Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #define DbgPrint WriteLog //IN ALL HEADERS AFTER INCLUDING DDK HEADERS
- void WriteLog(char *fmt, ...)
- {
- va_list arglist;
- va_start(arglist, fmt);
- char *buffer = (char*)ExAllocatePool(NonPagedPool, 4096);
- memset(buffer, 0 , 4096);
- RtlStringCbVPrintfA(buffer, 4096, fmt, arglist);
- ULONG buflen = 0;
- RtlStringCbLengthA(buffer, 4096, (size_t*)&buflen);
- DbgPrintEx(DPFLTR_IHVDRIVER_ID, 0, buffer);
- if (buflen > 0)
- {
- /*setup log file*/
- UNICODE_STRING logName;
- OBJECT_ATTRIBUTES objAttribs;
- NTSTATUS status;
- HANDLE hFile;
- IO_STATUS_BLOCK ioStatus;
- RtlInitUnicodeString(&logName, L"\\DosDevices\\C:\\roothop.log");
- InitializeObjectAttributes(&objAttribs, &logName,
- OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE,
- NULL, NULL);
- if(KeGetCurrentIrql() != PASSIVE_LEVEL) goto _exitlogwrite;
- status = ZwCreateFile(&hFile, FILE_APPEND_DATA,
- &objAttribs, &ioStatus, NULL, FILE_ATTRIBUTE_NORMAL, 0,
- FILE_OPEN_IF, FILE_NON_DIRECTORY_FILE | FILE_RANDOM_ACCESS |
- FILE_NO_INTERMEDIATE_BUFFERING | FILE_SYNCHRONOUS_IO_NONALERT,
- NULL, 0);
- if (!NT_SUCCESS(status)) {
- DbgPrint("Failed to create log file\n");
- goto _exitlogwrite;
- }
- /*write log file*/
- ZwWriteFile(hFile, 0, 0, 0,
- &ioStatus, buffer, buflen, 0, 0);
- /*close log file*/
- ZwClose(hFile);
- }
- _exitlogwrite:;
- ExFreePool(buffer);
- va_end(arglist);
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
