?? he4hookbootdriverhide.hpp
字號:
#ifndef __HE4HOOK_BOOT_DRIVER_HIDE
#define __HE4HOOK_BOOT_DRIVER_HIDE
#define STRICT
#include "..\ntdll.h"
#include "..\NtBootDriverControlHide\NtBootDriverControlHide.hpp"
#define PETHREAD PVOID
#include "..\..\He4Command.h"
typedef struct _W32_FILEINFO
{
char *lpszName;
char *lpszChangedName;
DWORD dwAccessType;
_W32_FILEINFO()
{
memset(this, 0, sizeof(_W32_FILEINFO));
}
} W32_FILEINFO, *PW32_FILEINFO;
typedef struct _W32_FILEINFOSET
{
DWORD dwSize; // number W32_FILEINFO
PW32_FILEINFO lpFileInfo;
_W32_FILEINFOSET()
{
memset(this, 0, sizeof(_W32_FILEINFOSET));
}
} W32_FILEINFOSET, *PW32_FILEINFOSET;
typedef struct _W32_KEYINFO
{
char *lpszName;
DWORD dwType;
_W32_KEYINFO()
{
memset(this, 0, sizeof(_W32_KEYINFO));
}
} W32_KEYINFO, *PW32_KEYINFO;
typedef struct _W32_KEYINFOSET
{
DWORD dwSize; // number W32_FILEINFO
PW32_KEYINFO lpKeyInfo;
_W32_KEYINFOSET()
{
memset(this, 0, sizeof(_W32_KEYINFOSET));
}
} W32_KEYINFOSET, *PW32_KEYINFOSET;
class He4HookBootDriverHide : public NtBootDriverControlHide
{
public:
He4HookBootDriverHide(const WCHAR *lpszDeviceFileName);
~He4HookBootDriverHide();
virtual BOOLEAN Install();
DWORD GetVersion();
DWORD NativeGetVersion(DWORD *lpdwVersion);
BOOLEAN LockSaveFiles();
BOOLEAN UnLockSaveFiles(DWORD dwUnlockFlags = HE4_UNLOCK_READ | HE4_UNLOCK_WRITE | HE4_UNLOCK_DELETE | HE4_UNLOCK_VISIBLE);
BOOLEAN HookFileSystem(DWORD dwHook); // 0 - unhook, 1 - hook Nt*/Zw*/Io*, 2 - hook DRIVER_OBJECT;
BOOLEAN AddToSaveList(PW32_FILEINFOSET lpKeyInfoSetW32);
BOOLEAN DelFromSaveList(PW32_FILEINFOSET lpKeyInfoSetW32);
BOOLEAN HookRegistry();
BOOLEAN UnHookRegistry();
BOOLEAN AddKeysToSaveList(PW32_KEYINFOSET lpKeyInfoSetW32);
BOOLEAN DelKeysFromSaveList(PW32_KEYINFOSET lpKeyInfoSetW32);
DWORD QueryUnload();
DWORD ZwDispatchFunction(DWORD dwProcessId, DWORD dwThreadId, DWORD IoControlCode,
PVOID InputBuffer, DWORD InputBufferLength,
PVOID OutputBuffer, DWORD OutputBufferLength,
DWORD *lpBytesReturned);
virtual BOOLEAN SendCommand(USER_COMMAND *lpUserCommand);
PFILEINFOSET CreateFileInfoSet(PW32_FILEINFOSET lpFileInfoSetW32);
PKEYINFOSET CreateKeyInfoSet(PW32_KEYINFOSET lpKeyInfoSetW32);
};
#endif //?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -