Home > Others

About calling some ZW series file manipulation functions in WIN32

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Transferred from: http://blog.csdn.net/cooblily/archive/2007/10/27/1848037.aspx

Have not been in a long time to write articles, do not know what to do, the result or to learn to write a bit with the native API program, these API prototypes of course long in DDK inside find, but because NTDLL.DLL have export ah, so can LoadLibrary call into this dynamic connection file, Then GetProcAddress find the corresponding API address, then of course you can call it.

The most troublesome thing in the whole process is to turn the DDK over to find the function prototype to use, the structure used by the function, and some macros. Copy into the program, OK, here are the results of my study.

The following code creates a ForZwFileTest.txt file in C: and writes the content, and then deletes it. In fact, there is no use, anyway, there is a soft public API is not used, and the use of these open APIs to achieve this function is entirely because of boredom.

[CPP]View PlainCopyprint?
  2. #include <windows.h>
  4. #include <stdio.h>
  6. #include <stdlib.h>
  8. typedef unsigned long NTSTATUS;
  10. typedef unsigned short USHORT;
  12. typedef unsigned long ULONG;
  14. typedef unsigned long DWORD;
  16. typedef long long;
  18. typedef __INT64 Longlong;
  20. typedef struct unicode_string{
  22. USHORT Length;
  24. USHORT MaxLen;
  26. USHORT *buffer;
  28. } unicode_string,*punicode_string;
  30. #define Obj_inherit 0x00000002l
  32. #define Obj_permanent 0x00000010l
  34. #define Obj_exclusive 0x00000020l
  36. #define Obj_case_insensitive 0x00000040l
  38. #define OBJ_OPENIF 0x00000080l
  40. #define Obj_openlink 0x00000100l
  42. #define Obj_kernel_handle 0x00000200l
  44. #define Obj_force_access_check 0x00000400l
  46. #define Obj_valid_attributes 0X000007F2L
  48. #define FILE_ATTRIBUTE_NORMAL 0x00000080
  50. #define FILE_SHARE_DELETE 0x00000004
  52. #define FILE_OPEN_IF 0x00000003
  54. #define File_synchronous_io_nonalert 0x00000020
  56. #define GENERIC_WRITE (0x40000000l)
  58. #define SYNCHRONIZE (0x00100000l)
  60. #define GENERIC_READ (0x80000000l)
  62. typedef struct _object_attributes{
  64. ULONG Length;
  66. HANDLE rootdirectory;
  68. Punicode_string ObjectName;
  70. ULONG Attributes;
  72. PVOID SecurityDescriptor;
  74. PVOID Securityqualityofservice;
  76. } object_attributes, *pobject_attributes;
  78. typedef CONST Object_attributes *pcobject_attributes;
  80. typedef NTSTATUS (__stdcall *zwdeletefile) (
  82. In Pobject_attributes objectattributes);
  84. typedef VOID (__stdcall *rtlinitunicodestring) (
  86. In Out Punicode_string destinationstring,
  88. In pcwstr sourcestring);
  90. typedef struct _io_status_block{
  92. DWORD Status;
  94. ULONG information;
  96. } Io_status_block, *pio_status_block;
  98. typedef NTSTATUS (__stdcall *zwcreatefile) (
  100. Out phandle filehandle,
  102. In Access_mask desiredaccess,
  104. In Pobject_attributes Objectattributes,
  106. Out Pio_status_block Iostatusblock,
  108. In Plarge_integer allocationsize OPTIONAL,
  110. in ULONG fileattributes,
  112. in ULONG shareaccess,
  114. in ULONG createdisposition,
  116. in ULONG createoptions,
  118. in PVOID eabuffer OPTIONAL,
  120. In ULONG ealength);
  122. typedef VOID (Ntapi *pio_apc_routine) (
  124. in PVOID Apccontext,
  126. In Pio_status_block Iostatusblock,
  128. In ULONG Reserved);
  130. typedef NTSTATUS (__stdcall *zwwritefile) (
  132. in HANDLE filehandle,
  134. in HANDLE Event OPTIONAL,
  136. In Pio_apc_routine Apcroutine OPTIONAL,
  138. in PVOID apccontext OPTIONAL,
  140. Out Pio_status_block Iostatusblock,
  142. in PVOID Buffer,
  144. in ULONG Length,
  146. In Plarge_integer Byteoffset OPTIONAL,
  148. In pulong Key OPTIONAL);
  150. typedef NTSTATUS (__stdcall *zwclose) (
  152. In HANDLE HANDLE);
  154. int main ()
  156. {
  158. hinstance Hntdll;
  160. Zwdeletefile Zwdeletefile;
  162. Rtlinitunicodestring rtlinitunicodestring;
  164. ZwCreateFile ZwCreateFile;
  166. Zwwritefile Zwwritefile;
  168. Zwclose Zwclose;
  170. Hntdll = LoadLibrary ("NTDLL");
  172. if (!hntdll)
  174. return 0;
  176. Zwdeletefile = (zwdeletefile) GetProcAddress (Hntdll,"Zwdeletefile");
  178. rtlinitunicodestring = (rtlinitunicodestring) GetProcAddress (Hntdll,"rtlinitunicodestring");
  180. ZwCreateFile = (zwcreatefile) GetProcAddress (Hntdll,"ZwCreateFile");
  182. Zwwritefile = (zwwritefile) GetProcAddress (Hntdll,"Zwwritefile");
  184. Zwclose = (zwclose) GetProcAddress (Hntdll,"Zwclose");
  186. Unicode_string ObjectName;
  188. Rtlinitunicodestring (&objectname,l"//?? C://forzwfiletest.txt ");//Remember this is to have//??  In front of, DDK said.
  190. Object_attributes objectattributes = {
  192. sizeof (object_attributes), //Length
  194. NULL, //RootDirectory
  196. &objectname, //ObjectName
  198. Obj_case_insensitive, //Attributes
  200. 0, //SecurityDescriptor
  202. NULL, //Securityqualityofservice
  204. };
  206. HANDLE hfile;
  208. PVOID content = "Forzwfiletest";
  210. Io_status_block Iostatusblock;
  212. ZwCreateFile (&hfile,
  214. generic_write| synchronize| Generic_read,
  216. &objectattributes,
  218. &iostatusblock,
  220. 0,
  222. File_attribute_normal,
  224. File_share_delete,
  226. File_open_if,
  228. File_synchronous_io_nonalert,
  230. Null
  232. 0);
  234. Zwwritefile (hfile, 0, 0, 0, &iostatusblock, content,, null, NULL);
  236. Zwclose (hfile);
  238. Zwdeletefile (&objectattributes);
  240. FreeLibrary (Hntdll);
  242. return 0;
  244. }

Transferred from: http://blog.csdn.net/cooblily/archive/2007/10/27/1848037.aspx

About calling some ZW series file manipulation functions in WIN32

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More