Results 1 to 3 of 3

Thread: vb6 Api ReadFile,SaveFile with NtReadFile,NtWriteFile

  1. #1

    Thread Starter
    PowerPoster
    Join Date
    Jan 2020
    Posts
    3,746

    vb6 Api ReadFile,SaveFile with NtReadFile,NtWriteFile

    Code:
    Private Declare Function OpenFile& Lib "kernel32" (ByVal FileName As String, ByVal OFs As Long, ByVal Flags As Long)
    Private Declare Function NtReadFile& Lib "ntdll" (ByVal Handle As Long, ByVal Events As Long, ByVal APCRoutine As Long, ByVal APCContext As Long, ByVal IoStatus As Long, ByVal Buffer As Long, ByVal Length As Long, Optional ByVal Number As Long, Optional ByVal Keys As Long)
    Private Declare Function NtWriteFile& Lib "ntdll" (ByVal Handle As Long, ByVal Events As Long, ByVal APCRoutine As Long, ByVal APCContext As Long, ByVal IoStatus As Long, ByVal Buffer As Long, ByVal Length As Long, Optional ByVal Number As Long, Optional ByVal Keys As Long)
    Private Declare Function CloseHandle& Lib "kernel32" (ByVal Handle As Long)
    
    Public Function ReadFile(ByVal FileName As String, ByRef ByteIn() As Byte) As Boolean
    Dim Handle&, Block&(1), Struct&(33)
    ReDim ByteIn(FileLen(FileName))
    Handle = OpenFile(FileName, VarPtr(Struct(0)), 0)
    If NtReadFile(Handle, 0, 0, 0, VarPtr(Block(0)), VarPtr(ByteIn(0)), UBound(ByteIn)) = 0 Then ReadFile = True
    CloseHandle Handle
    End Function
    Public Function WriteFile(ByVal FileName As String, ByRef ByteIn() As Byte) As Boolean
    Dim Handle&, Block&(1), Struct&(33)
    CloseHandle OpenFile(FileName, VarPtr(Struct(0)), 4096)
    Handle = OpenFile(FileName, VarPtr(Struct(0)), 1)
    If NtWriteFile(Handle, 0, 0, 0, VarPtr(Block(0)), VarPtr(ByteIn(0)), UBound(ByteIn) + 1) = 0 Then WriteFile = True
    CloseHandle Handle
    End Function
    
     Function SaveFileEncode(FileName, strFileBody, Optional Charset = "gb2312") As Boolean
      Dim ADO_Stream ' As New ADODB.Stream
            Set ADO_Stream = CreateObject("Adodb.Stream")
            On Error GoTo ferr
        With ADO_Stream
            .Type = 2
            .Mode = 3
            .Charset = Charset
              .Open
            .WriteText strFileBody
            .SaveToFile FileName, 2
        End With
          SaveFileEncode = True
          Exit Function
    ferr:
     End Function
    
    Private Sub Form_Load()
    SaveFileEncode "test.txt", "testABCD"
    Dim Temp() As Byte
    Me.Caption = ReadFile("test.txt", Temp)
     
    MsgBox StrConv(Temp, vbUnicode)
    Erase Temp
    'Me.Caption = ReadFile("C:\WINDOWS\notepad.exe", Temp)
    Temp = StrConv("testNew", vbFromUnicode)
    MsgBox "Length:" & UBound(Temp) + 1
    Me.Caption = WriteFile("test2.txt", Temp)
    
     Erase Temp
    Call ReadFile("test2.txt", Temp)
     
    MsgBox StrConv(Temp, vbUnicode)
    
    End Sub

  2. #2
    Member
    Join Date
    Jan 2018
    Posts
    32

    Re: vb6 Api ReadFile,SaveFile with NtReadFile,NtWriteFile

    Quote Originally Posted by xiaoyao View Post
    Code:
    Private Declare Function OpenFile& Lib "kernel32" (ByVal FileName As String, ByVal OFs As Long, ByVal Flags As Long)
    Private Declare Function NtReadFile& Lib "ntdll" (ByVal Handle As Long, ByVal Events As Long, ByVal APCRoutine As Long, ByVal APCContext As Long, ByVal IoStatus As Long, ByVal Buffer As Long, ByVal Length As Long, Optional ByVal Number As Long, Optional ByVal Keys As Long)
    Private Declare Function NtWriteFile& Lib "ntdll" (ByVal Handle As Long, ByVal Events As Long, ByVal APCRoutine As Long, ByVal APCContext As Long, ByVal IoStatus As Long, ByVal Buffer As Long, ByVal Length As Long, Optional ByVal Number As Long, Optional ByVal Keys As Long)
    Private Declare Function CloseHandle& Lib "kernel32" (ByVal Handle As Long)
    Is there any advantage over kernel32 readfile and writefile ? And still using OpenFile from kernel32. Please explain.

  3. #3

    Thread Starter
    PowerPoster
    Join Date
    Jan 2020
    Posts
    3,746

    Re: vb6 Api ReadFile,SaveFile with NtReadFile,NtWriteFile

    i used to hook process for read file or write file.
    when you want to load a pdf file or word file,can hook and read encode file in memory.

    For example, play encrypted video, or load encrypted database files, simulate hard disk files in memory, and save them to hard disk after modification and encryption.
    Last edited by xiaoyao; Jun 25th, 2022 at 08:29 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width