SYMBOL INDEX (123 symbols across 16 files) FILE: src/common/debug.cpp function DbgMsg (line 24) | void DbgMsg(char *lpszFile, int Line, char *lpszMsg, ...) FILE: src/common/ntdll_defs.h type LONG (line 1) | typedef LONG NTSTATUS; type IO_STATUS_BLOCK (line 3) | typedef struct _IO_STATUS_BLOCK type UNICODE_STRING (line 16) | typedef struct _UNICODE_STRING type ANSI_STRING (line 25) | typedef struct _STRING type CLIENT_ID (line 34) | typedef struct _CLIENT_ID type OBJECT_ATTRIBUTES (line 50) | typedef struct _OBJECT_ATTRIBUTES FILE: src/common/shellcode2_struct.h type SC_PARAMS (line 5) | typedef struct _SC_PARAMS FILE: src/common/undocnt.h type SYSTEM_INFORMATION_CLASS (line 8) | typedef enum _SYSTEM_INFORMATION_CLASS type RTL_PROCESS_MODULE_INFORMATION (line 96) | typedef struct _RTL_PROCESS_MODULE_INFORMATION type RTL_PROCESS_MODULES (line 112) | typedef struct _RTL_PROCESS_MODULES type SHUTDOWN_ACTION (line 120) | typedef enum _SHUTDOWN_ACTION type DIRECTORY_BASIC_INFORMATION (line 129) | typedef struct _DIRECTORY_BASIC_INFORMATION type SYSTEM_HANDLE_TABLE_ENTRY_INFO (line 137) | typedef struct _SYSTEM_HANDLE_TABLE_ENTRY_INFO type SYSTEM_HANDLE_INFORMATION (line 150) | typedef struct _SYSTEM_HANDLE_INFORMATION type KPROFILE_SOURCE (line 164) | typedef enum _KPROFILE_SOURCE type CCHAR (line 207) | typedef CCHAR KPROCESSOR_MODE; type MODE (line 209) | typedef enum _MODE type POOL_TYPE (line 236) | typedef enum _POOL_TYPE type VOID (line 294) | typedef VOID (__fastcall * func_IofCompleteRequest)( FILE: src/meterpreter/dllmain.cpp function DWORD (line 8) | DWORD WINAPI ShellcodeThread(LPVOID lpParam) function DWORD (line 17) | DWORD WINAPI MainThread(LPVOID lpParam) function my_memset (line 96) | void my_memset(void *mem, unsigned char val, size_t size) function BOOL (line 110) | BOOL APIENTRY DllMain( function Dummy (line 165) | void Dummy(void) FILE: src/rootkit_driver/bogusproto.cpp function VOID (line 14) | VOID OnBindAdapter( function VOID (line 32) | VOID OnOpenAdapterComplete( function VOID (line 49) | VOID OnUnbindAdapter( function VOID (line 65) | VOID OnUnload(VOID) function VOID (line 74) | VOID OnCloseAdapterComplete( function VOID (line 90) | VOID OnResetComplete( function VOID (line 106) | VOID OnRequestComplete( function VOID (line 123) | VOID OnStatus( function VOID (line 141) | VOID OnStatusComplete(NDIS_HANDLE ProtocolBindingContext) function VOID (line 155) | VOID OnSendComplete( function VOID (line 173) | VOID OnTransferDataComplete( function NDIS_STATUS (line 194) | NDIS_STATUS OnReceive( function VOID (line 219) | VOID OnReceiveComplete(NDIS_HANDLE ProtocolBindingContext) function INT (line 234) | INT OnReceivePacket( function NDIS_STATUS (line 255) | NDIS_STATUS OnPnPHandler( function NDIS_STATUS (line 268) | NDIS_STATUS OnPnPNetEventReconfigure( function NDIS_STATUS (line 281) | NDIS_STATUS OnPnPNetEventSetPower( function NDIS_HANDLE (line 294) | NDIS_HANDLE BogusProtocolRegister(void) function BogusProtocolUnregister (line 357) | void BogusProtocolUnregister(void) FILE: src/rootkit_driver/dll_inject.cpp function InjectKernelApcRoutine (line 52) | void InjectKernelApcRoutine( function BOOLEAN (line 63) | BOOLEAN InjectFindProcess(PWSTR ProcessName, ULONG ProcessId, PKTHREAD *... function BOOLEAN (line 152) | BOOLEAN ImjectMapDllImage(HANDLE hProcess, PVOID Data, ULONG DataSize, P... function BOOLEAN (line 219) | BOOLEAN InjectIntoProcess(PEPROCESS Process, PKTHREAD Thread, PVOID Data... function BOOLEAN (line 412) | BOOLEAN InjectIntoProcessByName(PWSTR ProcessName, PVOID Data, ULONG Dat... function BOOLEAN (line 435) | BOOLEAN InjectIntoProcessById(ULONG ProcessId, PVOID Data, ULONG DataSize) function BOOLEAN (line 458) | BOOLEAN InjectInitialize(void) FILE: src/rootkit_driver/dll_inject.h type INJ_THREAD_STRUCT (line 17) | typedef struct _INJ_THREAD_STRUCT FILE: src/rootkit_driver/dll_inject_shellcode.h function ULONG (line 14) | __declspec(naked) ULONG __stdcall inj_shellcode(PVOID Addr) FILE: src/rootkit_driver/ndis_hook.cpp function BOOLEAN (line 32) | BOOLEAN NdisHookInitialize(NDIS_HOOK_BUFFER_HANDLER Handler) function PVOID (line 59) | PVOID NdisHookProtocolFind(PVOID hBogusProtocol, PUNICODE_STRING usProto... function PVOID (line 92) | PVOID NdisHookProtocolEnumOpened(PVOID Protocol, PVOID OpenBlock) function PVOID (line 118) | PVOID NdisHookOpenGetMiniport(PVOID OpenBlock) function NDIS_STATUS (line 134) | NDIS_STATUS CopyNBLToBuffer(PNET_BUFFER_LIST NetBufferList, PVOID *pDest... type _HOOK_STRUCT (line 255) | struct _HOOK_STRUCT function PVOID (line 276) | PVOID NdisHookAlloc(PVOID OldHandler, PVOID OldHandlerContext, PVOID Han... function PVOID (line 300) | PVOID NdisHookAllocJump(PVOID Address, PVOID Destination) function IndicateNetBufferListsHandler (line 390) | void IndicateNetBufferListsHandler( function MiniportInterruptDPC (line 445) | void MiniportInterruptDPC( function ULONG (line 487) | ULONG NdisHookSet(PUCHAR PointerFixup) FILE: src/rootkit_driver/network.cpp function SHORT (line 3) | SHORT ChecksumEnd(ULONG Sum) function ULONG (line 18) | ULONG ChecksumCompute(PVOID Data, int Count, ULONG Seed) function USHORT (line 38) | USHORT Checksum(PVOID Data, int Count) FILE: src/rootkit_driver/network.h type NET_ETH_HEADER (line 5) | typedef struct _NET_ETH_HEADER type NET_IPv4_HEADER (line 45) | typedef struct _NET_IPv4_HEADER FILE: src/rootkit_driver/rootkit_driver.cpp function VOID (line 49) | VOID InjectPayloadThread(PVOID Param) function NdisHookHandleBuffer (line 58) | void NTAPI NdisHookHandleBuffer(PVOID MiniportHandle, PVOID Buffer, ULON... function VOID (line 144) | VOID DriverEntryContinueThread(PVOID Param) function DriverEntryInitializePayload (line 196) | void DriverEntryInitializePayload(PUCHAR PointerFixup) function ClearWp (line 225) | void ClearWp(void) function SetWp (line 238) | void SetWp(void) function PVOID (line 250) | PVOID DoPointerFixup(PVOID Ptr, PUCHAR PointerFixup) function NTSTATUS (line 270) | NTSTATUS NewDriverEntry(PDRIVER_OBJECT DriverObject, PUNICODE_STRING Reg... function HookImageEntry (line 343) | void HookImageEntry(PVOID Image) function BOOLEAN (line 379) | BOOLEAN CheckForFreeArea(PVOID Image, PULONG FreeAreaRVA, PULONG FreeAre... function VOID (line 468) | VOID LoadImageNotify( function NTSTATUS (line 517) | NTSTATUS FILE: src/rootkit_driver/runtime.cpp function my_strlen (line 23) | size_t my_strlen(const char *str) function my_strcmp (line 37) | int my_strcmp(const char *str_1, const char *str_2) function wchar_t (line 84) | wchar_t chrlwr_w(wchar_t chr) function BOOLEAN (line 94) | BOOLEAN EqualUnicodeString_r(PUNICODE_STRING Str1, PUNICODE_STRING Str2,... function PVOID (line 119) | PVOID RuntimeGetExportAddress(PVOID Image, char *lpszFunctionName) function BOOLEAN (line 171) | BOOLEAN RuntimeProcessImports(PVOID Image, char *ImportedModuleName, PVO... function BOOLEAN (line 253) | BOOLEAN RuntimeProcessRelocs(PVOID Image, PVOID NewBase) function PVOID (line 335) | PVOID RuntimeGetSystemInformation(SYSTEM_INFORMATION_CLASS InfoClass) function PVOID (line 389) | PVOID RuntimeGetKernelModuleBase(char *ModuleName) function BOOLEAN (line 497) | BOOLEAN RuntimeInitialize( FILE: src/rootkit_driver/undocnt.h type LDR_DATA_TABLE_ENTRY (line 5) | typedef struct _LDR_DATA_TABLE_ENTRY type PEB_LDR_DATA (line 26) | typedef struct _PEB_LDR_DATA type SERVICE_DESCRIPTOR_ENTRY (line 40) | typedef struct SERVICE_DESCRIPTOR_ENTRY type SERVICE_DESCRIPTOR_TABLE (line 50) | typedef struct _SERVICE_DESCRIPTOR_TABLE type SYSTEM_INFORMATION_CLASS (line 57) | typedef enum _SYSTEM_INFORMATION_CLASS type RTL_PROCESS_MODULE_INFORMATION (line 145) | typedef struct _RTL_PROCESS_MODULE_INFORMATION type RTL_PROCESS_MODULES (line 161) | typedef struct _RTL_PROCESS_MODULES type SYSTEM_HANDLE_TABLE_ENTRY_INFO (line 169) | typedef struct _SYSTEM_HANDLE_TABLE_ENTRY_INFO type SYSTEM_HANDLE_INFORMATION (line 182) | typedef struct _SYSTEM_HANDLE_INFORMATION type FILE_DIRECTORY_INFORMATION (line 190) | typedef struct _FILE_DIRECTORY_INFORMATION type FILE_FULL_DIRECTORY_INFORMATION (line 207) | typedef struct _FILE_FULL_DIRECTORY_INFORMATION type FILE_BOTH_DIRECTORY_INFORMATION (line 225) | typedef struct _FILE_BOTH_DIRECTORY_INFORMATION type FILE_NAMES_INFORMATION (line 245) | typedef struct _FILE_NAMES_INFORMATION type FILE_ID_BOTH_DIRECTORY_INFORMATION (line 255) | typedef struct _FILE_ID_BOTH_DIRECTORY_INFORMATION type FILE_ID_FULL_DIRECTORY_INFORMATION (line 276) | typedef struct _FILE_ID_FULL_DIRECTORY_INFORMATION type SYSTEM_OBJECT_TYPE_INFORMATION (line 295) | typedef struct _SYSTEM_OBJECT_TYPE_INFORMATION type SYSTEM_OBJECT_INFORMATION (line 311) | typedef struct _SYSTEM_OBJECT_INFORMATION type SYSTEM_PROCESS_INFORMATION (line 346) | typedef struct _SYSTEM_PROCESS_INFORMATION type THREAD_BASIC_INFORMATION (line 386) | typedef struct THREAD_BASIC_INFORMATION type THREAD_STATE (line 398) | typedef enum type SYSTEM_THREAD (line 411) | typedef struct _SYSTEM_THREAD type SYSTEM_PROCESSES_INFORMATION (line 428) | typedef struct _SYSTEM_PROCESSES_INFORMATION type SID_IDENTIFIER_AUTHORITY (line 619) | typedef struct _SID_IDENTIFIER_AUTHORITY type _SID_IDENTIFIER_AUTHORITY (line 625) | struct _SID_IDENTIFIER_AUTHORITY type KAPC_STATE (line 680) | typedef struct _KAPC_STATE type KAPC_ENVIRONMENT (line 778) | typedef enum FILE: src/rootkit_installer/rootkit_installer.cpp function BOOL (line 59) | BOOL LoadPrivileges(char *lpszName) function PVOID (line 99) | PVOID GetSysInf(SYSTEM_INFORMATION_CLASS InfoClass) function PVOID (line 156) | PVOID KernelGetModuleBase(char *ModuleName, char *ModulePath, SIZE_T Mod... function PVOID (line 278) | PVOID GetKernelProcAddrEx(char *lpszModuleName, char *lpszProcName, BOOL... function Shellcode_1 (line 328) | __declspec(naked) void Shellcode_1(void) function Shellcode_2 (line 411) | __declspec(naked) void Shellcode_2(void)