⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 strace.h

📁 Strace: Webcrazy原来写的很好的代码
💻 H
字号:
🔍 
// Welcome to http://webcrazy.yeah.net for more information!

#ifndef __STRACE_H__
#define __STRACE_H__


#define keSDTMaxCount  512
#define w32SDTMaxCount 1024
#define MaxParaNumbers 0x12

#define CALLFROMALL         -1
#define CALLFROMKERNEL      0
#define CALLFROMUSER        1

#define SERVICEIDFROM       0
#define SERVICEIDTO         0x2000
#define SERVICEIDKERNELFROM 0
#define SERVICEIDKERNELTO   0x999
#define SERVICEIDUSERFROM   0x1000
#define SERVICEIDUSERTO     0x2000

#define FILE_DEVICE_STRACE 43123

#define IOCTL_STRACE_STARTSPY   (ULONG) CTL_CODE( FILE_DEVICE_STRACE, 0x01, METHOD_BUFFERED, FILE_ANY_ACCESS )
#define IOCTL_STRACE_STOPSPY   (ULONG) CTL_CODE( FILE_DEVICE_STRACE, 0x02, METHOD_BUFFERED, FILE_ANY_ACCESS )
#define IOCTL_STRACE_GETBUF    (ULONG) CTL_CODE( FILE_DEVICE_STRACE, 0x03, METHOD_BUFFERED, FILE_ANY_ACCESS )
#define IOCTL_STRACE_CLEARBUF   (ULONG) CTL_CODE( FILE_DEVICE_STRACE, 0x04, METHOD_BUFFERED, FILE_ANY_ACCESS )
#define IOCTL_STRACE_GETNTSDT   (ULONG) CTL_CODE( FILE_DEVICE_STRACE, 0x05, METHOD_BUFFERED, FILE_ANY_ACCESS )
#define IOCTL_STRACE_WAITFOR_TRACEOVERFLOW   (ULONG) CTL_CODE( FILE_DEVICE_STRACE, 0x06, METHOD_BUFFERED, FILE_ANY_ACCESS )
#define IOCTL_STRACE_SETPROCESSFILER   (ULONG) CTL_CODE( FILE_DEVICE_STRACE, 0x07, METHOD_BUFFERED, FILE_ANY_ACCESS )


#pragma pack(1)

typedef struct
{
	WORD keSDTCount;
	WORD w32SDTCount;
	DWORD keSDTAddress[keSDTMaxCount];
	DWORD w32SDTAddress[w32SDTMaxCount];
}NTSDT;

typedef struct
{
	WORD  CallNumber;
	WORD  ProcessId;
	WORD  ThreadId;
	LARGE_INTEGER Time;
	DWORD status;
	CHAR  ProcessName[16];
        DWORD ParameterTable;
        DWORD Parameter[MaxParaNumbers];
 	BYTE  ParameterNumbers;
} STRACE_BUF_FIELD;

typedef struct
{
	WORD EntriesCount;
	STRACE_BUF_FIELD trace[ANYSIZE_ARRAY];
} STRACE_RESULT;

typedef struct 
{
	DWORD ServiceIDFrom;
	DWORD ServiceIDTo;
        DWORD CallFrom;
	DWORD StracePID;
	WORD  Thrd1;
	WORD  Thrd2;
	WORD  Thrd3;
        CHAR  FuncName1[100];
        CHAR  FuncName2[100];
	CHAR  FuncName3[100];
	CHAR  ProcName1[100];
	CHAR  ProcName2[100];
} STRACE_FILTER;

typedef struct
{
	WORD EntriesCount;
	WORD ProcessIdArray[ANYSIZE_ARRAY];
} PROCESS_FILTER;

#pragma pack()

#endif

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -