From 2acec63b2ed75bf4b71ad257db573c4b8f9639e7 Mon Sep 17 00:00:00 2001
From: tumagonx
Date: Tue, 8 Aug 2017 10:54:53 +0700
Subject: initial commit

---
 atom.h | 78 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 78 insertions(+)
 create mode 100644 atom.h

(limited to 'atom.h')

diff --git a/atom.h b/atom.h
new file mode 100644
index 0000000..68af7f8
--- /dev/null
+++ b/atom.h
@@ -0,0 +1,78 @@
+/*
+ * Copyright (c) 2004 Security Architects Corporation. All rights reserved.
+ *
+ * Module Name:
+ *
+ *		atom.h
+ *
+ * Abstract:
+ *
+ *		This module defines various types used by atom object hooking routines.
+ *
+ * Author:
+ *
+ *		Eugene Tsyrklevich 06-Apr-2004
+ *
+ * Revision History:
+ *
+ *		None.
+ */
+
+
+#ifndef __ATOM_H__
+#define __ATOM_H__
+
+
+#include <NTDDK.h>
+#include "policy.h"
+#include "pathproc.h"
+#include "hookproc.h"
+#include "accessmask.h"
+#include "learn.h"
+#include "log.h"
+
+
+/*
+ * ZwAddAtom adds an atom to the global atom table. [NAR]
+ */
+
+typedef NTSTATUS (*fpZwAddAtom) (
+	IN PWSTR String,
+	IN ULONG StringLength,
+	OUT PUSHORT Atom
+	);
+
+NTSTATUS
+NTAPI
+HookedNtAddAtom(
+	IN PWSTR String,
+	IN ULONG StringLength,
+	OUT PUSHORT Atom
+	);
+
+
+
+/*
+ * ZwFindAtom searches for an atom in the global atom table. [NAR]
+ */
+
+
+typedef NTSTATUS (*fpZwFindAtom) (
+	IN PWSTR String,
+	IN ULONG StringLength,
+	OUT PUSHORT Atom
+	);
+
+NTSTATUS
+NTAPI
+HookedNtFindAtom(
+	IN PWSTR String,
+	IN ULONG StringLength,
+	OUT PUSHORT Atom
+	);
+
+
+BOOLEAN InitAtomHooks();
+
+
+#endif	/* __ATOM_H__ */
-- 
cgit v1.3