#include <windows.h>
#include <iostream>
using namespace std;
typedef struct _OBJECT_NAME_INFORMATION {
WORD Length;
WORD MaximumLength;
LPWSTR Buffer;
} OBJECT_NAME_INFORMATION, *POBJECT_NAME_INFORMATION;
typedef long(__stdcall*PNtQueryObject)(HANDLE ObjectHandle,ULONG ObjectInformationClass,PVOID ObjectInformation,ULONG ObjectInformationLength,PULONG ReturnLength);
int main(){
PNtQueryObject NtQueryObject(reinterpret_cast<PNtQueryObject>(GetProcAddress(GetModuleHandleW(L"ntdll.dll"),"NtQueryObject")));
OBJECT_NAME_INFORMATION name,*pname;ULONG len;
HANDLE hFile=CreateFile(L"D:\\xiao\\xiaoma.txt",FILE_READ_DATA,1,0,OPEN_EXISTING,0,0);
NtQueryObject(hFile,1,&name,sizeof name,&len);
pname=reinterpret_cast<POBJECT_NAME_INFORMATION>(new char[len]);
NtQueryObject(hFile,1,pname,len,&len);
wcout<<pname->Buffer<<endl;
return 0;
}
相关文章: