📄 rk_ioman.h
字号:
);
NTSYSAPI
NTSTATUS
NTAPI
ZwRemoveIoCompletion(
IN HANDLE hIoCompletion,
OUT PULONG lpCompletionKey,
OUT LPOVERLAPPED *pOverlapped,
OUT PIO_STATUS_BLOCK IoStatusBlock,
IN PLARGE_INTEGER Timeout
);
NTSYSAPI
NTSTATUS
NTAPI
NtDeleteFile(
IN POBJECT_ATTRIBUTES ObjectAttributes
);
NTSYSAPI
NTSTATUS
NTAPI
ZwDeleteFile(
IN POBJECT_ATTRIBUTES ObjectAttributes
);
NTSYSAPI
NTSTATUS
NTAPI
NtDeviceIoControlFile(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN ULONG DeviceIoControlCode,
IN PVOID InBuffer OPTIONAL,
IN ULONG InBufferLength,
OUT PVOID OutBuffer OPTIONAL,
IN ULONG OutBufferLength
);
NTSYSAPI
NTSTATUS
NTAPI
ZwDeviceIoControlFile(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN ULONG DeviceIoControlCode,
IN PVOID InBuffer OPTIONAL,
IN ULONG InBufferLength,
OUT PVOID OutBuffer OPTIONAL,
IN ULONG OutBufferLength
);
NTSYSAPI
NTSTATUS
NTAPI
NtFlushBuffersFile(
IN HANDLE hFile,
OUT PIO_STATUS_BLOCK pIoStatusBlock
);
NTSYSAPI
NTSTATUS
NTAPI
ZwFlushBuffersFile(
IN HANDLE hFile,
OUT PIO_STATUS_BLOCK pIoStatusBlock
);
NTSYSAPI
NTSTATUS
NTAPI
NtfsControlFile(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN ULONG FileSystemControlCode,
IN PVOID InBuffer OPTIONAL,
IN ULONG InBufferLength,
OUT PVOID OutBuffer OPTIONAL,
IN ULONG OutBufferLength
);
NTSYSAPI
NTSTATUS
NTAPI
ZwfsControlFile(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN ULONG FileSystemControlCode,
IN PVOID InBuffer OPTIONAL,
IN ULONG InBufferLength,
OUT PVOID OutBuffer OPTIONAL,
IN ULONG OutBufferLength
);
NTSYSAPI
NTSTATUS
NTAPI
NtLockFile(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN PLARGE_INTEGER FileOffset,
IN PLARGE_INTEGER Length,
IN PULONG LockOperationKey,
IN BOOLEAN bFailIfNotPossibleAtThisPoint,
IN BOOLEAN bExclusiveLock
);
NTSYSAPI
NTSTATUS
NTAPI
ZwLockFile(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN PLARGE_INTEGER FileOffset,
IN PLARGE_INTEGER Length,
IN PULONG LockOperationKey,
IN BOOLEAN bFailIfNotPossibleAtThisPoint,
IN BOOLEAN bExclusiveLock
);
NTSYSAPI
NTSTATUS
NTAPI
NtUnlockFile(
IN HANDLE hFile,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN PLARGE_INTEGER FileOffset,
IN PLARGE_INTEGER Length,
IN PULONG LockOperationKey
);
NTSYSAPI
NTSTATUS
NTAPI
ZwUnlockFile(
IN HANDLE hFile,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN PLARGE_INTEGER FileOffset,
IN PLARGE_INTEGER Length,
IN PULONG LockOperationKey
);
NTSYSAPI
NTSTATUS
NTAPI
NtNotifyChangeDirectoryFile(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
OUT PVOID ChangeBuffer,
IN ULONG ChangeBufferLength,
IN ULONG NotifyFilter,
IN BOOLEAN bWatchSubtree
);
NTSYSAPI
NTSTATUS
NTAPI
ZwNotifyChangeDirectoryFile(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
OUT PVOID ChangeBuffer,
IN ULONG ChangeBufferLength,
IN ULONG NotifyFilter,
IN BOOLEAN bWatchSubtree
);
NTSYSAPI
NTSTATUS
NTAPI
NtOpenFile(
OUT PHANDLE phFile,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN ULONG ShareMode,
IN ULONG OpenMode
);
NTSYSAPI
NTSTATUS
NTAPI
ZwOpenFile(
OUT PHANDLE phFile,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN ULONG ShareMode,
IN ULONG OpenMode
);
NTSYSAPI
NTSTATUS
NTAPI
NtQueryAttributesFile(
IN POBJECT_ATTRIBUTES ObjectAttributes,
OUT PFILE_BASIC_INFORMATION pFileBasicInfo
);
NTSYSAPI
NTSTATUS
NTAPI
ZwQueryAttributesFile(
IN OBJECT_ATTRIBUTES ObjectAttributes,
OUT PFILE_BASIC_INFORMATION pFileBasicInfo
);
NTSYSAPI
NTSTATUS
NTAPI
NtQueryDirectoryFile(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
OUT PVOID FileInformationBuffer,
IN ULONG FileInformationBufferLength,
IN FILE_INFORMATION_CLASS FileInfoClass,
IN BOOLEAN bReturnOnlyOneEntry,
IN PUNICODE_STRING PathMask OPTIONAL,
IN BOOLEAN bRestartQuery
);
NTSYSAPI
NTSTATUS
NTAPI
ZwQueryDirectoryFile(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
OUT PVOID FileInformationBuffer,
IN ULONG FileInformationBufferLength,
IN FILE_INFORMATION_CLASS FileInfoClass,
IN BOOLEAN bReturnOnlyOneEntry,
IN PUNICODE_STRING PathMask OPTIONAL,
IN BOOLEAN bRestartQuery
);
typedef NTSTATUS (*ZWQUERYDIRECTORYFILE)(
HANDLE hFile,
HANDLE hEvent,
PIO_APC_ROUTINE IoApcRoutine,
PVOID IoApcContext,
PIO_STATUS_BLOCK pIoStatusBlock,
PVOID FileInformationBuffer,
ULONG FileInformationBufferLength,
FILE_INFORMATION_CLASS FileInfoClass,
BOOLEAN bReturnOnlyOneEntry,
PUNICODE_STRING PathMask,
BOOLEAN bRestartQuery
);
extern ZWQUERYDIRECTORYFILE OldZwQueryDirectoryFile;
NTSYSAPI
NTSTATUS
NTAPI
NtQueryEaFile(
IN HANDLE hFile,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
OUT PVOID QueryEaBuffer,
IN ULONG QueryEaBufferLength,
IN BOOLEAN bReturnSingleEa,
IN PVOID pListEa,
IN ULONG pListEaLength,
IN PULONG ListEaIndex,
IN BOOLEAN bRestartQuery
);
NTSYSAPI
NTSTATUS
NTAPI
ZwQueryEaFile(
IN HANDLE hFile,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
OUT PVOID QueryEaBuffer,
IN ULONG QueryEaBufferLength,
IN BOOLEAN bReturnSingleEa,
IN PVOID pListEa,
IN ULONG pListEaLength,
IN PULONG ListEaIndex,
IN BOOLEAN bRestartQuery
);
NTSYSAPI
NTSTATUS
NTAPI
NtSetEaFile(
IN HANDLE hFile,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN PVOID EaBuffer,
IN ULONG EaBufferLength
);
NTSYSAPI
NTSTATUS
NTAPI
ZwSetEaFile(
IN HANDLE hFile,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN PVOID EaBuffer,
IN ULONG EaBufferLength
);
NTSYSAPI
NTSTATUS
NTAPI
NtQueryInformationFile(
IN HANDLE hFile,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
OUT PVOID FileInformationBuffer,
IN ULONG FileInformationBufferLength,
IN FILE_INFORMATION_CLASS FileInfoClass
);
NTSYSAPI
NTSTATUS
NTAPI
ZwQueryInformationFile(
IN HANDLE hFile,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
OUT PVOID FileInformationBuffer,
IN ULONG FileInformationBufferLength,
IN FILE_INFORMATION_CLASS FileInfoClass
);
NTSYSAPI
NTSTATUS
NTAPI
NtSetInformationFile(
IN HANDLE hFile,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN PVOID FileInformationBuffer,
IN ULONG FileInformationBufferLength,
IN FILE_INFORMATION_CLASS FileInfoClass
);
NTSYSAPI
NTSTATUS
NTAPI
ZwSetInformationFile(
IN HANDLE hFile,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN PVOID FileInformationBuffer,
IN ULONG FileInformationBufferLength,
IN FILE_INFORMATION_CLASS FileInfoClass
);
NTSYSAPI
NTSTATUS
NTAPI
NtQueryVolumeInformationFile(
IN HANDLE hFile,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
OUT PVOID VolumeInformationBuffer,
IN ULONG VolumeInformationBufferLength,
IN FS_INFORMATION_CLASS FileSystemInformationClass
);
NTSYSAPI
NTSTATUS
NTAPI
ZwQueryVolumeInformationFile(
IN HANDLE hFile,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
OUT PVOID VolumeInformationBuffer,
IN ULONG VolumeInformationBufferLength,
IN FS_INFORMATION_CLASS FileSystemInformationClass
);
NTSYSAPI
NTSTATUS
NTAPI
NtSetVolumeInformationFile(
IN HANDLE hFile,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN PVOID VolumeInformationBuffer,
IN ULONG VolumeInformationBufferLength,
IN FS_INFORMATION_CLASS FileSystemInformationClass
);
NTSYSAPI
NTSTATUS
NTAPI
ZwSetVolumeInformationFile(
IN HANDLE hFile,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN PVOID VolumeInformationBuffer,
IN ULONG VolumeInformationBufferLength,
IN FS_INFORMATION_CLASS FileSystemInformationClass
);
NTSYSAPI
NTSTATUS
NTAPI
NtReadFile(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
OUT PVOID ReadBuffer,
IN ULONG ReadBufferLength,
IN PLARGE_INTEGER FileOffset OPTIONAL,
IN PULONG LockOperationKey
);
NTSYSAPI
NTSTATUS
NTAPI
ZwReadFile(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
OUT PVOID ReadBuffer,
IN ULONG ReadBufferLength,
IN PLARGE_INTEGER FileOffset OPTIONAL,
IN PULONG LockOperationKey OPTIONAL
);
//Windows 2000 only
typedef void * PVOID64;
typedef union _FILE_SEGMENT_ELEMENT {
PVOID64 Buffer;
ULONGLONG Alignment;
}FILE_SEGMENT_ELEMENT, *PFILE_SEGMENT_ELEMENT;
//Windows 2000 only
NTSYSAPI
NTSTATUS
NTAPI
NtReadFileScatter(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
OUT PFILE_SEGMENT_ELEMENT aSegmentArray,
IN ULONG nBytesToRead,
IN PLARGE_INTEGER FileOffset OPTIONAL,
IN PULONG LockOperationKey
);
NTSYSAPI
NTSTATUS
NTAPI
ZwReadFileScatter(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
OUT PFILE_SEGMENT_ELEMENT aSegmentArray,
IN ULONG nBytesToRead,
IN PLARGE_INTEGER FileOffset OPTIONAL,
IN PULONG LockOperationKey
);
NTSYSAPI
NTSTATUS
NTAPI
NtWriteFile(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN PVOID WriteBuffer,
IN ULONG WriteBufferLength,
IN PLARGE_INTEGER FileOffset OPTIONAL,
IN PULONG LockOperationKey OPTIONAL
);
NTSYSAPI
NTSTATUS
NTAPI
ZwWriteFile(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
IN PVOID WriteBuffer,
IN ULONG WriteBufferLength,
IN PLARGE_INTEGER FileOffset OPTIONAL,
IN PULONG LockOperationKey OPTIONAL
);
//Windows 2000 only
NTSYSAPI
NTSTATUS
NTAPI
NtWriteFileGathter(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
OUT PFILE_SEGMENT_ELEMENT aSegmentArray,
IN ULONG nBytesToWrite,
IN PLARGE_INTEGER FileOffset OPTIONAL,
IN PULONG LockOperationKey
);
NTSYSAPI
NTSTATUS
NTAPI
ZwWriteFileGathter(
IN HANDLE hFile,
IN HANDLE hEvent OPTIONAL,
IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL,
IN PVOID IoApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK pIoStatusBlock,
OUT PFILE_SEGMENT_ELEMENT aSegmentArray,
IN ULONG nBytesToWrite,
IN PLARGE_INTEGER FileOffset OPTIONAL,
IN PULONG LockOperationKey
);
typedef struct _FILETIME { // ft
DWORD dwLowDateTime;
DWORD dwHighDateTime;
} FILETIME;
//////////////////////////////////////////////////////////////////
// added from jeremy kothe's work..
//////////////////////////////////////////////////////////////////
typedef struct _DirEntry {
DWORD dwLenToNext;
DWORD dwAttr;
// 08h
FILETIME ftCreate, ftLastAccess, ftLastWrite;
// 20h
DWORD dwUnknown[ 2 ];
DWORD dwFileSizeLow;
DWORD dwFileSizeHigh;
// 30h
DWORD dwUnknown2[ 3 ];
// 3ch
WORD wNameLen;
WORD wUnknown;
// 40h
DWORD dwUnknown3;
// 44h
WORD wShortNameLen;
WCHAR swShortName[ 12 ];
// 5eh
WCHAR suName[ 1 ];
} DirEntry, *PDirEntry;
typedef struct _FakeDirEntry {
FILETIME ftCreate, ftLastAccess, ftLastWrite;
DWORD dwFileSizeLow;
DWORD dwFileSizeHigh;
} FakeDirEntry, *PFakeDirEntry;
NTSYSAPI
NTSTATUS
NTAPI ZwQuerySystemInformation(
IN ULONG SystemInformationClass,
IN PVOID SystemInformation,
IN ULONG SystemInformationLength,
OUT PULONG ReturnLength);
typedef NTSTATUS (*ZWQUERYSYSTEMINFORMATION)(
ULONG SystemInformationCLass,
PVOID SystemInformation,
ULONG SystemInformationLength,
PULONG ReturnLength
);
extern ZWQUERYSYSTEMINFORMATION OldZwQuerySystemInformation;
NTSYSAPI
NTSTATUS
NTAPI NewZwQuerySystemInformation(
IN ULONG SystemInformationClass,
IN PVOID SystemInformation,
IN ULONG SystemInformationLength,
OUT PULONG ReturnLength);
#endif
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -