Everything else that doesn't fall into one of the other PB categories.
-
callroot
- User
- Posts: 64
- Joined: Sat Mar 05, 2016 10:46 pm
Post
by callroot »
Code: Select all
NTSYSAPI NTSTATUS NTAPI
KeUserModeCallback(
IN ULONG ApiNumber,
IN PVOID InputBuffer,
IN ULONG InputLength,
OUT PVOID *OutputBuffer,
IN PULONG OutputLength
);
typedef struct _CLientLoadLibraryParam
{
DWORD dwSize;//+0
DWORD dwStringLength; //+4
DWORD ReservedZero1;//+8
DWORD ReservedZero2;//+C
DWORD ReservedZero3;//+10
DWORD ReservedZero4;//+14
DWORD ReservedZero5;//+18 () +1A () //不需要!
DWORD ptrDllString;//+1C
DWORD ReservedZero6;//+20
DWORD ptrApiString;//+24
WCHAR szDllName[MAX_PATH];
WCHAR szApiName[MAX_PATH];
}CLientLoadLibraryParam,*PCLientLoadLibraryParam;
NTSTATUS InjectDll(LPCWSTR lpszDll,LPCWSTR lpszApi)
{
PVOID Return;
ULONG RetLen;
PVOID BaseAddress = NULL;
SIZE_T size = sizeof(CLientLoadLibraryParam);
NTSTATUS ns;
ns = ZwAllocateVirtualMemory(NtCurrentProcess(),
&BaseAddress,
0,
&size,
MEM_COMMIT,
PAGE_EXECUTE_READWRITE);
if (NT_SUCCESS(ns))
{
PCLientLoadLibraryParam p = (PCLientLoadLibraryParam)BaseAddress;
RtlZeroMemory(p,sizeof(CLientLoadLibraryParam));
p->dwSize = sizeof(CLientLoadLibraryParam);
p->ReservedZero4 = 1;//
wcsncpy(p->szApiName,lpszApi,MAX_PATH);
wcsncpy(p->szDllName,lpszDll,MAX_PATH);
p->ptrApiString = (DWORD)p->szApiName;
p->ptrDllString = (DWORD)p->szDllName;
ns = KeUserModeCallback(0x42,//Win7 0x41
BaseAddress,
sizeof(CLientLoadLibraryParam),
&Return,
&RetLen
);
}
return ns;
}
-
callroot
- User
- Posts: 64
- Joined: Sat Mar 05, 2016 10:46 pm
Post
by callroot »
User_Russian wrote:This code from kernel driver.
R3 CAN'NOT ?
-
Keya
- Addict
- Posts: 1890
- Joined: Thu Jun 04, 2015 7:10 am
Post
by Keya »
User_Russian wrote:This code from kernel driver.
he's very lucky then that you've developed that package for writing kernel drivers in Purebasic!
(hows the 64bit version coming along btw!?!? heehee)
-
callroot
- User
- Posts: 64
- Joined: Sat Mar 05, 2016 10:46 pm
Post
by callroot »
Keya wrote:User_Russian wrote:This code from kernel driver.
he's very lucky then that you've developed that package for writing kernel drivers in Purebasic!
(hows the 64bit version coming along btw!?!? heehee)
Could you translate it into PUreBasic
-
User_Russian
- Addict
- Posts: 1603
- Joined: Wed Nov 12, 2008 5:01 pm
- Location: Russia
Post
by User_Russian »
Code: Select all
IncludePath #PB_Compiler_Home+"DDK\"
XIncludeFile "ntddk.pbi"
XIncludeFile "ntstatus.pbi"
XIncludeFile "ntfunct.pbi"
Import "ntoskrnl.lib"
KeUserModeCallback(ApiNumber,*InputBuffer,InputLength,*OutputBuffer,OutputLength)
RtlZeroMemory(*p,len)
EndImport
CompilerIf #PB_Compiler_Unicode = 0
CompilerError "Please enable unicode mode."
CompilerEndIf
Structure CLientLoadLibraryParam
dwSize.l;//+0
dwStringLength.l; //+4
ReservedZero1.l;//+8
ReservedZero2.l;//+C
ReservedZero3.l;//+10
ReservedZero4.l;//+14
ReservedZero5.l;//+18 () +1A () //不需要!
ptrDllString.l;//+1C
ReservedZero6.l;//+20
ptrApiString.l;//+24
szDllName.s{#MAX_PATH};
szApiName.s{#MAX_PATH};
EndStructure
Macro NtCurrentProcess()
-1
EndMacro
Procedure InjectDll(lpszDll.s, lpszApi.s)
*Ret=0;
RetLen.l;
*BaseAddress = #Null;
size = SizeOf(CLientLoadLibraryParam);
ns.i=0;
ns = ZwAllocateVirtualMemory(NtCurrentProcess(),
@*BaseAddress,
0,
@size,
#MEM_COMMIT,
#PAGE_EXECUTE_READWRITE);
If ns = #STATUS_SUCCESS
*p.CLientLoadLibraryParam = *BaseAddress
RtlZeroMemory(*p,SizeOf(CLientLoadLibraryParam));
*p\dwSize = SizeOf(CLientLoadLibraryParam) ;
*p\ReservedZero4 = 1 ;//
*p\szApiName = lpszApi
*p\szDllName = lpszDll;
*p\ptrApiString = @*p\szApiName;
*p\ptrDllString = @*p\szDllName;
ns = KeUserModeCallback($42, ;//Win7 0x41
*BaseAddress,
SizeOf(CLientLoadLibraryParam),
@*Ret,
@RetLen);
EndIf
ProcedureReturn ns
EndProcedure
Compile in
http://www.purebasic.fr/english/viewtop ... 34#p458334
-
callroot
- User
- Posts: 64
- Joined: Sat Mar 05, 2016 10:46 pm
Post
by callroot »
User_Russian wrote:Code: Select all
IncludePath #PB_Compiler_Home+"DDK\"
XIncludeFile "ntddk.pbi"
XIncludeFile "ntstatus.pbi"
XIncludeFile "ntfunct.pbi"
Import "ntoskrnl.lib"
KeUserModeCallback(ApiNumber,*InputBuffer,InputLength,*OutputBuffer,OutputLength)
RtlZeroMemory(*p,len)
EndImport
CompilerIf #PB_Compiler_Unicode = 0
CompilerError "Please enable unicode mode."
CompilerEndIf
Structure CLientLoadLibraryParam
dwSize.l;//+0
dwStringLength.l; //+4
ReservedZero1.l;//+8
ReservedZero2.l;//+C
ReservedZero3.l;//+10
ReservedZero4.l;//+14
ReservedZero5.l;//+18 () +1A () //不需要!
ptrDllString.l;//+1C
ReservedZero6.l;//+20
ptrApiString.l;//+24
szDllName.s{#MAX_PATH};
szApiName.s{#MAX_PATH};
EndStructure
Macro NtCurrentProcess()
-1
EndMacro
Procedure InjectDll(lpszDll.s, lpszApi.s)
*Ret=0;
RetLen.l;
*BaseAddress = #Null;
size = SizeOf(CLientLoadLibraryParam);
ns.i=0;
ns = ZwAllocateVirtualMemory(NtCurrentProcess(),
@*BaseAddress,
0,
@size,
#MEM_COMMIT,
#PAGE_EXECUTE_READWRITE);
If ns = #STATUS_SUCCESS
*p.CLientLoadLibraryParam = *BaseAddress
RtlZeroMemory(*p,SizeOf(CLientLoadLibraryParam));
*p\dwSize = SizeOf(CLientLoadLibraryParam) ;
*p\ReservedZero4 = 1 ;//
*p\szApiName = lpszApi
*p\szDllName = lpszDll;
*p\ptrApiString = @*p\szApiName;
*p\ptrDllString = @*p\szDllName;
ns = KeUserModeCallback($42, ;//Win7 0x41
*BaseAddress,
SizeOf(CLientLoadLibraryParam),
@*Ret,
@RetLen);
EndIf
ProcedureReturn ns
EndProcedure
Compile in
http://www.purebasic.fr/english/viewtop ... 34#p458334
Seek examples and tools package
-
callroot
- User
- Posts: 64
- Joined: Sat Mar 05, 2016 10:46 pm
Post
by callroot »
Thank you very much.
InjectDll(lpszDll.s, lpszApi.s)
Can you see how to use this function?
Have time to write a call to Li
InjectDll(lpszDll.s, lpszApi.s)
-
callroot
- User
- Posts: 64
- Joined: Sat Mar 05, 2016 10:46 pm
Post
by callroot »
thank you
Have time to write a call example?
InjectDll(lpszDll.s, lpszApi.s)
How to use this function
-
User_Russian
- Addict
- Posts: 1603
- Joined: Wed Nov 12, 2008 5:01 pm
- Location: Russia
Post
by User_Russian »
callroot wrote:Have time to write a call example?
InjectDll(lpszDll.s, lpszApi.s)
I have translated the code from C++ to PB. But I do not know with what parameters need to call the procedure. See the C++ code for an example.
