mirror of
https://github.com/donnaskiez/ac.git
synced 2024-11-21 22:24:08 +01:00
48 lines
937 B
C
48 lines
937 B
C
#ifndef INTEGRITY_H
|
|
#define INTEGRITY_H
|
|
|
|
#include <ntifs.h>
|
|
#include "common.h"
|
|
|
|
NTSTATUS
|
|
GetDriverImageSize(_Inout_ PIRP Irp);
|
|
|
|
NTSTATUS
|
|
VerifyInMemoryImageVsDiskImage(
|
|
//_In_ PIRP Irp
|
|
);
|
|
|
|
NTSTATUS
|
|
RetrieveInMemoryModuleExecutableSections(_Inout_ PIRP Irp);
|
|
|
|
NTSTATUS
|
|
ValidateProcessLoadedModule(_Inout_ PIRP Irp);
|
|
|
|
NTSTATUS
|
|
GetHardDiskDriveSerialNumber(_Inout_ PVOID ConfigDrive0Serial, _In_ SIZE_T ConfigDrive0MaxSize);
|
|
|
|
NTSTATUS
|
|
ParseSMBIOSTable(_In_ PVOID ConfigMotherboardSerialNumber,
|
|
_In_ SIZE_T ConfigMotherboardSerialNumberMaxSize);
|
|
|
|
NTSTATUS
|
|
DetectEptHooksInKeyFunctions();
|
|
|
|
PVOID
|
|
ScanForSignature(_In_ PVOID BaseAddress,
|
|
_In_ SIZE_T MaxLength,
|
|
_In_ LPCSTR Signature,
|
|
_In_ SIZE_T SignatureLength);
|
|
|
|
// NTSTATUS
|
|
// DetermineIfTestSigningIsEnabled(
|
|
// _Inout_ PBOOLEAN Result
|
|
//);
|
|
|
|
NTSTATUS
|
|
ValidateSystemModules();
|
|
|
|
NTSTATUS
|
|
ValidateNtoskrnl();
|
|
|
|
#endif
|