2012年7月5日星期四

ZwCreateDirectoryObject.asm


.386
.model flat, stdcall
option casemap:none
include ntddk.inc
include ntoskrnl.inc
includelib ntoskrnl.lib

.code
x dd 0

align 2  
szcorrey dw '\','D','e','v','i','c','e','\','c','o','r','r','e','y',0
align 4
fileName dw sizeof szcorrey -2
         dw sizeof szcorrey
         dd offset szcorrey
         
fileAttributes dd 18h,0,offset fileName,40h,0,0

DriverEntry proc pDriverObject:PDRIVER_OBJECT, pusRegistryPath:PUNICODE_STRING
  invoke ZwCreateDirectoryObject,addr x,DIRECTORY_ALL_ACCESS,addr fileAttributes
  mov eax,0
  ret
DriverEntry endp
end DriverEntry
;made at 2011.06.05
发帖者 时间:
标签:

没有评论:

发表评论

订阅: 博文评论 (Atom)