Ghost.h


The file Ghost.h has been expanded to define more data types and a data structure used when calling CreateFile. Functions such as CreateFileW and lstrcmpiW have been located in kernel32.dll and supplied to injected functions through the data transfer structure, IN_PROCESS_DATA, defined in injectManager.h:

  // Copyright Ric Vieler, 2006 // Support header for Ghost.c #ifndef _GHOST_H_ #define _GHOST_H_ typedef unsigned long DWORD; typedef int BOOL; typedef unsigned char BYTE; typedef unsigned short WORD; typedef float FLOAT; typedef FLOAT* PFLOAT; typedef BOOL* PBOOL; typedef BYTE* PBYTE; typedef int* PINT; typedef WORD* PWORD; typedef DWORD* PDWORD; typedef DWORD* LPDWORD; typedef int INT; typedef unsigned int UINT; typedef unsigned int* PUINT; typedef long* LPLONG; typedef void* PVOID; #define LPVOID PVOID typedef PVOID FARPROC; typedef const void* LPCVOID; typedef struct _SECURITY_ATTRIBUTES {     DWORD nLength;     LPVOID lpSecurityDescriptor;     BOOL bInheritHandle; } SECURITY_ATTRIBUTES, *PSECURITY_ATTRIBUTES, *LPSECURITY_ATTRIBUTES; #endif 




Professional Rootkits
Professional Rootkits (Programmer to Programmer)
ISBN: 0470101547
EAN: 2147483647
Year: 2007
Pages: 229
Authors: Ric Vieler

Similar book on Amazon
Rootkits: Subverting the Windows Kernel
Rootkits: Subverting the Windows Kernel
A Guide to Kernel Exploitation: Attacking the Core
A Guide to Kernel Exploitation: Attacking the Core
Reversing: Secrets of Reverse Engineering
Reversing: Secrets of Reverse Engineering
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net