https://github.com/mirokaku/musa.core
Use ntdll/ntoskrnl to implement Kernel32, Advapi32 and other APIs. It includes user-mode and kernel-mode.
https://github.com/mirokaku/musa.core
kernel-driver ntdll ntos windows
Last synced: 9 months ago
JSON representation
Use ntdll/ntoskrnl to implement Kernel32, Advapi32 and other APIs. It includes user-mode and kernel-mode.
- Host: GitHub
- URL: https://github.com/mirokaku/musa.core
- Owner: MiroKaku
- License: mit
- Created: 2023-05-21T01:31:21.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2024-08-24T02:31:22.000Z (over 1 year ago)
- Last Synced: 2024-10-12T04:27:58.650Z (over 1 year ago)
- Topics: kernel-driver, ntdll, ntos, windows
- Language: C++
- Homepage:
- Size: 455 KB
- Stars: 61
- Watchers: 5
- Forks: 12
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
Awesome Lists containing this project
README
# [Musa.Core](https://github.com/MiroKaku/Musa.Core)
[](https://github.com/MiroKaku/Musa.Core/actions)
[](https://www.nuget.org/packages/Musa.Core/)
[](https://github.com/MiroKaku/Musa.Core/blob/main/LICENSE)
* [简体中文](https://github.com/MiroKaku/Musa.Core/blob/main/README.zh-CN.md)
## Introduction
> **Warning**
>
> Musa.Core is in beta testing...
Musa.Core is a derivative of the underlying API implementation of [Musa.Runtime](https://github.com/MiroKaku/Musa.Runtime) (formerly [ucxxrt](https://github.com/MiroKaku/ucxxrt)).
Use ntdll/ntoskrnl to implement Kernel32, Advapi32 and other APIs. It includes user-mode and kernel-mode.
## How to use
Right click on the project, select "Manage NuGet Packages".
Search for `Musa.Core`, choose the version that suits you, and then click "Install".
> NuGet package depends on [Musa.Veil](https://github.com/MiroKaku/Musa.Veil), you can directly include ``
Or
If your project template uses [Mile.Project.Windows](https://github.com/ProjectMile/Mile.Project.Windows), you can add the following code directly to your `.vcxproj` file:
```XML
0.1.0
```
### Header-only mode
Add the following code to your `.vcxproj` file:
```XML
true
```
This mode will not automatically import lib files.
## Feature
- [x] All ZwRoutines supported by the current system can be used directly.
```C
NTSTATUS DriverEntry(PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath)
{
UNREFERENCED_PARAMETER(DriverObject);
UNREFERENCED_PARAMETER(RegistryPath);
NTSTATUS Status;
do {
DriverObject->DriverUnload = DriverUnload;
Status = MusaCoreStartup(DriverObject, RegistryPath);
if (!NT_SUCCESS(Status)) {
break;
}
LARGE_INTEGER SystemTime{};
Status = ZwQuerySystemTime(&SystemTime);
if (!NT_SUCCESS(Status)) {
break;
}
Status = RtlSystemTimeToLocalTime(&SystemTime, &SystemTime);
if (!NT_SUCCESS(Status)) {
break;
}
TIME_FIELDS Time{};
RtlTimeToTimeFields(&SystemTime, &Time);
MusaLOG("Loading time is %04d/%02d/%02d %02d:%02d:%02d",
Time.Year, Time.Month, Time.Day,
Time.Hour, Time.Minute, Time.Second);
} while (false);
if (!NT_SUCCESS(Status)) {
DriverUnload(DriverObject);
}
return Status;
}
```
- [x] Support part of RtlXxxx API.
- [x] Support part of KernelBase API.
- [ ] Support part of Advapi32 API.
## Progress
See [Project](https://github.com/users/MiroKaku/projects/1/views/1)
## Acknowledgements
Thanks to [JetBrains](https://www.jetbrains.com/?from=meesong) for providing free licenses such as [Resharper C++](https://www.jetbrains.com/resharper-cpp/?from=meesong) for my open-source projects.
[
](https://www.jetbrains.com/?from=meesong)
## Thanks & References
* Thanks: The scheme to export ZwRoutines is provided by @[xiaobfly](https://github.com/xiaobfly).
* References: [systeminformer](https://github.com/winsiderss/systeminformer)/phnt
* References: [Windows_OS_Internals_Curriculum_Resource_Kit-ACADEMIC](https://github.com/MeeSong/Windows_OS_Internals_Curriculum_Resource_Kit-ACADEMIC)