Void OpenFileAtTheHostSide ( char *lpszFilePath ) It interacting with the Parallels kernel driver and executing specified file at the host side: The following function was implemented after the short reverse engineering of shell extension. It's also interesting and useful, that this action can be triggered from Windows user account with any privileges (including Guest):Īnd because the target file will be opened at the host side with privileges of the current OS X user, it seems that "Access Windows folder from Mac" option is definitely breaks a security model that you're usually expecting from guest-host interaction. It consists from several magic values and pointer to the ASCII string with the target file path at 0圆0 offset:Ġ:037> da "\\psf\TC\dev\_exploits\prl_guet_"Ġ0000000`02c787f0 "to_host\New Text Document.txt"Īfter sending this IOCTL control request to the driver, specified file will be opened at the host side. ![]() I think the original poster and I hoped that, when there is already another dedicated dock icon for the Virtual Machine, then clicking the Parallels dock icon would always just solely open the Control Center (even if Control Center is minimized or not open yet), and you'd have to click the dedicated Virtual Machine dock icon(s) to go to the Virtual Machine(s).After the breakpoint on this DeviceIoControl() call we will obtain a call stack backatrace and function arguments:Ġ0000000`12bcd1c0 00007ff9`2a016969 PrlToolsShellExt!DllUnregisterServer 0x1596Ġ0000000`12bcd310 00007ff9`2a01fd71 SHEL元2!Ordinal93 0x225Ġ0000000`12bcd410 00007ff9`2a4cf03a SHEL元2!SHCreateDefaultContextMenu 0x581Ġ0000000`12bcd780 00007ff9`2a4cc4b1 SHEL元2!Ordinal927 0x156c2Ġ0000000`12bcdaf0 00007ff9`2a4c76f7 SHEL元2!Ordinal927 0x12b39Ġ0000000`12bcded0 00007ff9`21d09944 SHEL元2!Ordinal927 0xdd7fĠ0000000`12bcdf20 00007ff9`21d059d3 explorerframe!UIItemsView::ShowContextMenu 0x298įirst 4 arguments of the DeviceIoControl(), rcx - device handle, r8 - input buffer, r9 - buffer length: ![]() (By the way, I also noticed that continuing to click the Parallels icon will cycle between the Control Center and open VM (and presumably cycle through all open VMs if multiple are open, but I only tried with one VM running). But if the Control Center is closed or minimized, then clicking the Parallels icon will only go to the running Virtual Machine, even though there is a separate dock icon for the virtual machine that we could have clicked on if we wanted that. ![]() I verified that if the Control Center is already open (and not minimized, but being behind other windows or on a different Space is OK), then clicking the Parallels icon will activate the Control Center (and switch to its Space if it's on another Space). Ok, I just verified that in 16.1.3, this kind of works.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |