Часть 1
Часть 2
Часть 3
Часть 4
Часть 5
Эта последняя (я надеюсь) часть дает определения структур _NDIS_M_DRIVER_BLOCK и описывает способ их получения.
Список минидрайверов хранится в переменной ndisMiniDriverList и синхронизируется локом ndisMiniDriverListLock. Правда получить их на некоторых версиях windows не так уж просто - можно попробовать дизассемблировать экспортированную функцию NdisMRegisterMiniportDriver, но она появилась только начиная с висты. Для более ранних версий windows нужны дополнительные пляски с бубном - например под xp 32 бита ndisMiniDriverList используется в следующих функциях:
- ndisDereferenceDriver
- ndisCheckProtocolBindings
- ndisEnumerateInterfaces
- ndisSaveParameters
- ndisRegisterMiniportDriver
- ndisAddDevice
- ndisNotifyMiniports
- ndisHandleOrphanDevice
- ndisReferenceMiniportByName
mov esi, offset _ndisMiniDriverListLock
mov ecx, esi
; зовем из IAT ф-цию hal!KfAcquireSpinLock
; в 64битной версии - KeAcquireSpinLockRaiseToDpc
; обращение к памяти в секции .data выше этого вызова даст нам лок
; следующее обращение к памяти в секции .data после вызова даст нам ndisMiniDriverList
call ds:__imp_@KfAcquireSpinLock@4 ; KfAcquireSpinLock(x)
mov ecx, _ndisMiniDriverList
Навигация по списку структур осуществляется по полю NextDriver - начиная с висты это следующее поле после структуры NDIS_OBJECT_HEADER, в более ранних версиях windows - это первое поле в структуре _NDIS_M_DRIVER_BLOCK (соотв-но смещение поля равно нулю)
Как выглядят _NDIS_M_DRIVER_BLOCK под некоторыми доступными мне версиями windows:
xp & w2k3 32bit
dt ndis!_NDIS_M_DRIVER_BLOCK
+0x000 NextDriver : Ptr32 _NDIS_M_DRIVER_BLOCK
+0x004 MiniportQueue : Ptr32 _NDIS_MINIPORT_BLOCK
+0x008 NdisDriverInfo : Ptr32 _NDIS_WRAPPER_HANDLE
+0x00c AssociatedProtocol : Ptr32 _NDIS_PROTOCOL_BLOCK
+0x010 DeviceList : _LIST_ENTRY
+0x018 PendingDeviceList : Ptr32 _NDIS_PENDING_IM_INSTANCE
+0x01c UnloadHandler : Ptr32 void
+0x020 MiniportCharacteristics : _NDIS51_MINIPORT_CHARACTERISTICS
+0x09c MiniportsRemovedEvent : _KEVENT
+0x0ac Ref : _REFERENCE
+0x0b4 Flags : Uint2B
+0x0b8 IMStartRemoveMutex : _KMUTANT
+0x0d8 DriverVersion : Uint4B
dt ndis!_NDIS51_MINIPORT_CHARACTERISTICS
+0x000 MajorNdisVersion : UChar
+0x001 MinorNdisVersion : UChar
+0x002 Filler : Uint2B
+0x004 Reserved : Uint4B
+0x008 CheckForHangHandler : Ptr32 unsigned char
+0x00c DisableInterruptHandler : Ptr32 void
+0x010 EnableInterruptHandler : Ptr32 void
+0x014 HaltHandler : Ptr32 void
+0x018 HandleInterruptHandler : Ptr32 void
+0x01c InitializeHandler : Ptr32 int
+0x020 ISRHandler : Ptr32 void
+0x024 QueryInformationHandler : Ptr32 int
+0x028 ReconfigureHandler : Ptr32 int
+0x02c ResetHandler : Ptr32 int
+0x030 SendHandler : Ptr32 int
+0x030 WanSendHandler : Ptr32 int
+0x034 SetInformationHandler : Ptr32 int
+0x038 TransferDataHandler : Ptr32 int
+0x038 WanTransferDataHandler : Ptr32 int
+0x03c ReturnPacketHandler : Ptr32 void
+0x040 SendPacketsHandler : Ptr32 void
+0x044 AllocateCompleteHandler : Ptr32 void
+0x048 CoCreateVcHandler : Ptr32 int
+0x04c CoDeleteVcHandler : Ptr32 int
+0x050 CoActivateVcHandler : Ptr32 int
+0x054 CoDeactivateVcHandler : Ptr32 int
+0x058 CoSendPacketsHandler : Ptr32 void
+0x05c CoRequestHandler : Ptr32 int
+0x060 CancelSendPacketsHandler : Ptr32 void
+0x064 PnPEventNotifyHandler : Ptr32 void
+0x068 AdapterShutdownHandler : Ptr32 void
+0x06c Reserved1 : Ptr32 Void
+0x070 Reserved2 : Ptr32 Void
+0x074 Reserved3 : Ptr32 Void
+0x078 Reserved4 : Ptr32 Void
xp & w2k3 64bit
dt ndis!_NDIS_M_DRIVER_BLOCK
+0x000 NextDriver : Ptr64 _NDIS_M_DRIVER_BLOCK
+0x008 MiniportQueue : Ptr64 _NDIS_MINIPORT_BLOCK
+0x010 NdisDriverInfo : Ptr64 _NDIS_WRAPPER_HANDLE
+0x018 AssociatedProtocol : Ptr64 _NDIS_PROTOCOL_BLOCK
+0x020 DeviceList : _LIST_ENTRY
+0x030 PendingDeviceList : Ptr64 _NDIS_PENDING_IM_INSTANCE
+0x038 UnloadHandler : Ptr64 void
+0x040 MiniportCharacteristics : _NDIS52_MINIPORT_CHARACTERISTICS
+0x1a0 MiniportsRemovedEvent : _KEVENT
+0x1b8 Ref : _REFERENCE
+0x1c8 Flags : Uint2B
+0x1d0 IMStartRemoveMutex : _KMUTANT
+0x208 DriverVersion : Uint4B
+0x210 ISRHandlerEx : Ptr64 void
+0x218 HandleInterruptHandlerEx : Ptr64 void
+0x220 InitiateOffloadHandler : Ptr64 void
+0x228 TerminateOffloadHandler : Ptr64 void
+0x230 UpdateOffloadHandler : Ptr64 void
+0x238 InvalidateOffloadHandler : Ptr64 void
+0x240 QueryOffloadHandler : Ptr64 void
+0x248 TcpOffloadSendHandler : Ptr64 int
+0x250 TcpOffloadReceiveHandler : Ptr64 int
+0x258 TcpOffloadDisconnectHandler : Ptr64 int
+0x260 TcpOffloadForwardHandler : Ptr64 int
+0x268 TcpOffloadReceiveReturnHandler : Ptr64 int
dt ndis!_NDIS52_MINIPORT_CHARACTERISTICS
+0x000 MajorNdisVersion : UChar
+0x001 MinorNdisVersion : UChar
+0x002 Filler : Uint2B
+0x004 Reserved : Uint4B
+0x008 CheckForHangHandler : Ptr64 unsigned char
+0x010 DisableInterruptHandler : Ptr64 void
+0x018 EnableInterruptHandler : Ptr64 void
+0x020 HaltHandler : Ptr64 void
+0x028 HandleInterruptHandler : Ptr64 void
+0x030 InitializeHandler : Ptr64 int
+0x038 ISRHandler : Ptr64 void
+0x040 QueryInformationHandler : Ptr64 int
+0x048 ReconfigureHandler : Ptr64 int
+0x050 ResetHandler : Ptr64 int
+0x058 SendHandler : Ptr64 int
+0x058 WanSendHandler : Ptr64 int
+0x060 SetInformationHandler : Ptr64 int
+0x068 TransferDataHandler : Ptr64 int
+0x068 WanTransferDataHandler : Ptr64 int
+0x070 ReturnPacketHandler : Ptr64 void
+0x078 SendPacketsHandler : Ptr64 void
+0x080 AllocateCompleteHandler : Ptr64 void
+0x088 CoCreateVcHandler : Ptr64 int
+0x090 CoDeleteVcHandler : Ptr64 int
+0x098 CoActivateVcHandler : Ptr64 int
+0x0a0 CoDeactivateVcHandler : Ptr64 int
+0x0a8 CoSendPacketsHandler : Ptr64 void
+0x0b0 CoRequestHandler : Ptr64 int
+0x0b8 CancelSendPacketsHandler : Ptr64 void
+0x0c0 PnPEventNotifyHandler : Ptr64 void
+0x0c8 AdapterShutdownHandler : Ptr64 void
+0x0d0 Reserved1 : Ptr64 Void
+0x0d8 Reserved2 : Ptr64 Void
+0x0e0 Reserved3 : Ptr64 Void
+0x0e8 Reserved4 : Ptr64 Void
+0x0f0 ISRHandlerEx : Ptr64 void
+0x0f8 HandleInterruptHandlerEx : Ptr64 void
+0x100 InitiateOffloadHandler : Ptr64 void
+0x108 TerminateOffloadHandler : Ptr64 void
+0x110 UpdateOffloadHandler : Ptr64 void
+0x118 InvalidateOffloadHandler : Ptr64 void
+0x120 QueryOffloadHandler : Ptr64 void
+0x128 TcpOffloadSendHandler : Ptr64 int
+0x130 TcpOffloadReceiveHandler : Ptr64 int
+0x138 TcpOffloadDisconnectHandler : Ptr64 int
+0x140 TcpOffloadForwardHandler : Ptr64 int
+0x148 TcpOffloadReceiveReturnHandler : Ptr64 int
+0x150 ReturnPacketsHandlerEx : Ptr64 void
+0x158 RequestTimeoutDpcHandler : Ptr64 int
vista 32bit
dt ndis!_NDIS_M_DRIVER_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 NextDriver : Ptr32 _NDIS_M_DRIVER_BLOCK
+0x008 MiniportQueue : Ptr32 _NDIS_MINIPORT_BLOCK
+0x00c MajorNdisVersion : UChar
+0x00d MinorNdisVersion : UChar
+0x00e Flags : Uint2B
+0x010 NdisDriverInfo : Ptr32 _NDIS_WRAPPER_HANDLE
+0x014 DriverObject : Ptr32 _DRIVER_OBJECT
+0x018 ServiceRegPath : _UNICODE_STRING
+0x020 MiniportDriverContext : Ptr32 Void
+0x024 AssociatedProtocol : Ptr32 _NDIS_PROTOCOL_BLOCK
+0x028 DeviceList : _LIST_ENTRY
+0x030 PendingDeviceList : Ptr32 _NDIS_PENDING_IM_INSTANCE
+0x034 UnloadHandler : Ptr32 void
+0x038 MiniportDriverCharacteristics : _NDIS_MINIPORT_DRIVER_CHARACTERISTICS
+0x038 MiniportCharacteristics : _NDIS51_MINIPORT_CHARACTERISTICS
+0x0b4 MiniportsRemovedEvent : _KEVENT
+0x0c4 Ref : _REFERENCE
+0x0cc IMStartRemoveMutex : _KMUTANT
+0x0ec IMStartRemoveMutexOwnerThread : Ptr32 Void
+0x0f0 DriverVersion : Uint4B
+0x0f4 ServiceName : _UNICODE_STRING
+0x0fc CoCreateVcHandler : Ptr32 int
+0x100 CoDeleteVcHandler : Ptr32 int
+0x104 CoActivateVcHandler : Ptr32 int
+0x108 CoDeactivateVcHandler : Ptr32 int
+0x10c CoSendNetBufferListsHandler : Ptr32 void
+0x110 CoRequestHandler : Ptr32 int
+0x114 CoOidRequestHandler : Ptr32 int
+0x118 InitiateOffloadHandler : Ptr32 void
+0x11c TerminateOffloadHandler : Ptr32 void
+0x120 UpdateOffloadHandler : Ptr32 void
+0x124 InvalidateOffloadHandler : Ptr32 void
+0x128 QueryOffloadHandler : Ptr32 void
+0x12c TcpOffloadSendHandler : Ptr32 int
+0x130 TcpOffloadReceiveHandler : Ptr32 int
+0x134 TcpOffloadDisconnectHandler : Ptr32 int
+0x138 TcpOffloadForwardHandler : Ptr32 int
+0x13c TcpOffloadReceiveReturnHandler : Ptr32 int
+0x140 CallMgrChars : _NDIS_CO_CALL_MANAGER_OPTIONAL_HANDLERS
+0x18c AddDeviceHandler : Ptr32 int
+0x190 RemoveDeviceHandler : Ptr32 void
+0x194 FilterResourceRequirementsHandler : Ptr32 int
+0x198 StartDeviceHandler : Ptr32 int
dt ndis!_NDIS_MINIPORT_DRIVER_CHARACTERISTICS
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 MajorNdisVersion : UChar
+0x005 MinorNdisVersion : UChar
+0x006 MajorDriverVersion : UChar
+0x007 MinorDriverVersion : UChar
+0x008 Flags : Uint4B
+0x00c SetOptionsHandler : Ptr32 int
+0x010 InitializeHandlerEx : Ptr32 int
+0x014 HaltHandlerEx : Ptr32 void
+0x018 UnloadHandler : Ptr32 void
+0x01c PauseHandler : Ptr32 int
+0x020 RestartHandler : Ptr32 int
+0x024 OidRequestHandler : Ptr32 int
+0x028 SendNetBufferListsHandler : Ptr32 void
+0x02c ReturnNetBufferListsHandler : Ptr32 void
+0x030 CancelSendHandler : Ptr32 void
+0x034 CheckForHangHandlerEx : Ptr32 unsigned char
+0x038 ResetHandlerEx : Ptr32 int
+0x03c DevicePnPEventNotifyHandler : Ptr32 void
+0x040 ShutdownHandlerEx : Ptr32 void
+0x044 CancelOidRequestHandler : Ptr32 void
+0x048 DirectOidRequestHandler : Ptr32 int
+0x04c CancelDirectOidRequestHandler : Ptr32 void
vista 64bit
dt ndis!_NDIS_M_DRIVER_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x008 NextDriver : Ptr64 _NDIS_M_DRIVER_BLOCK
+0x010 MiniportQueue : Ptr64 _NDIS_MINIPORT_BLOCK
+0x018 MajorNdisVersion : UChar
+0x019 MinorNdisVersion : UChar
+0x01a Flags : Uint2B
+0x020 NdisDriverInfo : Ptr64 _NDIS_WRAPPER_HANDLE
+0x028 DriverObject : Ptr64 _DRIVER_OBJECT
+0x030 ServiceRegPath : _UNICODE_STRING
+0x040 MiniportDriverContext : Ptr64 Void
+0x048 AssociatedProtocol : Ptr64 _NDIS_PROTOCOL_BLOCK
+0x050 DeviceList : _LIST_ENTRY
+0x060 PendingDeviceList : Ptr64 _NDIS_PENDING_IM_INSTANCE
+0x068 UnloadHandler : Ptr64 void
+0x070 MiniportDriverCharacteristics : _NDIS_MINIPORT_DRIVER_CHARACTERISTICS
+0x070 MiniportCharacteristics : _NDIS51_MINIPORT_CHARACTERISTICS
+0x160 MiniportsRemovedEvent : _KEVENT
+0x178 Ref : _REFERENCE
+0x188 IMStartRemoveMutex : _KMUTANT
+0x1c0 IMStartRemoveMutexOwnerThread : Ptr64 Void
+0x1c8 DriverVersion : Uint4B
+0x1d0 ServiceName : _UNICODE_STRING
+0x1e0 CoCreateVcHandler : Ptr64 int
+0x1e8 CoDeleteVcHandler : Ptr64 int
+0x1f0 CoActivateVcHandler : Ptr64 int
+0x1f8 CoDeactivateVcHandler : Ptr64 int
+0x200 CoSendNetBufferListsHandler : Ptr64 void
+0x208 CoRequestHandler : Ptr64 int
+0x210 CoOidRequestHandler : Ptr64 int
+0x218 InitiateOffloadHandler : Ptr64 void
+0x220 TerminateOffloadHandler : Ptr64 void
+0x228 UpdateOffloadHandler : Ptr64 void
+0x230 InvalidateOffloadHandler : Ptr64 void
+0x238 QueryOffloadHandler : Ptr64 void
+0x240 TcpOffloadSendHandler : Ptr64 int
+0x248 TcpOffloadReceiveHandler : Ptr64 int
+0x250 TcpOffloadDisconnectHandler : Ptr64 int
+0x258 TcpOffloadForwardHandler : Ptr64 int
+0x260 TcpOffloadReceiveReturnHandler : Ptr64 int
+0x268 CallMgrChars : _NDIS_CO_CALL_MANAGER_OPTIONAL_HANDLERS
+0x2f8 AddDeviceHandler : Ptr64 int
+0x300 RemoveDeviceHandler : Ptr64 void
+0x308 FilterResourceRequirementsHandler : Ptr64 int
+0x310 StartDeviceHandler : Ptr64 int
dt ndis!_NDIS_MINIPORT_DRIVER_CHARACTERISTICS
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 MajorNdisVersion : UChar
+0x005 MinorNdisVersion : UChar
+0x006 MajorDriverVersion : UChar
+0x007 MinorDriverVersion : UChar
+0x008 Flags : Uint4B
+0x010 SetOptionsHandler : Ptr64 int
+0x018 InitializeHandlerEx : Ptr64 int
+0x020 HaltHandlerEx : Ptr64 void
+0x028 UnloadHandler : Ptr64 void
+0x030 PauseHandler : Ptr64 int
+0x038 RestartHandler : Ptr64 int
+0x040 OidRequestHandler : Ptr64 int
+0x048 SendNetBufferListsHandler : Ptr64 void
+0x050 ReturnNetBufferListsHandler : Ptr64 void
+0x058 CancelSendHandler : Ptr64 void
+0x060 CheckForHangHandlerEx : Ptr64 unsigned char
+0x068 ResetHandlerEx : Ptr64 int
+0x070 DevicePnPEventNotifyHandler : Ptr64 void
+0x078 ShutdownHandlerEx : Ptr64 void
+0x080 CancelOidRequestHandler : Ptr64 void
windows7 32bit
dt ndis!_NDIS_M_DRIVER_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 NextDriver : Ptr32 _NDIS_M_DRIVER_BLOCK
+0x008 MiniportQueue : Ptr32 _NDIS_MINIPORT_BLOCK
+0x00c MajorNdisVersion : UChar
+0x00d MinorNdisVersion : UChar
+0x00e Flags : Uint2B
+0x010 NdisDriverInfo : Ptr32 _NDIS_WRAPPER_HANDLE
+0x014 DriverObject : Ptr32 _DRIVER_OBJECT
+0x018 ServiceRegPath : _UNICODE_STRING
+0x020 MiniportDriverContext : Ptr32 Void
+0x024 AssociatedProtocol : Ptr32 _NDIS_PROTOCOL_BLOCK
+0x028 DeviceList : _LIST_ENTRY
+0x030 PendingDeviceList : Ptr32 _NDIS_PENDING_IM_INSTANCE
+0x034 UnloadHandler : Ptr32 void
+0x038 MiniportDriverCharacteristics : _NDIS_MINIPORT_DRIVER_CHARACTERISTICS
+0x038 MiniportCharacteristics : _NDIS51_MINIPORT_CHARACTERISTICS
+0x0b4 MiniportsRemovedEvent : _KEVENT
+0x0c4 Ref : _REFERENCE
+0x0cc IMStartRemoveMutex : _KMUTANT
+0x0ec IMStartRemoveMutexOwnerThread : Ptr32 Void
+0x0f0 DriverVersion : Uint4B
+0x0f4 ServiceName : _UNICODE_STRING
+0x0fc CoCreateVcHandler : Ptr32 int
+0x100 CoDeleteVcHandler : Ptr32 int
+0x104 CoActivateVcHandler : Ptr32 int
+0x108 CoDeactivateVcHandler : Ptr32 int
+0x10c CoSendNetBufferListsHandler : Ptr32 void
+0x110 CoRequestHandler : Ptr32 int
+0x114 CoOidRequestHandler : Ptr32 int
+0x118 InitiateOffloadHandler : Ptr32 void
+0x11c TerminateOffloadHandler : Ptr32 void
+0x120 UpdateOffloadHandler : Ptr32 void
+0x124 InvalidateOffloadHandler : Ptr32 void
+0x128 QueryOffloadHandler : Ptr32 void
+0x12c TcpOffloadSendHandler : Ptr32 int
+0x130 TcpOffloadReceiveHandler : Ptr32 int
+0x134 TcpOffloadDisconnectHandler : Ptr32 int
+0x138 TcpOffloadForwardHandler : Ptr32 int
+0x13c TcpOffloadReceiveReturnHandler : Ptr32 int
+0x140 CallMgrChars : _NDIS_CO_CALL_MANAGER_OPTIONAL_HANDLERS
+0x18c AddDeviceHandler : Ptr32 int
+0x190 RemoveDeviceHandler : Ptr32 void
+0x194 FilterResourceRequirementsHandler : Ptr32 int
+0x198 StartDeviceHandler : Ptr32 int
dt ndis!_NDIS_MINIPORT_DRIVER_CHARACTERISTICS
+0x000 Header : _NDIS_OBJECT_HEADER
+0x004 MajorNdisVersion : UChar
+0x005 MinorNdisVersion : UChar
+0x006 MajorDriverVersion : UChar
+0x007 MinorDriverVersion : UChar
+0x008 Flags : Uint4B
+0x00c SetOptionsHandler : Ptr32 int
+0x010 InitializeHandlerEx : Ptr32 int
+0x014 HaltHandlerEx : Ptr32 void
+0x018 UnloadHandler : Ptr32 void
+0x01c PauseHandler : Ptr32 int
+0x020 RestartHandler : Ptr32 int
+0x024 OidRequestHandler : Ptr32 int
+0x028 SendNetBufferListsHandler : Ptr32 void
+0x02c ReturnNetBufferListsHandler : Ptr32 void
+0x030 CancelSendHandler : Ptr32 void
+0x034 CheckForHangHandlerEx : Ptr32 unsigned char
+0x038 ResetHandlerEx : Ptr32 int
+0x03c DevicePnPEventNotifyHandler : Ptr32 void
+0x040 ShutdownHandlerEx : Ptr32 void
+0x044 CancelOidRequestHandler : Ptr32 void
+0x048 DirectOidRequestHandler : Ptr32 int
+0x04c CancelDirectOidRequestHandler : Ptr32 void
windows7 64bit
dt ndis!_NDIS_M_DRIVER_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x008 NextDriver : Ptr64 _NDIS_M_DRIVER_BLOCK
+0x010 MiniportQueue : Ptr64 _NDIS_MINIPORT_BLOCK
+0x018 MajorNdisVersion : UChar
+0x019 MinorNdisVersion : UChar
+0x01a Flags : Uint2B
+0x020 NdisDriverInfo : Ptr64 _NDIS_WRAPPER_HANDLE
+0x028 DriverObject : Ptr64 _DRIVER_OBJECT
+0x030 ServiceRegPath : _UNICODE_STRING
+0x040 MiniportDriverContext : Ptr64 Void
+0x048 AssociatedProtocol : Ptr64 _NDIS_PROTOCOL_BLOCK
+0x050 DeviceList : _LIST_ENTRY
+0x060 PendingDeviceList : Ptr64 _NDIS_PENDING_IM_INSTANCE
+0x068 UnloadHandler : Ptr64 void
+0x070 MiniportDriverCharacteristics : _NDIS_MINIPORT_DRIVER_CHARACTERISTICS
+0x070 MiniportCharacteristics : _NDIS51_MINIPORT_CHARACTERISTICS
+0x160 MiniportsRemovedEvent : _KEVENT
+0x178 Ref : _REFERENCE
+0x188 IMStartRemoveMutex : _KMUTANT
+0x1c0 IMStartRemoveMutexOwnerThread : Ptr64 Void
+0x1c8 DriverVersion : Uint4B
+0x1d0 ServiceName : _UNICODE_STRING
+0x1e0 CoCreateVcHandler : Ptr64 int
+0x1e8 CoDeleteVcHandler : Ptr64 int
+0x1f0 CoActivateVcHandler : Ptr64 int
+0x1f8 CoDeactivateVcHandler : Ptr64 int
+0x200 CoSendNetBufferListsHandler : Ptr64 void
+0x208 CoRequestHandler : Ptr64 int
+0x210 CoOidRequestHandler : Ptr64 int
+0x218 InitiateOffloadHandler : Ptr64 void
+0x220 TerminateOffloadHandler : Ptr64 void
+0x228 UpdateOffloadHandler : Ptr64 void
+0x230 InvalidateOffloadHandler : Ptr64 void
+0x238 QueryOffloadHandler : Ptr64 void
+0x240 TcpOffloadSendHandler : Ptr64 int
+0x248 TcpOffloadReceiveHandler : Ptr64 int
+0x250 TcpOffloadDisconnectHandler : Ptr64 int
+0x258 TcpOffloadForwardHandler : Ptr64 int
+0x260 TcpOffloadReceiveReturnHandler : Ptr64 int
+0x268 CallMgrChars : _NDIS_CO_CALL_MANAGER_OPTIONAL_HANDLERS
+0x2f8 AddDeviceHandler : Ptr64 int
+0x300 RemoveDeviceHandler : Ptr64 void
+0x308 FilterResourceRequirementsHandler : Ptr64 int
+0x310 StartDeviceHandler : Ptr64 int
xp & win2k3
ОтветитьУдалить+0x0b4 Flags : Uint2B
+0x0b8 IMStartRemoveMutex : _KMUTANT
I think "Uint2B" -> "Unit4B" ?