From 9387771c8197e0615e0d86b213bfef8a6575325c Mon Sep 17 00:00:00 2001 From: joaoviictorti Date: Fri, 4 Oct 2024 11:12:11 -0300 Subject: [PATCH] docs(driver): Adjusts documentation to use 'Arguments' instead of 'Parameters' --- driver/src/callback/find_callback.rs | 2 +- driver/src/callback/ioctls.rs | 2 +- driver/src/callback/mod.rs | 8 ++++---- driver/src/driver/ioctls.rs | 2 +- driver/src/driver/mod.rs | 8 ++++---- driver/src/injection/ioctls.rs | 2 +- driver/src/injection/mod.rs | 6 +++--- driver/src/lib.rs | 12 ++++++------ driver/src/misc/dse.rs | 2 +- driver/src/misc/etwti.rs | 2 +- driver/src/misc/ioctls.rs | 2 +- driver/src/module/ioctls.rs | 2 +- driver/src/module/mod.rs | 8 ++++---- driver/src/port/ioctls.rs | 2 +- driver/src/port/mod.rs | 8 ++++---- driver/src/port/port.rs | 6 +++--- driver/src/process/callback.rs | 10 +++++----- driver/src/process/ioctls.rs | 2 +- driver/src/process/mod.rs | 18 +++++++++--------- driver/src/registry/callback.rs | 16 ++++++++-------- driver/src/registry/ioctls.rs | 2 +- driver/src/registry/mod.rs | 14 +++++++------- driver/src/registry/utils.rs | 8 ++++---- driver/src/thread/callback.rs | 10 +++++----- driver/src/thread/ioctls.rs | 2 +- driver/src/thread/mod.rs | 12 ++++++------ driver/src/utils/address.rs | 4 ++-- driver/src/utils/handles.rs | 2 +- driver/src/utils/ioctls.rs | 2 +- driver/src/utils/mod.rs | 20 ++++++++++---------- driver/src/utils/patterns.rs | 8 ++++---- driver/src/utils/pool.rs | 2 +- driver/src/utils/process_attach.rs | 2 +- driver/src/utils/uni.rs | 2 +- 34 files changed, 105 insertions(+), 105 deletions(-) diff --git a/driver/src/callback/find_callback.rs b/driver/src/callback/find_callback.rs index c4860d1..32842d7 100644 --- a/driver/src/callback/find_callback.rs +++ b/driver/src/callback/find_callback.rs @@ -110,7 +110,7 @@ pub fn find_ob_register_callback(callback: &Callbacks) -> Option<*mut FULL_OBJEC /// Finds the type of the callback and calls the function responsible for it. /// -/// # Parameters +/// # Arguments /// /// - `callback`: target callback that will be called. /// diff --git a/driver/src/callback/ioctls.rs b/driver/src/callback/ioctls.rs index 1cc18c7..c155c1d 100644 --- a/driver/src/callback/ioctls.rs +++ b/driver/src/callback/ioctls.rs @@ -17,7 +17,7 @@ use { /// This function inserts two IOCTL handlers into the provided `HashMap`, associating them with /// their respective IOCTL codes. The two operations supported are: /// -/// # Parameters +/// # Arguments /// /// - `ioctls`: A mutable reference to a `HashMap` where the callback-related /// IOCTL handlers will be inserted. diff --git a/driver/src/callback/mod.rs b/driver/src/callback/mod.rs index 862a3ae..b603320 100644 --- a/driver/src/callback/mod.rs +++ b/driver/src/callback/mod.rs @@ -25,7 +25,7 @@ static mut INFO_CALLBACK_RESTAURE_OB: Lazy>> = Laz pub trait CallbackList { /// Restore a callback from the specified routine. /// - /// # Parameters + /// # Arguments /// /// - `target_callback`: Pointer to the callback information input. /// @@ -37,7 +37,7 @@ pub trait CallbackList { /// Removes a callback from the specified routine. /// - /// # Parameters + /// # Arguments /// /// - `target_callback`: Pointer to the callback information input. /// @@ -49,7 +49,7 @@ pub trait CallbackList { /// Searches for a module associated with a callback and updates callback information. /// - /// # Parameters + /// # Arguments /// /// - `target_callback`: Pointer to the callback information input. /// - `callback_info`: Pointer to the callback information output. @@ -63,7 +63,7 @@ pub trait CallbackList { /// List of callbacks currently removed. /// - /// # Parameters + /// # Arguments /// /// - `target_callback`: Pointer to the callback information input. /// - `callback_info`: Pointer to the callback information output. diff --git a/driver/src/driver/ioctls.rs b/driver/src/driver/ioctls.rs index 1feed82..5ac2579 100644 --- a/driver/src/driver/ioctls.rs +++ b/driver/src/driver/ioctls.rs @@ -16,7 +16,7 @@ use { /// This function inserts two IOCTL handlers into the provided `HashMap`, associating them with /// their respective IOCTL codes. The two operations supported are: /// -/// # Parameters +/// # Arguments /// /// - `ioctls`: A mutable reference to a `HashMap` where the driver-related /// IOCTL handlers will be inserted. diff --git a/driver/src/driver/mod.rs b/driver/src/driver/mod.rs index 43dcf2a..755d704 100644 --- a/driver/src/driver/mod.rs +++ b/driver/src/driver/mod.rs @@ -27,7 +27,7 @@ pub struct Driver; impl Driver { /// Toggle the visibility of a process based on the `enable` field of the `TargetProcess` structure. /// - /// # Parameters + /// # Arguments /// /// - `process`: A pointer to the `TargetProcess` structure. /// @@ -46,7 +46,7 @@ impl Driver { /// Hides the driver by unlinking it from the loaded module list. /// - /// # Parameters + /// # Arguments /// /// - `device`: A pointer to the `DEVICE_OBJECT` representing the driver to be hidden. /// @@ -105,7 +105,7 @@ impl Driver { /// Hides the driver by unlinking it from the loaded module list. /// - /// # Parameters + /// # Arguments /// /// - `device`: A pointer to the `DEVICE_OBJECT` representing the driver to be hidden. /// @@ -144,7 +144,7 @@ impl Driver { /// Enumerates loaded drivers and stores the information in the provided buffer. /// - /// # Parameters + /// # Arguments /// /// - `driver_info`: A pointer to a buffer where `DriverInfo` structures will be stored. /// - `information`: A mutable reference to a `usize` that will store the total size of the information written. diff --git a/driver/src/injection/ioctls.rs b/driver/src/injection/ioctls.rs index d28fb37..81114f4 100644 --- a/driver/src/injection/ioctls.rs +++ b/driver/src/injection/ioctls.rs @@ -21,7 +21,7 @@ use { /// This function inserts two IOCTL handlers into the provided `HashMap`, associating them with /// their respective IOCTL codes. The two operations supported are: /// -/// # Parameters +/// # Arguments /// /// - `ioctls`: A mutable reference to a `HashMap` where the injection-related /// IOCTL handlers will be inserted. diff --git a/driver/src/injection/mod.rs b/driver/src/injection/mod.rs index c843aad..0318792 100644 --- a/driver/src/injection/mod.rs +++ b/driver/src/injection/mod.rs @@ -43,7 +43,7 @@ pub struct InjectionShellcode; impl InjectionShellcode { /// Injection Shellcode in Thread. /// - /// # Parameters + /// # Arguments /// /// - `target`: The target process identifier (PID) and the path containing the injection shellcode. /// @@ -127,7 +127,7 @@ impl InjectionShellcode { /// Injection Shellcode in APC. /// - /// # Parameters + /// # Arguments /// /// - `target`: The target process identifier (PID) and the path containing the injection shellcode. /// @@ -230,7 +230,7 @@ pub struct InjectionDLL; impl InjectionDLL { /// DLL Injection. /// - /// # Parameters + /// # Arguments /// /// - `target`: The target process identifier (PID) and the path containing the injection dll. /// diff --git a/driver/src/lib.rs b/driver/src/lib.rs index c5690ef..77edd83 100644 --- a/driver/src/lib.rs +++ b/driver/src/lib.rs @@ -50,7 +50,7 @@ const DOS_DEVICE_NAME: &str = "\\??\\shadow"; /// /// This function is called by the system when the driver is loaded. /// -/// # Parameters +/// # Arguments /// /// - `driver_object`: Pointer to the driver object. /// - `registry_path`: Pointer to the Unicode string that specifies the driver's registry path. @@ -87,7 +87,7 @@ pub unsafe extern "system" fn driver_entry( /// This function is called by the system when the driver is loaded. It is responsible for /// initializing the driver, creating the device object and setting up the symbolic link. /// -/// # Parameters +/// # Arguments /// /// - `driver_object`: Pointer to the driver object. /// - `_registry_path`: Pointer to the Unicode string that specifies the driver's registry path. @@ -161,7 +161,7 @@ pub unsafe extern "system" fn shadow_entry( /// /// This function is responsible for processing IOCTL commands received by the driver and executing the corresponding actions. /// -/// # Parameters +/// # Arguments /// /// - `_device`: Pointer to the device object (not used in this function). /// - `irp`: Pointer to the I/O request packet (IRP) that contains the information about the device control request. @@ -191,7 +191,7 @@ pub unsafe extern "C" fn device_control(_device: *mut DEVICE_OBJECT, irp: *mut I /// This function is called when an open instance of the device is closed. /// It marks the I/O request (IRP) as successfully completed. /// -/// # Parameters +/// # Arguments /// /// - `_device_object`: Pointer to the associated device object (not used in this function). /// - `irp`: Pointer to the I/O request packet (IRP) containing the information about the close request. @@ -212,7 +212,7 @@ pub unsafe extern "C" fn driver_close(_device_object: *mut DEVICE_OBJECT, irp: * /// This function is called when the driver is being unloaded from the system. /// It removes the symbolic link and deletes the device object associated with the driver. /// -/// # Parameters +/// # Arguments /// /// - `driver_object`: Pointer to the driver object being unloaded. /// @@ -243,7 +243,7 @@ pub unsafe extern "C" fn driver_unload(driver_object: *mut DRIVER_OBJECT) { /// Register Callbacks. /// -/// # Parameters +/// # Arguments /// /// - `driver_object`: Pointer to the driver object being unloaded. /// diff --git a/driver/src/misc/dse.rs b/driver/src/misc/dse.rs index bf543c8..6c6ab1b 100644 --- a/driver/src/misc/dse.rs +++ b/driver/src/misc/dse.rs @@ -13,7 +13,7 @@ pub struct Dse; impl Dse { /// Sets the DSE (Driver Signature Enforcement) status based on the information provided. /// - /// # Parameters + /// # Arguments /// /// - `info_dse`: A pointer to the `DSE` structure containing information about the state of the DSE. /// diff --git a/driver/src/misc/etwti.rs b/driver/src/misc/etwti.rs index bf75d2a..8aeb97b 100644 --- a/driver/src/misc/etwti.rs +++ b/driver/src/misc/etwti.rs @@ -22,7 +22,7 @@ pub struct Etw; impl Etw { /// Enables or disables ETW tracing by manipulating the `ETWTI` structure. /// - /// # Parameters + /// # Arguments /// /// - `info`: A pointer to an `ETWTI` structure, which contains information on whether to enable or disable ETW tracing. /// diff --git a/driver/src/misc/ioctls.rs b/driver/src/misc/ioctls.rs index 306aa27..c1d91d1 100644 --- a/driver/src/misc/ioctls.rs +++ b/driver/src/misc/ioctls.rs @@ -15,7 +15,7 @@ use { /// This function inserts two IOCTL handlers into the provided `HashMap`, associating them with /// their respective IOCTL codes. The two operations supported are: /// -/// # Parameters +/// # Arguments /// /// - `ioctls`: A mutable reference to a `HashMap` where the misc-related /// IOCTL handlers will be inserted. diff --git a/driver/src/module/ioctls.rs b/driver/src/module/ioctls.rs index 8541d2d..b5bde42 100644 --- a/driver/src/module/ioctls.rs +++ b/driver/src/module/ioctls.rs @@ -11,7 +11,7 @@ use { /// This function inserts two IOCTL handlers into the provided `HashMap`, associating them with /// their respective IOCTL codes. The two operations supported are: /// -/// # Parameters +/// # Arguments /// /// - `ioctls`: A mutable reference to a `HashMap` where the module-related /// IOCTL handlers will be inserted. diff --git a/driver/src/module/mod.rs b/driver/src/module/mod.rs index 36736f1..6cc4d89 100644 --- a/driver/src/module/mod.rs +++ b/driver/src/module/mod.rs @@ -32,7 +32,7 @@ impl Module { /// Enumerates modules in a given target process. /// - /// # Parameters + /// # Arguments /// /// - `process`: A pointer to the target process (`*mut TargetProcess`) from which the modules will be enumerated. /// - `module_info`: A pointer to a `ModuleInfo` structure that will be populated with information about the enumerated modules. @@ -124,7 +124,7 @@ impl Module { /// Hides a module in a target process by removing its entries from the module list. /// - /// # Parameters + /// # Arguments /// /// - `target`: A pointer to a `TargetModule` structure containing information about the module to be hidden. /// @@ -191,7 +191,7 @@ impl Module { /// Removing the module name in the FILE_OBJECT structure. /// - /// # Parameters + /// # Arguments /// /// - `target_address`: The address of the module to hide. /// - `target_eprocess`: The target process structure. @@ -256,7 +256,7 @@ impl Module { /// Removes a link from the list. /// - /// # Parameters + /// # Arguments /// /// - `list`: A mutable reference to the `LIST_ENTRY` structure to unlink. /// diff --git a/driver/src/port/ioctls.rs b/driver/src/port/ioctls.rs index 0e52f5f..c54a2d5 100644 --- a/driver/src/port/ioctls.rs +++ b/driver/src/port/ioctls.rs @@ -13,7 +13,7 @@ use { /// This function inserts two IOCTL handlers into the provided `HashMap`, associating them with /// their respective IOCTL codes. The two operations supported are: /// -/// # Parameters +/// # Arguments /// /// - `ioctls`: A mutable reference to a `HashMap` where the port-related /// IOCTL handlers will be inserted. diff --git a/driver/src/port/mod.rs b/driver/src/port/mod.rs index 53f63e1..f66f190 100644 --- a/driver/src/port/mod.rs +++ b/driver/src/port/mod.rs @@ -155,7 +155,7 @@ impl Port { /// and the control code matches `NIS_CONTROL_CODE`. It intercepts TCP and UDP entries, /// allowing modification of network data, such as filtering specific ports. /// - /// # Parameters + /// # Arguments /// /// - `device_object`: A pointer to the device object. /// - `irp`: A pointer to the IRP (I/O Request Packet). @@ -198,7 +198,7 @@ impl Port { /// This function is called after the original completion routine is invoked. It inspects the network /// table entries (TCP or UDP) and can remove or modify entries based on certain conditions (e.g., port filtering). /// - /// # Parameters + /// # Arguments /// /// - `device_object`: A pointer to the device object. /// - `irp`: A pointer to the IRP (I/O Request Packet). @@ -292,7 +292,7 @@ impl NetworkUtils { /// This function uses `ProbeForRead` to check whether a memory address is valid and accessible. /// It wraps the operation in a Structured Exception Handling (SEH) block to catch and log any exceptions. /// - /// # Parameters + /// # Arguments /// /// - `address`: The memory address to validate. /// @@ -322,7 +322,7 @@ impl NetworkUtils { /// hook operation. It copies TCP/UDP entries, status entries, and process entries, effectively /// "hiding" specific network ports. /// - /// # Parameters + /// # Arguments /// /// - `entries`: A pointer to the list of TCP or UDP entries. /// - `count`: The total number of entries in the table. diff --git a/driver/src/port/port.rs b/driver/src/port/port.rs index e2bc7d0..8de90b0 100644 --- a/driver/src/port/port.rs +++ b/driver/src/port/port.rs @@ -11,7 +11,7 @@ pub static PROTECTED_PORTS: Lazy>> = Lazy::new(|| Mutex::new /// Method to toggle the addition or removal of a port from the list of protected ports. /// -/// # Parameters +/// # Arguments /// /// - `port`: `PortInfo` structure with information about the port to be added or removed. /// @@ -29,7 +29,7 @@ pub fn add_remove_port_toggle(port: *mut PortInfo) -> NTSTATUS { /// Method to add a port to the list of protected ports. /// -/// # Parameters +/// # Arguments /// /// - `port`: `PortInfo` structure with information about the port to be protected. /// @@ -58,7 +58,7 @@ fn add_target_port(port: *mut PortInfo) -> NTSTATUS { /// Method to remove a port from the list of protected ports. /// -/// # Parameters +/// # Arguments /// /// - `port`: `PortInfo` structure with information about the port to be removed. /// diff --git a/driver/src/process/callback.rs b/driver/src/process/callback.rs index 3d48b5c..f18f744 100644 --- a/driver/src/process/callback.rs +++ b/driver/src/process/callback.rs @@ -26,7 +26,7 @@ static TARGET_PIDS: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_ /// Method to check if the action sent is to add or remove a pid from the list of protected processes /// -/// # Parameters +/// # Arguments /// /// - `process`: Structure with information about the process that will be added or removed from the list of protected processes. /// @@ -45,7 +45,7 @@ pub fn add_remove_process_toggle(process: *mut ProcessProtection) -> NTSTATUS { /// Method for adding the list of processes that will have anti-kill / dumping protection. /// -/// # Parameters +/// # Arguments /// /// - `pid`: The identifier of the target process (PID) to be hidden. /// @@ -73,7 +73,7 @@ fn add_target_pid(pid: usize) -> NTSTATUS { /// Method for removing the list of processes that will have anti-kill / dumping protection. /// -/// # Parameters +/// # Arguments /// /// - `pid`: The identifier of the target process (PID) to be hidden. /// @@ -95,7 +95,7 @@ fn remove_target_pid(pid: usize) -> NTSTATUS { /// Enumerate Processes Protect. /// -/// # Parameters +/// # Arguments /// /// - `info_process`: It is a parameter of type `InfoProcesses` that will send the processes that are currently protected. /// - `information`: It is a parameter of type `usize` that will be updated with the total size of the filled `InfoProcesses` structures. @@ -120,7 +120,7 @@ pub unsafe fn enumerate_protection_processes(info_process: *mut ProcessListInfo, /// The object (process) pre-operation callback function used to filter process opening operations. /// This function is registered as a callback and is called by the operating system before a process opening operation is completed. /// -/// # Parameters +/// # Arguments /// /// - `_registration_context`: Pointer to record context (Not used). /// - `info`: Pointer to an `OB_PRE_OPERATION_INFORMATION` structure that contains information about the process's pre-opening operation. diff --git a/driver/src/process/ioctls.rs b/driver/src/process/ioctls.rs index fa5fe74..f8cc7cd 100644 --- a/driver/src/process/ioctls.rs +++ b/driver/src/process/ioctls.rs @@ -24,7 +24,7 @@ use { /// This function inserts two IOCTL handlers into the provided `HashMap`, associating them with /// their respective IOCTL codes. The two operations supported are: /// -/// # Parameters +/// # Arguments /// - `ioctls`: A mutable reference to a `HashMap` where the process-related /// IOCTL handlers will be inserted. /// diff --git a/driver/src/process/mod.rs b/driver/src/process/mod.rs index d502991..3f13685 100644 --- a/driver/src/process/mod.rs +++ b/driver/src/process/mod.rs @@ -42,7 +42,7 @@ pub struct Process { impl Process { /// Creates a new `Process` instance by looking up a process by its PID. /// - /// # Parameters + /// # Arguments /// /// - `pid`: The process identifier (PID) to look up. /// @@ -65,7 +65,7 @@ impl Process { /// Toggle the visibility of a process based on the `enable` field of the `TargetProcess` structure. /// - /// # Parameters + /// # Arguments /// /// - `process`: A pointer to the `TargetProcess` structure. /// @@ -84,7 +84,7 @@ impl Process { /// Hide a process by removing it from the list of active processes. /// - /// # Parameters + /// # Arguments /// /// - `process`: The identifier of the target process (PID) to be hidden. /// @@ -133,7 +133,7 @@ impl Process { /// Unhide a process by removing it from the list of active processes. /// - /// # Parameters + /// # Arguments /// /// - `process`: The identifier of the target process (PID) to be hidden. /// @@ -186,7 +186,7 @@ impl Process { /// Toggles the enumeration between hiding or protecting processes based on the options provided. /// - /// # Parameters + /// # Arguments /// /// - `input_target`: Pointer to the enumeration information input structure. /// - `info_process`: Information structure of processes. @@ -214,7 +214,7 @@ impl Process { /// Enumerate Processes Hide. /// - /// # Parameters + /// # Arguments /// /// - `info_process`: It is a parameter of type `ProcessListInfo` that will send the processes that are currently hidden. /// - `information`: It is a parameter of type `usize` that will be updated with the total size of the filled `ProcessListInfo` structures. @@ -238,7 +238,7 @@ impl Process { /// Terminate a process specified by the PID (Process Identifier). /// - /// # Parameters + /// # Arguments /// /// - `pid`: The identifier of the target process (PID) to terminate process. /// @@ -282,7 +282,7 @@ impl Process { /// Removing process signature (PP / PPL). /// - /// # Parameters + /// # Arguments /// /// - `pid`: The identifier of the target process (PID) to remove protection. /// @@ -317,7 +317,7 @@ impl Process { /// to the token of the system process, effectively elevating the privileges of the target process /// to those of the system (NT AUTHORITY\SYSTEM). /// - /// # Parameters + /// # Arguments /// /// - `pid`: The identifier of the target process (PID) whose token will be raised. /// diff --git a/driver/src/registry/callback.rs b/driver/src/registry/callback.rs index f0d3bce..b9c83a1 100644 --- a/driver/src/registry/callback.rs +++ b/driver/src/registry/callback.rs @@ -29,7 +29,7 @@ pub static mut CALLBACK_REGISTRY: LARGE_INTEGER = unsafe { core::mem::zeroed() } /// The registry callback function handles registry-related operations based on the notification class. /// -/// # Parameters +/// # Arguments /// /// - `_callback_context`: A pointer to the callback context, usually not used. /// - `argument1`: A pointer to the notification class. @@ -74,7 +74,7 @@ pub unsafe extern "C" fn registry_callback( /// Handles the pre-delete key operation. /// -/// # Parameters +/// # Arguments /// /// - `info`: A pointer to `REG_DELETE_KEY_INFORMATION`. /// @@ -104,7 +104,7 @@ unsafe fn pre_delete_key(info: *mut REG_DELETE_KEY_INFORMATION) -> NTSTATUS { /// Performs the post-operation to enumerate registry key values. /// -/// # Parameters +/// # Arguments /// /// - `info`: Pointer to the information structure of the post-execution logging operation. /// @@ -180,7 +180,7 @@ unsafe fn post_enumerate_key_value(info: *mut REG_POST_OPERATION_INFORMATION) -> /// Performs the post-operation to enumerate registry keys. /// -/// # Parameters +/// # Arguments /// /// - `info`: Pointer to the information structure of the post-execution logging operation. /// @@ -258,7 +258,7 @@ unsafe fn post_enumerate_key(info: *mut REG_POST_OPERATION_INFORMATION) -> NTSTA /// Handles the pre-query key operation. /// -/// # Parameters +/// # Arguments /// /// - `info`: A pointer to `REG_QUERY_KEY_INFORMATION`. /// @@ -288,7 +288,7 @@ unsafe fn pre_query_key(info: *mut REG_QUERY_KEY_INFORMATION) -> NTSTATUS { /// Handles the pre-delete value key operation. /// -/// # Parameters +/// # Arguments /// /// - `info`: A pointer to `REG_DELETE_VALUE_KEY_INFORMATION`. /// @@ -322,7 +322,7 @@ unsafe fn pre_delete_value_key(info: *mut REG_DELETE_VALUE_KEY_INFORMATION) -> N /// Handles the pre-set value key operation. /// -/// # Parameters +/// # Arguments /// /// - `info`: A pointer to `REG_SET_VALUE_KEY_INFORMATION`. /// @@ -356,7 +356,7 @@ unsafe fn pre_set_value_key(info: *mut REG_SET_VALUE_KEY_INFORMATION) -> NTSTATU /// Reads the key name from the registry information. /// -/// # Parameters +/// # Arguments /// /// - `info`: A pointer to the registry information. /// diff --git a/driver/src/registry/ioctls.rs b/driver/src/registry/ioctls.rs index 2adea4a..5417216 100644 --- a/driver/src/registry/ioctls.rs +++ b/driver/src/registry/ioctls.rs @@ -18,7 +18,7 @@ use { /// This function inserts two IOCTL handlers into the provided `HashMap`, associating them with /// their respective IOCTL codes. The two operations supported are: /// -/// # Parameters +/// # Arguments /// /// - `ioctls`: A mutable reference to a `HashMap` where the registry-related /// IOCTL handlers will be inserted. diff --git a/driver/src/registry/mod.rs b/driver/src/registry/mod.rs index 9f153f4..665202e 100644 --- a/driver/src/registry/mod.rs +++ b/driver/src/registry/mod.rs @@ -32,7 +32,7 @@ static HIDE_KEY_VALUES: Lazy>> = Lazy::new(|| Mutex: trait RegistryList { /// Adds an item to the registry list. /// - /// # Parameters + /// # Arguments /// /// - `list`: A mutable reference to the list. /// - `item`: The item to be added. @@ -45,7 +45,7 @@ trait RegistryList { /// Removes an item from the registry list. /// - /// # Parameters + /// # Arguments /// /// - `list`: A mutable reference to the list. /// - `item`: The item to be removed. @@ -58,7 +58,7 @@ trait RegistryList { /// Checks if an item is in the registry list. /// - /// # Parameters + /// # Arguments /// /// - `list`: A reference to the list. /// - `item`: The item to be checked. @@ -142,7 +142,7 @@ pub struct Registry { impl Registry<(String, String)> { /// Adds or removes a key-value pair from the list of protected values. /// - /// # Parameters + /// # Arguments /// /// - `target`: The `TargetRegistry` structure representing the key-value pair to be protected or removed. /// @@ -179,7 +179,7 @@ impl Registry<(String, String)> { /// Checks if the key-value pair is in the list of protected values. /// - /// # Parameters + /// # Arguments /// - `key`: The key being checked. /// - `value`: The value being checked. /// @@ -194,7 +194,7 @@ impl Registry<(String, String)> { impl Registry { /// Adds or removes a key from the list of protected keys. /// - /// # Parameters + /// # Arguments /// /// - `key`: The key to be protected or removed. /// - `enable`: A boolean indicating whether to add (true) or remove (false) the key. @@ -231,7 +231,7 @@ impl Registry { /// Checks if the key is in the list of protected keys. /// - /// # Parameters + /// # Arguments /// /// - `key`: The key being checked. /// diff --git a/driver/src/registry/utils.rs b/driver/src/registry/utils.rs index 1855b93..d8496d7 100644 --- a/driver/src/registry/utils.rs +++ b/driver/src/registry/utils.rs @@ -17,7 +17,7 @@ use { /// Checks if the key is present. /// -/// # Parameters +/// # Arguments /// /// - `info`: Pointer to the record operation information structure. /// - `key`: Name of the key to be checked. @@ -55,7 +55,7 @@ pub unsafe fn check_key(info: *mut REG_POST_OPERATION_INFORMATION, key: String) /// Checks if the key value is present. /// -/// # Parameters +/// # Arguments /// - `info`: Pointer to the record operation information structure. /// - `key`: Name of the key to be checked. /// @@ -100,7 +100,7 @@ pub unsafe fn check_key_value(info: *mut REG_POST_OPERATION_INFORMATION, key: St /// Enumerate the target key. /// -/// # Parameters +/// # Arguments /// - `key_handle`: Handle of the target key. /// - `index`: Index to be listed. /// - `buffer`: Buffer that will store the key. @@ -164,7 +164,7 @@ pub unsafe fn enumerate_key( /// Enumerates values of the target key /// -/// # Parameters +/// # Arguments /// - `key_handle`: Handle of the target key. /// - `index`: Index to be listed. /// - `buffer`: Buffer that will store the key values. diff --git a/driver/src/thread/callback.rs b/driver/src/thread/callback.rs index 8173585..5757760 100644 --- a/driver/src/thread/callback.rs +++ b/driver/src/thread/callback.rs @@ -21,7 +21,7 @@ static TARGET_TIDS: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_ /// Method to check if the action sent is to add or remove a tid from the list of protected threads /// -/// # Parameters +/// # Arguments /// - `process`: Structure with information about the process that will be added or removed from the list of protected threads. /// /// # Returns @@ -37,7 +37,7 @@ pub fn add_remove_thread_toggle(process: *mut ThreadProtection) -> NTSTATUS { /// Method for adding the list of threads that will have anti-kill / dumping protection. /// -/// # Parameters +/// # Arguments /// - `tid`: The identifier of the target process (tid) to be hidden. /// /// # Returns @@ -63,7 +63,7 @@ fn add_target_tid(tid: usize) -> NTSTATUS { /// Method for removing the list of threads that will have anti-kill / dumping protection. /// -/// # Parameters +/// # Arguments /// - `tid`: The identifier of the target process (tid) to be hidden. /// /// # Returns @@ -88,7 +88,7 @@ fn remove_target_tid(tid: usize) -> NTSTATUS { /// Enumerate threads Protect. /// -/// # Parameters +/// # Arguments /// - `info_process`: It is a parameter of type `Infothreads` that will send the threads that are currently protected. /// - `information`: It is a parameter of type `usize` that will be updated with the total size of the filled `Infothreads` structures. /// @@ -110,7 +110,7 @@ pub unsafe fn enumerate_protection_threads(info_process: *mut ThreadListInfo, in /// Pre-operation callback for thread opening that modifies the desired access rights to prevent certain actions on specific threads. /// -/// # Parameters +/// # Arguments /// - `_registration_context`: A pointer to the registration context (unused). /// - `info`: A pointer to the `OB_PRE_OPERATION_INFORMATION` structure containing information about the operation. /// diff --git a/driver/src/thread/ioctls.rs b/driver/src/thread/ioctls.rs index 31a4d2b..ffe76de 100644 --- a/driver/src/thread/ioctls.rs +++ b/driver/src/thread/ioctls.rs @@ -24,7 +24,7 @@ use { /// This function inserts two IOCTL handlers into the provided `HashMap`, associating them with /// their respective IOCTL codes. The two operations supported are: /// -/// # Parameters +/// # Arguments /// /// - `ioctls`: A mutable reference to a `HashMap` where the thread-related /// IOCTL handlers will be inserted. diff --git a/driver/src/thread/mod.rs b/driver/src/thread/mod.rs index a6b2a04..ae01649 100644 --- a/driver/src/thread/mod.rs +++ b/driver/src/thread/mod.rs @@ -37,7 +37,7 @@ pub struct Thread { impl Thread { /// Creates a new `Thread` instance by looking up a thread by its TID. /// - /// # Parameters + /// # Arguments /// /// - `tid`: The process identifier (TID) to look up. /// @@ -60,7 +60,7 @@ impl Thread { /// Toggle the visibility of a process based on the `enable` field of the `TargetProcess` structure. /// - /// # Parameters + /// # Arguments /// /// - `process`: A pointer to the `TargetProcess` structure. /// @@ -78,7 +78,7 @@ impl Thread { /// Hides a thread by removing it from the list of active threads. /// - /// # Parameters + /// # Arguments /// - `tid`: The identifier of the target thread (TID) to be hidden. /// /// # Returns @@ -131,7 +131,7 @@ impl Thread { /// Unhide a process by removing it from the list of active threads. /// - /// # Parameters + /// # Arguments /// /// - `tid`: The identifier of the target process (TID) to be hidden. /// @@ -188,7 +188,7 @@ impl Thread { /// Enumerates and hides threads by populating the provided `ThreadListInfo` structure with thread IDs. /// - /// # Parameters + /// # Arguments /// /// - `info_process`: A pointer to the `ThreadListInfo` structure to be populated. /// - `information`: A mutable reference to a `usize` value that will be updated with the size of the populated data. @@ -211,7 +211,7 @@ impl Thread { /// Enumerates threads and performs actions based on the specified options (hide or protection). /// - /// # Parameters + /// # Arguments /// /// - `input_target`: A pointer to the `EnumerateInfoInput` structure containing the target options. /// - `info_process`: A pointer to the `ThreadListInfo` structure to be populated. diff --git a/driver/src/utils/address.rs b/driver/src/utils/address.rs index 389b12e..300bda4 100644 --- a/driver/src/utils/address.rs +++ b/driver/src/utils/address.rs @@ -12,7 +12,7 @@ use { /// Gets the base address of a specified module. /// -/// # Parameters +/// # Arguments /// /// - `module_name`: A string slice containing the name of the module. /// @@ -61,7 +61,7 @@ pub unsafe fn get_module_base_address(module_name: &str) -> Option<*mut c_void> /// Gets the address of a specified function within a module. /// -/// # Parameters +/// # Arguments /// /// - `function_name`: A string slice containing the name of the function. /// - `dll_base`: A pointer to the base address of the DLL. diff --git a/driver/src/utils/handles.rs b/driver/src/utils/handles.rs index 4c3a75e..b1c1092 100644 --- a/driver/src/utils/handles.rs +++ b/driver/src/utils/handles.rs @@ -13,7 +13,7 @@ impl Handle { /// /// This function wraps a raw Windows `HANDLE` inside the `Handle` struct. /// - /// # Parameters + /// # Arguments /// /// - `handle`: A raw Windows `HANDLE` to wrap. /// diff --git a/driver/src/utils/ioctls.rs b/driver/src/utils/ioctls.rs index ba71943..8dbb76d 100644 --- a/driver/src/utils/ioctls.rs +++ b/driver/src/utils/ioctls.rs @@ -22,7 +22,7 @@ use { /// two parameters, `IRP` (I/O Request Packet) and `IO_STACK_LOCATION`, and returns /// an `NTSTATUS` result, indicating the success or failure of the operation. /// -/// # Parameters +/// # Arguments /// /// - `*mut IRP`: Pointer to an IRP (I/O Request Packet), which represents an I/O request in Windows. /// - `*mut IO_STACK_LOCATION`: Pointer to the current I/O stack location. diff --git a/driver/src/utils/mod.rs b/driver/src/utils/mod.rs index 196dc49..3dc1cee 100644 --- a/driver/src/utils/mod.rs +++ b/driver/src/utils/mod.rs @@ -62,7 +62,7 @@ pub mod process_attach; /// Retrieves the input buffer from the given IO stack location. /// -/// # Parameters +/// # Arguments /// /// - `stack`: A pointer to the `_IO_STACK_LOCATION` structure. /// @@ -82,7 +82,7 @@ pub unsafe fn get_input_buffer(stack: *mut _IO_STACK_LOCATION) -> Result<*mut /// Retrieves the output buffer from the given IRP. /// -/// # Parameters +/// # Arguments /// /// - `irp`: A pointer to the `IRP` structure. /// @@ -102,7 +102,7 @@ pub unsafe fn get_output_buffer(irp: *mut IRP) -> Result<*mut T, NTSTATUS> { /// Retrieves the PID of a process by its name. /// -/// # Parameters +/// # Arguments /// /// - `process_name`: A string slice containing the name of the process. /// @@ -155,7 +155,7 @@ pub unsafe fn get_process_by_name(process_name: &str) -> Option { /// Retrieves the address of a specified function within a module in the context of a target process. /// -/// # Parameters +/// # Arguments /// /// - `pid`: The process ID (PID) of the target process. /// - `module_name`: The name of the module (DLL) to be searched for. The search is case-insensitive. @@ -228,7 +228,7 @@ pub unsafe fn get_module_peb(pid: usize, module_name: &str, function_name: &str) /// Find for a thread with an alertable status. /// -/// # Parameters +/// # Arguments /// /// - `target_pid`: PID that will fetch the tids. /// @@ -295,7 +295,7 @@ pub unsafe fn find_thread_alertable(target_pid: usize) -> Option<*mut _KTHREAD> /// Initializes the OBJECT_ATTRIBUTES structure. /// -/// # Parameters +/// # Arguments /// /// - `object_name`: The name of the object (optional). /// - `attributes`: The attributes of the object. @@ -327,7 +327,7 @@ pub fn InitializeObjectAttributes( /// Reads the content of a file given its path. /// -/// # Parameters +/// # Arguments /// /// - `path`: The path to the file. /// @@ -439,7 +439,7 @@ pub fn return_module() -> Option<(*mut LDR_DATA_TABLE_ENTRY, i32)> { /// Validates if the given address is within the kernel memory range. /// -/// # Parameters +/// # Arguments /// /// - `addr`: A 64-bit unsigned integer representing the address to validate. /// @@ -453,7 +453,7 @@ pub fn valid_kernel_memory(addr: u64) -> bool { /// Validates if the given address is within the user memory range. /// -/// # Parameters +/// # Arguments /// /// - `addr`: A 64-bit unsigned integer representing the address to validate. /// @@ -468,7 +468,7 @@ pub fn valid_user_memory(addr: u64) -> bool { /// Generic function that performs the operation with the lock already acquired. /// It will acquire the lock exclusively and guarantee its release after use. /// -/// # Parameters +/// # Arguments /// /// - `push_lock` - Pointer to the lock to be acquired. /// - `operation` - The operation to be performed while the lock is active. diff --git a/driver/src/utils/patterns.rs b/driver/src/utils/patterns.rs index dd85171..0acb68d 100644 --- a/driver/src/utils/patterns.rs +++ b/driver/src/utils/patterns.rs @@ -52,7 +52,7 @@ pub static mut ZW_PATTERN: [u8; 30] = [ /// and then converts it into a fixed-size array of `N` bytes. The resulting array is passed to the /// provided conversion function (`func`), which returns a value of type `T`. /// -/// # Parameters +/// # Arguments /// /// - `slice`: A reference to a byte slice (`&[u8]`) that is expected to have exactly `N` bytes. /// - `func`: A function that takes an array of `N` bytes (`[u8; N]`) and returns a value of type `T`. @@ -76,7 +76,7 @@ fn slice_to_number(slice: &[u8], func: fn([u8; N]) -> T) -> R /// Scans memory for a specific pattern of bytes in a specific section. /// -/// # Parameters +/// # Arguments /// /// - `base_addr`: The base address (in `usize` format) from which the scan should start. /// - `section_name`: The name of the section to scan. This string must match the name of the section you want to scan. @@ -113,7 +113,7 @@ where /// Finds the address of a specified Zw function. /// -/// # Parameters +/// # Arguments /// /// - `name`: The name of the Zw function to find. /// @@ -157,7 +157,7 @@ pub unsafe fn find_zw_function(name: &str) -> Option { /// Retrieves the syscall index for a given function name. /// -/// # Parameters +/// # Arguments /// /// - `function_name`: The name of the function to retrieve the syscall index for. /// diff --git a/driver/src/utils/pool.rs b/driver/src/utils/pool.rs index f96c73e..c9adbcb 100644 --- a/driver/src/utils/pool.rs +++ b/driver/src/utils/pool.rs @@ -18,7 +18,7 @@ impl PoolMemory { /// This function uses `ExAllocatePool2` to allocate a block of memory from the Windows kernel /// pool. It returns `None` if the allocation fails, or `Some(PoolMemory)` if successful. /// - /// # Parameters + /// # Arguments /// /// - `flag`: Flags controlling the behavior of the memory allocation, of type `POOL_FLAGS`. /// - `number_of_bytes`: The size of the memory block to allocate, in bytes. diff --git a/driver/src/utils/process_attach.rs b/driver/src/utils/process_attach.rs index ed12fa1..f77be05 100644 --- a/driver/src/utils/process_attach.rs +++ b/driver/src/utils/process_attach.rs @@ -23,7 +23,7 @@ impl ProcessAttach { /// process using `KeStackAttachProcess`. This allows the current thread to operate within /// the target process context. /// - /// # Parameters + /// # Arguments /// /// - `target_process`: A pointer to the target process (`PRKPROCESS`) to attach to. /// diff --git a/driver/src/utils/uni.rs b/driver/src/utils/uni.rs index 987b129..91c907f 100644 --- a/driver/src/utils/uni.rs +++ b/driver/src/utils/uni.rs @@ -44,7 +44,7 @@ impl OwnedUnicodeString { /// is properly null-terminated. The resulting wide string is stored in an `OwnedUnicodeString`, /// which can later be converted to a `UNICODE_STRING` for use in kernel APIs. /// -/// # Parameters +/// # Arguments /// /// - `s`: A reference to the Rust string slice to be converted. ///