SYMBOL INDEX (135 symbols across 18 files) FILE: SMM Rootkit/SMMRootkit/MemManager.c function UINT64 (line 11) | UINT64 GetMemAllocated() function BOOLEAN (line 16) | BOOLEAN InitMemManager(UINT32 pages) function VOID (line 42) | VOID *palloc(UINT32 pages) function VOID (line 52) | VOID pfree(VOID *address, UINT32 pages) function VOID (line 57) | VOID *malloc(UINT32 size) function VOID (line 114) | VOID free(VOID *address) FILE: SMM Rootkit/SMMRootkit/MemManager.h type MemAllocEntry_t (line 26) | typedef struct memallocentry MemAllocEntry_t, *PMemAllocEntry_t; type memallocentry (line 29) | struct memallocentry type memallocentry (line 40) | struct memallocentry { FILE: SMM Rootkit/SMMRootkit/Memory.c function BOOLEAN (line 6) | BOOLEAN p_memCpy(UINT64 dest, UINT64 src, size_t n, BOOLEAN verbose) function UINT64 (line 27) | UINT64 VTOP(UINT64 address, UINT64 directoryBase, BOOLEAN verbose) function BOOLEAN (line 146) | BOOLEAN PTOV(UINT64 qwAddrPhys, UINT64 *pqwAddrVirt, UINT64 *pqwPTE, UIN... function BOOLEAN (line 277) | BOOLEAN v_memWrite(UINT64 dest, UINT64 src, size_t n, UINT64 directoryBa... function BOOLEAN (line 291) | BOOLEAN v_memReadMultiPage(UINT64 dest, UINT64 src, size_t n, UINT64 dir... function BOOLEAN (line 320) | BOOLEAN v_memRead(UINT64 dest, UINT64 src, size_t n, UINT64 directoryBas... FILE: SMM Rootkit/SMMRootkit/Memory.h type Cache (line 16) | typedef struct _Cache type UINT32 (line 23) | typedef UINT32 size_t; FILE: SMM Rootkit/SMMRootkit/MemoryMapUEFI.c function BOOLEAN (line 15) | BOOLEAN IsUefiPageNotPresent(IN EFI_MEMORY_DESCRIPTOR *MemoryMap) function STATIC (line 31) | STATIC BOOLEAN CopyMemUnsafe(UINT64 dest, UINT64 src, UINT32 n, BOOLEAN ... function STATIC (line 44) | STATIC VOID SortMemoryMap( function STATIC (line 76) | STATIC VOID MergeMemoryMapForNotPresentEntry( function BOOLEAN (line 125) | BOOLEAN InitUefiMemoryMap() function BOOLEAN (line 181) | BOOLEAN IsAddressValid(UINT64 address) function EFI_MEMORY_DESCRIPTOR (line 204) | EFI_MEMORY_DESCRIPTOR *GetUefiMemoryMap() function VOID (line 209) | VOID ShowMemoryMap() FILE: SMM Rootkit/SMMRootkit/SMMRootkit.c function VOID (line 30) | VOID SmmCallHandle() function EFI_STATUS (line 50) | EFI_STATUS EFIAPI SmmHandler(IN EFI_HANDLE DispatchHandle, IN CONST VOID... function EFI_STATUS (line 76) | EFI_STATUS EFIAPI UefiMain(IN EFI_HANDLE ImageHandle, IN EFI_SYSTEM_TABL... FILE: SMM Rootkit/SMMRootkit/TimerRTC.c function UINT8 (line 4) | UINT8 cmos_read(UINT8 index) function VOID (line 10) | VOID cmos_write(UINT8 index, UINT8 val) function VOID (line 16) | VOID read_statusc() function VOID (line 23) | VOID cmos_enable() function UINT8 (line 44) | UINT8 get_RTC_register(INT32 reg) function UINT16 (line 50) | UINT16 CmosGetCurrentTime() FILE: SMM Rootkit/SMMRootkit/WinTools.c function STATIC (line 16) | STATIC BOOLEAN CheckLow(UINT64 *pml4, UINT64 *kernelEntry) function STATIC (line 47) | STATIC BOOLEAN findNtosKrnl(UINT64 kernelEntry, UINT64 PML4, UINT64 *ntK... function VOID (line 139) | VOID FreeExportList(WinExportList list) function UINT64 (line 151) | UINT64 GetProcAddress(const WinCtx *ctx, const WinProc *process, UINT64 ... function UINT64 (line 163) | UINT64 FindProcAddress(const WinExportList exports, const CHAR8 *procName) function STATIC (line 171) | STATIC UINT16 GetNTVersion(const WinCtx *ctx) function STATIC (line 205) | STATIC UINT32 GetNTBuild(const WinCtx *ctx) function STATIC (line 263) | STATIC BOOLEAN SetupOffsets(WinCtx *ctx) function BOOLEAN (line 353) | BOOLEAN InitGlobalWindowsContext() function BOOLEAN (line 482) | BOOLEAN ParseExportTable(const WinCtx *ctx, const WinProc *process, UINT... function BOOLEAN (line 592) | BOOLEAN GenerateExportList(const WinCtx *ctx, const WinProc *process, UI... function IMAGE_NT_HEADERS (line 618) | IMAGE_NT_HEADERS *GetNTHeader(const WinCtx *ctx, const WinProc *process,... function BOOLEAN (line 639) | BOOLEAN FindProcess(WinCtx *ctx, CHAR8 *processname, BOOLEAN verbose) function BOOLEAN (line 771) | BOOLEAN DumpSingleProcess(WinCtx *ctx, CHAR8 *processname, WinProc *proc... function STATIC (line 895) | STATIC BOOLEAN DumpSingleModule64(const WinCtx *ctx, const WinProc *proc... function STATIC (line 991) | STATIC BOOLEAN DumpSingleModule86(const WinCtx *ctx, const WinProc *proc... function BOOLEAN (line 1096) | BOOLEAN DumpSingleModule(const WinCtx *ctx, const WinProc *process, WinM... function PEB (line 1115) | PEB GetPeb(const WinCtx *ctx, const WinProc *process) function PEB32 (line 1124) | PEB32 GetPeb32(const WinCtx *ctx, const WinProc *process) function STATIC (line 1135) | STATIC PIMAGE_NT_HEADERS PE_HeaderGetVerify(WinProc *process, WinModule ... function BOOLEAN (line 1169) | BOOLEAN ProcessGetThunkInfoIAT(WinProc *process, WinModule *basemodule, ... function STATIC (line 1338) | STATIC UINT16 PE_SectionGetNumberOf(WinProc *process, WinModule *basemod... function STATIC (line 1377) | STATIC VOID PE_SECTION_DisplayBuffer(WinProc *process, WinModule *basemo... function BOOLEAN (line 1427) | BOOLEAN ProcessGetSections(WinProc *process, WinModule *basemodule, PIMA... function STATIC (line 1444) | STATIC BOOLEAN PE_GetThunkInfoEAT(WinProc *process, WinModule *basemodul... function UINT64 (line 1586) | UINT64 ProcessGetProcAddress(WinProc *process, WinModule *basemodule, CH... FILE: SMM Rootkit/SMMRootkit/WinTools.h type ProcessData (line 32) | typedef struct ProcessData type WinOffsets (line 39) | typedef struct WinOffsets type WinProc (line 52) | typedef struct WinProc type WinProcList (line 61) | typedef struct WinProcList type WinExport (line 67) | typedef struct WinExport type WinExportList (line 73) | typedef struct WinExportList type WinModule (line 79) | typedef struct WinModule type WinModuleList (line 88) | typedef struct WinModuleList type WinCtx (line 94) | typedef struct WinCtx type PE_THUNKINFO_IAT (line 105) | typedef struct tdPE_THUNKINFO_IAT type PE_THUNKINFO_EAT (line 115) | typedef struct tdPE_THUNKINFO_EAT type IMAGE_IMPORT_DESCRIPTOR (line 124) | typedef struct _IMAGE_IMPORT_DESCRIPTOR FILE: SMM Rootkit/SMMRootkit/WinUmdIATHook.c function BOOLEAN (line 30) | static BOOLEAN WindowsUmdIATHookStage1() function BOOLEAN (line 59) | static BOOLEAN WindowsUmdIATHookStage2() function BOOLEAN (line 193) | static BOOLEAN WindowsUmdIATHookStage3() function BOOLEAN (line 244) | BOOLEAN WindowsUmdIATHook() function VOID (line 304) | VOID InitWindowsUmdIATHook() FILE: SMM Rootkit/SMMRootkit/WinUmdIATHook.h type WinUmdIATState (line 11) | typedef enum _WinUmdIATState type WinUmdIATCtxLimited (line 19) | typedef struct _WinUmdIATCtx FILE: SMM Rootkit/SMMRootkit/serial.c function VOID (line 35) | VOID SerialPortInitialize(UINT16 Port, UINTN Baudrate) function VOID (line 56) | VOID SerialPortWrite(UINT16 Port, UINT8 Data) function UINT8 (line 70) | UINT8 SerialPortRead(UINT16 Port) function VOID (line 84) | VOID SerialPrintString(const char *text) function VOID (line 95) | VOID SerialPrintStringDebug(const char *text) function VOID (line 102) | VOID SerialTest() function VOID (line 112) | VOID SerialSendData(const VOID *buf, UINT8 len) function VOID (line 120) | VOID SerialPrintNumber(INT64 _v, INT64 _b) function VOID (line 158) | VOID SerialPrintNumberDebug(UINT64 _v, UINT64 _b) FILE: SMM Rootkit/SMMRootkit/string.c function strlen (line 3) | size_t strlen(const CHAR8 *str) function CHAR8 (line 12) | CHAR8 *strcat(CHAR8 *destination, const CHAR8 *source) function INT32 (line 28) | INT32 memcmp(const VOID *str1, const VOID *str2, size_t count) function CHAR8 (line 41) | CHAR8 tolower(UINT8 ch) function INT32 (line 48) | INT32 stricmp(const CHAR8 *s1, const CHAR8 *s2) function INT32 (line 59) | INT32 strcmp(const CHAR8 *s1, const CHAR8 *s2) function INT32 (line 67) | INT32 strncmp(const CHAR8 *s1, const CHAR8 *s2, size_t n) function CHAR8 (line 85) | const CHAR8 *strstr(const CHAR8 *X, const CHAR8 *Y) function CHAR8 (line 100) | CHAR8 *strdup(CHAR8 *src) FILE: SMM Rootkit/SMMRootkit/string.h type UINT32 (line 8) | typedef UINT32 size_t; FILE: SMM Rootkit/SMMRootkit/windows.h type IMAGE_DOS_HEADER (line 26) | typedef struct _IMAGE_DOS_HEADER type IMAGE_EXPORT_DIRECTORY (line 49) | typedef struct _IMAGE_EXPORT_DIRECTORY type IMAGE_FILE_HEADER (line 64) | typedef struct _IMAGE_FILE_HEADER type IMAGE_DATA_DIRECTORY (line 75) | typedef struct _IMAGE_DATA_DIRECTORY type IMAGE_OPTIONAL_HEADER64 (line 81) | typedef struct _IMAGE_OPTIONAL_HEADER64 type IMAGE_NT_HEADERS64 (line 115) | typedef struct _IMAGE_NT_HEADERS64 type IMAGE_OPTIONAL_HEADER32 (line 122) | typedef struct _IMAGE_OPTIONAL_HEADER32 type IMAGE_NT_HEADERS32 (line 157) | typedef struct _IMAGE_NT_HEADERS32 type IMAGE_SECTION_HEADER (line 164) | typedef struct _IMAGE_SECTION_HEADER type LIST_ENTRY_WIN (line 181) | typedef struct _LIST_ENTRY_WIN type UNICODE_STRING (line 187) | typedef struct _UNICODE_STRING type LDR_MODULE (line 194) | typedef struct _LDR_MODULE type PEB_LDR_DATA (line 211) | typedef struct _PEB_LDR_DATA type PEB (line 222) | typedef struct _PEB type LIST_ENTRY_32_WIN (line 234) | typedef struct _LIST_ENTRY_32_WIN type UNICODE_STRING32 (line 240) | typedef struct _UNICODE_STRING32 type LDR_MODULE32 (line 247) | typedef struct _LDR_MODULE32 type PEB_LDR_DATA32 (line 264) | typedef struct _PEB_LDR_DATA32 type PEB32 (line 275) | typedef struct _PEB32 FILE: SMM Rootkit/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c function BOOLEAN (line 33) | BOOLEAN function VOID (line 60) | VOID function UINT64 (line 81) | UINT64 function UINT8 (line 97) | UINT8 function VOID (line 137) | VOID function UINT32 (line 238) | UINT32 function VOID (line 345) | VOID function UINT64 (line 365) | UINT64 function UINT64 (line 384) | UINT64 function VOID (line 420) | VOID function UINT64 (line 632) | UINT64 function VOID (line 662) | VOID function VOID (line 801) | VOID function VOID (line 904) | VOID FILE: shellcode/windows_x64_umd_iat/windows_x64_umd_iat.c type QWORD (line 11) | typedef unsigned __int64 QWORD, *PQWORD; type UMD_EXEC_CONTEXT_FULL (line 34) | typedef struct tdUMD_EXEC_CONTEXT_FULL { function VOID (line 100) | VOID c_EntryPoint(PUMD_EXEC_CONTEXT_FULL ctx) FILE: target_tests/windows_x64_umd_iat/windows_x64_umd_iat/windows_x64_umd_iat.cpp function main (line 9) | int main()