1 files changed, 78 insertions, 0 deletions
diff --git a/dirobj.h b/dirobj.h
new file mode 100644
index 0000000..311402e
--- /dev/null
+++ b/dirobj.h
@@ -0,0 +1,78 @@
+/*
+ * Copyright (c) 2004 Security Architects Corporation. All rights reserved.
+ *
+ * Module Name:
+ *
+ *              dirobj.h
+ *
+ * Abstract:
+ *
+ *              This module defines various types used by object directory hooking routines.
+ *              These are not file system directories (see file.c) but rather containers
+ *              for other objects.
+ *
+ * Author:
+ *
+ *              Eugene Tsyrklevich 03-Sep-2004
+ *
+ * Revision History:
+ *
+ *              None.
+ */
+#ifndef __DIROBJ_H__
+#define __DIROBJ_H__
+#include <NTDDK.h>
+#include "policy.h"
+#include "pathproc.h"
+#include "hookproc.h"
+#include "accessmask.h"
+#include "learn.h"
+#include "log.h"
+/*
+ * ZwCreateDirectoryObject creates or opens an object directory. [NAR]
+ */
+typedef NTSTATUS (*fpZwCreateDirectoryObject) (
+        OUT PHANDLE DirectoryHandle,
+        IN ACCESS_MASK DesiredAccess,
+        IN POBJECT_ATTRIBUTES ObjectAttributes
+        );
+NTSTATUS
+NTAPI
+HookedNtCreateDirectoryObject(
+        OUT PHANDLE DirectoryHandle,
+        IN ACCESS_MASK DesiredAccess,
+        IN POBJECT_ATTRIBUTES ObjectAttributes
+        );
+/*
+ * ZwOpenDirectoryObject opens an object directory. [NAR]
+ */
+typedef NTSTATUS (*fpZwOpenDirectoryObject) (
+        OUT PHANDLE DirectoryHandle,
+        IN ACCESS_MASK DesiredAccess,
+        IN POBJECT_ATTRIBUTES ObjectAttributes
+        );
+NTSTATUS
+NTAPI
+HookedNtOpenDirectoryObject(
+        OUT PHANDLE DirectoryHandle,
+        IN ACCESS_MASK DesiredAccess,
+        IN POBJECT_ATTRIBUTES ObjectAttributes
+        );
+BOOLEAN InitDirobjHooks();
+#endif  /* __DIROBJ_H__ */

diff --git a/dirobj.h b/dirobj.h new file mode 100644 index 0000000..311402e --- /dev/null +++ b/dirobj.h
@@ -0,0 +1,78 @@
	1	/*
	2	* Copyright (c) 2004 Security Architects Corporation. All rights reserved.
	3	*
	4	* Module Name:
	5	*
	6	* dirobj.h
	7	*
	8	* Abstract:
	9	*
	10	* This module defines various types used by object directory hooking routines.
	11	* These are not file system directories (see file.c) but rather containers
	12	* for other objects.
	13	*
	14	* Author:
	15	*
	16	* Eugene Tsyrklevich 03-Sep-2004
	17	*
	18	* Revision History:
	19	*
	20	* None.
	21	*/
	22
	23
	24	#ifndef __DIROBJ_H__
	25	#define __DIROBJ_H__
	26
	27
	28	#include <NTDDK.h>
	29	#include "policy.h"
	30	#include "pathproc.h"
	31	#include "hookproc.h"
	32	#include "accessmask.h"
	33	#include "learn.h"
	34	#include "log.h"
	35
	36
	37	/*
	38	* ZwCreateDirectoryObject creates or opens an object directory. [NAR]
	39	*/
	40
	41	typedef NTSTATUS (*fpZwCreateDirectoryObject) (
	42	OUT PHANDLE DirectoryHandle,
	43	IN ACCESS_MASK DesiredAccess,
	44	IN POBJECT_ATTRIBUTES ObjectAttributes
	45	);
	46
	47	NTSTATUS
	48	NTAPI
	49	HookedNtCreateDirectoryObject(
	50	OUT PHANDLE DirectoryHandle,
	51	IN ACCESS_MASK DesiredAccess,
	52	IN POBJECT_ATTRIBUTES ObjectAttributes
	53	);
	54
	55
	56	/*
	57	* ZwOpenDirectoryObject opens an object directory. [NAR]
	58	*/
	59
	60	typedef NTSTATUS (*fpZwOpenDirectoryObject) (
	61	OUT PHANDLE DirectoryHandle,
	62	IN ACCESS_MASK DesiredAccess,
	63	IN POBJECT_ATTRIBUTES ObjectAttributes
	64	);
	65
	66	NTSTATUS
	67	NTAPI
	68	HookedNtOpenDirectoryObject(
	69	OUT PHANDLE DirectoryHandle,
	70	IN ACCESS_MASK DesiredAccess,
	71	IN POBJECT_ATTRIBUTES ObjectAttributes
	72	);
	73
	74
	75	BOOLEAN InitDirobjHooks();
	76
	77
	78	#endif /* __DIROBJ_H__ */