From 5b091dee56028b8a950e3fdf7adf1fb146dd0189 Mon Sep 17 00:00:00 2001 From: Nick Bolton Date: Mon, 10 Mar 2025 12:26:09 +0000 Subject: [PATCH] refactor: Rename SAS IPC event name to be more specific --- src/lib/common/common.h | 3 ++- src/lib/platform/MSWindowsKeyState.cpp | 8 ++++---- src/lib/platform/MSWindowsWatchdog.cpp | 2 +- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/src/lib/common/common.h b/src/lib/common/common.h index 9356e73d3..e085a03e0 100644 --- a/src/lib/common/common.h +++ b/src/lib/common/common.h @@ -46,6 +46,7 @@ enum namespace deskflow::common { const auto kCloseEventName = "Global\\DeskflowClose"; +const auto kSendSasEventName = "Global\\DeskflowSendSAS"; -} +} // namespace deskflow::common #endif diff --git a/src/lib/platform/MSWindowsKeyState.cpp b/src/lib/platform/MSWindowsKeyState.cpp index f530add0a..958ae9e30 100644 --- a/src/lib/platform/MSWindowsKeyState.cpp +++ b/src/lib/platform/MSWindowsKeyState.cpp @@ -760,11 +760,11 @@ bool MSWindowsKeyState::fakeCtrlAltDel() // History: It used to be possible to use `PostMessage` to send `MOD_CONTROL | MOD_ALT, VK_DELETE` // as a backup but this ability was removed by Microsoft for security in favor of requiring the // `SendSAS` event to be used, which makes DoS and social engineering attacks more difficult. - HANDLE hEvtSendSas = OpenEvent(EVENT_MODIFY_STATE, FALSE, "Global\\SendSAS"); - if (hEvtSendSas) { + HANDLE hSendSasEvent = OpenEvent(EVENT_MODIFY_STATE, FALSE, deskflow::common::kSendSasEventName); + if (hSendSasEvent) { LOG_DEBUG("found SendSAS event, simulating ctrl+alt+del"); - SetEvent(hEvtSendSas); - CloseHandle(hEvtSendSas); + SetEvent(hSendSasEvent); + CloseHandle(hSendSasEvent); return true; } else { LOG_ERR("couldn't find SendSAS event, unable to simulate ctrl+alt+del"); diff --git a/src/lib/platform/MSWindowsWatchdog.cpp b/src/lib/platform/MSWindowsWatchdog.cpp index 8bae796af..e54b0d20a 100644 --- a/src/lib/platform/MSWindowsWatchdog.cpp +++ b/src/lib/platform/MSWindowsWatchdog.cpp @@ -567,7 +567,7 @@ void MSWindowsWatchdog::sendSas() const throw XArch("SendSAS function not initialized"); } - HANDLE sendSasEvent = CreateEvent(nullptr, FALSE, FALSE, "Global\\SendSAS"); + HANDLE sendSasEvent = CreateEvent(nullptr, FALSE, FALSE, deskflow::common::kSendSasEventName); if (sendSasEvent == nullptr) { LOG_ERR("could not create SendSAS event"); throw XArch(new XArchEvalWindows());