diff --git a/include/ntapi/nt_object.h b/include/ntapi/nt_object.h index c89467e..63a3a54 100644 --- a/include/ntapi/nt_object.h +++ b/include/ntapi/nt_object.h @@ -542,6 +542,20 @@ typedef int32_t __stdcall ntapi_tt_create_ipc_object_directory_entry( __in nt_unicode_string * target_name, __in uint32_t key); +typedef int32_t __stdcall ntapi_tt_open_dev_object_directory( + __out void ** hdir, + __in uint32_t desired_access, + __in const wchar16_t prefix[6], + __in const nt_guid * ipc_guid); + +typedef int32_t __stdcall ntapi_tt_create_dev_object_directory_entry( + __out void ** hentry, + __in uint32_t desired_access, + __in void * hdir, + __in void * htarget, + __in nt_unicode_string * target_name, + __in const nt_guid * dev_guid); + typedef int32_t __stdcall ntapi_tt_create_keyed_object_directory( __out void ** hdir, __in uint32_t desired_access, diff --git a/include/ntapi/ntapi.h b/include/ntapi/ntapi.h index a4c4b66..79efeb9 100644 --- a/include/ntapi/ntapi.h +++ b/include/ntapi/ntapi.h @@ -370,6 +370,8 @@ typedef struct _ntapi_vtbl { /* nt_object.h */ ntapi_tt_open_ipc_object_directory * tt_open_ipc_object_directory; ntapi_tt_create_ipc_object_directory_entry * tt_create_ipc_object_directory_entry; + ntapi_tt_open_dev_object_directory * tt_open_dev_object_directory; + ntapi_tt_create_dev_object_directory_entry * tt_create_dev_object_directory_entry; ntapi_tt_create_keyed_object_directory * tt_create_keyed_object_directory; ntapi_tt_open_keyed_object_directory * tt_open_keyed_object_directory; ntapi_tt_create_keyed_object_directory_entry * tt_create_keyed_object_directory_entry; diff --git a/src/internal/ntapi.c b/src/internal/ntapi.c index af9d4c0..f22f2c4 100644 --- a/src/internal/ntapi.c +++ b/src/internal/ntapi.c @@ -165,6 +165,8 @@ static int32_t __fastcall __ntapi_init_once(ntapi_vtbl ** pvtbl) /* nt_object.h */ __ntapi->tt_open_ipc_object_directory = __ntapi_tt_open_ipc_object_directory; __ntapi->tt_create_ipc_object_directory_entry = __ntapi_tt_create_ipc_object_directory_entry; + __ntapi->tt_open_dev_object_directory = __ntapi_tt_open_dev_object_directory; + __ntapi->tt_create_dev_object_directory_entry = __ntapi_tt_create_dev_object_directory_entry; __ntapi->tt_create_keyed_object_directory = __ntapi_tt_create_keyed_object_directory; __ntapi->tt_open_keyed_object_directory = __ntapi_tt_open_keyed_object_directory; __ntapi->tt_create_keyed_object_directory_entry = __ntapi_tt_create_keyed_object_directory_entry; diff --git a/src/internal/ntapi_fnapi.h b/src/internal/ntapi_fnapi.h index 90d9338..3e309bd 100644 --- a/src/internal/ntapi_fnapi.h +++ b/src/internal/ntapi_fnapi.h @@ -25,6 +25,8 @@ typedef void ** __cdecl ntapi_tt_get_csr_port_handle_addr_by_logic(void); /* nt_object.h */ ntapi_tt_open_ipc_object_directory __ntapi_tt_open_ipc_object_directory; ntapi_tt_create_ipc_object_directory_entry __ntapi_tt_create_ipc_object_directory_entry; +ntapi_tt_open_dev_object_directory __ntapi_tt_open_dev_object_directory; +ntapi_tt_create_dev_object_directory_entry __ntapi_tt_create_dev_object_directory_entry; ntapi_tt_create_keyed_object_directory __ntapi_tt_create_keyed_object_directory; ntapi_tt_open_keyed_object_directory __ntapi_tt_open_keyed_object_directory; ntapi_tt_create_keyed_object_directory_entry __ntapi_tt_create_keyed_object_directory_entry; diff --git a/src/object/ntapi_tt_keyed_object_directory.c b/src/object/ntapi_tt_keyed_object_directory.c index b79f3b6..77a6aff 100644 --- a/src/object/ntapi_tt_keyed_object_directory.c +++ b/src/object/ntapi_tt_keyed_object_directory.c @@ -278,6 +278,66 @@ int32_t __stdcall __ntapi_tt_create_ipc_object_directory_entry( hdir,htarget,target_name,key); } +int32_t __stdcall __ntapi_tt_open_dev_object_directory( + __out void ** hdir, + __in uint32_t desired_access, + __in const wchar16_t prefix[6], + __in const nt_guid * ipc_guid) +{ + return __tt_create_ipc_object_directory( + hdir,desired_access, + prefix,ipc_guid); +} + +int32_t __stdcall __ntapi_tt_create_dev_object_directory_entry( + __out void ** hentry, + __in uint32_t desired_access, + __in void * hdir, + __in void * htarget, + __in nt_unicode_string * target_name, + __in const nt_guid * dev_guid) +{ + int32_t status; + nt_oa oa; + nt_unicode_string name; + nt_sd_common_buffer sd; + nt_guid_str_utf16 guidstr; + uintptr_t buffer[2048/sizeof(uintptr_t)]; + nt_sqos sqos = { + sizeof(sqos), + NT_SECURITY_IMPERSONATION, + NT_SECURITY_TRACKING_DYNAMIC, + 1}; + + if (!target_name) { + if ((status = __ntapi->zw_query_object( + htarget, + NT_OBJECT_NAME_INFORMATION, + buffer,sizeof(buffer),0))) + return status; + target_name = (nt_unicode_string *)buffer; + } + + __ipc_sd_init(&sd,0); + __ntapi->tt_guid_to_string_utf16(dev_guid,&guidstr); + + name.strlen = sizeof(guidstr); + name.maxlen = 0; + name.buffer = &guidstr.lbrace; + + oa.len = sizeof(oa); + oa.root_dir = hdir; + oa.obj_name = &name; + oa.obj_attr = 0; + oa.sec_desc = &sd.sd; + oa.sec_qos = &sqos; + + return __ntapi->zw_create_symbolic_link_object( + hentry, + desired_access, + &oa,target_name); +} + int32_t __stdcall __ntapi_tt_create_keyed_object_directory( __out void ** hdir, __in uint32_t desired_access,