-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathNative.h
More file actions
206 lines (160 loc) · 5.69 KB
/
Native.h
File metadata and controls
206 lines (160 loc) · 5.69 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
#ifndef _NATIVE_H_
#define _NATIVE_H_
#include "DirtboxTypes.h"
extern "C"
{
NTSTATUS WINAPI NtAllocateVirtualMemory(
HANDLE ProcessHandle, PVOID *BaseAddress, DWORD ZeroBits, PSIZE_T RegionSize,
DWORD AllocationType, DWORD Protect
);
NTSTATUS WINAPI NtCancelTimer(
HANDLE TimerHandle, PBOOLEAN CurrentState
);
NTSTATUS WINAPI NtClose(
HANDLE Handle
);
NTSTATUS WINAPI NtCreateEvent(
PHANDLE EventHandle, ACCESS_MASK DesiredAccess, POBJECT_ATTRIBUTES ObjectAttributes,
EVENT_TYPE EventType, BOOLEAN InitialState
);
NTSTATUS WINAPI NtCreateFile(
PHANDLE FileHandle, ACCESS_MASK DesiredAccess, POBJECT_ATTRIBUTES ObjectAttributes,
PIO_STATUS_BLOCK IoStatusBlock, PLARGE_INTEGER AllocationSize, DWORD FileAttributes,
DWORD ShareAccess, DWORD CreateDisposition, DWORD CreateOptions,
PVOID EaBuffer, DWORD EaLength
);
NTSTATUS WINAPI NtCreateSemaphore(
PHANDLE SemaphoreHandle, ACCESS_MASK DesiredAccess, POBJECT_ATTRIBUTES ObjectAttributes,
LONG InitialCount, LONG MaximumCount
);
NTSTATUS WINAPI NtDelayExecution(
BOOLEAN Alertable, PLARGE_INTEGER Interval
);
NTSTATUS WINAPI NtFlushBuffersFile(
HANDLE FileHandle, PIO_STATUS_BLOCK IoStatusBlock
);
NTSTATUS WINAPI NtFreeVirtualMemory(
HANDLE ProcessHandle, PVOID *BaseAddress, PSIZE_T RegionSize, DWORD FreeType
);
NTSTATUS WINAPI NtOpenFile(
PHANDLE FileHandle, ACCESS_MASK DesiredAccess, POBJECT_ATTRIBUTES ObjectAttributes,
PIO_STATUS_BLOCK IoStatusBlock, DWORD ShareAccess, DWORD OpenOptions
);
NTSTATUS WINAPI NtPulseEvent(
HANDLE EventHandle, PLONG PulseCount
);
NTSTATUS WINAPI NtQueryDirectoryFile(
HANDLE FileHandle, HANDLE Event, PIO_APC_ROUTINE ApcRoutine, PVOID ApcContext,
PIO_STATUS_BLOCK IoStatusBlock, PVOID FileInformation, DWORD Length,
FILE_INFORMATION_CLASS FileInformationClass, BOOLEAN ReturnSingleEntry,
PUNICODE_STRING FileName, BOOLEAN RestartScan
);
NTSTATUS WINAPI NtQueryInformationFile(
HANDLE FileHandle, PIO_STATUS_BLOCK IoStatusBlock, PVOID FileInformation, DWORD Length,
FILE_INFORMATION_CLASS FileInformationClass
);
NTSTATUS WINAPI NtQueryObject(
HANDLE ObjectHandle, OBJECT_INFORMATION_CLASS ObjectInformationClass,
PVOID ObjectInformation, DWORD ObjectInformationLength, PDWORD ReturnLength
);
NTSTATUS WINAPI NtQuerySystemTime(
PLARGE_INTEGER SystemTime
);
NTSTATUS WINAPI NtQueryVolumeInformationFile(
HANDLE FileHandle, PIO_STATUS_BLOCK IoStatusBlock, PVOID FsInformation, DWORD Length,
FS_INFORMATION_CLASS FsInformationClass
);
NTSTATUS WINAPI NtReadFile(
HANDLE FileHandle, HANDLE Event, PIO_APC_ROUTINE ApcRoutine, PVOID ApcContext,
PIO_STATUS_BLOCK IoStatusBlock, PVOID Buffer, DWORD Length, PLARGE_INTEGER ByteOffset,
PDWORD Key
);
NTSTATUS WINAPI NtReleaseSemaphore(
HANDLE SemaphoreHandle, LONG ReleaseCount, PLONG PreviousCount
);
NTSTATUS WINAPI NtResumeThread(
HANDLE ThreadHandle, PDWORD SuspendCount
);
NTSTATUS WINAPI NtSetEvent(
HANDLE EventHandle, PLONG PreviousState
);
NTSTATUS WINAPI NtSetInformationFile(
HANDLE FileHandle, PIO_STATUS_BLOCK IoStatusBlock, PVOID FileInformation, DWORD Length,
FILE_INFORMATION_CLASS FileInformationClass
);
NTSTATUS WINAPI NtSetLdtEntries(
DWORD Selector, LDT_ENTRY Entry, DWORD a, DWORD b, DWORD c
);
NTSTATUS WINAPI NtSetTimer(
HANDLE TimerHandle, PLARGE_INTEGER DueTime,
PTIMER_APC_ROUTINE TimerApcRoutine, PVOID TimerContext, BOOLEAN ResumeTimer,
LONG Period, PBOOLEAN PreviousState
);
NTSTATUS WINAPI NtSuspendThread(
HANDLE ThreadHandle, PDWORD PreviousSuspendCount
);
NTSTATUS WINAPI NtWaitForMultipleObjects(
DWORD ObjectCount, PHANDLE ObjectsArray, WAIT_TYPE WaitType, BOOLEAN Alertable,
PLARGE_INTEGER Timeout
);
DWORD WINAPI NtWaitForSingleObject(
HANDLE ObjectHandle, BOOLEAN Alertable, PLARGE_INTEGER Timeout
);
NTSTATUS WINAPI NtWriteFile(
HANDLE FileHandle, HANDLE Event, PIO_APC_ROUTINE ApcRoutine, PVOID ApcContext,
PIO_STATUS_BLOCK IoStatusBlock, PVOID Buffer, DWORD Length, PLARGE_INTEGER ByteOffset,
PDWORD Key
);
NTSTATUS WINAPI NtYieldExecution();
NTSTATUS WINAPI RtlAnsiStringToUnicodeString(
PUNICODE_STRING DestinationString, PANSI_STRING SourceString,
BOOLEAN AllocateDestinationString
);
NTSTATUS WINAPI RtlAppendUnicodeToString(
PUNICODE_STRING Destination, PWSTR Source
);
SIZE_T WINAPI RtlCompareMemoryUlong(
PVOID Source, SIZE_T Length, DWORD Pattern
);
NTSTATUS WINAPI RtlEnterCriticalSection(
PRTL_CRITICAL_SECTION CriticalSection
);
LONG WINAPI RtlEqualString(
PANSI_STRING String1, PANSI_STRING String2, BOOLEAN CaseInSensitive
);
VOID WINAPI RtlInitAnsiString(
PANSI_STRING DestinationString, PSTR SourceString
);
static inline VOID RtlInitEmptyUnicodeString(
PUNICODE_STRING DestinationString,
PWCHAR Buffer,
WORD BufferSize
)
{
DestinationString->Length = 0;
DestinationString->MaximumLength = BufferSize;
DestinationString->Buffer = Buffer;
}
VOID WINAPI RtlInitializeCriticalSection(
PRTL_CRITICAL_SECTION CriticalSection
);
VOID WINAPI RtlLeaveCriticalSection(
PRTL_CRITICAL_SECTION CriticalSection
);
DWORD WINAPI RtlNtStatusToDosError(
NTSTATUS Status
);
VOID WINAPI RtlRaiseException(
PEXCEPTION_RECORD ExceptionRecord
);
BOOLEAN WINAPI RtlTimeFieldsToTime(
PTIME_FIELDS TimeFields, PLARGE_INTEGER Time
);
VOID WINAPI RtlTimeToTimeFields(
PLARGE_INTEGER Time, PTIME_FIELDS TimeFields
);
VOID WINAPI RtlUnwind(
PVOID TargetFrame, PVOID TargetIp, PEXCEPTION_RECORD ExceptionRecord, PVOID ReturnValue
);
}
#endif