Scribd Logo
Upload

Welcome to Scribd!

  • Script Ext

    Uploaded by

    abecerem
    12 views3 pages
    Script

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Script

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    12 views3 pages

    Script Ext

    Uploaded by

    abecerem
    Script

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    // // Plugins System Helper // VOID KdFreeBuffer(PVOID Buffer); VOID KdWriteLog(PCHAR Buffer); ULONG KdShowMessage(PCHAR Message, PCHAR Title, ULONG

    uType); VOID KdShowConsole(VOID); PVOID KdGetCurrentProcess(VOID); PVOID KdGetCsrProcess(VOID); PVOID KdGetSystemProcess(VOID); PVOID KdGetSystemIdleProcess(VOID); PVOID KdGetSelectedProcess(VOID); HWND KdGetMainWindow(VOID); // // Process Object // ULONG KdEnumActiveProcesses(PVOID **ProcessObjectList); VOID KdGetProcessInformation(PVOID ProcessObject, PROCESS_ENTRY *Buffer); ULONG KdEnumProcessModules(PVOID ProcessObject, DLL_ENTRY **Buffer); HANDLE KdOpenProcessByPid(ULONG ProcessId); HANDLE KdOpenProcessByPointer(PVOID ProcessObject); PVOID KdGetProcessPointerByPid(ULONG ProcessId); PVOID KdGetProcessPointerByHandle(HANDLE hProcess); BOOL KdKillProcess(PVOID ProcessObject); BOOL KdForceKillProcess(PVOID ProcessObject); BOOL KdSuspendProcess(PVOID ProcessObject); BOOL KdResumeProcess(PVOID ProcessObject); BOOL KdForceResumeProcess(PVOID ProcessObject); // // Thread Object // ULONG KdEnumActiveThreads(PVOID **ThreadObjectList); ULONG KdEnumProcessThreads(PVOID ProcessObject, PVOID **ThreadObjectList); VOID KdGetThreadInformation(PVOID ThreadObject, THREAD_ENTRY *Buffer); VOID KdGetThreadParentProcess(PVOID ThreadObject, PROCESS_ENTRY *ProcessInformat ion); HANDLE KdOpenThreadByTid(ULONG ThreadId); HANDLE KdOpenThreadByPointer(PVOID ThreadObject); PVOID KdGetThreadPointerByTid(ULONG ThreadId); PVOID KdGetThreadPointerByHandle(HANDLE hThread); BOOL KdForceKillThread(PVOID ThreadObject); BOOL KdSuspendThread(PVOID ThreadObject); BOOL KdResumeThread(PVOID ThreadObject); BOOL KdForceResumeThread(PVOID ThreadObject); BOOL KdGetContextThread(PVOID ThreadObject, CONTEXT *Context); BOOL KdSetContextThread(PVOID ThreadObject, CONTEXT *Context); // // Memory Management // BOOL KdReadVirtualMemory(PVOID ProcessObject, PVOID VirtualAddress, PVOID Buffer , ULONG Size, PULONG BytesRead); BOOL KdWriteVirtualMemory(PVOID ProcessObject, PVOID VirtualAddress, PVOID Buffe

    r, ULONG Size, PULONG BytesWritten); BOOL KdQueryVirtualMemory(PVOID ProcessObject, PVOID VirtualAddress, PMEMORY_BAS IC_INFORMATION Buffer, ULONG dwLength); BOOL KdProtectVirtualMemory(PVOID ProcessObject, PVOID VirtualAddress, ULONG dwS ize, ULONG NewProtection, PULONG OldProtection); PVOID KdAllocateVirtualMemory(PVOID ProcessObject, ULONG Size); VOID KdFreeVirtualMemory(PVOID ProcessObject, PVOID VirtualAddress); BOOL KdReadPhysicalMemory(PULONGLONG PhysicalAddress, PVOID Buffer, SIZE_T Size) ; BOOL KdWritePhysicalMemory(PULONGLONG PhysicalAddress, PVOID Buffer, SIZE_T Size ); PVOID KdAllocateNonpagedPool(ULONG Size); VOID KdFreeNonpagedPool(PVOID NonpagedPoolAddress); BOOL KdUnmapViewOfSection(PVOID ProcessObject, PVOID SectionBase); ULONG KdGetLowestPhysicalPage(VOID); ULONG KdGetHighestPhysicalPage(VOID); ULONG KdGetNumberOfPhysicalPages(VOID); PVOID KdGetHighestUserAddress(VOID); PVOID KdGetSystemRangeStart(VOID); PVOID KdGetUserProbeAddress(VOID); // // File System // HANDLE KdOpenFile(PCHAR FilePath); BOOL KdReadFileByHandle(HANDLE hFile, PVOID Buffer, ULONG Size, PULONGLONG Offse t); BOOL KdWriteFileByHandle(HANDLE hFile, PVOID Buffer, ULONG Size, PULONGLONG Offs et); BOOL KdReadFileByName(PCHAR FilePath, PVOID Buffer, ULONG Size, PULONGLONG Offse t); BOOL KdWriteFileByName(PCHAR FilePath, PVOID Buffer, ULONG Size, PULONGLONG Offs et); BOOL KdReadSectors(ULONG DiskNumber, ULONG SectorNumber, USHORT SectorCount , PV OID Buffer); BOOL KdWriteSectors(ULONG DiskNumber, ULONG SectorNumber, USHORT SectorCount , P VOID Buffer); BOOL KdGetFileNameByHandle(HANDLE hFile, PCHAR FileName, ULONG Size); BOOL KdGetFileNameByPointer(PVOID FileObject, PCHAR FileName, ULONG Size); BOOL KdCopyFile(PCHAR SourceFilePath, PCHAR DestinationFilePath); BOOL KdDeleteFile(PCHAR FilePath); BOOL KdForceDeleteFile(PCHAR FilePath); BOOL KdCheckFileSignature(PCHAR FilePath); // // Driver/Device Object // ULONG KdEnumKernelModules(DRIVER_ENTRY **KernelModuleList); ULONG KdEnumDrivers(PVOID **DriverObjectList); ULONG KdEnumDevices(PVOID **DeviceObjectList); BOOL KdGetDriverName(PVOID DriverObject, PCHAR DriverName, ULONG Size); BOOL KdGetDeviceName(PVOID DeviceObject, PCHAR DeviceName, ULONG Size); ULONG KdEnumUnloadedDrivers(DRIVER_ENTRY **DriversList); // // Object Manager //

    ULONG KdEnumHandles(PVOID ProcessObject, HANDLE_ENTRY **HandlesList); ULONG KdEnumObjectTypes(OBJECT_TYPE_ENTRY **ObjectTypesList); BOOL KdGetObjectName(PVOID Object, PCHAR ObjectName, ULONG Size); BOOL KdGetObjectTypeName(PVOID Object, PCHAR ObjectTypeName, ULONG Size); PVOID KdGetObjectPointerByHandle(HANDLE Handle); BOOL KdCloseRemoteHandle(PVOID ProcessObject, HANDLE Handle); // // System Control // PKIDT_ENTRY KdEnumInterrupts(UCHAR ProcessorNumber); ULONG_PTR KdHookInterruptOffset(ULONG Index, ULONG_PTR ServiceRoutine, UCHAR Pro cessor); USHORT KdHookInterruptSelector(ULONG Index, USHORT ServiceRoutine, UCHAR Process or); ULONG KdEnumServiceTable(SERVICE_ENTRY **Servicetable); VOID KdRestoreServiceTable(VOID); VOID KdHookServiceTable(ULONG Index, PVOID ServiceRoutine); ULONG KdEnumShadowServiceTable(SERVICE_ENTRY **ShadowServicetable); VOID KdRestoreShadowServiceTable(VOID); VOID KdHookShadowServiceTable(ULONG Index, PVOID ServiceRoutine); ULONG KdEnumActiveTimers(TIMER_ENTRY **TimersList); BOOL KdCancelTimer(PVOID TimerObject); ULONG KdGetCr0(VOID); ULONG KdGetCr4(VOID); VOID KdReadMsr(ULONG Register, PULONGLONG Value); VOID KdWriteMsr(ULONG Register, PULONGLONG Value); PVOID KdGetKernelBase(VOID); ULONG KdGetKernelSize(VOID); PVOID KdGetPsLoadedModuleList(VOID); PVOID KdGetMmLoadedUserImageList(VOID); PVOID KdGetPspCidTable(VOID); BOOL KdCallBiosInterrupt(UCHAR Interrupt, PBIOS_REGISTERS Context); UCHAR KdReadPortChar(USHORT Port); USHORT KdReadPortShort(USHORT Port); ULONG KdReadPortLong(USHORT Port); VOID KdReadPortBufferChar(USHORT Port, PUCHAR Buffer, ULONG Count); VOID KdReadPortBufferShort(USHORT Port, PUSHORT Buffer, ULONG Count); VOID KdReadPortBufferLong(USHORT Port, PULONG Buffer, ULONG Count); VOID KdWritePortChar(USHORT Port, UCHAR Value); VOID KdWritePortShort(USHORT Port, USHORT Value); VOID KdWritePortLong(USHORT Port, ULONG Value); VOID KdWritePortBufferChar(USHORT Port, PUCHAR Buffer, ULONG Count); VOID KdWritePortBufferShort(USHORT Port, PUSHORT Buffer, ULONG Count); VOID KdWritePortBufferLong(USHORT Port, PULONG Buffer, ULONG Count); BOOL KdDeviceRead(PVOID DeviceObject, PVOID FileObject, PVOID Buffer, ULONG Leng th, PULONGLONG StartingOffset); BOOL KdDeviceWrite(PVOID DeviceObject, PVOID FileObject, PVOID Buffer, ULONG Len gth, PULONGLONG StartingOffset); BOOL KdDeviceIoControl(PVOID DeviceObject, PVOID FileObject, ULONG IoControlCode , PVOID InputBuffer, ULONG InputBufferLength, PVOID OutputBuffer, ULONG OutputBu fferLength, BOOL InternalDeviceIoControl); VOID KdExecuteCode(PVOID Process, PKSTART_ROUTINE StartAddress, PVOID Context);

    You might also like