Advertisement
FlyFar

DoubleAgentDll/VerifierDll.c

Jan 1st, 2024
909
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 2.20 KB | Cybersecurity | 0 0
  1. /* Includes ******************************************************************/
  2. #include <Windows.h>
  3. #include "Status.h"
  4.  
  5. /* Types *********************************************************************/
  6. typedef struct _RTL_VERIFIER_DLL_DESCRIPTOR
  7. {
  8.     PWSTR pwszDllName;
  9.     DWORD dwDllFlags;
  10.     PVOID pvDllAddress;
  11.     PVOID pvDllThunks;
  12. } RTL_VERIFIER_DLL_DESCRIPTOR, *PRTL_VERIFIER_DLL_DESCRIPTOR;
  13.  
  14. typedef struct _RTL_VERIFIER_PROVIDER_DESCRIPTOR
  15. {
  16.     DWORD dwLength;
  17.     PVOID pvProviderDlls;
  18.     PVOID pvProviderDllLoadCallback;
  19.     PVOID pvProviderDllUnloadCallback;
  20.     PWSTR pwszVerifierImage;
  21.     DWORD dwVerifierFlags;
  22.     DWORD dwVerifierDebug;
  23.     PVOID pvRtlpGetStackTraceAddress;
  24.     PVOID pvRtlpDebugPageHeapCreate;
  25.     PVOID pvRtlpDebugPageHeapDestroy;
  26.     PVOID pvProviderNtdllHeapFreeCallback;
  27. } RTL_VERIFIER_PROVIDER_DESCRIPTOR, *PRTL_VERIFIER_PROVIDER_DESCRIPTOR;
  28.  
  29. typedef struct _RTL_VERIFIER_MINILOADATTACH_PROVIDER_DESCRIPTOR
  30. {
  31.     DWORD dwLength;
  32.     DWORD dwReserved;
  33.     DWORD dwReserved1;
  34.     DWORD dwReserved2;
  35.     DWORD dwReserved3;
  36.     DWORD dwReserved4;
  37.     DWORD dwReserved5;
  38.     DWORD dwReserved6;
  39.     PDWORD pdwAVrfDphGlobalFlags;
  40.     PVOID pvAVrfpHeapTable;
  41.     PRTL_VERIFIER_PROVIDER_DESCRIPTOR ptAVrfpProvider;
  42.     CHAR szReserved7[0x18];
  43. } RTL_VERIFIER_MINILOADATTACH_PROVIDER_DESCRIPTOR, *PRTL_VERIFIER_MINILOADATTACH_PROVIDER_DESCRIPTOR;
  44.  
  45. /* Global Variables **********************************************************/
  46. RTL_VERIFIER_DLL_DESCRIPTOR atDLLs[] = { { 0 } };
  47. RTL_VERIFIER_PROVIDER_DESCRIPTOR tVpd = { sizeof(RTL_VERIFIER_PROVIDER_DESCRIPTOR), atDLLs };
  48.  
  49. /* Function Definitions ******************************************************/
  50. BOOL VERIFIERDLL_DllMainProcessVerifier(IN PVOID pvReserved)
  51. {
  52.     DOUBLEAGENT_STATUS eStatus = DOUBLEAGENT_STATUS_INVALID_VALUE;
  53.  
  54.     /* Validates the parameters */
  55.     if (NULL == pvReserved)
  56.     {
  57.         DOUBLEAGENT_SET(eStatus, DOUBLEAGENT_STATUS_DOUBLEAGENTDLL_VERIFIERDLL_DLLMAINPROCESSVERIFIER_INVALID_PARAMS);
  58.         goto lbl_cleanup;
  59.     }
  60.  
  61.     /* Sets the reserved parameter */
  62.     *((PRTL_VERIFIER_PROVIDER_DESCRIPTOR *)pvReserved) = &tVpd;
  63.  
  64.     /* Succeeded */
  65.     DOUBLEAGENT_SET(eStatus, DOUBLEAGENT_STATUS_SUCCESS);
  66.  
  67. lbl_cleanup:
  68.     /* Returns status */
  69.     return FALSE != DOUBLEAGENT_SUCCESS(eStatus);
  70. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement