📄 w2k_call.c
字号:
// __________________________________________________________
//
// w2k_call.c
// SBS Windows 2000 Call Interface V1.00
// 08-27-2000 Sven B. Schreiber
// sbs@orgon.com
// __________________________________________________________
#define _W2K_CALL_DLL_
#include "w2k_call.h"
// =================================================================
// DISCLAIMER
// =================================================================
/*
This software is provided "as is" and any express or implied
warranties, including, but not limited to, the implied warranties of
merchantibility and fitness for a particular purpose are disclaimed.
In no event shall the author Sven B. Schreiber be liable for any
direct, indirect, incidental, special, exemplary, or consequential
damages (including, but not limited to, procurement of substitute
goods or services; loss of use, data, or profits; or business
interruption) however caused and on any theory of liability,
whether in contract, strict liability, or tort (including negligence
or otherwise) arising in any way out of the use of this software,
even if advised of the possibility of such damage.
*/
// =================================================================
// REVISION HISTORY
// =================================================================
/*
08-27-2000 V1.00 Original version (SBS).
*/
// =================================================================
// GLOBAL VARIABLES
// =================================================================
HINSTANCE ghInstance = NULL;
HANDLE ghDevice = INVALID_HANDLE_VALUE;
WORD awDriver [MAX_PATH] = L"";
DWORD gdStatus = W2K_SYMBOLS_OK;
PIMG_TABLE gpit = NULL;
PCRITICAL_SECTION gpcs = NULL;
CRITICAL_SECTION gcs;
// =================================================================
// GLOBAL STRINGS
// =================================================================
BYTE abKernel [] = "ntoskrnl.exe";
WORD awSpyFile [] = SW(DRV_FILENAME);
WORD awSpyDevice [] = SW(DRV_MODULE);
WORD awSpyDisplay [] = SW(DRV_NAME);
WORD awSpyPath [] = SW(DRV_PATH);
// =================================================================
// PE FILE PARSER
// =================================================================
PSPY_MODULE_INFO WINAPI w2kPeInfo (PBYTE pbModule)
{
PBYTE pbModule1;
PSPY_MODULE_INFO psmi = NULL;
pbModule1 = (pbModule != NULL ? pbModule : abKernel);
if (((psmi = w2kMemoryCreate (SPY_MODULE_INFO_)) != NULL)
&&
(!w2kSpyControl (SPY_IO_MODULE_INFO,
&pbModule1, PVOID_,
psmi, SPY_MODULE_INFO_)))
{
psmi = w2kMemoryDestroy (psmi);
}
return psmi;
}
// -----------------------------------------------------------------
PVOID WINAPI w2kPeBase (PBYTE pbModule)
{
PSPY_MODULE_INFO psmi;
PVOID pBase = NULL;
if ((psmi = w2kPeInfo (pbModule)) != NULL)
{
pBase = psmi->pBase;
w2kMemoryDestroy (psmi);
}
return pBase;
}
// -----------------------------------------------------------------
PIMAGE_NT_HEADERS WINAPI w2kPeHeader (PBYTE pbModule,
PPVOID ppBase)
{
PVOID pBase = NULL;
PIMAGE_NT_HEADERS pinh = NULL;
if (((pBase = w2kPeBase (pbModule )) != NULL) &&
((pinh = w2kMemoryCreate (IMAGE_NT_HEADERS_)) != NULL)
&&
(!w2kSpyControl (SPY_IO_PE_HEADER,
&pBase, PVOID_,
pinh, IMAGE_NT_HEADERS_)))
{
pinh = w2kMemoryDestroy (pinh);
}
if (ppBase != NULL) *ppBase = pBase;
return pinh;
}
// -----------------------------------------------------------------
PIMAGE_EXPORT_DIRECTORY WINAPI w2kPeExport (PBYTE pbModule,
PPVOID ppBase)
{
PIMAGE_NT_HEADERS pinh;
DWORD dSize;
PVOID pBase = NULL;
PIMAGE_EXPORT_DIRECTORY pied = NULL;
if ((pinh = w2kPeHeader (pbModule, &pBase)) != NULL)
{
dSize = pinh->OptionalHeader
.DataDirectory [IMAGE_DIRECTORY_ENTRY_EXPORT].Size;
pinh = w2kMemoryDestroy (pinh);
if ((dSize >= IMAGE_EXPORT_DIRECTORY_) &&
((pied = w2kMemoryCreate (dSize)) != NULL)
&&
(!w2kSpyControl (SPY_IO_PE_EXPORT,
&pBase, PVOID_,
pied, dSize)))
{
pied = w2kMemoryDestroy (pied);
}
}
if (ppBase != NULL) *ppBase = pBase;
return pied;
}
// -----------------------------------------------------------------
BOOL WINAPI w2kPeCheck (PBYTE pbModule,
DWORD dTimeStamp,
DWORD dCheckSum)
{
PIMAGE_NT_HEADERS pinh;
BOOL fOk = FALSE;
if ((pinh = w2kPeHeader (pbModule, NULL)) != NULL)
{
fOk = (pinh->FileHeader.TimeDateStamp == dTimeStamp) &&
(pinh->OptionalHeader.CheckSum == dCheckSum);
w2kMemoryDestroy (pinh);
}
return fOk;
}
// -----------------------------------------------------------------
DWORD WINAPI w2kPeEnumerate (PBYTE pbModule,
PPVOID ppBase,
W2K_PE_ENUMERATE Callback)
{
PIMAGE_EXPORT_DIRECTORY pied;
PVOID pAddress;
PDWORD pdNames, pdFunctions;
PWORD pwOrdinals;
DWORD dOrdinal;
PVOID pBase = NULL;
DWORD n = 0;
if ((pied = w2kPeExport (pbModule, &pBase)) != NULL)
{
pdNames = PTR_ADD (pied, pied->AddressOfNames);
pdFunctions = PTR_ADD (pied, pied->AddressOfFunctions);
pwOrdinals = PTR_ADD (pied, pied->AddressOfNameOrdinals);
while (n < pied->NumberOfNames)
{
pAddress = (pwOrdinals [n] < pied->NumberOfFunctions
? (PVOID) pdFunctions [pwOrdinals [n]]
: NULL);
dOrdinal = pied->Base + pwOrdinals [n];
if ((Callback != NULL)
&&
(!Callback (PTR_ADD (pied, pied->Name), pBase,
PTR_ADD (pied, pdNames [n]), pAddress,
dOrdinal, n, pied->NumberOfNames)))
{
break;
}
n++;
}
w2kMemoryDestroy (pied);
}
if (ppBase != NULL) *ppBase = pBase;
return n;
}
// -----------------------------------------------------------------
PVOID WINAPI w2kPeSymbol (PBYTE pbSymbol)
{
PVOID pAddress = NULL;
if ((pbSymbol != NULL)
&&
(!w2kSpyControl (SPY_IO_PE_SYMBOL,
&pbSymbol, PVOID_,
&pAddress, PVOID_)))
{
pAddress = NULL;
}
return pAddress;
}
// =================================================================
// SYMBOL TABLE MANAGEMENT
// =================================================================
PIMG_TABLE WINAPI w2kSymbolsLoad (PBYTE pbModule,
PDWORD pdStatus)
{
PVOID pBase;
DWORD dStatus = W2K_SYMBOLS_UNDEFINED;
PIMG_TABLE pit = NULL;
if ((pBase = imgModuleBaseA (pbModule)) == NULL)
{
dStatus = W2K_SYMBOLS_MODULE_ERROR;
}
else
{
if ((pit = imgTableLoadA (pbModule, pBase)) == NULL)
{
dStatus = W2K_SYMBOLS_LOAD_ERROR;
}
else
{
if (!w2kPeCheck (pbModule, pit->dTimeStamp,
pit->dCheckSum))
{
dStatus = W2K_SYMBOLS_VERSION_ERROR;
pit = imgMemoryDestroy (pit);
}
else
{
dStatus = W2K_SYMBOLS_OK;
}
}
}
if (pdStatus != NULL) *pdStatus = dStatus;
return pit;
}
// -----------------------------------------------------------------
PIMG_TABLE WINAPI w2kSymbolsGlobal (PDWORD pdStatus)
{
DWORD dStatus = W2K_SYMBOLS_UNDEFINED;
PIMG_TABLE pit = NULL;
w2kSpyLock ();
if ((gdStatus == W2K_SYMBOLS_OK) && (gpit == NULL))
{
gpit = w2kSymbolsLoad (NULL, &gdStatus);
}
dStatus = gdStatus;
pit = gpit;
w2kSpyUnlock ();
if (pdStatus != NULL) *pdStatus = dStatus;
return pit;
}
// -----------------------------------------------------------------
DWORD WINAPI w2kSymbolsStatus (VOID)
{
DWORD dStatus = W2K_SYMBOLS_UNDEFINED;
w2kSymbolsGlobal (&dStatus);
return dStatus;
}
// -----------------------------------------------------------------
VOID WINAPI w2kSymbolsReset (VOID)
{
w2kSpyLock ();
gpit = imgMemoryDestroy (gpit);
gdStatus = W2K_SYMBOLS_OK;
w2kSpyUnlock ();
return;
}
// =================================================================
// SPY DEVICE MANAGEMENT
// =================================================================
BOOL WINAPI w2kSpyLock (VOID)
{
BOOL fOk = FALSE;
if (gpcs != NULL)
{
EnterCriticalSection (gpcs);
fOk = TRUE;
}
return fOk;
}
// -----------------------------------------------------------------
BOOL WINAPI w2kSpyUnlock (VOID)
{
BOOL fOk = FALSE;
if (gpcs != NULL)
{
LeaveCriticalSection (gpcs);
fOk = TRUE;
}
return fOk;
}
// -----------------------------------------------------------------
BOOL WINAPI w2kSpyStartup (BOOL fUnload,
HINSTANCE hInstance)
{
HINSTANCE hInstance1;
SC_HANDLE hControl;
BOOL fOk = FALSE;
w2kSpyLock ();
hInstance1 = (hInstance != NULL ? hInstance : ghInstance);
if ((ghDevice == INVALID_HANDLE_VALUE) &&
w2kFilePath (hInstance1, awSpyFile, awDriver, MAX_PATH)
&&
((hControl = w2kServiceLoad (awSpyDevice, awSpyDisplay,
awDriver, TRUE))
!= NULL))
{
ghDevice = CreateFile (awSpyPath,
GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_READ | FILE_SHARE_WRITE,
NULL, OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL, NULL);
if ((ghDevice == INVALID_HANDLE_VALUE) && fUnload)
{
w2kServiceUnload (awSpyDevice, hControl);
}
else
{
w2kServiceDisconnect (hControl);
}
}
fOk = (ghDevice != INVALID_HANDLE_VALUE);
w2kSpyUnlock ();
return fOk;
}
// -----------------------------------------------------------------
BOOL WINAPI w2kSpyCleanup (BOOL fUnload)
{
BOOL fOk = FALSE;
w2kSpyLock ();
if (ghDevice != INVALID_HANDLE_VALUE)
{
CloseHandle (ghDevice);
ghDevice = INVALID_HANDLE_VALUE;
}
if (fUnload)
{
w2kServiceUnload (awSpyDevice, NULL);
}
w2kSpyUnlock ();
return fOk;
}
// -----------------------------------------------------------------
BOOL WINAPI w2kSpyControl (DWORD dCode,
PVOID pInput,
DWORD dInput,
PVOID pOutput,
DWORD dOutput)
{
DWORD dInfo = 0;
BOOL fOk = FALSE;
SetLastError (ERROR_INVALID_PARAMETER);
if (((pInput != NULL) || (!dInput )) &&
((pOutput != NULL) || (!dOutput)))
{
if (w2kSpyStartup (FALSE, NULL))
{
if (DeviceIoControl (ghDevice, dCode,
pInput, dInput,
pOutput, dOutput,
&dInfo, NULL))
{
if (dInfo == dOutput)
{
SetLastError (ERROR_SUCCESS);
fOk = TRUE;
}
else
{
SetLastError (ERROR_DATATYPE_MISMATCH);
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -