Mutear Autoescucha Microfono
Publicado: 03 Jun 2015, 17:24
Bueno para los que esten interesado en algo aparte del malware. hice este codigo hace tiempo para ayudar en un tema en el foro en ingles. ademas es un buen ejemplo de iunkown interface. Básicamente lo que hace es mutear la auto escucha del microfono. dejo una imagen como referencia de lo que el código hace. (no mueve el ratón no nada de eso todo lo hace internamente con la interface.)
Saludos
Opt("MustDeclareVars", 1)
Global Enum $eRender, $eCapture, $eAll, $EDataFlow_enum_count
Global Enum $eConsole, $eMultimedia, $eCommunications, $ERole_enum_count
Global Const $CLSCTX_INPROC_SERVER = 1
Global Const $E_NOTFOUND = 0x80070490
Global Const $S_OK = 0
Global Const $CLSID_MMDeviceEnumerator = "{BCDE0395-E52F-467C-8E3D-C4579291692E}"
Global Const $IID_IMMDeviceEnumerator = "{A95664D2-9614-4F35-A746-DE8DB63617E6}"
Global Const $tagIMMDeviceEnumerator = _
"EnumAudioEndpoints hresult(int;dword;ptr*);" & _
"GetDefaultAudioEndpoint hresult(int;int;ptr*);" & _
"GetDevice hresult(wstr;ptr*);" & _
"RegisterEndpointNotificationCallback hresult(ptr);" & _
"UnregisterEndpointNotificationCallback hresult(ptr)"
Global Const $IID_IMMDevice = "{D666063F-1587-4E43-81F1-B948E807363F}"
Global Const $tagIMMDevice = _
"Activate hresult(struct*;dword;ptr;ptr*);" & _
"OpenPropertyStore hresult(dword;ptr*);" & _
"GetId hresult(wstr*);" & _
"GetState hresult(dword*)"
Global Const $IID_IDeviceTopology = "{2A07407E-6497-4A18-9787-32F79BD0D98F}"
Global Const $tagIDeviceTopology = "GetConnectorCount hresult(int*);GetConnector hresult(int;ptr*);" & _
"GetSubunitCount hresult(int*);GetSubunit hresult(int;ptr*);GetPartById hresult(int,ptr*);GetDeviceId hresult(ptr*);GetSignalPath hresult(ptr;ptr;bool;ptr*)"
Global Const $IID_IConnector = "{9c2c4058-23f5-41de-877a-df3af236a09e}"
Global Const $tagIConnector = "GetType hresult(ptr*);GetDataFlow hresult(ptr*);ConnectTo hresult(ptr);Disconnect hresult(none);IsConnected hresult(int*);" & _
"GetConnectedTo hresult(ptr*);GetConnectorIdConnectedTo hresult(wstr*);GetDeviceIdConnectedTo hresult(wstr*)"
Global Const $IID_IPart = "{AE2DE0E4-5BCA-4F2D-AA46-5D13F8FDB3A9}"
Global Const $tagIPart = "GetName hresult(wstr*);GetLocalId hresult(uint*);GetGlobalId hresult(wstr*);GetPartType hresult(ptr);GetSubType hresult(ptr);" & _
"GetControlInterfaceCount hresult(uint*);GetControlInterface hresult(int;ptr*);EnumPartsIncoming hresult(ptr*);EnumPartsOutgoing hresult(ptr*);" & _
"GetTopologyObject hresult(ptr*);Activate hresult(dword;struct*;ptr*);RegisterControlChangeCallback hresult(ptr);UnregisterControlChangeCallback hresult(ptr)"
Global Const $IID_IPartsList = "{6DAA848C-5EB0-45CC-AEA5-998A2CDA1FFB}"
Global Const $tagIPartsList = "GetCount hresult(uint*);GetPart hreuslt(uint;ptr*)"
Global Const $IID_IAudioMute = "{DF45AEEA-B74A-4B6B-AFAD-2366B6AA012E}"
Global Const $tagIAudioMute = "SetMute hresult(bool;ptr);GetMute hresult(int*)"
MUTE()
Func MUTE()
Local $hr = -1
Local $oMMDeviceEnumerator = ObjCreateInterface($CLSID_MMDeviceEnumerator, $IID_IMMDeviceEnumerator, $tagIMMDeviceEnumerator)
If @error Then
ConsoleWrite("!Error Creating IMMDeviceEnumerator Interface" & @CRLF)
Exit
EndIf
Local $pDevice = 0
$hr = $oMMDeviceEnumerator.GetDefaultAudioEndpoint($eRender, $eConsole, $pDevice)
If FAILED($hr) Then
ConsoleWrite("!Error Getting Default Render Endpoint Device" & @CRLF)
$oMMDeviceEnumerator = 0
Exit
EndIf
Local $oMMDevice = ObjCreateInterface($pDevice, $IID_IMMDevice, $tagIMMDevice)
If @error Then
ConsoleWrite("!Error Creating IMMDevice Interface" & @CRLF)
$oMMDeviceEnumerator = 0
Exit
EndIf
Local $pDeviceTopology = 0
$hr = $oMMDevice.Activate(__uuidof($IID_IDeviceTopology), $CLSCTX_INPROC_SERVER, 0, $pDeviceTopology)
If FAILED($hr) Then
ConsoleWrite("!Error Getting Device Topology" & @CRLF)
$oMMDeviceEnumerator = 0
$oMMDevice = 0
Exit
EndIf
Local $oDeviceTopology = ObjCreateInterface($pDeviceTopology, $IID_IDeviceTopology, $tagIDeviceTopology)
If @error Then
ConsoleWrite("!Error Creating IDeviceTopology Interface" & @CRLF)
$oMMDeviceEnumerator = 0
$oMMDevice = 0
Exit
EndIf
Local $pConnEndpoint = 0
$hr = $oDeviceTopology.GetConnector(0, $pConnEndpoint)
If FAILED($hr) Then
ConsoleWrite("!Error Getting endpoint Connector" & @CRLF)
$oMMDeviceEnumerator = 0
$oMMDevice = 0
$oDeviceTopology = 0
Exit
EndIf
Local $oIConnector = ObjCreateInterface($pConnEndpoint, $IID_IConnector, $tagIConnector)
If @error Then
ConsoleWrite("!Error Creating IConnector Interface" & @CRLF)
$oMMDeviceEnumerator = 0
$oMMDevice = 0
$oDeviceTopology = 0
Exit
EndIf
Local $pConnDevice = 0
$hr = $oIConnector.GetConnectedTo($pConnDevice)
If FAILED($hr) Then
ConsoleWrite("!Error GetConnectedTo Device" & @CRLF)
$oMMDeviceEnumerator = 0
$oMMDevice = 0
$oDeviceTopology = 0
Exit
EndIf
Local $oConnDevice = ObjCreateInterface($pConnDevice, $IID_IConnector, $tagIConnector)
If @error Then
ConsoleWrite("!Error Creation oConnDevice(IConnector) Interface" & @CRLF)
$oMMDeviceEnumerator = 0
$oMMDevice = 0
$oDeviceTopology = 0
Exit
EndIf
Local $pPart = 0
$hr = $oConnDevice.QueryInterface($IID_IPart, $pPart)
If FAILED($hr) Then
ConsoleWrite("!Error Getting Part" & @CRLF)
$oMMDeviceEnumerator = 0
$oMMDevice = 0
$oDeviceTopology = 0
$oConnDevice = 0
Exit
EndIf
Local $oIPart = ObjCreateInterface($pPart, $IID_IPart, $tagIPart)
If @error Then
ConsoleWrite("!Error Creating IPart Interface" & @CRLF)
$oMMDeviceEnumerator = 0
$oMMDevice = 0
$oDeviceTopology = 0
Exit
EndIf
ConsoleWrite(">>>>>>>>>>>>>>>>>BEGIN<<<<<<<<<<<<<<<<<<<<" & @CRLF)
GetPart($oIPart)
$oIPart = 0
EndFunc
Func GetPart(ByRef $oIPart)
Local $sPartName = ""
Local $PartLocalId = ""
Local $hr = -1
ConsoleWrite("+Part" & @CRLF)
$hr = $oIPart.GetName($sPartName)
If FAILED($hr) Then
ConsoleWrite("Not Part Name" & @CRLF)
Return $hr
EndIf
$oIPart.GetLocalId($PartLocalId)
If FAILED($hr) Then
ConsoleWrite("Not Part ID" & @CRLF)
Return $hr
EndIf
ConsoleWrite(">" & $sPartName)
ConsoleWrite(" ID: " & $PartLocalId & @CRLF)
If StringInStr($sPartName, "mic") Then
Local $pIAudioMute = 0
Local $bMute = 0
Local $oIAudioMute = 0
$hr = $oIPart.Activate($CLSCTX_INPROC_SERVER, __uuidof($IID_IAudioMute), $pIAudioMute)
If SUCCEEDED($hr) Then
$oIAudioMute = ObjCreateInterface($pIAudioMute, $IID_IAudioMute, $tagIAudioMute)
If @error Then
ConsoleWrite("!Error Creating IAudioMute Interface")
EndIf
$hr = $oIAudioMute.GetMute($bMute)
If FAILED($hr) Then
ConsoleWrite("!Error Getting Mute State" & @CRLF)
EndIf
$hr = $oIAudioMute.SetMute(Not ($bMute), Null)
If SUCCEEDED($hr) Then
ConsoleWrite("!MUTE: " & (($bMute = False) ? "ON!" : "OFF!") & @CRLF)
TrayTip("!MUTE: " & (($bMute = False) ? "ON!" : "OFF!"), "Danyfirex", 2, 1)
Sleep(2000)
EndIf
EndIf
EndIf
Local $pIncomingParts = 0
$hr = $oIPart.EnumPartsIncoming($pIncomingParts)
If ($hr = $E_NOTFOUND) Then
ConsoleWrite("Not incoming Parts in Part" & @CRLF)
Return $S_OK
EndIf
If FAILED($hr) Then
ConsoleWrite("!ERROR Enumerating incoming Parts" & @CRLF)
Return $hr
EndIf
Local $oIPartsList = ObjCreateInterface($pIncomingParts, $IID_IPartsList, $tagIPartsList)
If @error Then
ConsoleWrite("!Error Creating IPartsList Interface")
EndIf
Local $iNParts = 0
$oIPartsList.GetCount($iNParts)
If FAILED($hr) Then
ConsoleWrite("Couldn't get count of incoming parts")
Return $hr
EndIf
Local $pIncomingPart = 0
Local $oIPart2 = 0
For $i = 0 To $iNParts - 1
$hr = $oIPartsList.GetPart($i, $pIncomingPart)
If (FAILED($hr)) Then
ConsoleWrite("Not Got Part" & @CRLF)
$oIPartsList = 0
Return $hr
EndIf
Local $oIPart2 = ObjCreateInterface($pIncomingPart, $IID_IPart, $tagIPart)
If @error Then
ConsoleWrite("!Error Creating IPartsList(2) Interface")
$oIPartsList = 0
Return $hr
EndIf
$hr = GetPart($oIPart2)
If FAILED($hr) Then
$oIPartsList = 0
$oIPart2 = 0
Return $hr
EndIf
Next
$oIPart2=0
Return $S_OK
EndFunc ;==>GetPart
Func __uuidof($sGUID)
Local $tGUID = DllStructCreate("ulong Data1;ushort Data2;ushort Data3;byte Data4[8]")
DllCall("ole32.dll", "long", "CLSIDFromString", "wstr", $sGUID, "struct*", $tGUID)
If @error Then Return SetError(@error, @extended, 0)
Return $tGUID
EndFunc ;==>__uuidof
Func SUCCEEDED($hr)
Return ($hr >= 0)
EndFunc ;==>SUCCEEDED
Func FAILED($hr)
Return ($hr < 0)
EndFunc ;==>FAILEDSaludos