|
|
@ -370,7 +370,7 @@ typedef struct _DEVICE_MAP
|
|
|
|
UCHAR DriveType[32];
|
|
|
|
UCHAR DriveType[32];
|
|
|
|
} DEVICE_MAP, * PDEVICE_MAP;
|
|
|
|
} DEVICE_MAP, * PDEVICE_MAP;
|
|
|
|
|
|
|
|
|
|
|
|
extern "C" NTSTATUS NtQuerySystemInformation(
|
|
|
|
extern "C" NTSTATUS ZwQuerySystemInformation (
|
|
|
|
SYSTEM_INFORMATION_CLASS SystemInformationClass,
|
|
|
|
SYSTEM_INFORMATION_CLASS SystemInformationClass,
|
|
|
|
PVOID SystemInformation,
|
|
|
|
PVOID SystemInformation,
|
|
|
|
ULONG SystemInformationLength,
|
|
|
|
ULONG SystemInformationLength,
|
|
|
@ -395,7 +395,7 @@ namespace kutils
|
|
|
|
inline auto get_driver_base(const char* driver_name) -> void*
|
|
|
|
inline auto get_driver_base(const char* driver_name) -> void*
|
|
|
|
{
|
|
|
|
{
|
|
|
|
u32 alloc_size{};
|
|
|
|
u32 alloc_size{};
|
|
|
|
NtQuerySystemInformation(
|
|
|
|
ZwQuerySystemInformation (
|
|
|
|
SystemModuleInformation,
|
|
|
|
SystemModuleInformation,
|
|
|
|
NULL, alloc_size, &alloc_size);
|
|
|
|
NULL, alloc_size, &alloc_size);
|
|
|
|
|
|
|
|
|
|
|
@ -403,7 +403,7 @@ namespace kutils
|
|
|
|
reinterpret_cast<PRTL_PROCESS_MODULES>(
|
|
|
|
reinterpret_cast<PRTL_PROCESS_MODULES>(
|
|
|
|
ExAllocatePool(NonPagedPool, alloc_size));
|
|
|
|
ExAllocatePool(NonPagedPool, alloc_size));
|
|
|
|
|
|
|
|
|
|
|
|
NtQuerySystemInformation(
|
|
|
|
ZwQuerySystemInformation (
|
|
|
|
SystemModuleInformation,
|
|
|
|
SystemModuleInformation,
|
|
|
|
module_info, alloc_size, &alloc_size);
|
|
|
|
module_info, alloc_size, &alloc_size);
|
|
|
|
|
|
|
|
|
|
|
@ -592,7 +592,7 @@ namespace kutils
|
|
|
|
inline auto get_pid(const wchar_t* process_name) -> u32
|
|
|
|
inline auto get_pid(const wchar_t* process_name) -> u32
|
|
|
|
{
|
|
|
|
{
|
|
|
|
u32 alloc_size{};
|
|
|
|
u32 alloc_size{};
|
|
|
|
NtQuerySystemInformation(
|
|
|
|
ZwQuerySystemInformation (
|
|
|
|
SystemProcessInformation,
|
|
|
|
SystemProcessInformation,
|
|
|
|
nullptr, alloc_size, &alloc_size);
|
|
|
|
nullptr, alloc_size, &alloc_size);
|
|
|
|
|
|
|
|
|
|
|
@ -601,7 +601,7 @@ namespace kutils
|
|
|
|
ExAllocatePool(NonPagedPool, alloc_size));
|
|
|
|
ExAllocatePool(NonPagedPool, alloc_size));
|
|
|
|
|
|
|
|
|
|
|
|
const auto orig_ptr = process_info;
|
|
|
|
const auto orig_ptr = process_info;
|
|
|
|
NtQuerySystemInformation(
|
|
|
|
ZwQuerySystemInformation (
|
|
|
|
SystemProcessInformation,
|
|
|
|
SystemProcessInformation,
|
|
|
|
process_info, alloc_size, &alloc_size);
|
|
|
|
process_info, alloc_size, &alloc_size);
|
|
|
|
|
|
|
|
|
|
|
|