|
|
|
|
@ -3,6 +3,10 @@
|
|
|
|
|
header only kernel utils library - completely self dependent - no imports - no strings
|
|
|
|
|
|
|
|
|
|
* HSTRING macro - compile time hashing of c-strings
|
|
|
|
|
* `HSTRING("hash me!")`
|
|
|
|
|
* DYN_MOD - dynamically resolve base address of a kernel module. uses HSTRING to compare hashes of file names
|
|
|
|
|
* `DYN_MOD("ntoskrnl.exe")`
|
|
|
|
|
* DYN_NT_SYM - dynamically resolve ntoskrnl export's
|
|
|
|
|
* `LPVOID lpPage = DYN_NT_SYM(ExAllocatePool)(NonPagedPool, PAGE_SIZE)`
|
|
|
|
|
* `DYN_NT_SYM(DbgPrint)("Hello World")`
|
|
|
|
|
* DYN_MOD_SYM - dynamically resolve export from a kernel modules file name - uses compile time hashes of both file name and export name.
|
|
|
|
|
* `DYN_MOD_SYM("win32kbase.sys", "NtGdiFlush")`
|
|
|
|
|
|
IDontCode
3 years ago