Начало
Часть 1
На сей раз попробуем извлечь список ndisGlobalOpenList и смещение на его поле NextGlobalOpen (необходимо для итерации по списку из структур ndis!_NDIS_COMMON_OPEN_BLOCK)
Данная структура также частично описана в в wdk - в файле inc\ddk\ndis.h есть ее определение по поле StatusCompleteHandler, но традиционно нужного нам поля NextGlobalOpen там нет.
Найти нужное нам смещение (вместе с со списком ndisGlobalOpenList и локом ndisGlobalOpenListLock) можно дизассемблировав экспортируемую функцию NdisCloseAdapter (код взят с xp32 bit):
mov edi, offset _ndisGlobalOpenListLock
mov ecx, edi
; зовем из IAT ф-цию hal!KfAcquireSpinLock
; в 64битной версии - KeAcquireSpinLockRaiseToDpc
; обращение к памяти в секции .data выше этого вызова даст нам лок
; следующее обращение к памяти в секции .data после вызова даст нам ndisGlobalOpenList
call ds:__imp_@KfAcquireSpinLock@4 ; KfAcquireSpinLock(x)
mov esi, _ndisGlobalOpenList
jmp short loc_22652
loc_22647:
cmp esi, [ebp+NdisBindingHandle]
jz short loc_22656
mov esi, [esi+0B8h] ; NextGlobalOpenCпособ точно такой же что и при поиске смещения на NextGlobalMiniport из предыдущей заметки про ndis.
На десерт - структуры ndis!_NDIS_COMMON_OPEN_BLOCK из некоторых доступных мне версий windows:
xp & w2k3 32bit
+0x000 MacHandle : Ptr32 Void
+0x004 BindingHandle : Ptr32 Void
+0x008 MiniportHandle : Ptr32 _NDIS_MINIPORT_BLOCK
+0x00c ProtocolHandle : Ptr32 _NDIS_PROTOCOL_BLOCK
+0x010 ProtocolBindingContext : Ptr32 Void
+0x014 MiniportNextOpen : Ptr32 _NDIS_OPEN_BLOCK
+0x018 ProtocolNextOpen : Ptr32 _NDIS_OPEN_BLOCK
+0x01c MiniportAdapterContext : Ptr32 Void
+0x020 Reserved1 : UChar
+0x021 Reserved2 : UChar
+0x022 Reserved3 : UChar
+0x023 Reserved4 : UChar
+0x024 BindDeviceName : Ptr32 _UNICODE_STRING
+0x028 Reserved5 : Uint4B
+0x02c RootDeviceName : Ptr32 _UNICODE_STRING
+0x030 SendHandler : Ptr32 int
+0x030 WanSendHandler : Ptr32 int
+0x034 TransferDataHandler : Ptr32 int
+0x038 SendCompleteHandler : Ptr32 void
+0x03c TransferDataCompleteHandler : Ptr32 void
+0x040 ReceiveHandler : Ptr32 int
+0x044 ReceiveCompleteHandler : Ptr32 void
+0x048 WanReceiveHandler : Ptr32 int
+0x04c RequestCompleteHandler : Ptr32 void
+0x050 ReceivePacketHandler : Ptr32 int
+0x054 SendPacketsHandler : Ptr32 void
+0x058 ResetHandler : Ptr32 int
+0x05c RequestHandler : Ptr32 int
+0x060 ResetCompleteHandler : Ptr32 void
+0x064 StatusHandler : Ptr32 void
+0x068 StatusCompleteHandler : Ptr32 void
+0x06c Flags : Uint4B
+0x070 References : Int4B
+0x074 SpinLock : Uint4B
+0x078 FilterHandle : Ptr32 Void
+0x07c ProtocolOptions : Uint4B
+0x080 CurrentLookahead : Uint2B
+0x082 ConnectDampTicks : Uint2B
+0x084 DisconnectDampTicks : Uint2B
+0x088 WSendHandler : Ptr32 int
+0x08c WTransferDataHandler : Ptr32 int
+0x090 WSendPacketsHandler : Ptr32 void
+0x094 CancelSendPacketsHandler : Ptr32 void
+0x098 WakeUpEnable : Uint4B
+0x09c CloseCompleteEvent : Ptr32 _KEVENT
+0x0a0 QC : _QUEUED_CLOSE
+0x0b4 AfReferences : Int4B
+0x0b8 NextGlobalOpen : Ptr32 _NDIS_OPEN_BLOCK
xp & w2k3 64bit
+0x000 MacHandle : Ptr64 Void
+0x008 BindingHandle : Ptr64 Void
+0x010 MiniportHandle : Ptr64 _NDIS_MINIPORT_BLOCK
+0x018 ProtocolHandle : Ptr64 _NDIS_PROTOCOL_BLOCK
+0x020 ProtocolBindingContext : Ptr64 Void
+0x028 MiniportNextOpen : Ptr64 _NDIS_OPEN_BLOCK
+0x030 ProtocolNextOpen : Ptr64 _NDIS_OPEN_BLOCK
+0x038 MiniportAdapterContext : Ptr64 Void
+0x040 Reserved1 : UChar
+0x041 Reserved2 : UChar
+0x042 Reserved3 : UChar
+0x043 Reserved4 : UChar
+0x048 BindDeviceName : Ptr64 _UNICODE_STRING
+0x050 Reserved5 : Uint8B
+0x058 RootDeviceName : Ptr64 _UNICODE_STRING
+0x060 SendHandler : Ptr64 int
+0x060 WanSendHandler : Ptr64 int
+0x068 TransferDataHandler : Ptr64 int
+0x070 SendCompleteHandler : Ptr64 void
+0x078 TransferDataCompleteHandler : Ptr64 void
+0x080 ReceiveHandler : Ptr64 int
+0x088 ReceiveCompleteHandler : Ptr64 void
+0x090 WanReceiveHandler : Ptr64 int
+0x098 RequestCompleteHandler : Ptr64 void
+0x0a0 ReceivePacketHandler : Ptr64 int
+0x0a8 SendPacketsHandler : Ptr64 void
+0x0b0 ResetHandler : Ptr64 int
+0x0b8 RequestHandler : Ptr64 int
+0x0c0 ResetCompleteHandler : Ptr64 void
+0x0c8 StatusHandler : Ptr64 void
+0x0d0 StatusCompleteHandler : Ptr64 void
+0x0d8 Flags : Uint4B
+0x0dc References : Int4B
+0x0e0 SpinLock : Uint8B
+0x0e8 FilterHandle : Ptr64 Void
+0x0f0 ProtocolOptions : Uint4B
+0x0f4 CurrentLookahead : Uint2B
+0x0f6 ConnectDampTicks : Uint2B
+0x0f8 DisconnectDampTicks : Uint2B
+0x100 WSendHandler : Ptr64 int
+0x108 WTransferDataHandler : Ptr64 int
+0x110 WSendPacketsHandler : Ptr64 void
+0x118 CancelSendPacketsHandler : Ptr64 void
+0x120 WakeUpEnable : Uint4B
+0x128 CloseCompleteEvent : Ptr64 _KEVENT
+0x130 QC : _QUEUED_CLOSE
+0x158 AfReferences : Int4B
+0x160 NextGlobalOpen : Ptr64 _NDIS_OPEN_BLOCK
+0x168 InitiateOffloadCompleteHandler : Ptr64 void
+0x170 TerminateOffloadCompleteHandler : Ptr64 void
+0x178 UpdateOffloadCompleteHandler : Ptr64 void
+0x180 InvalidateOffloadCompleteHandler : Ptr64 void
+0x188 QueryOffloadCompleteHandler : Ptr64 void
+0x190 IndicateOffloadEventHandler : Ptr64 void
+0x198 TcpOffloadSendCompleteHandler : Ptr64 void
+0x1a0 TcpOffloadReceiveCompleteHandler : Ptr64 void
+0x1a8 TcpOffloadDisconnectCompleteHandler : Ptr64 void
+0x1b0 TcpOffloadForwardCompleteHandler : Ptr64 void
+0x1b8 TcpOffloadEventHandler : Ptr64 void
+0x1c0 TcpOffloadReceiveIndicateHandler : Ptr64 int
vista 32bit
+0x000 MacHandle : Ptr32 Void
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 BindingHandle : Ptr32 Void
+0x008 MiniportHandle : Ptr32 _NDIS_MINIPORT_BLOCK
+0x00c ProtocolHandle : Ptr32 _NDIS_PROTOCOL_BLOCK
+0x010 ProtocolBindingContext : Ptr32 Void
+0x014 NextSendHandler : Ptr32 void
+0x018 NextSendContext : Ptr32 Void
+0x01c MiniportAdapterContext : Ptr32 Void
+0x020 Reserved1 : UChar
+0x021 CallingFromNdis6Protocol : UChar
+0x022 Reserved3 : UChar
+0x023 Reserved4 : UChar
+0x024 NextReturnNetBufferListsHandler : Ptr32 void
+0x028 Reserved5 : Uint4B
+0x02c NextReturnNetBufferListsContext : Ptr32 Void
+0x030 SendHandler : Ptr32 int
+0x030 WanSendHandler : Ptr32 int
+0x034 TransferDataHandler : Ptr32 int
+0x038 SendCompleteHandler : Ptr32 void
+0x03c TransferDataCompleteHandler : Ptr32 void
+0x040 ReceiveHandler : Ptr32 int
+0x044 ReceiveCompleteHandler : Ptr32 void
+0x048 WanReceiveHandler : Ptr32 int
+0x04c RequestCompleteHandler : Ptr32 void
+0x050 ReceivePacketHandler : Ptr32 int
+0x054 SendPacketsHandler : Ptr32 void
+0x058 ResetHandler : Ptr32 int
+0x05c RequestHandler : Ptr32 int
+0x060 OidRequestHandler : Ptr32 int
+0x064 ResetCompleteHandler : Ptr32 void
+0x068 StatusHandler : Ptr32 void
+0x068 StatusHandlerEx : Ptr32 void
+0x06c StatusCompleteHandler : Ptr32 void
+0x070 Flags : Uint4B
+0x074 References : Int4B
+0x078 SpinLock : Uint4B
+0x07c FilterHandle : Ptr32 Void
+0x080 FrameTypeArraySize : Uint4B
+0x084 FrameTypeArray : [4] Uint2B
+0x08c ProtocolOptions : Uint4B
+0x090 CurrentLookahead : Uint4B
+0x094 WSendHandler : Ptr32 int
+0x098 WTransferDataHandler : Ptr32 int
+0x09c WSendPacketsHandler : Ptr32 void
+0x0a0 CancelSendPacketsHandler : Ptr32 void
+0x0a4 WakeUpEnable : Uint4B
+0x0a8 CloseCompleteEvent : Ptr32 _KEVENT
+0x0ac QC : _QUEUED_CLOSE
+0x0c0 AfReferences : Int4B
+0x0c4 NextGlobalOpen : Ptr32 _NDIS_OPEN_BLOCK
+0x0c8 MiniportNextOpen : Ptr32 _NDIS_OPEN_BLOCK
+0x0cc ProtocolNextOpen : Ptr32 _NDIS_OPEN_BLOCK
+0x0d0 BindDeviceName : Ptr32 _UNICODE_STRING
+0x0d4 RootDeviceName : Ptr32 _UNICODE_STRING
+0x0d8 FilterNextOpen : Ptr32 _NDIS_OPEN_BLOCK
+0x0dc PacketFilters : Uint4B
+0x0e0 OldPacketFilters : Uint4B
+0x0e4 MaxMulticastAddresses : Uint4B
+0x0e8 MCastAddressBuf : Ptr32 _ETH_MULTICAST_WRAPPER
+0x0ec NumAddresses : Uint4B
+0x0f0 OldMCastAddressBuf : Ptr32 _ETH_MULTICAST_WRAPPER
+0x0f4 OldNumAddresses : Uint4B
+0x0e4 FunctionalAddress : Uint4B
+0x0e8 OldFunctionalAddress : Uint4B
+0x0ec UsingGroupAddress : UChar
+0x0ed OldUsingGroupAddress : UChar
+0x0f0 FARefCount : [32] Uint4B
+0x170 OldFARefCount : [32] Uint4B
+0x1f0 RSSParametersBuf : [196] UChar
+0x2b4 NdisRSSParameters : Ptr32 _NDIS_RECEIVE_SCALE_PARAMETERS
+0x2b8 PatternList : _SINGLE_LIST_ENTRY
+0x2bc ProtSendNetBufferListsComplete : Ptr32 void
+0x2c0 NextSendNetBufferListsComplete : Ptr32 void
+0x2c4 NextSendNetBufferListsCompleteContext : Ptr32 Void
+0x2c8 SendCompleteNdisPacketContext : Ptr32 Void
+0x2cc SendCompleteNetBufferListsContext : Ptr32 Void
+0x2d0 ReceiveNetBufferLists : Ptr32 void
+0x2d4 ReceiveNetBufferListsContext : Ptr32 Void
+0x2d8 SavedSendNBLHandler : Ptr32 void
+0x2dc SavedSendPacketsHandler : Ptr32 void
+0x2e0 SavedCancelSendPacketsHandler : Ptr32 void
+0x2e4 SavedSendHandler : Ptr32 int
+0x2e4 SavedWanSendHandler : Ptr32 int
+0x2e8 InitiateOffloadCompleteHandler : Ptr32 void
+0x2ec TerminateOffloadCompleteHandler : Ptr32 void
+0x2f0 UpdateOffloadCompleteHandler : Ptr32 void
+0x2f4 InvalidateOffloadCompleteHandler : Ptr32 void
+0x2f8 QueryOffloadCompleteHandler : Ptr32 void
+0x2fc IndicateOffloadEventHandler : Ptr32 void
+0x300 TcpOffloadSendCompleteHandler : Ptr32 void
+0x304 TcpOffloadReceiveCompleteHandler : Ptr32 void
+0x308 TcpOffloadDisconnectCompleteHandler : Ptr32 void
+0x30c TcpOffloadForwardCompleteHandler : Ptr32 void
+0x310 TcpOffloadEventHandler : Ptr32 void
+0x314 TcpOffloadReceiveIndicateHandler : Ptr32 int
+0x318 ProtocolMajorVersion : Uint4B
+0x31c IfBlock : Ptr32 Ptr32 Void
+0x320 PnPStateLock : _NDIS_SPIN_LOCK
+0x328 PnPState : _NDIS_NDIS5_DRIVER_STATE
+0x32c TranslationState : _NDIS_OPEN_TRANSLATION_STATE
+0x330 OutstandingSends : Int4B
+0x334 PauseEvent : _NDIS_EVENT
+0x344 Ndis5WanSendHandler : Ptr32 int
+0x348 ProtSendCompleteHandler : Ptr32 void
+0x34c OidRequestCompleteHandler : Ptr32 void
+0x350 OidRequestCompleteContext : Ptr32 Void
+0x354 SetInfoBuf : Ptr32 Void
+0x358 SetInfoBufLen : Uint2B
+0x35c RequestBuffer : Uint4B
+0x360 SetInfoOid : Uint4B
+0x364 OidContext : Ptr32 Void
+0x368 NumOfPauseRestartRequests : Int4B
+0x36c State : _NDIS_OPEN_STATE
+0x370 Offload : Ptr32 _NDIS_OPEN_OFFLOAD
+0x374 StatusUnbindWorkItem : Ptr32 _NDIS_STATUS_UNBIND_WORKITEM
+0x378 DpcStartCycle : Uint8B
+0x380 NumberOfNetBufferLists : Uint4B
+0x384 ReceivedAPacket : [32] UChar
vista sp2 32bit
+0x000 MacHandle : Ptr32 Void
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 BindingHandle : Ptr32 Void
+0x008 MiniportHandle : Ptr32 _NDIS_MINIPORT_BLOCK
+0x00c ProtocolHandle : Ptr32 _NDIS_PROTOCOL_BLOCK
+0x010 ProtocolBindingContext : Ptr32 Void
+0x014 NextSendHandler : Ptr32 void
+0x018 NextSendContext : Ptr32 Void
+0x01c MiniportAdapterContext : Ptr32 Void
+0x020 Reserved1 : UChar
+0x021 CallingFromNdis6Protocol : UChar
+0x022 Reserved3 : UChar
+0x023 Reserved4 : UChar
+0x024 NextReturnNetBufferListsHandler : Ptr32 void
+0x028 Reserved5 : Uint4B
+0x02c NextReturnNetBufferListsContext : Ptr32 Void
+0x030 SendHandler : Ptr32 int
+0x030 WanSendHandler : Ptr32 int
+0x034 TransferDataHandler : Ptr32 int
+0x038 SendCompleteHandler : Ptr32 void
+0x03c TransferDataCompleteHandler : Ptr32 void
+0x040 ReceiveHandler : Ptr32 int
+0x044 ReceiveCompleteHandler : Ptr32 void
+0x048 WanReceiveHandler : Ptr32 int
+0x04c RequestCompleteHandler : Ptr32 void
+0x050 ReceivePacketHandler : Ptr32 int
+0x054 SendPacketsHandler : Ptr32 void
+0x058 ResetHandler : Ptr32 int
+0x05c RequestHandler : Ptr32 int
+0x060 OidRequestHandler : Ptr32 int
+0x064 ResetCompleteHandler : Ptr32 void
+0x068 StatusHandler : Ptr32 void
+0x068 StatusHandlerEx : Ptr32 void
+0x06c StatusCompleteHandler : Ptr32 void
+0x070 Flags : Uint4B
+0x074 References : Int4B
+0x078 SpinLock : Uint4B
+0x07c FilterHandle : Ptr32 Void
+0x080 FrameTypeArraySize : Uint4B
+0x084 FrameTypeArray : [4] Uint2B
+0x08c ProtocolOptions : Uint4B
+0x090 CurrentLookahead : Uint4B
+0x094 WSendHandler : Ptr32 int
+0x098 WTransferDataHandler : Ptr32 int
+0x09c WSendPacketsHandler : Ptr32 void
+0x0a0 CancelSendPacketsHandler : Ptr32 void
+0x0a4 WakeUpEnable : Uint4B
+0x0a8 CloseCompleteEvent : Ptr32 _KEVENT
+0x0ac QC : _QUEUED_CLOSE
+0x0c0 AfReferences : Int4B
+0x0c4 NextGlobalOpen : Ptr32 _NDIS_OPEN_BLOCK
+0x0c8 MiniportNextOpen : Ptr32 _NDIS_OPEN_BLOCK
+0x0cc ProtocolNextOpen : Ptr32 _NDIS_OPEN_BLOCK
+0x0d0 BindDeviceName : Ptr32 _UNICODE_STRING
+0x0d4 RootDeviceName : Ptr32 _UNICODE_STRING
+0x0d8 FilterNextOpen : Ptr32 _NDIS_OPEN_BLOCK
+0x0dc PacketFilters : Uint4B
+0x0e0 OldPacketFilters : Uint4B
+0x0e4 MaxMulticastAddresses : Uint4B
+0x0e8 MCastAddressBuf : Ptr32 _ETH_MULTICAST_WRAPPER
+0x0ec NumAddresses : Uint4B
+0x0f0 OldMCastAddressBuf : Ptr32 _ETH_MULTICAST_WRAPPER
+0x0f4 OldNumAddresses : Uint4B
+0x0e4 FunctionalAddress : Uint4B
+0x0e8 OldFunctionalAddress : Uint4B
+0x0ec UsingGroupAddress : UChar
+0x0ed OldUsingGroupAddress : UChar
+0x0f0 FARefCount : [32] Uint4B
+0x170 OldFARefCount : [32] Uint4B
+0x1f0 RSSParametersBuf : [196] UChar
+0x2b4 NdisRSSParameters : Ptr32 _NDIS_RECEIVE_SCALE_PARAMETERS
+0x2b8 PatternList : _SINGLE_LIST_ENTRY
+0x2bc ProtSendNetBufferListsComplete : Ptr32 void
+0x2c0 NextSendNetBufferListsComplete : Ptr32 void
+0x2c4 NextSendNetBufferListsCompleteContext : Ptr32 Void
+0x2c8 SendCompleteNdisPacketContext : Ptr32 Void
+0x2cc SendCompleteNetBufferListsContext : Ptr32 Void
+0x2d0 ReceiveNetBufferLists : Ptr32 void
+0x2d4 ReceiveNetBufferListsContext : Ptr32 Void
+0x2d8 SavedSendNBLHandler : Ptr32 void
+0x2dc SavedSendPacketsHandler : Ptr32 void
+0x2e0 SavedCancelSendPacketsHandler : Ptr32 void
+0x2e4 SavedSendHandler : Ptr32 int
+0x2e4 SavedWanSendHandler : Ptr32 int
+0x2e8 InitiateOffloadCompleteHandler : Ptr32 void
+0x2ec TerminateOffloadCompleteHandler : Ptr32 void
+0x2f0 UpdateOffloadCompleteHandler : Ptr32 void
+0x2f4 InvalidateOffloadCompleteHandler : Ptr32 void
+0x2f8 QueryOffloadCompleteHandler : Ptr32 void
+0x2fc IndicateOffloadEventHandler : Ptr32 void
+0x300 TcpOffloadSendCompleteHandler : Ptr32 void
+0x304 TcpOffloadReceiveCompleteHandler : Ptr32 void
+0x308 TcpOffloadDisconnectCompleteHandler : Ptr32 void
+0x30c TcpOffloadForwardCompleteHandler : Ptr32 void
+0x310 TcpOffloadEventHandler : Ptr32 void
+0x314 TcpOffloadReceiveIndicateHandler : Ptr32 int
+0x318 ProtocolMajorVersion : Uint4B
+0x31c IfBlock : Ptr32 Ptr32 Void
+0x320 PnPStateLock : _NDIS_SPIN_LOCK
+0x328 PnPState : _NDIS_NDIS5_DRIVER_STATE
+0x32c TranslationState : _NDIS_OPEN_TRANSLATION_STATE
+0x330 OutstandingSends : Int4B
+0x334 PauseEvent : _NDIS_EVENT
+0x344 Ndis5WanSendHandler : Ptr32 int
+0x348 ProtSendCompleteHandler : Ptr32 void
+0x34c OidRequestCompleteHandler : Ptr32 void
+0x350 OidRequestCompleteContext : Ptr32 Void
+0x354 SetInfoBuf : Ptr32 Void
+0x358 SetInfoBufLen : Uint2B
+0x35c RequestBuffer : Uint4B
+0x360 SetInfoOid : Uint4B
+0x364 OidContext : Ptr32 Void
+0x368 NumOfPauseRestartRequests : Int4B
+0x36c State : _NDIS_OPEN_STATE
+0x370 Offload : Ptr32 _NDIS_OPEN_OFFLOAD
+0x374 StatusUnbindWorkItem : Ptr32 _NDIS_STATUS_UNBIND_WORKITEM
+0x378 DpcStartCycle : Uint8B
+0x380 NumberOfNetBufferLists : Uint4B
+0x384 ReceivedAPacket : [32] UChar
+0x3a4 DirectOidRequestCompleteHandler : Ptr32 void
+0x3a8 DirectOidRequestHandler : Ptr32 int
+0x3ac DirectOidRequestCompleteContext : Ptr32 Void
vista 64bit
+0x000 MacHandle : Ptr64 Void
+0x000 Header : _NDIS_OBJECT_HEADER
+0x008 BindingHandle : Ptr64 Void
+0x010 MiniportHandle : Ptr64 _NDIS_MINIPORT_BLOCK
+0x018 ProtocolHandle : Ptr64 _NDIS_PROTOCOL_BLOCK
+0x020 ProtocolBindingContext : Ptr64 Void
+0x028 NextSendHandler : Ptr64 void
+0x030 NextSendContext : Ptr64 Void
+0x038 MiniportAdapterContext : Ptr64 Void
+0x040 Reserved1 : UChar
+0x041 CallingFromNdis6Protocol : UChar
+0x042 Reserved3 : UChar
+0x043 Reserved4 : UChar
+0x048 NextReturnNetBufferListsHandler : Ptr64 void
+0x050 Reserved5 : Uint8B
+0x058 NextReturnNetBufferListsContext : Ptr64 Void
+0x060 SendHandler : Ptr64 int
+0x060 WanSendHandler : Ptr64 int
+0x068 TransferDataHandler : Ptr64 int
+0x070 SendCompleteHandler : Ptr64 void
+0x078 TransferDataCompleteHandler : Ptr64 void
+0x080 ReceiveHandler : Ptr64 int
+0x088 ReceiveCompleteHandler : Ptr64 void
+0x090 WanReceiveHandler : Ptr64 int
+0x098 RequestCompleteHandler : Ptr64 void
+0x0a0 ReceivePacketHandler : Ptr64 int
+0x0a8 SendPacketsHandler : Ptr64 void
+0x0b0 ResetHandler : Ptr64 int
+0x0b8 RequestHandler : Ptr64 int
+0x0c0 OidRequestHandler : Ptr64 int
+0x0c8 ResetCompleteHandler : Ptr64 void
+0x0d0 StatusHandler : Ptr64 void
+0x0d0 StatusHandlerEx : Ptr64 void
+0x0d8 StatusCompleteHandler : Ptr64 void
+0x0e0 Flags : Uint4B
+0x0e4 References : Int4B
+0x0e8 SpinLock : Uint8B
+0x0f0 FilterHandle : Ptr64 Void
+0x0f8 FrameTypeArraySize : Uint4B
+0x0fc FrameTypeArray : [4] Uint2B
+0x104 ProtocolOptions : Uint4B
+0x108 CurrentLookahead : Uint4B
+0x110 WSendHandler : Ptr64 int
+0x118 WTransferDataHandler : Ptr64 int
+0x120 WSendPacketsHandler : Ptr64 void
+0x128 CancelSendPacketsHandler : Ptr64 void
+0x130 WakeUpEnable : Uint4B
+0x138 CloseCompleteEvent : Ptr64 _KEVENT
+0x140 QC : _QUEUED_CLOSE
+0x168 AfReferences : Int4B
+0x170 NextGlobalOpen : Ptr64 _NDIS_OPEN_BLOCK
+0x178 MiniportNextOpen : Ptr64 _NDIS_OPEN_BLOCK
+0x180 ProtocolNextOpen : Ptr64 _NDIS_OPEN_BLOCK
+0x188 BindDeviceName : Ptr64 _UNICODE_STRING
+0x190 RootDeviceName : Ptr64 _UNICODE_STRING
+0x198 FilterNextOpen : Ptr64 _NDIS_OPEN_BLOCK
+0x1a0 PacketFilters : Uint4B
+0x1a4 OldPacketFilters : Uint4B
+0x1a8 MaxMulticastAddresses : Uint4B
+0x1b0 MCastAddressBuf : Ptr64 _ETH_MULTICAST_WRAPPER
+0x1b8 NumAddresses : Uint4B
+0x1c0 OldMCastAddressBuf : Ptr64 _ETH_MULTICAST_WRAPPER
+0x1c8 OldNumAddresses : Uint4B
+0x1a8 FunctionalAddress : Uint4B
+0x1ac OldFunctionalAddress : Uint4B
+0x1b0 UsingGroupAddress : UChar
+0x1b1 OldUsingGroupAddress : UChar
+0x1b4 FARefCount : [32] Uint4B
+0x234 OldFARefCount : [32] Uint4B
+0x2c0 RSSParametersBuf : [196] UChar
+0x388 NdisRSSParameters : Ptr64 _NDIS_RECEIVE_SCALE_PARAMETERS
+0x390 PatternList : _SINGLE_LIST_ENTRY
+0x398 ProtSendNetBufferListsComplete : Ptr64 void
+0x3a0 NextSendNetBufferListsComplete : Ptr64 void
+0x3a8 NextSendNetBufferListsCompleteContext : Ptr64 Void
+0x3b0 SendCompleteNdisPacketContext : Ptr64 Void
+0x3b8 SendCompleteNetBufferListsContext : Ptr64 Void
+0x3c0 ReceiveNetBufferLists : Ptr64 void
+0x3c8 ReceiveNetBufferListsContext : Ptr64 Void
+0x3d0 SavedSendNBLHandler : Ptr64 void
+0x3d8 SavedSendPacketsHandler : Ptr64 void
+0x3e0 SavedCancelSendPacketsHandler : Ptr64 void
+0x3e8 SavedSendHandler : Ptr64 int
+0x3e8 SavedWanSendHandler : Ptr64 int
+0x3f0 InitiateOffloadCompleteHandler : Ptr64 void
+0x3f8 TerminateOffloadCompleteHandler : Ptr64 void
+0x400 UpdateOffloadCompleteHandler : Ptr64 void
+0x408 InvalidateOffloadCompleteHandler : Ptr64 void
+0x410 QueryOffloadCompleteHandler : Ptr64 void
+0x418 IndicateOffloadEventHandler : Ptr64 void
+0x420 TcpOffloadSendCompleteHandler : Ptr64 void
+0x428 TcpOffloadReceiveCompleteHandler : Ptr64 void
+0x430 TcpOffloadDisconnectCompleteHandler : Ptr64 void
+0x438 TcpOffloadForwardCompleteHandler : Ptr64 void
+0x440 TcpOffloadEventHandler : Ptr64 void
+0x448 TcpOffloadReceiveIndicateHandler : Ptr64 int
+0x450 ProtocolMajorVersion : Uint4B
+0x458 IfBlock : Ptr64 Ptr64 Void
+0x460 PnPStateLock : _NDIS_SPIN_LOCK
+0x470 PnPState : _NDIS_NDIS5_DRIVER_STATE
+0x474 TranslationState : _NDIS_OPEN_TRANSLATION_STATE
+0x478 OutstandingSends : Int4B
+0x480 PauseEvent : _NDIS_EVENT
+0x498 Ndis5WanSendHandler : Ptr64 int
+0x4a0 ProtSendCompleteHandler : Ptr64 void
+0x4a8 OidRequestCompleteHandler : Ptr64 void
+0x4b0 OidRequestCompleteContext : Ptr64 Void
+0x4b8 SetInfoBuf : Ptr64 Void
+0x4c0 SetInfoBufLen : Uint2B
+0x4c4 RequestBuffer : Uint4B
+0x4c8 SetInfoOid : Uint4B
+0x4d0 OidContext : Ptr64 Void
+0x4d8 NumOfPauseRestartRequests : Int4B
+0x4dc State : _NDIS_OPEN_STATE
+0x4e0 Offload : Ptr64 _NDIS_OPEN_OFFLOAD
+0x4e8 StatusUnbindWorkItem : Ptr64 _NDIS_STATUS_UNBIND_WORKITEM
+0x4f0 DpcStartCycle : Uint8B
+0x4f8 NumberOfNetBufferLists : Uint4B
+0x4fc ReceivedAPacket : [64] UCharvista sp2 64bit
+0x000 MacHandle : Ptr64 Void
+0x000 Header : _NDIS_OBJECT_HEADER
+0x008 BindingHandle : Ptr64 Void
+0x010 MiniportHandle : Ptr64 _NDIS_MINIPORT_BLOCK
+0x018 ProtocolHandle : Ptr64 _NDIS_PROTOCOL_BLOCK
+0x020 ProtocolBindingContext : Ptr64 Void
+0x028 NextSendHandler : Ptr64 void
+0x030 NextSendContext : Ptr64 Void
+0x038 MiniportAdapterContext : Ptr64 Void
+0x040 Reserved1 : UChar
+0x041 CallingFromNdis6Protocol : UChar
+0x042 Reserved3 : UChar
+0x043 Reserved4 : UChar
+0x048 NextReturnNetBufferListsHandler : Ptr64 void
+0x050 Reserved5 : Uint8B
+0x058 NextReturnNetBufferListsContext : Ptr64 Void
+0x060 SendHandler : Ptr64 int
+0x060 WanSendHandler : Ptr64 int
+0x068 TransferDataHandler : Ptr64 int
+0x070 SendCompleteHandler : Ptr64 void
+0x078 TransferDataCompleteHandler : Ptr64 void
+0x080 ReceiveHandler : Ptr64 int
+0x088 ReceiveCompleteHandler : Ptr64 void
+0x090 WanReceiveHandler : Ptr64 int
+0x098 RequestCompleteHandler : Ptr64 void
+0x0a0 ReceivePacketHandler : Ptr64 int
+0x0a8 SendPacketsHandler : Ptr64 void
+0x0b0 ResetHandler : Ptr64 int
+0x0b8 RequestHandler : Ptr64 int
+0x0c0 OidRequestHandler : Ptr64 int
+0x0c8 ResetCompleteHandler : Ptr64 void
+0x0d0 StatusHandler : Ptr64 void
+0x0d0 StatusHandlerEx : Ptr64 void
+0x0d8 StatusCompleteHandler : Ptr64 void
+0x0e0 Flags : Uint4B
+0x0e4 References : Int4B
+0x0e8 SpinLock : Uint8B
+0x0f0 FilterHandle : Ptr64 Void
+0x0f8 FrameTypeArraySize : Uint4B
+0x0fc FrameTypeArray : [4] Uint2B
+0x104 ProtocolOptions : Uint4B
+0x108 CurrentLookahead : Uint4B
+0x110 WSendHandler : Ptr64 int
+0x118 WTransferDataHandler : Ptr64 int
+0x120 WSendPacketsHandler : Ptr64 void
+0x128 CancelSendPacketsHandler : Ptr64 void
+0x130 WakeUpEnable : Uint4B
+0x138 CloseCompleteEvent : Ptr64 _KEVENT
+0x140 QC : _QUEUED_CLOSE
+0x168 AfReferences : Int4B
+0x170 NextGlobalOpen : Ptr64 _NDIS_OPEN_BLOCK
+0x178 MiniportNextOpen : Ptr64 _NDIS_OPEN_BLOCK
+0x180 ProtocolNextOpen : Ptr64 _NDIS_OPEN_BLOCK
+0x188 BindDeviceName : Ptr64 _UNICODE_STRING
+0x190 RootDeviceName : Ptr64 _UNICODE_STRING
+0x198 FilterNextOpen : Ptr64 _NDIS_OPEN_BLOCK
+0x1a0 PacketFilters : Uint4B
+0x1a4 OldPacketFilters : Uint4B
+0x1a8 MaxMulticastAddresses : Uint4B
+0x1b0 MCastAddressBuf : Ptr64 _ETH_MULTICAST_WRAPPER
+0x1b8 NumAddresses : Uint4B
+0x1c0 OldMCastAddressBuf : Ptr64 _ETH_MULTICAST_WRAPPER
+0x1c8 OldNumAddresses : Uint4B
+0x1a8 FunctionalAddress : Uint4B
+0x1ac OldFunctionalAddress : Uint4B
+0x1b0 UsingGroupAddress : UChar
+0x1b1 OldUsingGroupAddress : UChar
+0x1b4 FARefCount : [32] Uint4B
+0x234 OldFARefCount : [32] Uint4B
+0x2c0 RSSParametersBuf : [196] UChar
+0x388 NdisRSSParameters : Ptr64 _NDIS_RECEIVE_SCALE_PARAMETERS
+0x390 PatternList : _SINGLE_LIST_ENTRY
+0x398 ProtSendNetBufferListsComplete : Ptr64 void
+0x3a0 NextSendNetBufferListsComplete : Ptr64 void
+0x3a8 NextSendNetBufferListsCompleteContext : Ptr64 Void
+0x3b0 SendCompleteNdisPacketContext : Ptr64 Void
+0x3b8 SendCompleteNetBufferListsContext : Ptr64 Void
+0x3c0 ReceiveNetBufferLists : Ptr64 void
+0x3c8 ReceiveNetBufferListsContext : Ptr64 Void
+0x3d0 SavedSendNBLHandler : Ptr64 void
+0x3d8 SavedSendPacketsHandler : Ptr64 void
+0x3e0 SavedCancelSendPacketsHandler : Ptr64 void
+0x3e8 SavedSendHandler : Ptr64 int
+0x3e8 SavedWanSendHandler : Ptr64 int
+0x3f0 InitiateOffloadCompleteHandler : Ptr64 void
+0x3f8 TerminateOffloadCompleteHandler : Ptr64 void
+0x400 UpdateOffloadCompleteHandler : Ptr64 void
+0x408 InvalidateOffloadCompleteHandler : Ptr64 void
+0x410 QueryOffloadCompleteHandler : Ptr64 void
+0x418 IndicateOffloadEventHandler : Ptr64 void
+0x420 TcpOffloadSendCompleteHandler : Ptr64 void
+0x428 TcpOffloadReceiveCompleteHandler : Ptr64 void
+0x430 TcpOffloadDisconnectCompleteHandler : Ptr64 void
+0x438 TcpOffloadForwardCompleteHandler : Ptr64 void
+0x440 TcpOffloadEventHandler : Ptr64 void
+0x448 TcpOffloadReceiveIndicateHandler : Ptr64 int
+0x450 ProtocolMajorVersion : Uint4B
+0x458 IfBlock : Ptr64 Ptr64 Void
+0x460 PnPStateLock : _NDIS_SPIN_LOCK
+0x470 PnPState : _NDIS_NDIS5_DRIVER_STATE
+0x474 TranslationState : _NDIS_OPEN_TRANSLATION_STATE
+0x478 OutstandingSends : Int4B
+0x480 PauseEvent : _NDIS_EVENT
+0x498 Ndis5WanSendHandler : Ptr64 int
+0x4a0 ProtSendCompleteHandler : Ptr64 void
+0x4a8 OidRequestCompleteHandler : Ptr64 void
+0x4b0 OidRequestCompleteContext : Ptr64 Void
+0x4b8 SetInfoBuf : Ptr64 Void
+0x4c0 SetInfoBufLen : Uint2B
+0x4c4 RequestBuffer : Uint4B
+0x4c8 SetInfoOid : Uint4B
+0x4d0 OidContext : Ptr64 Void
+0x4d8 NumOfPauseRestartRequests : Int4B
+0x4dc State : _NDIS_OPEN_STATE
+0x4e0 Offload : Ptr64 _NDIS_OPEN_OFFLOAD
+0x4e8 StatusUnbindWorkItem : Ptr64 _NDIS_STATUS_UNBIND_WORKITEM
+0x4f0 DpcStartCycle : Uint8B
+0x4f8 NumberOfNetBufferLists : Uint4B
+0x4fc ReceivedAPacket : [64] UChar
+0x540 DirectOidRequestCompleteHandler : Ptr64 void
+0x548 DirectOidRequestHandler : Ptr64 int
+0x550 DirectOidRequestCompleteContext : Ptr64 Void
windows7 32bit
+0x000 MacHandle : Ptr32 Void
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 BindingHandle : Ptr32 Void
+0x008 MiniportHandle : Ptr32 _NDIS_MINIPORT_BLOCK
+0x00c ProtocolHandle : Ptr32 _NDIS_PROTOCOL_BLOCK
+0x010 ProtocolBindingContext : Ptr32 Void
+0x014 NextSendHandler : Ptr32 void
+0x018 NextSendContext : Ptr32 Void
+0x01c MiniportAdapterContext : Ptr32 Void
+0x020 Reserved1 : UChar
+0x021 CallingFromNdis6Protocol : UChar
+0x022 Reserved3 : UChar
+0x023 Reserved4 : UChar
+0x024 NextReturnNetBufferListsHandler : Ptr32 void
+0x028 Reserved5 : Uint4B
+0x02c NextReturnNetBufferListsContext : Ptr32 Void
+0x030 SendHandler : Ptr32 int
+0x030 WanSendHandler : Ptr32 int
+0x034 TransferDataHandler : Ptr32 int
+0x038 SendCompleteHandler : Ptr32 void
+0x03c TransferDataCompleteHandler : Ptr32 void
+0x040 ReceiveHandler : Ptr32 int
+0x044 ReceiveCompleteHandler : Ptr32 void
+0x048 WanReceiveHandler : Ptr32 int
+0x04c RequestCompleteHandler : Ptr32 void
+0x050 ReceivePacketHandler : Ptr32 int
+0x054 SendPacketsHandler : Ptr32 void
+0x058 ResetHandler : Ptr32 int
+0x05c RequestHandler : Ptr32 int
+0x060 OidRequestHandler : Ptr32 int
+0x064 ResetCompleteHandler : Ptr32 void
+0x068 StatusHandler : Ptr32 void
+0x068 StatusHandlerEx : Ptr32 void
+0x06c StatusCompleteHandler : Ptr32 void
+0x070 Flags : Uint4B
+0x074 References : Int4B
+0x078 SpinLock : Uint4B
+0x07c FilterHandle : Ptr32 Void
+0x080 FrameTypeArraySize : Uint4B
+0x084 FrameTypeArray : [4] Uint2B
+0x08c ProtocolOptions : Uint4B
+0x090 CurrentLookahead : Uint4B
+0x094 WSendHandler : Ptr32 int
+0x098 WTransferDataHandler : Ptr32 int
+0x09c WSendPacketsHandler : Ptr32 void
+0x0a0 CancelSendPacketsHandler : Ptr32 void
+0x0a4 WakeUpEnable : Uint4B
+0x0a8 PMCurrentParameters : _NDIS_PM_PARAMETERS
+0x0b8 CloseCompleteEvent : Ptr32 _KEVENT
+0x0bc QC : _QUEUED_CLOSE
+0x0d0 AfReferences : Int4B
+0x0d4 NextGlobalOpen : Ptr32 _NDIS_OPEN_BLOCK
+0x0d8 MiniportNextOpen : Ptr32 _NDIS_OPEN_BLOCK
+0x0dc ProtocolNextOpen : Ptr32 _NDIS_OPEN_BLOCK
+0x0e0 BindDeviceName : Ptr32 _UNICODE_STRING
+0x0e4 RootDeviceName : Ptr32 _UNICODE_STRING
+0x0e8 FilterNextOpen : Ptr32 _NDIS_OPEN_BLOCK
+0x0ec PacketFilters : Uint4B
+0x0f0 OldPacketFilters : Uint4B
+0x0f4 MaxMulticastAddresses : Uint4B
+0x0f8 MCastAddressBuf : Ptr32 _ETH_MULTICAST_WRAPPER
+0x0fc NumAddresses : Uint4B
+0x100 OldMCastAddressBuf : Ptr32 _ETH_MULTICAST_WRAPPER
+0x104 OldNumAddresses : Uint4B
+0x0f4 FunctionalAddress : Uint4B
+0x0f8 OldFunctionalAddress : Uint4B
+0x0fc UsingGroupAddress : UChar
+0x0fd OldUsingGroupAddress : UChar
+0x100 FARefCount : [32] Uint4B
+0x180 OldFARefCount : [32] Uint4B
+0x200 RSSParametersBuf : [604] UChar
+0x45c NdisRSSParameters : Ptr32 _NDIS_RECEIVE_SCALE_PARAMETERS
+0x460 PatternList : _SINGLE_LIST_ENTRY
+0x464 WOLPatternList : _SINGLE_LIST_ENTRY
+0x468 PMProtocolOffloadList : _SINGLE_LIST_ENTRY
+0x46c ProtSendNetBufferListsComplete : Ptr32 void
+0x470 SendCompleteNdisPacketContext : Ptr32 Void
+0x474 SendCompleteNetBufferListsContext : Ptr32 Void
+0x478 ReceiveNetBufferLists : Ptr32 void
+0x47c ReceiveNetBufferListsContext : Ptr32 Void
+0x480 SavedSendNBLHandler : Ptr32 void
+0x484 SavedSendPacketsHandler : Ptr32 void
+0x488 SavedCancelSendPacketsHandler : Ptr32 void
+0x48c SavedSendHandler : Ptr32 int
+0x48c SavedWanSendHandler : Ptr32 int
+0x490 InitiateOffloadCompleteHandler : Ptr32 void
+0x494 TerminateOffloadCompleteHandler : Ptr32 void
+0x498 UpdateOffloadCompleteHandler : Ptr32 void
+0x49c InvalidateOffloadCompleteHandler : Ptr32 void
+0x4a0 QueryOffloadCompleteHandler : Ptr32 void
+0x4a4 IndicateOffloadEventHandler : Ptr32 void
+0x4a8 TcpOffloadSendCompleteHandler : Ptr32 void
+0x4ac TcpOffloadReceiveCompleteHandler : Ptr32 void
+0x4b0 TcpOffloadDisconnectCompleteHandler : Ptr32 void
+0x4b4 TcpOffloadForwardCompleteHandler : Ptr32 void
+0x4b8 TcpOffloadEventHandler : Ptr32 void
+0x4bc TcpOffloadReceiveIndicateHandler : Ptr32 int
+0x4c0 ProtocolMajorVersion : Uint4B
+0x4c4 IfBlock : Ptr32 Ptr32 Void
+0x4c8 PnPStateLock : _NDIS_SPIN_LOCK
+0x4d0 PnPState : _NDIS_NDIS5_DRIVER_STATE
+0x4d4 TranslationState : _NDIS_OPEN_TRANSLATION_STATE
+0x4d8 OutstandingSends : Int4B
+0x4dc PauseEvent : _NDIS_EVENT
+0x4ec Ndis5WanSendHandler : Ptr32 int
+0x4f0 ProtSendCompleteHandler : Ptr32 void
+0x4f4 OidRequestCompleteHandler : Ptr32 void
+0x4f8 OidRequestCompleteContext : Ptr32 Void
+0x4fc NumOfPauseRestartRequests : Int4B
+0x500 State : _NDIS_OPEN_STATE
+0x504 Offload : Ptr32 _NDIS_OPEN_OFFLOAD
+0x508 StatusUnbindWorkItem : Ptr32 _NDIS_STATUS_UNBIND_WORKITEM
+0x510 DpcStartCycle : Uint8B
+0x518 NumberOfNetBufferLists : Uint4B
+0x51c ReceivedAPacket : Ptr32 UChar
+0x520 DirectOidRequestCompleteHandler : Ptr32 void
+0x524 DirectOidRequestHandler : Ptr32 int
+0x528 DirectOidRequestCompleteContext : Ptr32 Void
+0x52c ReceiveQueueList : _LIST_ENTRY
+0x534 NumReceiveQueues : Uint4B
+0x538 SharedMemoryBlockList : _LIST_ENTRY
+0x540 AllocateSharedMemoryHandler : Ptr32 int
+0x544 FreeSharedMemoryHandler : Ptr32 void
+0x548 AllocateSharedMemoryContext : Ptr32 Void
windows7 64bit
+0x000 MacHandle : Ptr64 Void
+0x000 Header : _NDIS_OBJECT_HEADER
+0x008 BindingHandle : Ptr64 Void
+0x010 MiniportHandle : Ptr64 _NDIS_MINIPORT_BLOCK
+0x018 ProtocolHandle : Ptr64 _NDIS_PROTOCOL_BLOCK
+0x020 ProtocolBindingContext : Ptr64 Void
+0x028 NextSendHandler : Ptr64 void
+0x030 NextSendContext : Ptr64 Void
+0x038 MiniportAdapterContext : Ptr64 Void
+0x040 Reserved1 : UChar
+0x041 CallingFromNdis6Protocol : UChar
+0x042 Reserved3 : UChar
+0x043 Reserved4 : UChar
+0x048 NextReturnNetBufferListsHandler : Ptr64 void
+0x050 Reserved5 : Uint8B
+0x058 NextReturnNetBufferListsContext : Ptr64 Void
+0x060 SendHandler : Ptr64 int
+0x060 WanSendHandler : Ptr64 int
+0x068 TransferDataHandler : Ptr64 int
+0x070 SendCompleteHandler : Ptr64 void
+0x078 TransferDataCompleteHandler : Ptr64 void
+0x080 ReceiveHandler : Ptr64 int
+0x088 ReceiveCompleteHandler : Ptr64 void
+0x090 WanReceiveHandler : Ptr64 int
+0x098 RequestCompleteHandler : Ptr64 void
+0x0a0 ReceivePacketHandler : Ptr64 int
+0x0a8 SendPacketsHandler : Ptr64 void
+0x0b0 ResetHandler : Ptr64 int
+0x0b8 RequestHandler : Ptr64 int
+0x0c0 OidRequestHandler : Ptr64 int
+0x0c8 ResetCompleteHandler : Ptr64 void
+0x0d0 StatusHandler : Ptr64 void
+0x0d0 StatusHandlerEx : Ptr64 void
+0x0d8 StatusCompleteHandler : Ptr64 void
+0x0e0 Flags : Uint4B
+0x0e4 References : Int4B
+0x0e8 SpinLock : Uint8B
+0x0f0 FilterHandle : Ptr64 Void
+0x0f8 FrameTypeArraySize : Uint4B
+0x0fc FrameTypeArray : [4] Uint2B
+0x104 ProtocolOptions : Uint4B
+0x108 CurrentLookahead : Uint4B
+0x110 WSendHandler : Ptr64 int
+0x118 WTransferDataHandler : Ptr64 int
+0x120 WSendPacketsHandler : Ptr64 void
+0x128 CancelSendPacketsHandler : Ptr64 void
+0x130 WakeUpEnable : Uint4B
+0x134 PMCurrentParameters : _NDIS_PM_PARAMETERS
+0x148 CloseCompleteEvent : Ptr64 _KEVENT
+0x150 QC : _QUEUED_CLOSE
+0x178 AfReferences : Int4B
+0x180 NextGlobalOpen : Ptr64 _NDIS_OPEN_BLOCK
+0x188 MiniportNextOpen : Ptr64 _NDIS_OPEN_BLOCK
+0x190 ProtocolNextOpen : Ptr64 _NDIS_OPEN_BLOCK
+0x198 BindDeviceName : Ptr64 _UNICODE_STRING
+0x1a0 RootDeviceName : Ptr64 _UNICODE_STRING
+0x1a8 FilterNextOpen : Ptr64 _NDIS_OPEN_BLOCK
+0x1b0 PacketFilters : Uint4B
+0x1b4 OldPacketFilters : Uint4B
+0x1b8 MaxMulticastAddresses : Uint4B
+0x1c0 MCastAddressBuf : Ptr64 _ETH_MULTICAST_WRAPPER
+0x1c8 NumAddresses : Uint4B
+0x1d0 OldMCastAddressBuf : Ptr64 _ETH_MULTICAST_WRAPPER
+0x1d8 OldNumAddresses : Uint4B
+0x1b8 FunctionalAddress : Uint4B
+0x1bc OldFunctionalAddress : Uint4B
+0x1c0 UsingGroupAddress : UChar
+0x1c1 OldUsingGroupAddress : UChar
+0x1c4 FARefCount : [32] Uint4B
+0x244 OldFARefCount : [32] Uint4B
+0x2d0 RSSParametersBuf : [656] UChar
+0x560 NdisRSSParameters : Ptr64 _NDIS_RECEIVE_SCALE_PARAMETERS
+0x568 PatternList : _SINGLE_LIST_ENTRY
+0x570 WOLPatternList : _SINGLE_LIST_ENTRY
+0x578 PMProtocolOffloadList : _SINGLE_LIST_ENTRY
+0x580 ProtSendNetBufferListsComplete : Ptr64 void
+0x588 SendCompleteNdisPacketContext : Ptr64 Void
+0x590 SendCompleteNetBufferListsContext : Ptr64 Void
+0x598 ReceiveNetBufferLists : Ptr64 void
+0x5a0 ReceiveNetBufferListsContext : Ptr64 Void
+0x5a8 SavedSendNBLHandler : Ptr64 void
+0x5b0 SavedSendPacketsHandler : Ptr64 void
+0x5b8 SavedCancelSendPacketsHandler : Ptr64 void
+0x5c0 SavedSendHandler : Ptr64 int
+0x5c0 SavedWanSendHandler : Ptr64 int
+0x5c8 InitiateOffloadCompleteHandler : Ptr64 void
+0x5d0 TerminateOffloadCompleteHandler : Ptr64 void
+0x5d8 UpdateOffloadCompleteHandler : Ptr64 void
+0x5e0 InvalidateOffloadCompleteHandler : Ptr64 void
+0x5e8 QueryOffloadCompleteHandler : Ptr64 void
+0x5f0 IndicateOffloadEventHandler : Ptr64 void
+0x5f8 TcpOffloadSendCompleteHandler : Ptr64 void
+0x600 TcpOffloadReceiveCompleteHandler : Ptr64 void
+0x608 TcpOffloadDisconnectCompleteHandler : Ptr64 void
+0x610 TcpOffloadForwardCompleteHandler : Ptr64 void
+0x618 TcpOffloadEventHandler : Ptr64 void
+0x620 TcpOffloadReceiveIndicateHandler : Ptr64 int
+0x628 ProtocolMajorVersion : Uint4B
+0x630 IfBlock : Ptr64 Ptr64 Void
+0x638 PnPStateLock : _NDIS_SPIN_LOCK
+0x648 PnPState : _NDIS_NDIS5_DRIVER_STATE
+0x64c TranslationState : _NDIS_OPEN_TRANSLATION_STATE
+0x650 OutstandingSends : Int4B
+0x658 PauseEvent : _NDIS_EVENT
+0x670 Ndis5WanSendHandler : Ptr64 int
+0x678 ProtSendCompleteHandler : Ptr64 void
+0x680 OidRequestCompleteHandler : Ptr64 void
+0x688 OidRequestCompleteContext : Ptr64 Void
+0x690 NumOfPauseRestartRequests : Int4B
+0x694 State : _NDIS_OPEN_STATE
+0x698 Offload : Ptr64 _NDIS_OPEN_OFFLOAD
+0x6a0 StatusUnbindWorkItem : Ptr64 _NDIS_STATUS_UNBIND_WORKITEM
+0x6a8 DpcStartCycle : Uint8B
+0x6b0 NumberOfNetBufferLists : Uint4B
+0x6b8 ReceivedAPacket : Ptr64 UChar
+0x6c0 DirectOidRequestCompleteHandler : Ptr64 void
+0x6c8 DirectOidRequestHandler : Ptr64 int
+0x6d0 DirectOidRequestCompleteContext : Ptr64 Void
+0x6d8 ReceiveQueueList : _LIST_ENTRY
+0x6e8 NumReceiveQueues : Uint4B
+0x6f0 SharedMemoryBlockList : _LIST_ENTRY
+0x700 AllocateSharedMemoryHandler : Ptr64 int
+0x708 FreeSharedMemoryHandler : Ptr64 void
+0x710 AllocateSharedMemoryContext : Ptr64 Void
В твоих дампах структур, возможно, присутствует неточность/недосказанность, а именно - минорная версия NDIS инкрементировалась на переходе Vista SP0 - SP1, что не отражено явно.
ОтветитьУдалитьможет быть
ОтветитьУдалитьна самом деле у меня нету ни одной виртуалки с vista sp1, так что проверить не на чем
добавил структуры от vista sp2
ОтветитьУдалить