📄 callgate.h
字号:
#include <ntddk.h>
#include <string.h>
#include <stdarg.h>
#include <stdio.h>
#include "stdlib.h"
#define FILE_DEVICE_FLT 0x00008300
#define CALLGATE_IOCTL_INDEX 0x830
#define CALLGATE_IOCTL_INDEX1 0x831
typedef struct
{
unsigned short limit_0_15;
unsigned short base_0_15;
unsigned char base_16_23;
unsigned char accessed : 1;
unsigned char readable : 1;
unsigned char conforming : 1;
unsigned char code_data : 1;
unsigned char app_system : 1;
unsigned char dpl : 2;
unsigned char present : 1;
unsigned char limit_16_19 : 4;
unsigned char unused : 1;
unsigned char always_0 : 1;
unsigned char seg_16_32 : 1;
unsigned char granularity : 1;
unsigned char base_24_31;
} CODE_SEG_DESCRIPTOR;
typedef struct
{
unsigned short offset_0_15;
unsigned short selector;
unsigned char param_count : 4;
unsigned char some_bits : 4;
unsigned char type : 4;
unsigned char app_system : 1;
unsigned char dpl : 2;
unsigned char present : 1;
unsigned short offset_16_31;
} CALLGATE_DESCRIPTOR;
typedef struct CallGateInfo {
void *FunctionLinearAddress;
int NumberOfParameters;
unsigned short CodeSelector;
unsigned short CallGateSelector;
} CallGateInfo_t, *PCallGateInfo_t;
#define IOCTL_CALLGATE_CREATE CTL_CODE(FILE_DEVICE_CALLGATE, \
CALLGATE_IOCTL_INDEX, \
METHOD_BUFFERED, \
FILE_ANY_ACCESS)
#define IOCTL_CALLGATE_RELEASE CTL_CODE(FILE_DEVICE_CALLGATE, \
CALLGATE_IOCTL_INDEX1, \
METHOD_BUFFERED, \
FILE_ANY_ACCESS)
/***********************************
函数原型: NTSTATUS OpenDebugFile(HANDLE * phandle)
函数功能: 使用追加写方式打开调试输出文件
调用关系:
入口参数:
出口参数: 返回文件句柄 phandel
返回值: 不成功 NT_SUCCESS( ntStatus ) =0
备 注: 打开的文件名称为 "C:\debug.txt"
可以通过打开其它设备驱动程序而将数据写入,
************************************/
NTSTATUS OpenDebugFile(HANDLE * phandle)
{
static WCHAR pFileName[] = L"\\DosDevices\\C:\\debug.txt";
UNICODE_STRING unstrFileName;
OBJECT_ATTRIBUTES obj_attr;
NTSTATUS ntStatus;
IO_STATUS_BLOCK IoStatus;
RtlInitUnicodeString(&unstrFileName, pFileName );
InitializeObjectAttributes( &obj_attr, &unstrFileName, OBJ_CASE_INSENSITIVE|OBJ_OPENIF, NULL, NULL);
ntStatus = ZwCreateFile( phandle,
SYNCHRONIZE | FILE_APPEND_DATA,
&obj_attr,
&IoStatus,
NULL,
FILE_ATTRIBUTE_NORMAL,
FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
FILE_OPEN_IF ,
FILE_NON_DIRECTORY_FILE|FILE_SYNCHRONOUS_IO_ALERT,
NULL,
0);
return ntStatus;
}
/***********************************
函数原型: NTSTATUS WriteString(char* pstr)
函数功能: 把pstr所指向的字符串写入文件
调用关系:
入口参数: pstr 指向的字符串
出口参数:
返回值 不成功 NT_SUCCESS( ntStatus ) =0
备 注:
************************************/
NTSTATUS WriteString(char* pstr)
{
HANDLE handle;
NTSTATUS ntStatus;
IO_STATUS_BLOCK IoStatus;
ntStatus = OpenDebugFile( &handle );
if ( NT_SUCCESS( ntStatus ) )
{
ntStatus = ZwWriteFile(handle, NULL, NULL, NULL, &IoStatus, pstr, strlen(pstr), NULL, NULL);
ZwClose( handle );
}
return ntStatus;
}
/***********************************
函数原型: NTSTATUS WriteString(char* pstr)
函数功能: 把pstr所指向的字符串写入文件
调用关系:
入口参数: pstr 指向的字符串
出口参数:
返回值 不成功 NT_SUCCESS( ntStatus ) =0
备 注:
************************************/
void MYTRACE(LPCTSTR lpszFormat, ...)
{
char szBuffer[512];
va_list args;
va_start(args, lpszFormat);
vsprintf(szBuffer, lpszFormat, args);
WriteString( szBuffer );
va_end(args);
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -