1 static UNICODE_STRING StringSrcDriver = RTL_CONSTANT_STRING(L\"\\\\??\\\\C:\\\\Users\\\\Administrator\\\\Desktop\\\\PCHunter64as.sys\"); 2 static UNICODE_STRING StringDstDriver = RTL_CONSTANT_STRING(L\"\\\\??\\\\C:\\\\Users\\\\Administrator\\\\Desktop\\\\PCHunter64as.sys.bak\"); 3
4 #define PAGE_SIZE_MM (4096) 5 #define MYDRIVER_TAG ('hack') 6
7 static NTSTATUS CopyFile(PUNICODE_STRING dst, PUNICODE_STRING src) 8 {
9 HANDLE FileHandle1,FileHandle2; 10 IO_STATUS_BLOCK block1, block2; 11 OBJECT_ATTRIBUTES ot1, ot2; 12 NTSTATUS status; 13 //block1 14 char *Buff;
15 LARGE_INTEGER ByteOffset1, ByteOffset2; 16
17 if(KeGetCurrentIrql() != PASSIVE_LEVEL) {
18 kprintf(\"[+] infinityhook: STATUS_INVALID_DEVICE_STATE\\n\"); 19 return STATUS_INVALID_DEVICE_STATE; 20 } 21
22 Buff = (char *)ExAllocatePoolWithTag(PagedPool, PAGE_SIZE_MM, MYDRIVER_TAG); 23 if (Buff == NULL) {
24 return STATUS_INVALID_DEVICE_STATE; 25 }
26 block1.Pointer = NULL; 27 block1.Information = NULL; 28 block2.Pointer = NULL; 29 block2.Information = NULL; 30
31 InitializeObjectAttributes(&ot1, dst, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL); 32 InitializeObjectAttributes(&ot2, src, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL); 33
34 status = ZwCreateFile( &FileHandle1, 35 GENERIC_WRITE, 36 &ot1, &block1,
37 NULL, FILE_ATTRIBUTE_NORMAL ,0, 38 FILE_OVERWRITE_IF,
39 FILE_SYNCHRONOUS_IO_NONALERT, 40 NULL, 0); 41 if (!NT_SUCCESS(status)) {
42 kprintf(\"ZwCreateFile File %wZ Error:%d\\n\", dst, status); 43 goto out; 44 }
45 status = ZwCreateFile( &FileHandle2, 46 GENERIC_READ, 47 &ot2, &block2,
48 NULL, FILE_ATTRIBUTE_NORMAL, 0, 49 FILE_OPEN,
50 FILE_SYNCHRONOUS_IO_NONALERT, 51 NULL, 0); 52 if (!NT_SUCCESS(status)) {
53 kprintf(\"ZwCreateFile File %wZ Error:%d\\n\", src, status); 54 goto out_2; 55 }
56 kprintf(\"ZwCreateFile Tow File Ok, Next to Read and Write!!!!\\n\"); 57
58 ByteOffset1.QuadPart = 0; 59 ByteOffset2.QuadPart = 0; 60 61 do {
62 status = ZwReadFile(FileHandle2, 63 NULL, 64 NULL, 65 NULL, 66 &block2, 67 Buff,
68 PAGE_SIZE_MM, 69 &ByteOffset2, 70 NULL);
71 if (!NT_SUCCESS(status)) { 72 kprintf(\"ZwReadFile Error!!!\"); 73 goto out_1; 74 }
75 if (block2.Information == 0) {
76 kprintf(\"ZwReadFile Zero byte!!!\"); 77 goto out_1; 78 }
79 kprintf(\"ZwReadFile block2 Information : %d\", (int)block2.Information); 80
81 ByteOffset2.QuadPart += block2.Information; 82
83 status = ZwWriteFile( FileHandle1, 84 NULL, 85 NULL, 86 NULL, 87 &block1, 88 Buff,
89 (ULONG)block2.Information, 90 &ByteOffset1, 91 NULL);
92 if (!NT_SUCCESS(status)) { 93 kprintf(\"ZwWriteFile Error!!!\"); 94 goto out_1; 95 }
96 ByteOffset1.QuadPart += block1.Information;
97 kprintf(\"ZwWriteFile block1 Information : %d\", (int)block1.Information); 98 } while(1); 99 100 out_1:
101 ZwClose(FileHandle2);102 out_2:
103 ZwClose(FileHandle1);104 out:
105 ExFreePool(Buff);106 return status;107 }
因篇幅问题不能全部显示,请点此查看更多更全内容