header.h

一份加密算法的源代码

#ifndef _HEADER_H_
#define _HEADER_H_

//#define NDIS_WDM 1
//#define BINARY_COMPATIBLE 0

/*****************************************************************
*
* Reversed By yykingking (yykingking@126.com)
* 仅供学习交流使用
*****************************************************************/

#include <ntddk.h>
#include <ndis.h>

#define PKAFFINITY ULONG
#define true 1
#define false 0
typedef unsigned char BYTE;
typedef unsigned long DWORD;
typedef unsigned short WORD;
typedef char bool;
typedef long BOOL;

#pragma pack(1)
typedef struct _LOCK_LIST  
{
	LIST_ENTRY pList;
	KSPIN_LOCK Lock;
}LOCK_LIST, *PLOCK_LIST;

typedef struct _idtr
{
    //定义中断描述符表的限制，长度两字节；
    short        IDTLimit;
    //定义中断描述服表的基址，长度四字节；
    unsigned int    IDTBase;
}IDTR,*PIDTR;

typedef struct
{
	unsigned short LowOffset;
	unsigned short selector;
	unsigned char unused_lo;
	unsigned char segment_type:4;	//0x0E is an interrupt gate
	unsigned char system_segment_flag:1;
	unsigned char DPL:2;	// descriptor privilege level 
	unsigned char P:1; /* present */
	unsigned short HiOffset;
} IDTENTRY,*PIDTENTRY;

typedef struct _STRUCT_TWO
{
	DWORD Pid;				// 0x0
	PVOID StartAddress;		// 0x4
	PMDL  pMdl;				// 0x8
	DWORD Reserved4;		// 0xc
	LOCK_LIST pLockList;	// 0x10
	DWORD Reserved5;		// 0x18
}STRUCT_TWO, *PSTRUCT_TWO;

typedef struct _STRUCT_THREE
{
	int Reserved1;			// 始终为0..??
	int Reserved2;			// hash结构,索引
}STRUCT_THREE,*PSTRUCT_THREE;

typedef struct _STRUCT_FOUR
{
	bool bFirst;			// 0x0
	bool bSecond;			// 0x1
	DWORD Array[9];			// 0x2
}STRUCT_FOUR, *PSTRUCT_FOUR;

typedef struct _STRUCT_12H_
{
	bool Reserved1;			// 0x0  
	bool ConvertEditCtrl;	// 0x1 可以转换 HOME PGUP 等键
	bool ShiftDown;			// 0x2 当shift按下时为1
	bool Reserved4;			// 0x3  
	bool Reserved5;			// 0x4  
	bool Reserved6;			// 0x5
	bool Reserved7;			// 0x6
	bool Reserved8;			// 0x7
	bool Reserved9;			// 0x8
	bool Reserveda;			// 0x9
	bool bDoletter;			// 0xa 为1时才能够处理字母键盘扫描码
	bool Reservedc;			// 0xb
	bool Reservedd;			// 0xc
	bool Reservede;			// 0xd
	bool Reservedf;			// 0xe
	bool Reserved10;		// 0xf
	bool Reserved11;		// 0x10
	bool Reserved12;		// 0x11
//	bool Reserved10;		// 0x12
//	DWORD Reserved11;		// 0x13
//	bool Reserved12;		// 0x14
}STRUCT_12H,*PSTRUCT_12H;

typedef struct _STRUCT_17H_
{
	bool CanReHookKBInt;	// 0x0  使得能重复hook键盘中断
	bool Reserved2;			// 0x1	
	bool Reserved3;			// 0x2
	bool DoUnhookKBInt;		// 0x3  在UNLOAD时间能调用UnHookKBInt
	bool DoDetach;			// 0x4  在UNLOAD时间能调用DetachAndDeleteDevice
	bool Reserved6;			// 0x5
	DWORD Reserved7;		// 0x6
	DWORD Reserved8;		// 0xa
	DWORD IntEntry;			// 0xe	keyboard 的中断入口
	bool Reserved10;		// 0x12
	DWORD Reserved11;		// 0x13
	bool Reserved12;		// 0x14
}STRUCT_17H,*PSTRUCT_17H;

typedef struct _ATTACH_INFO_
{
	PDEVICE_OBJECT pSourceDeviceObjArray[10];
	PDEVICE_OBJECT pDeviceObjArray[10];
	int			   intArray1[10];
	PDEVICE_OBJECT pAttachDeviceObjArray[10];
}ATTACH_INFO, *PATTACH_INFO;

typedef struct _STRUCT_FIVE_ 
{
	bool bReserved0;	//0x0
	bool bReserved1;	//0x1
	WORD WReserved2;	//0x2
	DWORD Reserved3;	//0x4
	DWORD Reserved4;	//0x8
}STRUCT_FIVE,*PSTRUCT_FIVE;

typedef struct _STRUCT_SIX_ 
{
	char bReserved0;	//0x0
	bool bReserved1;	//0x1
	bool bReserved2;	//0x2
	bool bReserved3;	//0x3
}STRUCT_SIX,*PSTRUCT_SIX;

#pragma pop()

void ChangeHexToBin( IN char* VirtualAddress, OUT char* OutAddress);
void ConvertCharArray( char* param1, char* param2);
NTSTATUS SaveKBIntEntryOnce( PDEVICE_OBJECT pDeviceObj, PIRP pIrp);
NTSTATUS DoNothing( PDEVICE_OBJECT param1, PIRP param2);
NTSTATUS DeleteAllStructByPid( PDEVICE_OBJECT pDeviceObj, PIRP pIrp);
void TimerFunction (IN  PVOID SystemSpecific1,IN  PDEVICE_OBJECT pDeviceObj,IN  PVOID SystemSpecific2,IN  PVOID SystemSpecific3);
NTSTATUS MyIoCallDriver( PDEVICE_OBJECT pDeviceObject, PIRP pIrp);
NTSTATUS MD5String( PDEVICE_OBJECT pDeviceObj, PIRP pIrp);
DWORD HookKBInt();
DWORD GetKeyBoardIntEntry();
PSTRUCT_TWO FindAndCreateStruct( int Num);
void CopyStructFour( PSTRUCT_FOUR pDest);
void CopyDataToCArray( PDEVICE_OBJECT pDeviceObj, PIRP pIrp);
NTSTATUS OpenEventHandle( PIRP pIrp, PIO_STACK_LOCATION pIrpStack);
DWORD HookAndSaveKBInt();
NTSTATUS SetTwoBoolFalse( PDEVICE_OBJECT pDriverObj, PIRP pIrp);
NTSTATUS AddDevice( IN PDRIVER_OBJECT pDriverObj,IN PDEVICE_OBJECT PhysicalDeviceObject);
NTSTATUS DispatchFun2( PDEVICE_OBJECT pDeviceObj, PIRP pIrp);
void CopyDataToPVoidUnknown1( PDEVICE_OBJECT pDeviceObj, PIRP pIrp);
DWORD DispatchNewInt( DWORD param);
bool IsLetterCode( char code);
bool IsEditCtrlKey( char code);
char ConvertLetter( char code);
bool IsInputPlusCode( char code);
bool IsInputCode( char code);
int LookUpAsciiByIndex( int code);
int LookUpAsciiByIndex2( int code);
char NotAndSHR7(char code);
int DoHash( int* pNum);
void DetachAndDeleteDevice();
void ClearLinkDevice();
DWORD UnHookKBInt();
NTSTATUS DriverEntry(PDRIVER_OBJECT pDriverObj, PUNICODE_STRING pRegPath);

//void NewIntEntry();

#endif