SHARE_READ, nullptr, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, nullptr);
  30.     if (file == INVALID_HANDLE_VALUE)
  31.         return;
  32.  
  33.     DWORD bytesRead = 0;
  34.     LPVOID ptr = nullptr;
  35.  
  36.     WIN32_STREAM_ID streamInfo;
  37.     WCHAR streamName[MAX_PATH + 1];
  38.  
  39.     while (BackupRead(file, (LPBYTE)&streamInfo, sizeof(WIN32_STREAM_ID) - 4, &bytesRead, FALSE, FALSE, &ptr)) {
  40.         if (streamInfo.dwStreamId == ALTERNATE_DATA_STREAM) {
  41.             memset(streamName, NULL, sizeof(streamName));
  42.             if (!BackupRead(file, (LPBYTE)streamName, streamInfo.dwStreamNameSize, &bytesRead, FALSE, TRUE, &ptr))
  43.                 break;
  44.             std::wcout << L"\t" << std::wstring(streamName, bytesRead) << L"\t(size: " << streamInfo.Size.QuadPart << L")" << std::endl;
  45.         }
  46.  
  47.         DWORD low, high;
  48.         if (!BackupSeek(file, streamInfo.Size.LowPart, streamInfo.Size.HighPart, &low, &high, &ptr)) {
  49.             break;
  50.         }
  51.     }
  52.  
  53.     // call ABORT on backup
  54.     BackupRead(file, (LPBYTE)&streamInfo, sizeof(WIN32_STREAM_ID), &bytesRead, TRUE, TRUE, &ptr);
  55. }
  56.  
  57. int main(int argc, char *argv[]) {
  58.     if (argc != 2) {
  59.         std::cerr << "Usage: " << argv[0] << " <path to file>" << std::endl;
  60.         exit(-1);
  61.     }
  62.  
  63.     // set console mode to handle weird UTF-16 characters
  64.     _setmode(_fileno(stdout), _O_U16TEXT);
  65.  
  66.     std::wstring filename = std::wstring_convert<std::codecvt_utf8<wchar_t>>().from_bytes(argv[1]);
  67.     std::wcout << filename << L": // using FindFirstStream, FindNextStream" << std::endl;
  68.     getADS_find(filename);
  69.  
  70.     std::wcout << std::endl;
  71.     std::wcout << filename << L": // using BackupRead, BackupSeek" << std::endl;
  72.     getADS_backup(filename);
  73. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top