-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDeviceIOCodes.hpp
42 lines (35 loc) · 1.19 KB
/
DeviceIOCodes.hpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
#pragma once
//#include <ntifs.h>
#define TIM_PROCESS_PROT_DEVICE 0x8000
//çàùèùàåò âûçâàâøåãî
#define IOCTL_PROTECT_ME CTL_CODE(TIM_PROCESS_PROT_DEVICE, 0x800, /*METHOD_NEITHER*/METHOD_BUFFERED, FILE_ANY_ACCESS)
//Îæèäàåò çàïóñê ïðèëîæåíèÿ è çùèùàåò åãî
struct ProtectLaunch
{
static constexpr size_t max_len = 260;
wchar_t path[max_len];
};
#define IOCTL_PROTECT_LAUNCH CTL_CODE(TIM_PROCESS_PROT_DEVICE, 0x801, METHOD_BUFFERED, FILE_ANY_ACCESS)
//Îæèäàåò çàïóñê ïðèëîæåíèÿè çàùèùàåò åãî, òàêæå ïðåäîñòàâëÿåò àäìèíèñòðàòèâíûåïðàâà
struct ProtectModerator
{
static constexpr size_t max_len = 260;
wchar_t path[max_len];
};
#define IOCTL_PROTECT_MODERATOR CTL_CODE(TIM_PROCESS_PROT_DEVICE, 0x802, METHOD_BUFFERED, FILE_ANY_ACCESS)
//âîçâðàùàåò true åñëè âûçâàâøàÿ ïðîãðàììà íàõîäèòñÿ ïîä çàùèòîé
struct OIMIsProtected
{
bool prot{false};
};
#define IOCTL_IM_IS_PROTECT CTL_CODE(TIM_PROCESS_PROT_DEVICE, 0x810, METHOD_BUFFERED, FILE_ANY_ACCESS)
//Âîçâðàùàåò true åñëè ïðîãðàììà ñ óêàçàííûì id ïîä çàùèòîé (admin)
struct IIsProtected
{
HANDLE h_process;
};
struct OIsProtected
{
bool is_protected{ false };
};
#define IOCTL_IS_PROTECT CTL_CODE(TIM_PROCESS_PROT_DEVICE, 0x811, METHOD_BUFFERED, FILE_ANY_ACCESS)