Displaying 6 results from an estimated 6 matches for "initializeobjectattribut".
Did you mean:
initializeobjectattributes
2014 Jan 10
4
[PATCH] Add a minimal hive with "special" keys and values
...t;
+#include <stdio.h>
+#include <ddk/wdm.h>
+#include <windef.h>
+
+int main (int argc, char **argv)
+{
+ NTSTATUS rc;
+
+ UNICODE_STRING root_key_name;
+ RtlInitUnicodeString(&root_key_name, L"\\Registry\\Machine\\minimal");
+ OBJECT_ATTRIBUTES root_key_obj;
+ InitializeObjectAttributes (&root_key_obj, &root_key_name,
+ OBJ_OPENIF | OBJ_CASE_INSENSITIVE,
+ NULL, NULL);
+ HANDLE minimal_key_handle;
+ rc = ZwCreateKey (&minimal_key_handle, KEY_ALL_ACCESS, &root_key_obj,
+ 0, NULL, REG_OP...
2014 Jan 13
0
Re: [PATCH 1/7] Add a minimal hive with "special" keys and values
...clude <windef.h>
> +
> +void create_key_value (PHANDLE handle, WCHAR* key, int key_len, WCHAR* val, int val_len)
> +{
> + UNICODE_STRING key_name = { key_len, key_len, key };
> + UNICODE_STRING value_name = { val_len, val_len, val };
> + OBJECT_ATTRIBUTES key_obj;
> + InitializeObjectAttributes (&key_obj, &key_name,
> + OBJ_OPENIF | OBJ_CASE_INSENSITIVE,
> + *handle, NULL);
> + HANDLE key_handle;
> + NTSTATUS rc;
> + rc = ZwCreateKey (&key_handle, KEY_ALL_ACCESS, &key_obj,
> +...
2014 Jan 10
14
[PATCH 1/7] Add a minimal hive with "special" keys and values
...t;
+#include <ddk/wdm.h>
+#include <windef.h>
+
+void create_key_value (PHANDLE handle, WCHAR* key, int key_len, WCHAR* val, int val_len)
+{
+ UNICODE_STRING key_name = { key_len, key_len, key };
+ UNICODE_STRING value_name = { val_len, val_len, val };
+ OBJECT_ATTRIBUTES key_obj;
+ InitializeObjectAttributes (&key_obj, &key_name,
+ OBJ_OPENIF | OBJ_CASE_INSENSITIVE,
+ *handle, NULL);
+ HANDLE key_handle;
+ NTSTATUS rc;
+ rc = ZwCreateKey (&key_handle, KEY_ALL_ACCESS, &key_obj,
+ 0, NULL, REG_OPTION_NON_VOL...
2014 Jan 14
2
Re: [PATCH 1/7] Add a minimal hive with "special" keys and values
...> +void create_key_value (PHANDLE handle, WCHAR* key, int key_len, WCHAR*
> val, int val_len)
> > +{
> > + UNICODE_STRING key_name = { key_len, key_len, key };
> > + UNICODE_STRING value_name = { val_len, val_len, val };
> > + OBJECT_ATTRIBUTES key_obj;
> > + InitializeObjectAttributes (&key_obj, &key_name,
> > + OBJ_OPENIF | OBJ_CASE_INSENSITIVE,
> > + *handle, NULL);
> > + HANDLE key_handle;
> > + NTSTATUS rc;
> > + rc = ZwCreateKey (&key_handle, KEY_ALL_ACCESS, &key_obj...
2014 Jan 10
0
Re: [PATCH] Add a minimal hive with "special" keys and values
On Fri, Jan 10, 2014 at 01:14:51AM +0100, Hilko Bengen wrote:
> + was created using the 'mkzero/mkzero.c'. (\0 = zero character)
Extra whitespace at the end of this ^ line ...
> + InitializeObjectAttributes (&key_obj, &key_name,
.. and this line.
---
So there's no problem with adding this test data, but are you
planning to also add some tests :-?
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-df lists disk usage of guests without needin...
2014 Jan 08
5
hivex: Make node names and value names with embedded null characters accessible
On Windows, there exist at least two APIs for dealing with the
Registry: The Win32 API (RegCreateKeyA, RegCreateKeyW, etc.) works
with null-terminated ASCII or UTF-16 strings. The native API
(ZwCreateKey, etc.), on the other hand works with UTF-16 strings that
are stored as buffers+length and may contain null characters. Malware
authors have been relying on the Win32 API's inability to