Opening a directory with NtCreateFile

**Lionel** · 09-04-2005

I want to get an handle to a directory and query it,via NtCreateFile() and NtQueryDirectoryFile() :

Code:

#include <cstdlib>
#include <windows.h>
#include <cstdio>

// you also need some #defines from Windows DDK,like 
// IO_STATUS_BLOCK,FILE_INFORMATION_CLASS etc.

// this is my definition of OBJECT_ATTRIBUTES,perhaps it's incorrect??


 typedef struct _OBJECT_ATTRIBUTES {
    ULONG uLength;
    HANDLE  RootDirectory;
    PUNICODE_STRING  ObjectName;
    ULONG  Attributes;
    PSECURITY_DESCRIPTOR  SecurityDescriptor;
    PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService;  
 } OBJECT_ATTRIBUTES,*POBJECT_ATTRIBUTES;



int WINAPI WinMain(HINSTANCE,HINSTANCE,LPSTR,int){


 typedef int (WINAPI * NtQueryDirFunc)(HANDLE,HANDLE,PVOID,PVOID,PIO_STATUS_BLOCK,PVOID,ULONG,FILE_INFORMATION_CLASS,BOOL,PUNICODE_STRING,BOOL);
 NtQueryDirFunc NtQueryDirectoryFile = (NtQueryDirFunc)GetProcAddress(GetModuleHandle("ntdll.dll"),"NtQueryDirectoryFile");

 PFILE_DIRECTORY_INFORMATION pDirInfo = (PFILE_DIRECTORY_INFORMATION)calloc(1,sizeof(FILE_DIRECTORY_INFORMATION) + MAX_PATH);

 typedef int (WINAPI * NtCreateFileFunc)(PHANDLE,DWORD,POBJECT_ATTRIBUTES,PVOID,PVOID,ULONG,ULONG,ULONG,ULONG,PVOID,ULONG);
 NtCreateFileFunc ntcreatefile = (NtCreateFileFunc)GetProcAddress(GetModuleHandle("ntdll.dll"),"NtCreateFile");

	typedef DWORD (WINAPI *PfRtlAnsiStringToUnicodeString)(PUNICODE_STRING, PANSI_STRING, BOOL);
	typedef DWORD (WINAPI *PfRtlUnicodeStringToAnsiString)(PANSI_STRING, PUNICODE_STRING, BOOL);
	typedef DWORD (WINAPI *PfRtlCompareUnicodeString)(PUNICODE_STRING, PUNICODE_STRING, BOOL);

	PfRtlAnsiStringToUnicodeString MyRtlAnsiStringToUnicodeString;
	PfRtlUnicodeStringToAnsiString MyRtlUnicodeStringToAnsiString;
	PfRtlCompareUnicodeString MyRtlCompareUnicodeString;

 MyRtlAnsiStringToUnicodeString = (PfRtlAnsiStringToUnicodeString)GetProcAddress(LoadLibrary("ntdll.dll"),"RtlAnsiStringToUnicodeString");
 MyRtlUnicodeStringToAnsiString = (PfRtlUnicodeStringToAnsiString)GetProcAddress(LoadLibrary("ntdll.dll"),"RtlUnicodeStringToAnsiString");
 MyRtlCompareUnicodeString = (PfRtlCompareUnicodeString)GetProcAddress(LoadLibrary("ntdll.dll"), "RtlCompareUnicodeString");

 OBJECT_ATTRIBUTES oa;
 UNICODE_STRING us;
 ANSI_STRING as;

 const char szDir[] = "c:\\windows\\";  

 as.Buffer = (char *)malloc(strlen(szDir) + 1);
 strcpy(as.Buffer,szDir);
 as.Length = as.MaximumLength = us.MaximumLength = us.Length = strlen(szDir);

  // convert directory name from ANSI to UNICODE
 MyRtlAnsiStringToUnicodeString(&us, &as, TRUE);  

 MessageBoxW(NULL,us.Buffer,us.Buffer,MB_OK);  // show directory name

 oa.uLength = sizeof(oa);
 oa.RootDirectory = NULL;
 oa.ObjectName = &us;
 oa.Attributes = OBJ_KERNEL_HANDLE ;
 oa.SecurityDescriptor = NULL;
 oa.SecurityQualityOfService = NULL;

 ULONG info;

 PIO_STATUS_BLOCK pIO = (PIO_STATUS_BLOCK)malloc(sizeof(IO_STATUS_BLOCK));
 pIO->Information = &info;

 HANDLE hDir;

 char c[20];
 sprintf(c,"%u", ntcreatefile(&hDir,FILE_TRAVERSE | FILE_LIST_DIRECTORY,&oa,pIO,NULL,0,0,FILE_OPEN,FILE_DIRECTORY_FILE,NULL,0) == STATUS_SUCCESS);
 MessageBox(NULL,c,"",MB_OK);

 sprintf(c,"%u",STATUS_SUCCESS == NtQueryDirectoryFile(hDir,NULL,NULL,NULL,pIO,pDirInfo,sizeof(FILE_DIRECTORY_INFORMATION) + MAX_PATH,FileDirectoryInformation,FALSE,NULL,TRUE));
 
 MessageBox(NULL,c,"",MB_OK);

 CloseHandle(hDir);

 return 0;
}

The output is always 0...why?? perhaps the definition of OBJECT_ATTRIBUTES was wrong?? why does the call to NtCreateFile fails?

Thread: Opening a directory with NtCreateFile

Thread Tools

Search Thread

Display

Threaded View

Opening a directory with NtCreateFile

Similar Threads

Couple errors please help :-D

Opening all files in a directory

Opening file in directory of the running program

Opening files with a directory browser?

Opening a file in a database or different directory