钩子函数应用

时间:2022-04-10 09:06:50
【文件属性】:

文件名称:钩子函数应用

文件大小:16KB

文件格式:RAR

更新时间:2022-04-10 09:06:50

hook

NTSTATUS HOOK_DispatchDeviceControl( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ) { NTSTATUS status = STATUS_SUCCESS; PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation(Irp); switch(irpSp->Parameters.DeviceIoControl.IoControlCode) { case IOCTL_HOOK_OPERATION: // status = SomeHandlerFunction(irpSp); break; default: Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST; Irp->IoStatus.Information = 0; break; } status = Irp->IoStatus.Status; IoCompleteRequest(Irp, IO_NO_INCREMENT); return status; }


【文件预览】:
hook use
----Hook()
--------buildnumber.h(69B)
--------Hook.WXP.vcproj(5KB)
--------Hook.vsprops(289B)
--------ddkprebld.cmd(91B)
--------Hook.WXP.vcproj.WWW-74E959F650C.Administrator.user(4KB)
--------buildinc.cmd(436B)
--------drvcommon.h(1KB)
--------BUILD(5B)
--------BuildLog.htm(9KB)
--------buildchk_win7_x86.log(858B)
--------drvversion.h(2KB)
--------ddkpostbld.cmd(222B)
--------HookOpenObject.h(3KB)
--------makefile(260B)
--------radB7891.tmp(0B)
--------Hook.cpp(4KB)
--------PREfast_defects_chk_win7_x86.xml(6KB)
--------prefastchk_win7_x86.log(753B)
--------ddkbldenv.cmd(20B)
--------sources(249B)
--------Hook.h(1KB)
--------drvversion.rc(2KB)
----Hook.suo(11KB)
----Hook.sln(2KB)

网友评论