nefarius/SmartArrayControllerTool
1
0
Fork 0
Code
SmartArrayControllerTool/SmartArrayControllerTool/SmartArrayControllerTool.cpp

168 lines
7.6 KiB
C++
Raw Blame History

//
// WinAPI
//
#define WIN32_LEAN_AND_MEAN
#include <Windows.h>
#include <winioctl.h>
#include <ntddscsi.h>
#include <devioctl.h>
#include <ntdddisk.h>
#include <ntddscsi.h>
#define _NTSCSI_USER_MODE_
#include <scsi.h>
#include <stdint.h>
#include "ScsiStuff.h"
//
// STL
//
#include <algorithm>
#include <codecvt>
#include <iomanip>
#include <iostream>
#include <locale>
#include <sstream>
#include <vector>
std::wstring_convert<std::codecvt_utf8_utf16<wchar_t>> converter;
//
// Sends a sample request, sniffed from the official HP Array Configuration Utility
//
void MiniportExample(HANDLE handle)
{
// this identifies a HP P410 under Windows HP storage driver
auto signature = "CPQCISS";
// this request should return some info like HP, P410, Mar 26 2015 15:51:27, 6.63 etc.
UCHAR payload[] = {
0x1C, 0x00, 0x00, 0x00, 0x43, 0x50, 0x51, 0x43, 0x49, 0x53, 0x53, 0x00, 0xB4, 0x00, 0x00, 0x00, 0x02, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x78, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xB4, 0x00, 0x0A, 0x00, 0x26, 0x00, 0x00, 0x00, 0x00, 0x00, 0x11, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
PSRB_IO_CONTROL pIoControl = (PSRB_IO_CONTROL)&payload[0];
std::wcout << L"[I] - HeaderLength: " << std::dec << pIoControl->HeaderLength << std::endl;
std::wcout << L"[I] - Signature: " << converter.from_bytes((const char*)pIoControl->Signature) << std::endl;
std::wcout << L"[I] - Timeout: " << std::dec << pIoControl->Timeout << std::endl;
std::wcout << L"[I] - ControlCode: " << std::hex << pIoControl->ControlCode << std::endl;
std::wcout << L"[I] - ReturnCode: " << std::dec << pIoControl->ReturnCode << std::endl;
std::wcout << L"[I] - Length: " << std::dec << pIoControl->Length << std::endl;
std::wcout << std::endl;
DWORD bytesReturned = 0;
BOOL ret = DeviceIoControl(
handle,
IOCTL_SCSI_MINIPORT,
payload,
ARRAYSIZE(payload),
payload,
ARRAYSIZE(payload),
&bytesReturned,
nullptr
);
if (ret)
{
std::wcout << L"Request succeeded" << std::endl;
std::wcout << std::endl;
std::wcout << L"[O] - HeaderLength: " << std::dec << pIoControl->HeaderLength << std::endl;
std::wcout << L"[O] - Signature: " << converter.from_bytes((const char*)pIoControl->Signature) << std::endl;
std::wcout << L"[O] - Timeout: " << std::dec << pIoControl->Timeout << std::endl;
std::wcout << L"[O] - ControlCode: " << std::hex << pIoControl->ControlCode << std::endl;
std::wcout << L"[O] - ReturnCode: " << std::dec << pIoControl->ReturnCode << std::endl;
std::wcout << L"[O] - Length: " << std::dec << pIoControl->Length << std::endl;
std::wcout << std::endl;
//
// Skips sizeof(SRB_IO_CONTROL) and only dumps the data buffer afterwards
//
const std::vector<char> buffer((PUCHAR)payload + pIoControl->HeaderLength, (PUCHAR)payload + pIoControl->HeaderLength + pIoControl->Length);
std::wostringstream ss;
ss << std::hex << std::uppercase << std::setfill(L'0');
std::for_each(buffer.cbegin(), buffer.cend(), [&](int c) { ss << std::setw(2) << c << L" "; });
const std::wstring hexString = ss.str();
std::wcout << L"Result buffer: " << hexString << std::endl;
}
else
{
std::wcerr << L"Failed to send request, error: 0x" << std::hex << GetLastError() << std::endl;
}
}
int wmain(int argc, wchar_t* argv[])
{
if (argc < 2)
{
std::wcerr << L"Please specify device index" << std::endl;
return -1;
}
const std::wstring deviceName = std::wstring(L"\\\\.\\Scsi").append(argv[1]).append(L":");
const HANDLE handle = CreateFile(
deviceName.c_str(),
GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_READ | FILE_SHARE_WRITE,
nullptr,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
nullptr
);
const DWORD error = GetLastError();
if (handle == INVALID_HANDLE_VALUE)
{
std::wcerr << L"Failed to open device " << deviceName << ", error: 0x" << std::hex << error << std::endl;
return -1;
}
std::wcout << L"Successfully opened device " << deviceName << std::endl;
MiniportExample(handle);
CloseHandle(handle);
}
View Git Blame Copy Permalink