编码技巧系列之二:装逼的艺术
装逼其实是一门很高深的学问,在什么领域都有各自不同的装逼方法。下面来演示一下,怎么不用MessageBox系列函数而弹出一个对话框。VOID NTAPI InternalNtMessageBox(IN LPCTSTR lpCaption,IN LPCTSTR lpText)
{
typedef enum _HARDERROR_RESPONSE_OPTION
{
OptionAbortRetryIgnore,
OptionOk,
OptionOkCancel,
OptionRetryCancel,
OptionYesNo,
OptionYesNoCancel,
OptionShutdownSystem
} HARDERROR_RESPONSE_OPTION, *PHARDERROR_RESPONSE_OPTION;
typedef enum _HARDERROR_RESPONSE
{
ResponseReturnToCaller,
ResponseNotHandled,
ResponseAbort,
ResponseCancel,
ResponseIgnore,
ResponseNo,
ResponseOk,
ResponseRetry,
ResponseYes
} HARDERROR_RESPONSE, *PHARDERROR_RESPONSE;
typedef NTSTATUS (NTAPI *PFNNtRaiseHardError)
(
IN NTSTATUS ErrorStatus,
IN SIZE_T NumberOfParameters,
IN SIZE_T UnicodeStringParameterMask OPTIONAL,
IN PVOID Parameters,
IN ULONG ResponseOption,
OUT PULONG Response
);
PFNNtRaiseHardError pfnNtRaiseHardError = (PFNNtRaiseHardError)GetProcAddress(GetModuleHandleW(L"ntdll.dll"),"NtRaiseHardError");
//TEST
SIZE_T pUnicodeArguments[] = {0, 0, 0};
ULONG ReturnValue=0;
UNICODE_STRING uniText,uniCaption;
RtlInitUnicodeString(&uniText, lpText); //L"Text"
RtlInitUnicodeString(&uniCaption, lpCaption); //L"Caption"
pUnicodeArguments = (SIZE_T)&uniText;
pUnicodeArguments = (SIZE_T)&uniCaption;
pfnNtRaiseHardError(0x50000018, 3, 3, pUnicodeArguments, 1, &ReturnValue);
}
把这个函数用在代码里,当开代码审查会的时候,会让很多初级程序员投来膜拜羡慕和妒忌的目光。 这是内核弹框吗?{:soso_e130:} 我还以为是用CreateWindowEx做到的
页:
[1]