Часть 1
Часть 2
На сей раз попробуем достать ndisProtocolList вместе со смещением на поле NextProtocol (необходимое для итерации) по списку совершенно недокументированных структур _NDIS_PROTOCOL_BLOCK
Способ совершенно идентичен ранее примененному - дизассемблирование функций из ndis.sys. В данном случае у нас есть целых две подходящие экспортируемые функции.
NdisDeregisterProtocol
mov edi, offset _ndisProtocolListLock
mov ecx, edi
; зовем из IAT ф-цию hal!KfAcquireSpinLock
; в 64битной версии - KeAcquireSpinLockRaiseToDpc
; обращение к памяти в секции .data выше этого вызова даст нам лок
; следующее обращение к памяти в секции .data после вызова даст нам ndisProtocolList
call ds:__imp_@KfAcquireSpinLock@4 ; KfAcquireSpinLock(x)
mov esi, _ndisProtocolList
jmp short loc_22831
loc_22829:
cmp esi, [ebp+NdisProtocolHandle]
jz short loc_22835
mov esi, [esi+10h] ; NextProtocol
NdisRegisterProtocol
mov esi, offset _ndisProtocolListLock
mov ecx, esi
mov [eax], ebx
; зовем из IAT ф-цию hal!KfAcquireSpinLock
; в 64битной версии - KeAcquireSpinLockRaiseToDpc
; обращение к памяти в секции .data выше этого вызова даст нам лок
; следующее обращение к памяти в секции .data после вызова даст нам ndisProtocolList
call ds:__imp_@KfAcquireSpinLock@4 ; KfAcquireSpinLock(x)
mov ecx, _ndisProtocolList
mov [ebx+10h], ecx ; NextProtocol mov dl, al
mov ecx, esi
mov _ndisProtocolList, ebx
В этой функции паттерн для определения поля итератора несколько изменился - в данном случае происходит не итерация по списку структур, а добавление нового элемента в список - адрес _ndisProtocolList сохраняется как указатель на следующий элемент списка, а чуть ниже адрес нового элемента заносится в _ndisProtocolList и становится первым элементом в списке. Но как видите смещение осталось точно таким же
Как выглядит структура _NDIS_PROTOCOL_BLOCK под некоторыми доступными мне версиями windows:
xp 32bit
dt ndis!_NDIS_PROTOCOL_BLOCK
+0x000 OpenQueue : Ptr32 _NDIS_OPEN_BLOCK
+0x004 Ref : _REFERENCE
+0x00c DeregEvent : Ptr32 _KEVENT
+0x010 NextProtocol : Ptr32 _NDIS_PROTOCOL_BLOCK
+0x014 ProtocolCharacteristics : _NDIS50_PROTOCOL_CHARACTERISTICS
+0x080 WorkItem : _WORK_QUEUE_ITEM
+0x090 Mutex : _KMUTANT
+0x0b0 MutexOwner : Uint4B
+0x0b4 BindDeviceName : Ptr32 _UNICODE_STRING
+0x0b8 RootDeviceName : Ptr32 _UNICODE_STRING
+0x0bc AssociatedMiniDriver : Ptr32 _NDIS_M_DRIVER_BLOCK
+0x0c0 BindingAdapter : Ptr32 _NDIS_MINIPORT_BLOCKdt ndis!_NDIS50_PROTOCOL_CHARACTERISTICS
+0x000 MajorNdisVersion : UChar
+0x001 MinorNdisVersion : UChar
+0x002 Filler : Uint2B
+0x004 Reserved : Uint4B
+0x004 Flags : Uint4B
+0x008 OpenAdapterCompleteHandler : Ptr32 void
+0x00c CloseAdapterCompleteHandler : Ptr32 void
+0x010 SendCompleteHandler : Ptr32 void
+0x010 WanSendCompleteHandler : Ptr32 void
+0x014 TransferDataCompleteHandler : Ptr32 void
+0x014 WanTransferDataCompleteHandler : Ptr32 void
+0x018 ResetCompleteHandler : Ptr32 void
+0x01c RequestCompleteHandler : Ptr32 void
+0x020 ReceiveHandler : Ptr32 int
+0x020 WanReceiveHandler : Ptr32 int
+0x024 ReceiveCompleteHandler : Ptr32 void
+0x028 StatusHandler : Ptr32 void
+0x02c StatusCompleteHandler : Ptr32 void
+0x030 Name : _UNICODE_STRING
+0x038 ReceivePacketHandler : Ptr32 int
+0x03c BindAdapterHandler : Ptr32 void
+0x040 UnbindAdapterHandler : Ptr32 void
+0x044 PnPEventHandler : Ptr32 int
+0x048 UnloadHandler : Ptr32 void
+0x04c ReservedHandlers : [4] Ptr32 Void
+0x05c CoSendCompleteHandler : Ptr32 void
+0x060 CoStatusHandler : Ptr32 void
+0x064 CoReceivePacketHandler : Ptr32 unsigned int
+0x068 CoAfRegisterNotifyHandler : Ptr32 void
xp & w2k3 64bit
dt ndis!_NDIS_PROTOCOL_BLOCK
+0x000 OpenQueue : Ptr64 _NDIS_OPEN_BLOCK
+0x008 Ref : _REFERENCE
+0x018 DeregEvent : Ptr64 _KEVENT
+0x020 NextProtocol : Ptr64 _NDIS_PROTOCOL_BLOCK
+0x028 ProtocolCharacteristics : _NDIS52_PROTOCOL_CHARACTERISTICS
+0x0f8 WorkItem : _WORK_QUEUE_ITEM
+0x118 Mutex : _KMUTANT
+0x150 MutexOwner : Uint4B
+0x158 BindDeviceName : Ptr64 _UNICODE_STRING
+0x160 RootDeviceName : Ptr64 _UNICODE_STRING
+0x168 AssociatedMiniDriver : Ptr64 _NDIS_M_DRIVER_BLOCK
+0x170 BindingAdapter : Ptr64 _NDIS_MINIPORT_BLOCK
+0x178 InitiateOffloadCompleteHandler : Ptr64 void
+0x180 TerminateOffloadCompleteHandler : Ptr64 void
+0x188 UpdateOffloadCompleteHandler : Ptr64 void
+0x190 InvalidateOffloadCompleteHandler : Ptr64 void
+0x198 QueryOffloadCompleteHandler : Ptr64 void
+0x1a0 IndicateOffloadEventHandler : Ptr64 void
+0x1a8 TcpOffloadSendCompleteHandler : Ptr64 void
+0x1b0 TcpOffloadReceiveCompleteHandler : Ptr64 void
+0x1b8 TcpOffloadDisconnectCompleteHandler : Ptr64 void
+0x1c0 TcpOffloadForwardCompleteHandler : Ptr64 void
+0x1c8 TcpOffloadEventHandler : Ptr64 void
+0x1d0 TcpOffloadReceiveIndicateHandler : Ptr64 intdt ndis!_NDIS52_PROTOCOL_CHARACTERISTICS
+0x000 MajorNdisVersion : UChar
+0x001 MinorNdisVersion : UChar
+0x002 Filler : Uint2B
+0x004 Reserved : Uint4B
+0x004 Flags : Uint4B
+0x008 OpenAdapterCompleteHandler : Ptr64 void
+0x010 CloseAdapterCompleteHandler : Ptr64 void
+0x018 SendCompleteHandler : Ptr64 void
+0x018 WanSendCompleteHandler : Ptr64 void
+0x020 TransferDataCompleteHandler : Ptr64 void
+0x020 WanTransferDataCompleteHandler : Ptr64 void
+0x028 ResetCompleteHandler : Ptr64 void
+0x030 RequestCompleteHandler : Ptr64 void
+0x038 ReceiveHandler : Ptr64 int
+0x038 WanReceiveHandler : Ptr64 int
+0x040 ReceiveCompleteHandler : Ptr64 void
+0x048 StatusHandler : Ptr64 void
+0x050 StatusCompleteHandler : Ptr64 void
+0x058 Name : _UNICODE_STRING
+0x068 ReceivePacketHandler : Ptr64 int
+0x070 BindAdapterHandler : Ptr64 void
+0x078 UnbindAdapterHandler : Ptr64 void
+0x080 PnPEventHandler : Ptr64 int
+0x088 UnloadHandler : Ptr64 void
+0x090 ReservedHandlers : [4] Ptr64 Void
+0x0b0 CoSendCompleteHandler : Ptr64 void
+0x0b8 CoStatusHandler : Ptr64 void
+0x0c0 CoReceivePacketHandler : Ptr64 unsigned int
+0x0c8 CoAfRegisterNotifyHandler : Ptr64 void
vista 32bit
dt ndis!_NDIS_PROTOCOL_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 ProtocolDriverContext : Ptr32 Void
+0x008 NextProtocol : Ptr32 _NDIS_PROTOCOL_BLOCK
+0x00c OpenQueue : Ptr32 _NDIS_OPEN_BLOCK
+0x010 Ref : _REFERENCE
+0x018 MajorNdisVersion : UChar
+0x019 MinorNdisVersion : UChar
+0x01a MajorDriverVersion : UChar
+0x01b MinorDriverVersion : UChar
+0x01c Reserved : Uint4B
+0x020 Flags : Uint4B
+0x024 Name : _UNICODE_STRING
+0x02c IsIPv4 : UChar
+0x02d IsIPv6 : UChar
+0x02e IsNdisTest6 : UChar
+0x030 BindAdapterHandlerEx : Ptr32 int
+0x034 UnbindAdapterHandlerEx : Ptr32 int
+0x038 OpenAdapterCompleteHandlerEx : Ptr32 void
+0x03c CloseAdapterCompleteHandlerEx : Ptr32 void
+0x040 PnPEventHandler : Ptr32 int
+0x040 NetPnPEventHandler : Ptr32 int
+0x044 UnloadHandler : Ptr32 void
+0x048 UninstallHandler : Ptr32 void
+0x04c RequestCompleteHandler : Ptr32 void
+0x050 StatusHandlerEx : Ptr32 void
+0x050 StatusHandler : Ptr32 void
+0x054 StatusCompleteHandler : Ptr32 void
+0x058 ReceiveNetBufferListsHandler : Ptr32 void
+0x05c SendNetBufferListsCompleteHandler : Ptr32 void
+0x060 CoStatusHandlerEx : Ptr32 void
+0x060 CoStatusHandler : Ptr32 void
+0x064 CoAfRegisterNotifyHandler : Ptr32 void
+0x068 CoReceiveNetBufferListsHandler : Ptr32 void
+0x06c CoSendNetBufferListsCompleteHandler : Ptr32 void
+0x070 OpenAdapterCompleteHandler : Ptr32 void
+0x074 CloseAdapterCompleteHandler : Ptr32 void
+0x078 SendCompleteHandler : Ptr32 void
+0x078 WanSendCompleteHandler : Ptr32 void
+0x07c TransferDataCompleteHandler : Ptr32 void
+0x07c WanTransferDataCompleteHandler : Ptr32 void
+0x080 ResetCompleteHandler : Ptr32 void
+0x084 ReceiveHandler : Ptr32 int
+0x084 WanReceiveHandler : Ptr32 int
+0x088 ReceiveCompleteHandler : Ptr32 void
+0x08c ReceivePacketHandler : Ptr32 int
+0x090 BindAdapterHandler : Ptr32 void
+0x094 UnbindAdapterHandler : Ptr32 void
+0x098 CoSendCompleteHandler : Ptr32 void
+0x09c CoReceivePacketHandler : Ptr32 unsigned int
+0x0a0 OidRequestCompleteHandler : Ptr32 void
+0x0a4 WorkItem : _WORK_QUEUE_ITEM
+0x0b4 Mutex : _KMUTANT
+0x0d4 MutexOwnerThread : Ptr32 Void
+0x0d8 MutexOwnerCount : Uint4B
+0x0dc MutexOwner : Uint4B
+0x0e0 BindDeviceName : Ptr32 _UNICODE_STRING
+0x0e4 RootDeviceName : Ptr32 _UNICODE_STRING
+0x0e8 AssociatedMiniDriver : Ptr32 _NDIS_M_DRIVER_BLOCK
+0x0ec BindingAdapter : Ptr32 _NDIS_MINIPORT_BLOCK
+0x0f0 DeregEvent : Ptr32 _KEVENT
+0x0f4 ClientChars : _NDIS_CO_CLIENT_OPTIONAL_HANDLERS
+0x0f4 CallMgrChars : _NDIS_CO_CALL_MANAGER_OPTIONAL_HANDLERS
+0x148 InitiateOffloadCompleteHandler : Ptr32 void
+0x14c TerminateOffloadCompleteHandler : Ptr32 void
+0x150 UpdateOffloadCompleteHandler : Ptr32 void
+0x154 InvalidateOffloadCompleteHandler : Ptr32 void
+0x158 QueryOffloadCompleteHandler : Ptr32 void
+0x15c IndicateOffloadEventHandler : Ptr32 void
+0x160 TcpOffloadSendCompleteHandler : Ptr32 void
+0x164 TcpOffloadReceiveCompleteHandler : Ptr32 void
+0x168 TcpOffloadDisconnectCompleteHandler : Ptr32 void
+0x16c TcpOffloadForwardCompleteHandler : Ptr32 void
+0x170 TcpOffloadEventHandler : Ptr32 void
+0x174 TcpOffloadReceiveIndicateHandler : Ptr32 int
vista 64bit
dt ndis!_NDIS_PROTOCOL_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x008 ProtocolDriverContext : Ptr64 Void
+0x010 NextProtocol : Ptr64 _NDIS_PROTOCOL_BLOCK
+0x018 OpenQueue : Ptr64 _NDIS_OPEN_BLOCK
+0x020 Ref : _REFERENCE
+0x030 MajorNdisVersion : UChar
+0x031 MinorNdisVersion : UChar
+0x032 MajorDriverVersion : UChar
+0x033 MinorDriverVersion : UChar
+0x034 Reserved : Uint4B
+0x038 Flags : Uint4B
+0x040 Name : _UNICODE_STRING
+0x050 IsIPv4 : UChar
+0x051 IsIPv6 : UChar
+0x052 IsNdisTest6 : UChar
+0x058 BindAdapterHandlerEx : Ptr64 int
+0x060 UnbindAdapterHandlerEx : Ptr64 int
+0x068 OpenAdapterCompleteHandlerEx : Ptr64 void
+0x070 CloseAdapterCompleteHandlerEx : Ptr64 void
+0x078 PnPEventHandler : Ptr64 int
+0x078 NetPnPEventHandler : Ptr64 int
+0x080 UnloadHandler : Ptr64 void
+0x088 UninstallHandler : Ptr64 void
+0x090 RequestCompleteHandler : Ptr64 void
+0x098 StatusHandlerEx : Ptr64 void
+0x098 StatusHandler : Ptr64 void
+0x0a0 StatusCompleteHandler : Ptr64 void
+0x0a8 ReceiveNetBufferListsHandler : Ptr64 void
+0x0b0 SendNetBufferListsCompleteHandler : Ptr64 void
+0x0b8 CoStatusHandlerEx : Ptr64 void
+0x0b8 CoStatusHandler : Ptr64 void
+0x0c0 CoAfRegisterNotifyHandler : Ptr64 void
+0x0c8 CoReceiveNetBufferListsHandler : Ptr64 void
+0x0d0 CoSendNetBufferListsCompleteHandler : Ptr64 void
+0x0d8 OpenAdapterCompleteHandler : Ptr64 void
+0x0e0 CloseAdapterCompleteHandler : Ptr64 void
+0x0e8 SendCompleteHandler : Ptr64 void
+0x0e8 WanSendCompleteHandler : Ptr64 void
+0x0f0 TransferDataCompleteHandler : Ptr64 void
+0x0f0 WanTransferDataCompleteHandler : Ptr64 void
+0x0f8 ResetCompleteHandler : Ptr64 void
+0x100 ReceiveHandler : Ptr64 int
+0x100 WanReceiveHandler : Ptr64 int
+0x108 ReceiveCompleteHandler : Ptr64 void
+0x110 ReceivePacketHandler : Ptr64 int
+0x118 BindAdapterHandler : Ptr64 void
+0x120 UnbindAdapterHandler : Ptr64 void
+0x128 CoSendCompleteHandler : Ptr64 void
+0x130 CoReceivePacketHandler : Ptr64 unsigned int
+0x138 OidRequestCompleteHandler : Ptr64 void
+0x140 WorkItem : _WORK_QUEUE_ITEM
+0x160 Mutex : _KMUTANT
+0x198 MutexOwnerThread : Ptr64 Void
+0x1a0 MutexOwnerCount : Uint4B
+0x1a4 MutexOwner : Uint4B
+0x1a8 BindDeviceName : Ptr64 _UNICODE_STRING
+0x1b0 RootDeviceName : Ptr64 _UNICODE_STRING
+0x1b8 AssociatedMiniDriver : Ptr64 _NDIS_M_DRIVER_BLOCK
+0x1c0 BindingAdapter : Ptr64 _NDIS_MINIPORT_BLOCK
+0x1c8 DeregEvent : Ptr64 _KEVENT
+0x1d0 ClientChars : _NDIS_CO_CLIENT_OPTIONAL_HANDLERS
+0x1d0 CallMgrChars : _NDIS_CO_CALL_MANAGER_OPTIONAL_HANDLERS
+0x270 InitiateOffloadCompleteHandler : Ptr64 void
+0x278 TerminateOffloadCompleteHandler : Ptr64 void
+0x280 UpdateOffloadCompleteHandler : Ptr64 void
+0x288 InvalidateOffloadCompleteHandler : Ptr64 void
+0x290 QueryOffloadCompleteHandler : Ptr64 void
+0x298 IndicateOffloadEventHandler : Ptr64 void
+0x2a0 TcpOffloadSendCompleteHandler : Ptr64 void
+0x2a8 TcpOffloadReceiveCompleteHandler : Ptr64 void
+0x2b0 TcpOffloadDisconnectCompleteHandler : Ptr64 void
+0x2b8 TcpOffloadForwardCompleteHandler : Ptr64 void
+0x2c0 TcpOffloadEventHandler : Ptr64 void
+0x2c8 TcpOffloadReceiveIndicateHandler : Ptr64 int windows 7 32bit
dt ndis!_NDIS_PROTOCOL_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 ProtocolDriverContext : Ptr32 Void
+0x008 NextProtocol : Ptr32 _NDIS_PROTOCOL_BLOCK
+0x00c OpenQueue : Ptr32 _NDIS_OPEN_BLOCK
+0x010 Ref : _REFERENCE
+0x018 MajorNdisVersion : UChar
+0x019 MinorNdisVersion : UChar
+0x01a MajorDriverVersion : UChar
+0x01b MinorDriverVersion : UChar
+0x01c Reserved : Uint4B
+0x020 Flags : Uint4B
+0x024 Name : _UNICODE_STRING
+0x02c IsIPv4 : UChar
+0x02d IsIPv6 : UChar
+0x02e IsNdisTest6 : UChar
+0x030 BindAdapterHandlerEx : Ptr32 int
+0x034 UnbindAdapterHandlerEx : Ptr32 int
+0x038 OpenAdapterCompleteHandlerEx : Ptr32 void
+0x03c CloseAdapterCompleteHandlerEx : Ptr32 void
+0x040 PnPEventHandler : Ptr32 int
+0x040 NetPnPEventHandler : Ptr32 int
+0x044 UnloadHandler : Ptr32 void
+0x048 UninstallHandler : Ptr32 void
+0x04c RequestCompleteHandler : Ptr32 void
+0x050 StatusHandlerEx : Ptr32 void
+0x050 StatusHandler : Ptr32 void
+0x054 StatusCompleteHandler : Ptr32 void
+0x058 ReceiveNetBufferListsHandler : Ptr32 void
+0x05c SendNetBufferListsCompleteHandler : Ptr32 void
+0x060 CoStatusHandlerEx : Ptr32 void
+0x060 CoStatusHandler : Ptr32 void
+0x064 CoAfRegisterNotifyHandler : Ptr32 void
+0x068 CoReceiveNetBufferListsHandler : Ptr32 void
+0x06c CoSendNetBufferListsCompleteHandler : Ptr32 void
+0x070 OpenAdapterCompleteHandler : Ptr32 void
+0x074 CloseAdapterCompleteHandler : Ptr32 void
+0x078 SendCompleteHandler : Ptr32 void
+0x078 WanSendCompleteHandler : Ptr32 void
+0x07c TransferDataCompleteHandler : Ptr32 void
+0x07c WanTransferDataCompleteHandler : Ptr32 void
+0x080 ResetCompleteHandler : Ptr32 void
+0x084 ReceiveHandler : Ptr32 int
+0x084 WanReceiveHandler : Ptr32 int
+0x088 ReceiveCompleteHandler : Ptr32 void
+0x08c ReceivePacketHandler : Ptr32 int
+0x090 BindAdapterHandler : Ptr32 void
+0x094 UnbindAdapterHandler : Ptr32 void
+0x098 CoSendCompleteHandler : Ptr32 void
+0x09c CoReceivePacketHandler : Ptr32 unsigned int
+0x0a0 OidRequestCompleteHandler : Ptr32 void
+0x0a4 WorkItem : _WORK_QUEUE_ITEM
+0x0b4 Mutex : _KMUTANT
+0x0d4 MutexOwnerThread : Ptr32 Void
+0x0d8 MutexOwnerCount : Uint4B
+0x0dc MutexOwner : Uint4B
+0x0e0 BindDeviceName : Ptr32 _UNICODE_STRING
+0x0e4 RootDeviceName : Ptr32 _UNICODE_STRING
+0x0e8 AssociatedMiniDriver : Ptr32 _NDIS_M_DRIVER_BLOCK
+0x0ec BindingAdapter : Ptr32 _NDIS_MINIPORT_BLOCK
+0x0f0 DeregEvent : Ptr32 _KEVENT
+0x0f4 ClientChars : _NDIS_CO_CLIENT_OPTIONAL_HANDLERS
+0x0f4 CallMgrChars : _NDIS_CO_CALL_MANAGER_OPTIONAL_HANDLERS
+0x148 InitiateOffloadCompleteHandler : Ptr32 void
+0x14c TerminateOffloadCompleteHandler : Ptr32 void
+0x150 UpdateOffloadCompleteHandler : Ptr32 void
+0x154 InvalidateOffloadCompleteHandler : Ptr32 void
+0x158 QueryOffloadCompleteHandler : Ptr32 void
+0x15c IndicateOffloadEventHandler : Ptr32 void
+0x160 TcpOffloadSendCompleteHandler : Ptr32 void
+0x164 TcpOffloadReceiveCompleteHandler : Ptr32 void
+0x168 TcpOffloadDisconnectCompleteHandler : Ptr32 void
+0x16c TcpOffloadForwardCompleteHandler : Ptr32 void
+0x170 TcpOffloadEventHandler : Ptr32 void
+0x174 TcpOffloadReceiveIndicateHandler : Ptr32 int
+0x178 DirectOidRequestCompleteHandler : Ptr32 void
+0x17c AllocateSharedMemoryHandler : Ptr32 int
+0x180 FreeSharedMemoryHandler : Ptr32 void
+0x184 AllocateSharedMemoryContext : Ptr32 Voidwindows 7 64bit
dt ndis!_NDIS_PROTOCOL_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x008 ProtocolDriverContext : Ptr64 Void
+0x010 NextProtocol : Ptr64 _NDIS_PROTOCOL_BLOCK
+0x018 OpenQueue : Ptr64 _NDIS_OPEN_BLOCK
+0x020 Ref : _REFERENCE
+0x030 MajorNdisVersion : UChar
+0x031 MinorNdisVersion : UChar
+0x032 MajorDriverVersion : UChar
+0x033 MinorDriverVersion : UChar
+0x034 Reserved : Uint4B
+0x038 Flags : Uint4B
+0x040 Name : _UNICODE_STRING
+0x050 IsIPv4 : UChar
+0x051 IsIPv6 : UChar
+0x052 IsNdisTest6 : UChar
+0x058 BindAdapterHandlerEx : Ptr64 int
+0x060 UnbindAdapterHandlerEx : Ptr64 int
+0x068 OpenAdapterCompleteHandlerEx : Ptr64 void
+0x070 CloseAdapterCompleteHandlerEx : Ptr64 void
+0x078 PnPEventHandler : Ptr64 int
+0x078 NetPnPEventHandler : Ptr64 int
+0x080 UnloadHandler : Ptr64 void
+0x088 UninstallHandler : Ptr64 void
+0x090 RequestCompleteHandler : Ptr64 void
+0x098 StatusHandlerEx : Ptr64 void
+0x098 StatusHandler : Ptr64 void
+0x0a0 StatusCompleteHandler : Ptr64 void
+0x0a8 ReceiveNetBufferListsHandler : Ptr64 void
+0x0b0 SendNetBufferListsCompleteHandler : Ptr64 void
+0x0b8 CoStatusHandlerEx : Ptr64 void
+0x0b8 CoStatusHandler : Ptr64 void
+0x0c0 CoAfRegisterNotifyHandler : Ptr64 void
+0x0c8 CoReceiveNetBufferListsHandler : Ptr64 void
+0x0d0 CoSendNetBufferListsCompleteHandler : Ptr64 void
+0x0d8 OpenAdapterCompleteHandler : Ptr64 void
+0x0e0 CloseAdapterCompleteHandler : Ptr64 void
+0x0e8 SendCompleteHandler : Ptr64 void
+0x0e8 WanSendCompleteHandler : Ptr64 void
+0x0f0 TransferDataCompleteHandler : Ptr64 void
+0x0f0 WanTransferDataCompleteHandler : Ptr64 void
+0x0f8 ResetCompleteHandler : Ptr64 void
+0x100 ReceiveHandler : Ptr64 int
+0x100 WanReceiveHandler : Ptr64 int
+0x108 ReceiveCompleteHandler : Ptr64 void
+0x110 ReceivePacketHandler : Ptr64 int
+0x118 BindAdapterHandler : Ptr64 void
+0x120 UnbindAdapterHandler : Ptr64 void
+0x128 CoSendCompleteHandler : Ptr64 void
+0x130 CoReceivePacketHandler : Ptr64 unsigned int
+0x138 OidRequestCompleteHandler : Ptr64 void
+0x140 WorkItem : _WORK_QUEUE_ITEM
+0x160 Mutex : _KMUTANT
+0x198 MutexOwnerThread : Ptr64 Void
+0x1a0 MutexOwnerCount : Uint4B
+0x1a4 MutexOwner : Uint4B
+0x1a8 BindDeviceName : Ptr64 _UNICODE_STRING
+0x1b0 RootDeviceName : Ptr64 _UNICODE_STRING
+0x1b8 AssociatedMiniDriver : Ptr64 _NDIS_M_DRIVER_BLOCK
+0x1c0 BindingAdapter : Ptr64 _NDIS_MINIPORT_BLOCK
+0x1c8 DeregEvent : Ptr64 _KEVENT
+0x1d0 ClientChars : _NDIS_CO_CLIENT_OPTIONAL_HANDLERS
+0x1d0 CallMgrChars : _NDIS_CO_CALL_MANAGER_OPTIONAL_HANDLERS
+0x270 InitiateOffloadCompleteHandler : Ptr64 void
+0x278 TerminateOffloadCompleteHandler : Ptr64 void
+0x280 UpdateOffloadCompleteHandler : Ptr64 void
+0x288 InvalidateOffloadCompleteHandler : Ptr64 void
+0x290 QueryOffloadCompleteHandler : Ptr64 void
+0x298 IndicateOffloadEventHandler : Ptr64 void
+0x2a0 TcpOffloadSendCompleteHandler : Ptr64 void
+0x2a8 TcpOffloadReceiveCompleteHandler : Ptr64 void
+0x2b0 TcpOffloadDisconnectCompleteHandler : Ptr64 void
+0x2b8 TcpOffloadForwardCompleteHandler : Ptr64 void
+0x2c0 TcpOffloadEventHandler : Ptr64 void
+0x2c8 TcpOffloadReceiveIndicateHandler : Ptr64 int
+0x2d0 DirectOidRequestCompleteHandler : Ptr64 void
+0x2d8 AllocateSharedMemoryHandler : Ptr64 int
+0x2e0 FreeSharedMemoryHandler : Ptr64 void
+0x2e8 AllocateSharedMemoryContext : Ptr64 Void
Комментариев нет:
Отправить комментарий