Re: NetShareAdd() In Kernel Mode

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: sharon sahar (sharon.sahar_at_gmail.com)
Date: 03/23/05

Next message: Mario: "Port Monitor Question"
Previous message: Gabriel Bogdan: "Re: "Fake Protocol""
In reply to: Arkady Frenkel: "Re: NetShareAdd() In Kernel Mode"
Messages sorted by: [ date ] [ thread ]

Date: 23 Mar 2005 03:28:00 -0800

These functions return information about the CONTENT of a directory
object.
What I'm looking for is:
1.To know what api function is called in the kernel when a user shares
a directory or NetShareAdd() function is called. This way, I can
monitor share request for example.
2.If I get a path for a share like UNC\sharename\bla.txt via
Createfile(), to know the driver letter where this share is mapped to.

Thanks

Next message: Mario: "Port Monitor Question"
Previous message: Gabriel Bogdan: "Re: "Fake Protocol""
In reply to: Arkady Frenkel: "Re: NetShareAdd() In Kernel Mode"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

App verifier, HOOK, shim and how wince works
... What I wanted to do first was to hook system calls, I have managed to hooks some functions like CreateFile, RegCreateKeyE, ... ... Interesting part is on one hand 0xFFFFC800 because this memory address corresponds to the address where the kernel is loaded on ARM platform and on the other hand 0xF000AFDC because this corresponds to an exception and the kernel knows it corresponds to a system call. ... For instance CreateFile is implemented inside filesys.exe but how can I hook syscalls when pServer is NULL ...
(microsoft.public.windowsce.embedded)
Re: App verifier, HOOK, shim and how wince works
... The more I go deep inside the kernel the more I ... What I wanted to do first was to hook system calls, ... to source code found on forums) to hooks some functions like CreateFile, ... 1)When an application do a syscall, let's say CreateFile, is coredll ...
(microsoft.public.windowsce.embedded)
detecting kernel version via API or system call
... I would like to check the kernel version, ... Is there an API function or system call I can use? ... Michelangelo Calatino ... unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe ...
(RedHat)
CD/DVD creation date ?
... Any API function for getting this information? ... I know that CreateFile can access a logical volume so CreateFile + ... GetFileTime might work. ... Prev by Date: ...
(microsoft.public.win32.programmer.kernel)
Is there ZwCreateNamedPipe() ?
... Since there is a kernel mode equivalent to CreateFile() - named ... ZwCreateFile() - I thought that it would be nice to have kernel ... support for named pipes, not only files. ...
(microsoft.public.development.device.drivers)