Esempi in C# (CSharp) per NtDllSupport.FileCreationFlags

Linguaggio di programmazione: C# (CSharp)

Classe/tipologia: NtDllSupport.FileCreationFlags

Esempi su hotexamples.com: 2

NtDllSupport.FileCreationFlags in C# (CSharp): 2 esempi trovati. Questi sono i migliori esempi reali in C# (CSharp) per NtDllSupport.FileCreationFlags, estratti da progetti open source. Li puoi valutare, per aiutarci a migliorare la qualità dei nostri esempi.

Esempio n. 1

Mostra file

        // this is where we are intercepting all file accesses!
        private UInt32 ZwCreateFile_Hooked(IntPtr ptr_to_FileHandle,
                                           NtDllSupport.AccessRightsFlags DesiredAccess,
                                           IntPtr ObjectAttributes,
                                           IntPtr IoStatusBlock,
                                           Int32 AllocationSize, Int32 FileAttributes, NtDllSupport.ShareAccessFlags ShareAccess, Int32 CreateDisposition, NtDllSupport.FileCreationFlags CreateOptions, IntPtr EaBuffer, Int32 EaLength)
        {
            preprocessHook();

            UInt32 result = NtDllSupport.ZwCreateFile(ptr_to_FileHandle, DesiredAccess, ObjectAttributes, IoStatusBlock, AllocationSize, FileAttributes, ShareAccess, CreateDisposition, CreateOptions, EaBuffer, EaLength);

            if (result == NtDllSupport.STATUS_SUCCESS)
            {
                string object_name = string.Empty;
                //object_name = "YOOOO"+random.Next();
                int file_handle = -1;
                unsafe {
                    int *pfile_handle = (int *)ptr_to_FileHandle.ToPointer();
                    file_handle = *pfile_handle;
                    NtDllSupport.OBJECT_ATTRIBUTES *lpobj_attr = (NtDllSupport.OBJECT_ATTRIBUTES *)ObjectAttributes.ToPointer();
                    NtDllSupport.UNICODE_STRING *   pstrng     = lpobj_attr->ObjectName;
                    object_name = pstrng->ToString();
                }

                TransferUnit transfer_unit = createTransferUnit();
                transfer_unit[Color.ObjectName]        = object_name;
                transfer_unit[Color.FileHandle]        = file_handle;
                transfer_unit[Color.DesiredAccess]     = DesiredAccess;
                transfer_unit[Color.ShareAccess]       = ShareAccess;
                transfer_unit[Color.FileCreationFlags] = CreateOptions;
                makeCallBack(transfer_unit);
            }
            return(result);
        }

Esempio n. 2

Mostra file

File: Hook_ZwOpenFile.cs Progetto: pandyer/APIMon

        // this is where we are intercepting all file accesses!
        private UInt32 ZwOpenFile_Hooked(IntPtr ptr_to_FileHandle, Int32 DesiredAccess, IntPtr ObjectAttributes, IntPtr IoStatusBlock, Int32 ShareAccess, NtDllSupport.FileCreationFlags OpenOptions)
        {
            preprocessHook();

            UInt32 result = NtDllSupport.ZwOpenFile(ptr_to_FileHandle, DesiredAccess, ObjectAttributes, IoStatusBlock, ShareAccess, OpenOptions);

            if (result == NtDllSupport.STATUS_SUCCESS)
            {
                string object_name = string.Empty;
                //object_name = "YOOOO" + random.Next();
                int file_handle = -1;
                unsafe {
                    int *pfile_handle = (int *)ptr_to_FileHandle.ToPointer();
                    file_handle = *pfile_handle;
                    NtDllSupport.OBJECT_ATTRIBUTES *lpobj_attr = (NtDllSupport.OBJECT_ATTRIBUTES *)ObjectAttributes.ToPointer();
                    NtDllSupport.UNICODE_STRING *   pstrng     = lpobj_attr->ObjectName;
                    object_name = pstrng->ToString();
                }

                TransferUnit transfer_unit = createTransferUnit();
                transfer_unit["ObjectName"] = object_name;
                transfer_unit["FileHandle"] = file_handle;

                makeCallBack(transfer_unit);
            }
            return(result);
        }