initial commit

author: tumagonx 2017-08-08 10:54:53 +0700
committer: tumagonx 2017-08-08 10:54:53 +0700
commit: 2acec63b2ed75bf4b71ad257db573c4b8f9639e7 (patch)
tree: a8bea139ddd26116d44ea182b0b8436f2162e6e3 /job.h
1 files changed, 68 insertions, 0 deletions
diff --git a/job.h b/job.h
new file mode 100644
index 0000000..8328d42
--- /dev/null
+++ b/job.h
@@ -0,0 +1,68 @@
+/*
+ * Copyright (c) 2004 Security Architects Corporation. All rights reserved.
+ *
+ * Module Name:
+ *
+ *              job.h
+ *
+ * Abstract:
+ *
+ *              This module defines various types used by job object hooking routines.
+ *
+ * Author:
+ *
+ *              Eugene Tsyrklevich 25-Mar-2004
+ *
+ * Revision History:
+ *
+ *              None.
+ */
+#ifndef __JOB_H__
+#define __JOB_H__
+/*
+ * ZwCreateJobObject creates or opens a job object. [NAR]
+ */
+typedef NTSTATUS (*fpZwCreateJobObject) (
+        OUT PHANDLE JobHandle,
+        IN ACCESS_MASK DesiredAccess,
+        IN POBJECT_ATTRIBUTES ObjectAttributes
+        );
+NTSTATUS
+NTAPI
+HookedNtCreateJobObject(
+        OUT PHANDLE JobHandle,
+        IN ACCESS_MASK DesiredAccess,
+        IN POBJECT_ATTRIBUTES ObjectAttributes
+        );
+/*
+ * ZwOpenJobObject opens a job object. [NAR]
+ */
+typedef NTSTATUS (*fpZwOpenJobObject) (
+        OUT PHANDLE JobHandle,
+        IN ACCESS_MASK DesiredAccess,
+        IN POBJECT_ATTRIBUTES ObjectAttributes
+        );
+NTSTATUS
+NTAPI
+HookedNtOpenJobObject(
+        OUT PHANDLE JobHandle,
+        IN ACCESS_MASK DesiredAccess,
+        IN POBJECT_ATTRIBUTES ObjectAttributes
+        );
+BOOLEAN InitJobHooks();
+#endif  /* __JOB_H__ */
author	tumagonx	2017-08-08 10:54:53 +0700
committer	tumagonx	2017-08-08 10:54:53 +0700
commit	2acec63b2ed75bf4b71ad257db573c4b8f9639e7 (patch)
tree	a8bea139ddd26116d44ea182b0b8436f2162e6e3 /job.h

diff --git a/job.h b/job.h new file mode 100644 index 0000000..8328d42 --- /dev/null +++ b/job.h
@@ -0,0 +1,68 @@
	1	/*
	2	* Copyright (c) 2004 Security Architects Corporation. All rights reserved.
	3	*
	4	* Module Name:
	5	*
	6	* job.h
	7	*
	8	* Abstract:
	9	*
	10	* This module defines various types used by job object hooking routines.
	11	*
	12	* Author:
	13	*
	14	* Eugene Tsyrklevich 25-Mar-2004
	15	*
	16	* Revision History:
	17	*
	18	* None.
	19	*/
	20
	21
	22	#ifndef __JOB_H__
	23	#define __JOB_H__
	24
	25
	26
	27	/*
	28	* ZwCreateJobObject creates or opens a job object. [NAR]
	29	*/
	30
	31	typedef NTSTATUS (*fpZwCreateJobObject) (
	32	OUT PHANDLE JobHandle,
	33	IN ACCESS_MASK DesiredAccess,
	34	IN POBJECT_ATTRIBUTES ObjectAttributes
	35	);
	36
	37	NTSTATUS
	38	NTAPI
	39	HookedNtCreateJobObject(
	40	OUT PHANDLE JobHandle,
	41	IN ACCESS_MASK DesiredAccess,
	42	IN POBJECT_ATTRIBUTES ObjectAttributes
	43	);
	44
	45
	46	/*
	47	* ZwOpenJobObject opens a job object. [NAR]
	48	*/
	49
	50	typedef NTSTATUS (*fpZwOpenJobObject) (
	51	OUT PHANDLE JobHandle,
	52	IN ACCESS_MASK DesiredAccess,
	53	IN POBJECT_ATTRIBUTES ObjectAttributes
	54	);
	55
	56	NTSTATUS
	57	NTAPI
	58	HookedNtOpenJobObject(
	59	OUT PHANDLE JobHandle,
	60	IN ACCESS_MASK DesiredAccess,
	61	IN POBJECT_ATTRIBUTES ObjectAttributes
	62	);
	63
	64
	65	BOOLEAN InitJobHooks();
	66
	67
	68	#endif /* __JOB_H__ */