⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 skmon_ioctl.h

📁 在windows下面通过驱动进行进程的隐藏
💻 H
字号:
🔍 
//SkMon_ioctl.h
/////////////////////////////////////////////////////////////////////////////////
// Declare about Device Control Code.
/////////////////////////////////////////////////////////////////////////////////
// start by snake. 2000/9/29
/////////////////////////////////////////////////////////////////////////////////
 
#ifndef _SNAKE_MONITOR_REGISTRY_CONTROL_CODE
#define _SNAKE_MONITOR_REGISTRY_CONTROL_CODE

#define IOCTL_SKMON_REG_HOOK CTL_CODE(\
  FILE_DEVICE_UNKNOWN, 0x830, METHOD_BUFFERED, FILE_ANY_ACCESS)

#define IOCTL_SKMON_REG_UNHOOK CTL_CODE(\
  FILE_DEVICE_UNKNOWN, 0x831, METHOD_BUFFERED, FILE_ANY_ACCESS)

#define IOCTL_SKMON_REG_COPY_LOG CTL_CODE(\
  FILE_DEVICE_UNKNOWN, 0x832, METHOD_BUFFERED, FILE_ANY_ACCESS)

#define IOCTL_SKMON_REG_ADD_FILTER_ID CTL_CODE(\
  FILE_DEVICE_UNKNOWN, 0x833, METHOD_BUFFERED, FILE_ANY_ACCESS)

#define IOCTL_SKMON_REG_DEL_FILTER_ID CTL_CODE(\
  FILE_DEVICE_UNKNOWN, 0x834, METHOD_BUFFERED, FILE_ANY_ACCESS)

#define IOCTL_SKMON_REG_ADD_FILTER_STR CTL_CODE(\
  FILE_DEVICE_UNKNOWN, 0x835, METHOD_BUFFERED, FILE_ANY_ACCESS)

#define IOCTL_SKMON_REG_DEL_FILTER_STR CTL_CODE(\
  FILE_DEVICE_UNKNOWN, 0x836, METHOD_BUFFERED, FILE_ANY_ACCESS)

#define IOCTL_SKMON_REG_GET_LOG_NUMBER CTL_CODE(\
  FILE_DEVICE_UNKNOWN, 0x837, METHOD_BUFFERED, FILE_ANY_ACCESS)

#define IOCTL_SKMON_REG_GET_LOG_BUFFER CTL_CODE(\
  FILE_DEVICE_UNKNOWN, 0x838, METHOD_BUFFERED, FILE_ANY_ACCESS)

#define IOCTL_SKMON_REG_SET_MAX_LOG_NUMBER CTL_CODE(\
  FILE_DEVICE_UNKNOWN, 0x839, METHOD_BUFFERED, FILE_ANY_ACCESS)

//next code for Logging special Process ID/Name ...
#define IOCTL_SKMON_REG_SET_LOG_PROCESS_ONLY CTL_CODE(\
  FILE_DEVICE_UNKNOWN, 0x83a, METHOD_BUFFERED, FILE_ANY_ACCESS)

#define IOCTL_SKMON_REG_ADD_LOG_PROCESS_ID CTL_CODE(\
  FILE_DEVICE_UNKNOWN, 0x83b, METHOD_BUFFERED, FILE_ANY_ACCESS)

#define IOCTL_SKMON_REG_DEL_LOG_PROCESS_ID CTL_CODE(\
  FILE_DEVICE_UNKNOWN, 0x83c, METHOD_BUFFERED, FILE_ANY_ACCESS)

#define IOCTL_SKMON_REG_ADD_LOG_PROCESS_STR CTL_CODE(\
  FILE_DEVICE_UNKNOWN, 0x83d, METHOD_BUFFERED, FILE_ANY_ACCESS)

#define IOCTL_SKMON_REG_DEL_LOG_PROCESS_STR CTL_CODE(\
  FILE_DEVICE_UNKNOWN, 0x83e, METHOD_BUFFERED, FILE_ANY_ACCESS)

#define IOCTL_SKMON_CLEAR_REG_ALL_BUFFER CTL_CODE(\
  FILE_DEVICE_UNKNOWN, 0x83f, METHOD_BUFFERED, FILE_ANY_ACCESS)

#endif //_SNAKE_MONITOR_REGISTRY_CONTROL_CODE

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -