'HookedDeviceControl': 未声明的标识符
'HookedDeviceControl': undeclared identifier
我在编译这段代码时收到 'HookedDeviceControl': undeclared identifier 错误。 (InterlockedExchange((PLONG)&pDrv_tcpip->MajorFunction[IRP_MJ_DEVICE_CONTROL],(LONG)HookedDeviceControl);)“HookedDeviceControl”函数是否需要在其中包含特定代码?我需要任何特定的库或导入吗?我不完全确定为什么在有 HookedDeviceControl 函数时说它无法识别
#include <wdm.h>
VOID Unload_Driver() {
DbgPrint("Driver Successfully Unloaded");
}
NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath) // this is main
{
UNREFERENCED_PARAMETER(RegistryPath);
UNREFERENCED_PARAMETER(DriverObject);
//HookedMjCreate();
DriverObject->DriverUnload = Unload_Driver;
}
PFILE_OBJECT pFile_tcp;
PDEVICE_OBJECT pDev_tcp;
PDRIVER_OBJECT pDrv_tcpip;
typedef NTSTATUS(*OLDIRPMJDEVICECONTROL)(IN PDEVICE_OBJECT, IN PIRP);
OLDIRPMJDEVICECONTROL OldIrpMjDeviceControl;
NTSTATUS InstallTCPDriverHook(IN ACCESS_MASK DesiredAccess)
{
NTSTATUS ntStatus;
UNICODE_STRING deviceTCPUnicodeString;
WCHAR deviceTCPNameBuffer[] = L"\Device\Tcp";
pFile_tcp = NULL;
pDev_tcp = NULL;
ntStatus = IoGetDeviceObjectPointer(L"\Device\Tcp", FILE_READ_DATA, &pFile_tcp, &pDev_tcp);
RtlInitUnicodeString(&deviceTCPUnicodeString,
deviceTCPNameBuffer);
ntStatus = IoGetDeviceObjectPointer(&deviceTCPUnicodeString,
FILE_READ_DATA, &pFile_tcp,
&pDev_tcp);
if (!NT_SUCCESS(ntStatus))
return ntStatus;
pDrv_tcpip = pDev_tcp->DriverObject;
OldIrpMjDeviceControl = pDrv_tcpip->
MajorFunction[IRP_MJ_DEVICE_CONTROL];
if (OldIrpMjDeviceControl)
InterlockedExchange((PLONG)&pDrv_tcpip->MajorFunction[IRP_MJ_DEVICE_CONTROL],(LONG)HookedDeviceControl);
return STATUS_SUCCESS;
}
NTSTATUS HookedDeviceControl(IN PDEVICE_OBJECT DeviceObject,IN PIRP Irp)
{
}```
您需要 declare/define 函数 HookedDeviceControl 才能调用它或将其作为参数传递。
所以选择之一是在 InstallTCPDriverHook:
之前定义 HookedDeviceControl
NTSTATUS HookedDeviceControl(IN PDEVICE_OBJECT DeviceObject,IN PIRP Irp)
{
...
}
NTSTATUS InstallTCPDriverHook(IN ACCESS_MASK DesiredAccess)
{
...
}
我在编译这段代码时收到 'HookedDeviceControl': undeclared identifier 错误。 (InterlockedExchange((PLONG)&pDrv_tcpip->MajorFunction[IRP_MJ_DEVICE_CONTROL],(LONG)HookedDeviceControl);)“HookedDeviceControl”函数是否需要在其中包含特定代码?我需要任何特定的库或导入吗?我不完全确定为什么在有 HookedDeviceControl 函数时说它无法识别
#include <wdm.h>
VOID Unload_Driver() {
DbgPrint("Driver Successfully Unloaded");
}
NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath) // this is main
{
UNREFERENCED_PARAMETER(RegistryPath);
UNREFERENCED_PARAMETER(DriverObject);
//HookedMjCreate();
DriverObject->DriverUnload = Unload_Driver;
}
PFILE_OBJECT pFile_tcp;
PDEVICE_OBJECT pDev_tcp;
PDRIVER_OBJECT pDrv_tcpip;
typedef NTSTATUS(*OLDIRPMJDEVICECONTROL)(IN PDEVICE_OBJECT, IN PIRP);
OLDIRPMJDEVICECONTROL OldIrpMjDeviceControl;
NTSTATUS InstallTCPDriverHook(IN ACCESS_MASK DesiredAccess)
{
NTSTATUS ntStatus;
UNICODE_STRING deviceTCPUnicodeString;
WCHAR deviceTCPNameBuffer[] = L"\Device\Tcp";
pFile_tcp = NULL;
pDev_tcp = NULL;
ntStatus = IoGetDeviceObjectPointer(L"\Device\Tcp", FILE_READ_DATA, &pFile_tcp, &pDev_tcp);
RtlInitUnicodeString(&deviceTCPUnicodeString,
deviceTCPNameBuffer);
ntStatus = IoGetDeviceObjectPointer(&deviceTCPUnicodeString,
FILE_READ_DATA, &pFile_tcp,
&pDev_tcp);
if (!NT_SUCCESS(ntStatus))
return ntStatus;
pDrv_tcpip = pDev_tcp->DriverObject;
OldIrpMjDeviceControl = pDrv_tcpip->
MajorFunction[IRP_MJ_DEVICE_CONTROL];
if (OldIrpMjDeviceControl)
InterlockedExchange((PLONG)&pDrv_tcpip->MajorFunction[IRP_MJ_DEVICE_CONTROL],(LONG)HookedDeviceControl);
return STATUS_SUCCESS;
}
NTSTATUS HookedDeviceControl(IN PDEVICE_OBJECT DeviceObject,IN PIRP Irp)
{
}```
您需要 declare/define 函数 HookedDeviceControl 才能调用它或将其作为参数传递。
所以选择之一是在 InstallTCPDriverHook:
HookedDeviceControl
NTSTATUS HookedDeviceControl(IN PDEVICE_OBJECT DeviceObject,IN PIRP Irp)
{
...
}
NTSTATUS InstallTCPDriverHook(IN ACCESS_MASK DesiredAccess)
{
...
}