📄 native.c
字号:
printf("EventInfo.EventType = ");
if (EventInfo.EventType==NotificationEvent) {
printf("NotificationEvent\n");
} else if (EventInfo.EventType==SynchronizationEvent) {
printf("SynchronizationEvent\n");
} else {
printf("UnknownEventType\n");
}
printf("EventInfo.EventState = %s\n", EventInfo.EventState?"SIGNALLED":"NOT SIGNALLED");
} else {
printf("Unable to query event information\n");
}
}
EventManagement()
{
NTSTATUS rc;
HANDLE hEvent;
OBJECT_ATTRIBUTES ObjectAttr;
UNICODE_STRING EventName;
RtlInitUnicodeString(&EventName, L"\\MyEvent");
InitializeObjectAttributes(&ObjectAttr,
&EventName,
OBJ_CASE_INSENSITIVE,
NULL,
NULL);
rc=NtCreateEvent(&hEvent,
STANDARD_RIGHTS_ALL|0x03,
&ObjectAttr,
SynchronizationEvent,
TRUE);
if (rc!=STATUS_SUCCESS) {
printf("Unable to create event, rc=%x\n", rc);
return 0;
} else {
ULONG PreviousState;
printf("Event created, hEvent=%x\n", hEvent);
printf("Information about the event\n");
DumpEventInfo(hEvent);
rc=NtResetEvent(hEvent, &PreviousState);
if (rc==STATUS_SUCCESS) {
printf("Information after resetting the event\n");
printf("PreviousState=%s\n", PreviousState?"SIGNALLED":"NOT SIGNALLED");
DumpEventInfo(hEvent);
} else {
printf("NtResetEvent failed, rc=%x\n", rc);
}
rc=NtPulseEvent(hEvent, &PreviousState);
if (rc==STATUS_SUCCESS) {
printf("Information after PulseEvent\n");
printf("PreviousState=%s\n", PreviousState?"SIGNALLED":"NOT SIGNALLED");
DumpEventInfo(hEvent);
} else {
printf("NtPulseEvent failed, rc=%x\n", rc);
}
rc=NtSetEvent(hEvent, &PreviousState);
if (rc==STATUS_SUCCESS) {
printf("Information after setting the event\n");
printf("PreviousState=%s\n", PreviousState?"SIGNALLED":"NOT SIGNALLED");
DumpEventInfo(hEvent);
} else {
printf("NtSetEvent failed, rc=%x\n", rc);
}
rc=NtClearEvent(hEvent);
if (rc==STATUS_SUCCESS) {
printf("Information after ClearEvent\n");
DumpEventInfo(hEvent);
} else {
printf("NtClearEvent failed, rc=%x\n", rc);
}
NtClose(hEvent);
}
return 0;
}
void DumpMutantInfo(HANDLE hMutant)
{
MUTANT_INFO MutantInfo;
ULONG BytesReturned;
NTSTATUS rc;
rc=NtQueryMutant(hMutant,
MutantBasicInfo,
&MutantInfo,
sizeof(MutantInfo),
&BytesReturned);
if (rc==STATUS_SUCCESS) {
printf("MutantInfo.MutantState = %s\n", MutantInfo.MutantState?"SIGNALLED":"NOT SIGNALLED");
printf("MutantInfo.bOwnedByCallingThread = %s\n", MutantInfo.bOwnedByCallingThread?"TRUE":"FALSE");
printf("MutantInfo.bAbandoned = %s\n", MutantInfo.bAbandoned?"TRUE":"FALSE");
} else {
printf("Unable to query mutant information\n");
}
}
MutantManagement()
{
NTSTATUS rc;
HANDLE hMutantCreated, hMutantOpened;
OBJECT_ATTRIBUTES ObjectAttr;
UNICODE_STRING MutantName;
ULONG bWasSignalled;
LARGE_INTEGER Timeout;
RtlInitUnicodeString(&MutantName, L"\\MyMutant");
InitializeObjectAttributes(&ObjectAttr,
&MutantName,
OBJ_CASE_INSENSITIVE,
NULL,
NULL);
rc=NtCreateMutant(&hMutantCreated,
STANDARD_RIGHTS_ALL|0x03,
&ObjectAttr,
TRUE);
if (rc!=STATUS_SUCCESS) {
printf("Unable to create mutant, rc=%x\n", rc);
return 0;
}
printf("Mutant created, hMutantCreated=%x\n", hMutantCreated);
rc=NtOpenMutant(&hMutantOpened,
MAXIMUM_ALLOWED,
&ObjectAttr);
if (rc!=STATUS_SUCCESS) {
printf("Unable to open mutant, rc=%x\n", rc);
NtClose(hMutantCreated);
return 0;
}
printf("Mutant opened, hMutantOpened=%x\n", hMutantOpened);
printf("Information about the Mutant\n");
DumpMutantInfo(hMutantCreated);
Timeout.QuadPart=0;
rc=NtWaitForSingleObject(hMutantCreated,
FALSE,
&Timeout);
if (rc!=STATUS_SUCCESS) {
printf("NtWaitForSingleObject failed, rc=%x\n", rc);
return 0;
}
#if 0
Timeout.QuadPart=0;
rc=NtWaitForMultipleObjects(1,
&hMutantCreated,
WaitAll,
TRUE,
&Timeout);
if (rc!=STATUS_SUCCESS) {
printf("NtWaitForMultipleObjects failed, rc=%x\n", rc);
return 0;
}
#endif
rc=NtReleaseMutant(hMutantCreated, &bWasSignalled);
if (rc!=STATUS_SUCCESS) {
printf("NtReleseMutant failed, rc=%x\n", rc);
}
printf("bWasSignalled=%s\n", bWasSignalled?"NOT SIGNALLED":"SIGNALLED");
printf("Information about the Mutant after releasing the mutant first time\n");
DumpMutantInfo(hMutantCreated);
rc=NtReleaseMutant(hMutantCreated, &bWasSignalled);
if (rc!=STATUS_SUCCESS) {
printf("NtReleseMutant failed, rc=%x\n", rc);
}
printf("bWasSignalled=%s\n", bWasSignalled?"NOT SIGNALLED":"SIGNALLED");
printf("Information about the Mutant after releasing the mutant second time\n");
DumpMutantInfo(hMutantCreated);
NtClose(hMutantOpened);
NtClose(hMutantCreated);
}
void DumpSemaphoreInfo(HANDLE hSemaphore)
{
SEMAPHORE_INFO SemaphoreInfo;
ULONG BytesReturned;
NTSTATUS rc;
rc=NtQuerySemaphore(hSemaphore,
SemaphoreBasicInfo,
&SemaphoreInfo,
sizeof(SemaphoreInfo),
&BytesReturned);
if (rc==STATUS_SUCCESS) {
printf("SemaphoreInfo.CurrentCount = %x\n", SemaphoreInfo.CurrentCount);
printf("SemaphoreInfo.MaxCount = %x\n", SemaphoreInfo.MaxCount);
} else {
printf("Unable to query Semaphore information\n");
}
}
SemaphoreManagement()
{
NTSTATUS rc;
HANDLE hSemaphoreCreated, hSemaphoreOpened;
OBJECT_ATTRIBUTES ObjectAttr;
UNICODE_STRING SemaphoreName;
ULONG PreviousCount;
LARGE_INTEGER Timeout;
RtlInitUnicodeString(&SemaphoreName, L"\\MySemaphore");
InitializeObjectAttributes(&ObjectAttr,
&SemaphoreName,
OBJ_CASE_INSENSITIVE,
NULL,
NULL);
rc=NtCreateSemaphore(&hSemaphoreCreated,
STANDARD_RIGHTS_ALL|0x03,
&ObjectAttr,
2,
0x10);
if (rc!=STATUS_SUCCESS) {
printf("Unable to create Semaphore, rc=%x\n", rc);
return 0;
}
printf("Semaphore created, hSemaphoreCreated=%x\n", hSemaphoreCreated);
rc=NtOpenSemaphore(&hSemaphoreOpened,
MAXIMUM_ALLOWED,
&ObjectAttr);
if (rc!=STATUS_SUCCESS) {
printf("Unable to open Semaphore, rc=%x\n", rc);
NtClose(hSemaphoreCreated);
return 0;
}
printf("Semaphore opened, hSemaphoreOpened=%x\n", hSemaphoreOpened);
printf("Information about the Semaphore\n");
DumpSemaphoreInfo(hSemaphoreCreated);
rc=NtReleaseSemaphore(hSemaphoreCreated, 2, &PreviousCount);
if (rc!=STATUS_SUCCESS) {
printf("NtReleaseSemaphore failed, rc=%x\n", rc);
goto ExitFunction;
}
printf("Information about the Semaphore after releasing it 2 times\n");
printf("Previous count = %x\n", PreviousCount);
DumpSemaphoreInfo(hSemaphoreCreated);
Timeout.QuadPart=0;
rc=NtWaitForSingleObject(hSemaphoreCreated,
FALSE,
&Timeout);
if (rc!=STATUS_SUCCESS) {
printf("NtWaitForSingleObject failed, rc=%x\n", rc);
return 0;
}
printf("Information about the Semaphore after aquiring it using NtWaitForSingleObject\n");
DumpSemaphoreInfo(hSemaphoreCreated);
ExitFunction:
NtClose(hSemaphoreOpened);
NtClose(hSemaphoreCreated);
}
void _stdcall TimerCompletionRoutine(PVOID lpArgToCompletionRoutine,
ULONG dwTimerLowValue,
ULONG dwTimerHighValue)
{
printf("TimerCompletionRoutine called, lpArgToCompletionRoutine=%x\n", lpArgToCompletionRoutine);
return;
}
void DumpTimerInfo(HANDLE hTimer)
{
NTSTATUS rc;
TIMER_INFO TimerInfo;
ULONG BytesReturned;
rc=NtQueryTimer(hTimer,
TimerBasicInfo,
&TimerInfo,
sizeof(TimerInfo),
&BytesReturned);
if (rc!=STATUS_SUCCESS) {
printf("NtQueryTimer failed, rc=%x\n", rc);
return;
}
printf("TimerInfo.DueTime = %08x%08x\n", TimerInfo.DueTime.HighPart, TimerInfo.DueTime.LowPart);
printf("TimerInfo.TimerState = %s\n", TimerInfo.TimerState?"SIGNALLED":"NOT SIGNALLED");
}
TimerManagement()
{
NTSTATUS rc;
HANDLE hTimerCreated, hTimerOpened;
OBJECT_ATTRIBUTES ObjectAttr;
UNICODE_STRING TimerName;
LARGE_INTEGER DueTime;
LARGE_INTEGER DelayTime;
BOOLEAN PresentState;
RtlInitUnicodeString(&TimerName, L"\\MyTimer");
InitializeObjectAttributes(&ObjectAttr,
&TimerName,
OBJ_CASE_INSENSITIVE,
NULL,
NULL);
rc=NtCreateTimer(&hTimerCreated,
STANDARD_RIGHTS_ALL|0x03,
&ObjectAttr,
SynchronizationTimer);
if (rc!=STATUS_SUCCESS) {
printf("Unable to create Timer, rc=%x\n", rc);
return 0;
}
printf("Timer created, hTimerCreated=%x\n", hTimerCreated);
rc=NtOpenTimer(&hTimerOpened,
MAXIMUM_ALLOWED,
&ObjectAttr);
if (rc!=STATUS_SUCCESS) {
printf("Unable to open Timer, rc=%x\n", rc);
NtClose(hTimerCreated);
return 0;
}
printf("Timer opened, hTimerOpened=%x\n", hTimerOpened);
printf("Dumping timer information\n");
DumpTimerInfo(hTimerCreated);
printf("Setting timer\n");
DueTime.QuadPart=-(10^3);
rc=NtSetTimer(hTimerCreated,
&DueTime,
TimerCompletionRoutine,
10,
FALSE,
0,
&PresentState);
if (rc!=STATUS_SUCCESS) {
printf("NtSetTimer failed, rc=%x\n", rc);
goto ExitFunction;
}
printf("PresentState=%s\n", PresentState?"SIGNALLED":"NOT SIGNALLED");
printf("Waiting for timer expire\n");
DelayTime.QuadPart = 10*1000*1000; // 1 second
DelayTime.QuadPart = -(DelayTime.QuadPart);
rc=NtDelayExecution(TRUE, &DelayTime);
if (rc!=STATUS_USER_APC) {
printf("NtDelayExecution failed, rc=%x\n", rc);
goto ExitFunction;
}
printf("Dumping timer information after timer expire\n");
DumpTimerInfo(hTimerCreated);
printf("Again setting timer\n");
DueTime.QuadPart=-(10^6);
rc=NtSetTimer(hTimerCreated,
&DueTime,
TimerCompletionRoutine,
10,
FALSE,
0,
&PresentState);
if (rc!=STATUS_SUCCESS) {
printf("NtSetTimer failed, rc=%x\n", rc);
goto ExitFunction;
}
printf("PresentState=%s\n", PresentState?"SIGNALLED":"NOT SIGNALLED");
printf("Cancelling timer\n");
rc=NtCancelTimer(hTimerCreated,
&PresentState);
if (rc!=STATUS_SUCCESS) {
printf("NtCancelTimer failed, rc=%x\n", rc);
goto ExitFunction;
}
printf("Timer state at cancellation=%s\n", PresentState?"SIGNALLED":"NOT SIGNALLED");
ExitFunction:
NtClose(hTimerOpened);
NtClose(hTimerCreated);
return 0;
}
void TimerResolution()
{
NTSTATUS rc;
ULONG MinResolution, MaxResolution, SystemResolution;
rc=NtQueryTimerResolution(&MaxResolution, &MinResolution, &SystemResolution);
if (rc!=STATUS_SUCCESS) {
printf("NtQueryTimerResolution failed, rc=%x\n", rc);
} else {
ULONG ResolutionSet;
printf("MaxResolution = %x\n", MaxResolution);
printf("MinResolution = %x\n", MinResolution);
printf("SystemResolution = %x\n", SystemResolution);
rc=NtSetTimerResolution(MinResolution,
TRUE,
&ResolutionSet);
if (rc!=STATUS_SUCCESS) {
printf("NtSetTimerResolution failed, rc=%x\n", rc);
return;
}
printf("ResolutionSet=%x\n", ResolutionSet);
rc=NtSetTimerResolution(MinResolution,
FALSE,
&ResolutionSet);
if (rc!=STATUS_SUCCESS) {
printf("NtSetTimerResolution failed, rc=%x\n", rc);
return;
}
printf("ResolutionSet=%x\n", ResolutionSet);
}
}
void PerformanceCounter()
{
LARGE_INTEGER PerformanceCount;
LARGE_INTEGER Frequency;
NTSTATUS rc;
PerformanceCount.QuadPart=0;
Frequency.QuadPart=0;
rc=NtQueryPerformanceCounter(&PerformanceCount, &Frequency);
if (rc!=STATUS_SUCCESS) {
printf("NtQueryPerformanceCounter failed, rc=%x\n", rc);
}
printf("PerformanceCount = %08x%08x\n", PerformanceCount.HighPart, PerformanceCount.LowPart);
printf("Frequency = %08x%08x\n", Frequency.HighPart, Frequency.LowPart);
}
void DumpTime(TIME_FIELDS TimeFields)
{
printf("TimeFields.Year = %d\n", TimeFields.Year);
printf("TimeFields.Month = %d\n", TimeFields.Month);
printf("TimeFields.Day = %d\n", TimeFields.Day);
printf("TimeFields.Hour = %d\n", TimeFields.Hour);
printf("TimeFields.Minute = %d\n", TimeFields.Minute);
printf("TimeFields.Second = %d\n", TimeFields.Second);
printf("TimeFields.Milliseconds = %d\n", TimeFields.Milliseconds);
printf("TimeFields.Weekday = %d\n", TimeFields.Weekday);
}
BOOLEAN EnableOrDisablePrivilege(ULONG PrivilegeId, BOOLEAN bDisable)
{
HANDLE hToken;
TOKEN_PRIVILEGES PrivilegeSet;
NTSTATUS rc;
rc=NtOpenProcessToken(NtCurrentProcess(),
TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
&hToken);
if (rc!=STATUS_SUCCESS) {
printf("NtOpenProcessToken failed, rc=%x\n", rc);
return FALSE;
}
memset(&PrivilegeSet, 0, sizeof(PrivilegeSet));
PrivilegeSet.PrivilegeCount=1;
PrivilegeSet.Privileges[0].Luid=RtlConvertUlongToLuid(PrivilegeId);
PrivilegeSet.Privileges[0].Attributes = bDisable?0:SE_PRIVILEGE_ENABLED;
rc=NtAdjustPrivilegesToken(hToken,
FALSE,
&PrivilegeSet,
0,
NULL,
NULL);
NtClose(hToken);
if (rc!=STATUS_SUCCESS) {
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -