Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include "stdafx.h"
- #pragma once
- #include "targetver.h"
- #include <stdio.h>
- #include <tchar.h>
- #include <Windows.h>
- typedef struct _FILE_DIRECTORY_INFORMATION {
- ULONG NextEntryOffset;
- ULONG FileIndex;
- LARGE_INTEGER CreationTime;
- LARGE_INTEGER LastAccessTime;
- LARGE_INTEGER LastWriteTime;
- LARGE_INTEGER ChangeTime;
- LARGE_INTEGER EndOfFile;
- LARGE_INTEGER AllocationSize;
- ULONG FileAttributes;
- ULONG FileNameLength;
- WCHAR FileName[1];
- };
- typedef DWORD(_stdcall * NtQDFtype)(
- _In_ HANDLE FileHandle,
- _In_opt_ DWORD Event,
- _In_opt_ DWORD ApcRoutine,
- _In_opt_ DWORD ApcContext,
- _Out_ DWORD* IoStatusBlock,
- _Out_ _FILE_DIRECTORY_INFORMATION* FileInformation,
- _In_ DWORD Length,
- _In_ DWORD FileInformationClass,
- _In_ BOOLEAN ReturnSingleEntry,
- _In_opt_ DWORD FileName,
- _In_ BOOLEAN RestartScan
- );
- NtQDFtype NtQueryDirectoryFile = NULL;
- _FILE_DIRECTORY_INFORMATION * list;
- DWORD IoStatusBlock;
- DWORD restart;
- int _tmain(int argc, _TCHAR* argv[])
- {
- HMODULE handle = GetModuleHandleA("ntdll.dll");
- NtQueryDirectoryFile = (NtQDFtype)GetProcAddress(handle, "NtQueryDirectoryFile");
- HANDLE file = CreateFileA("\\\\.\\Pipe\\", 0x80000000, 7u, 0, 3u, 0, 0);
- list = (_FILE_DIRECTORY_INFORMATION*) malloc(4096);
- restart = 1;
- for (int i = NtQueryDirectoryFile(file, 0, 0, 0, &IoStatusBlock, list, 4096, 1, 0, 0, restart);
- i >= 0;
- i = NtQueryDirectoryFile(file, 0, 0, 0, &IoStatusBlock, list, 4096, 1, 0, 0, restart) )
- {
- for(_FILE_DIRECTORY_INFORMATION* j = list; ; j = (_FILE_DIRECTORY_INFORMATION*)((char *)j + j->NextEntryOffset))
- {
- for(int k = 0; k < j->FileNameLength / 2; k++)
- printf("%C", j->FileName[k]);
- printf("\n");
- if(!j->NextEntryOffset)
- break;
- }
- restart = 0;
- }
- CloseHandle(file);
- return 0;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
