/******************************************************************************* * * (C) COPYRIGHT AUTHORS, 2016 * * TITLE: MAIN.H * * VERSION: 1.00 * * DATE: 29 Jan 2016 * * THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF * ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED * TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A * PARTICULAR PURPOSE. * *******************************************************************************/ #pragma once NTKERNELAPI NTSTATUS IoCreateDriver( IN PUNICODE_STRING DriverName, OPTIONAL IN PDRIVER_INITIALIZE InitializationFunction ); NTKERNELAPI NTSTATUS ObReferenceObjectByName( __in PUNICODE_STRING ObjectName, __in ULONG Attributes, __in_opt PACCESS_STATE AccessState, __in_opt ACCESS_MASK DesiredAccess, __in POBJECT_TYPE ObjectType, __in KPROCESSOR_MODE AccessMode, __inout_opt PVOID ParseContext, __out PVOID *Object ); extern POBJECT_TYPE *IoDriverObjectType; _Dispatch_type_(IRP_MJ_DEVICE_CONTROL) DRIVER_DISPATCH DevioctlDispatch; _Dispatch_type_(IRP_MJ_CREATE) DRIVER_DISPATCH CreateDispatch; _Dispatch_type_(IRP_MJ_CLOSE) DRIVER_DISPATCH CloseDispatch; _Dispatch_type_(IRP_MJ_CREATE) _Dispatch_type_(IRP_MJ_CREATE_NAMED_PIPE) _Dispatch_type_(IRP_MJ_CLOSE) _Dispatch_type_(IRP_MJ_READ) _Dispatch_type_(IRP_MJ_WRITE) _Dispatch_type_(IRP_MJ_QUERY_INFORMATION) _Dispatch_type_(IRP_MJ_SET_INFORMATION) _Dispatch_type_(IRP_MJ_QUERY_EA) _Dispatch_type_(IRP_MJ_SET_EA) _Dispatch_type_(IRP_MJ_FLUSH_BUFFERS) _Dispatch_type_(IRP_MJ_QUERY_VOLUME_INFORMATION) _Dispatch_type_(IRP_MJ_SET_VOLUME_INFORMATION) _Dispatch_type_(IRP_MJ_DIRECTORY_CONTROL) _Dispatch_type_(IRP_MJ_FILE_SYSTEM_CONTROL) _Dispatch_type_(IRP_MJ_DEVICE_CONTROL) _Dispatch_type_(IRP_MJ_INTERNAL_DEVICE_CONTROL) _Dispatch_type_(IRP_MJ_SHUTDOWN) _Dispatch_type_(IRP_MJ_LOCK_CONTROL) _Dispatch_type_(IRP_MJ_CLEANUP) _Dispatch_type_(IRP_MJ_CREATE_MAILSLOT) _Dispatch_type_(IRP_MJ_QUERY_SECURITY) _Dispatch_type_(IRP_MJ_SET_SECURITY) _Dispatch_type_(IRP_MJ_POWER) _Dispatch_type_(IRP_MJ_SYSTEM_CONTROL) _Dispatch_type_(IRP_MJ_DEVICE_CHANGE) _Dispatch_type_(IRP_MJ_QUERY_QUOTA) _Dispatch_type_(IRP_MJ_SET_QUOTA) _Dispatch_type_(IRP_MJ_PNP) DRIVER_DISPATCH UnsupportedDispatch; DRIVER_INITIALIZE DriverInitialize; DRIVER_INITIALIZE DriverEntry; #pragma alloc_text(INIT, DriverEntry) #define DUMMYDRV_REQUEST1 CTL_CODE(FILE_DEVICE_UNKNOWN, 0x0701, METHOD_BUFFERED, FILE_SPECIAL_ACCESS) typedef struct _INOUT_PARAM { ULONG Param1; ULONG Param2; ULONG Param3; ULONG Param4; } INOUT_PARAM, *PINOUTPARAM; typedef struct _KLDR_DATA_TABLE_ENTRY { LIST_ENTRY InLoadOrderLinks; PVOID ExceptionTable; ULONG ExceptionTableSize; // ULONG padding on IA64 PVOID GpValue; PVOID NonPagedDebugInfo; PVOID DllBase; PVOID EntryPoint; ULONG SizeOfImage; UNICODE_STRING FullDllName; UNICODE_STRING BaseDllName; ULONG Flags; USHORT LoadCount; USHORT __Unused5; PVOID SectionPointer; ULONG CheckSum; // ULONG padding on IA64 PVOID LoadedImports; PVOID PatchInformation; } KLDR_DATA_TABLE_ENTRY, *PKLDR_DATA_TABLE_ENTRY;