📄 cpuinfo.txt

📁 XP下利用“ZwSystemDebugControl ”API函数读写CPU MSR

💻 TXT

字号:

/****************************************************************************
**********************             声明部分          ***********************
****************************************************************************/
#include <windows.h>
#include <stdio.h>

#pragma comment(lib, "advapi32")

#define NTAPI       __stdcall
#define FCHK(a)     if (!(a)) {printf(#a " failed\n"); return 0;}

typedef int NTSTATUS;

typedef enum _SYSDBG_COMMAND
{
    DebugSysReadMsr = 16,    //读取MSR参数
    DebugSysWriteMsr = 17,   //写入MSR参数
}SYSDBG_COMMAND, *PSYSDBG_COMMAND;

typedef NTSTATUS (NTAPI * PZwSystemDebugControl) (
    SYSDBG_COMMAND ControlCode,
    PVOID InputBuffer,
    ULONG InputBufferLength,
    PVOID OutputBuffer,
    ULONG OutputBufferLength,
    PULONG ReturnLength
    );

PZwSystemDebugControl ZwSystemDebugControl = NULL;

typedef struct _MSR_STRUCT {
    DWORD MsrNum;            // MSR number
    DWORD NotUsed;            // Never accessed by the kernel
    DWORD MsrLo;            // IN (write) or OUT (read): Low 32 bits of MSR
    DWORD MsrHi;            // IN (write) or OUT (read): High 32 bits of MSR
} MSR_STRUCT;






//---------申请访问权限---------
BOOL EnablePrivilege (PCSTR name)
{
    HANDLE hToken;
    BOOL rv;
    
    TOKEN_PRIVILEGES priv = { 1, {0, 0, SE_PRIVILEGE_ENABLED} };
    LookupPrivilegeValue (
        0,
        name,
        &priv.Privileges[0].Luid
    );
    
    OpenProcessToken(
        GetCurrentProcess (),
        TOKEN_ADJUST_PRIVILEGES,
        &hToken
    );
    
    AdjustTokenPrivileges (
        hToken,
        FALSE,
        &priv,
        sizeof priv,
        0,
        0
    );
    rv = GetLastError () == ERROR_SUCCESS;
    
    CloseHandle (hToken);
    return rv;
}



int main (void)
{
    HMODULE hNtdll;
    ULONG ReturnLength;
    OSVERSIONINFO OSVersionInfo;
    OSVersionInfo.dwOSVersionInfoSize = sizeof (OSVERSIONINFO);
    MSR_STRUCT msr;

    EnablePrivilege (SE_DEBUG_NAME);

    FCHK ((hNtdll = LoadLibrary ("ntdll.dll")) != NULL);
    FCHK ((ZwSystemDebugControl = (PZwSystemDebugControl) 
           GetProcAddress (hNtdll, "ZwSystemDebugControl")) != NULL);
    FCHK ((void *) GetVersionEx (&OSVersionInfo) != NULL);

    if (OSVersionInfo.dwPlatformId == VER_PLATFORM_WIN32_NT &&
        OSVersionInfo.dwMajorVersion >= 5 &&
        OSVersionInfo.dwMinorVersion >= 1)    //Windows XP以上
    {

        msr.MsrNum=409; //MSR 地址，十进制形式
       //写入时要设置以下数据
       // msr.MsrHi=00;
       // msr.MsrLo=1030;
        
  
        ZwSystemDebugControl 
            (
            DebugSysReadMsr,  //如果想写入，则改为DebugSysWriteMsr
            &msr,
            sizeof (msr),
            NULL,
            0,
            NULL
            );

        printf("%08X=%08X-%08X\n",msr.MsrNum,msr.MsrHi,msr.MsrLo);
        Sleep(10000);
       
    }
    else
    {
        printf ("This program require Windows XP or Windows 2003.\n");
    }
    return 0;
}
//------------------------------------------------------------------------

💿 文件大小 2 K

👤 上传用户 bobar

📂 所属分类操作系统开发

🏷️ 相关标签

#ZwSystemDebugControl #API #CPU #MSR

⌨️ 快捷键说明

复制代码 Ctrl + C

搜索代码 Ctrl + F

全屏模式 F11

切换主题 Ctrl + Shift + D

显示快捷键 ?

增大字号 Ctrl + =

减小字号 Ctrl + -