模拟系统nbtstat 的代码实现

这篇博客展示了如何使用C语言实现模拟Windows系统命令nbtstat的功能,通过调用NTDLL.DLL中的NtCreateFile和NtDeviceIoControlFile函数,与NetBT服务进行交互,获取网络上NetBIOS名称的注册状态。
摘要由CSDN通过智能技术生成

#include <windows.h>

#include <stdio.h>

#include <conio.h>

#include <malloc.h>

 

 

typedef UINT NTSTATUS;

 

#define STATUS_SUCCESS                           ((NTSTATUS)0x00000000L)

#define STATUS_BUFFER_OVERFLOW           ((NTSTATUS)0x80000005L)

#define STATUS_INVALID_PARAMETER         ((NTSTATUS)0xC000000DL)

#define STATUS_BUFFER_TOO_SMALL          ((NTSTATUS)0xC0000023L)

#define STATUS_ALREADY_COMMITTED         ((NTSTATUS)0xC0000021L)

#define STATUS_INVALID_DEVICE_REQUEST    ((NTSTATUS)0xC0000010L)

#define STATUS_OBJECT_NAME_NOT_FOUND     ((NTSTATUS)0xC0000034L)

#define STATUS_OBJECT_NAME_INVALID       ((NTSTATUS)0xC0000033L)

#define STATUS_ACCESS_VIOLATION          ((NTSTATUS)0xC0000005L)    // winnt ntsubauth

#define STATUS_PENDING                   ((NTSTATUS)0x00000103L)    // winnt

 

 

typedef struct _UNICODE_STRING {

    USHORT Length;

    USHORT MaximumLength;

#ifdef MIDL_PASS

    [size_is(MaximumLength / 2), length_is((Length) / 2) ] USHORT * Buffer;

#else // MIDL_PASS

    PWSTR  Buffer;

#endif // MIDL_PASS

} UNICODE_STRING;

typedef UNICODE_STRING *PUNICODE_STRING;

#define UNICODE_NULL ((WCHAR)0) // winnt

 

 

typedef struct _OBJECT_ATTRIBUTES {

    ULONG Length;

    HANDLE RootDirectory;

    PUNICODE_STRING ObjectName;

    ULONG Attributes;

    PVOID SecurityDescriptor;        // Points to type SECURITY_DESCRIPTOR

    PVOID SecurityQualityOfService;  // Points to type SECURITY_QUALITY_OF_SERVICE

} OBJECT_ATTRIBUTES;

typedef OBJECT_ATTRIBUTES *POBJECT_ATTRIBUTES;

 

 

typedef struct _IO_STATUS_BLOCK {

    NTSTATUS Status;

    ULONG Information;

} IO_STATUS_BLOCK, *PIO_STATUS_BLOCK;

 

 

NTSTATUS (__stdcall *fNtCreateFile)(

                                        PHANDLE FileHandle,

                                        ACCESS_MASK DesiredAccess,

                                        POBJECT_ATTRIBUTES ObjectAttributes,

                                        PIO_STATUS_BLOCK IoStatusBlock,

                                        PLARGE_INTEGER AllocationSize, 

                                        ULONG FileAttributes,

                                        ULONG ShareAccess,

                                        ULONG CreateDisposition,

                                        ULONG CreateOptions,

                                        PVOID EaBuffer,

                                        ULONG EaLength

                        );

 

NTSTATUS (__stdcall *fNtDeviceIoControlFile)(

                                        HANDLE FileHandle,

                                        DWORD a,

                                        DWORD b,

                                        DWORD c,

                                        PVOID structA, 

                                        PVOID d,

                                        PVOID e,

                                        PVOID f,

                                        PVOID outBuf,

                                        DWORD size

                        );

 

 

 

//

// Macro definition for defining IOCTL and FSCTL function control codes.  Note

// that function codes 0-2047 are reserved for Microsoft Corporation, and

  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值