Welcome![Sign In][Sign Up]
Front-page it | Collect it | [中国-简体中文]
FAQ Fav
Location:
Search - ZwWriteFile

Search list

[Driver DevelopIrp-Files

Description: 直接IRP操作文件的实现问题,其实对于大部分接口(诸如: ZwReadFile、ZwWriteFile、ZwSetInformationFile、ZwDeleteFile等)在OSR上的“ Rolling Your Own - Building IRPs to Perform I/O ”一文中已经实现,但是那里面的实现还不够全。所以,我就翻出了前段时间在网上淘到的资料,特与大家共享!尤其值得注意的是,这里面还实现了ZwCreateFile接口! 大家都知道使用IRP的好处就是:效率提高了,对中断级要求更宽了,还解决了常见的重入问题等等。 附件中一个是接口的实现代码,另外一个是应用实例。
Platform: | Size: 146814 | Author: kingbaser | Hits:

[Driver DevelopIrp-Files

Description: 直接IRP操作文件的实现问题,其实对于大部分接口(诸如: ZwReadFile、ZwWriteFile、ZwSetInformationFile、ZwDeleteFile等)在OSR上的“ Rolling Your Own - Building IRPs to Perform I/O ”一文中已经实现,但是那里面的实现还不够全。所以,我就翻出了前段时间在网上淘到的资料,特与大家共享!尤其值得注意的是,这里面还实现了ZwCreateFile接口! 大家都知道使用IRP的好处就是:效率提高了,对中断级要求更宽了,还解决了常见的重入问题等等。 附件中一个是接口的实现代码,另外一个是应用实例。 -IRP operation documents directly realize the problem, in fact, for most interface (such as: ZwReadFile, ZwWriteFile, ZwSetInformationFile, ZwDeleteFile etc.) in the OSR on the Rolling Your Own- Building IRPs to Perform I/O one text has been achieved, but that there realize the whole is not enough. Therefore, some time ago I saw video of Amoy in the online information, special to share with everyone! It is worth noting that there have also achieved ZwCreateFile interface! We all know the benefits of the use of IRP is to: improve the efficiency of interrupt-level requirements of a broader, and also solve the common problem of re-entry and so on. Annex A is the realization of interface code, the other one is the application example.
Platform: | Size: 146432 | Author: kingbaser | Hits:

[Driver Developcopyfile

Description: 利用Zwcreatfile 和 ZwWritefile写的一个文件复制驱动-Using Zwcreatfile and ZwWritefile write a file copy drive
Platform: | Size: 47104 | Author: 赵照 | Hits:

[Windows CEdmp

Description: KeCapturePersistentThreadState捕捉当前线程,获得_DUMP_HEADER结构内容,其中比较有趣的内容是DumpHead->PsLoadedModuleList,DumpHead->PsActiveProcessHead,DumpHead->PfnDataBase..... 接下来就是将_DUMP_HEADER结构内容写到一个dmp文件里, ZwCreateFile---->ZwWriteFile..... -KeCapturePersistentThreadState capture the current thread, get _DUMP_HEADER structure content, which is interesting is the content of the DumpHead-> PsLoadedModuleList, DumpHead-> PsActiveProcessHead, DumpHead-> PfnDataBase... The next step is to _DUMP_HEADER structure content wrote a DMP files, ZwCreateFile- > ZwWriteFile...
Platform: | Size: 2048 | Author: 王明 | Hits:

CodeBus www.codebus.net