遍历Windows操作系统的网卡驱动
遍历Windows操作系统的网卡驱动
前言
Windows操作系统的网卡驱动,大多是通过NdisMRegisterMiniportDriver注册的,即常说的MiniportDriver。
关于硬件的,物理的网卡的驱动,少有人去搞它,除非了解它的原理和性能啥的。
但是关于虚拟的网卡,可以搞一搞,也许能搞出一些事情来,如:VPN等其他的网络安全通讯等。
IDA的简单分析
NdisMRegisterMiniportDriver是直接调用ndisInternalRegisterMiniportDriver实现的.
这两个函数的最后一个参数的实际类型是_NDIS_M_DRIVER_BLOCK **。
这个函数与本文相关的主题是:
- 申请一个_NDIS_M_DRIVER_BLOCK结构。
- 把这个结构的地址返回给最后一个参数。
- 把这个申请到的结构插入到类型为_NDIS_M_DRIVER_BLOCK的名为ndisMiniDriverList全局链表中。
注意:KSPIN_LOCK ndisMiniDriverListLock和_PKG_REF ndisPkgs。
简要的IDA伪码如下:
Irql = KeAcquireSpinLockRaiseToDpc(&ndisMiniDriverListLock);
Object = ndisDriverObject;
MiniportDriver->NextDriver = ndisMiniDriverList;
ndisMiniDriverList = MiniportDriver;
ObfReferenceObject(Object);
KeReleaseSpinLock(&ndisMiniDriverListLock, Irql);所以得出枚举网卡驱动的思路:
- 自己安装个网卡驱动,根据返回的句柄即_NDIS_M_DRIVER_BLOCK,以及成员NextDriver进行遍历。
- 搜索定位全局但未导出的ndisMiniDriverList和ndisMiniDriverListLock进行遍历。
- 看看有没有导出的API,有这个为最好。
windbg手工操作
0: kd> x ndis!ndisMiniDriverList
fffff804`7cd9c418 ndis!ndisMiniDriverList = <no type information>
0: kd> dt poi(ndis!ndisMiniDriverList) _NDIS_M_DRIVER_BLOCK
ndis!_NDIS_M_DRIVER_BLOCK
_NDIS_M_DRIVER_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x008 NextDriver : 0xffffe108`9c5e7ab0 _NDIS_M_DRIVER_BLOCK
+0x010 MiniportQueue : 0xffffe108`9dacf1a0 _NDIS_MINIPORT_BLOCK
+0x018 MajorNdisVersion : 0x6 ''
+0x019 MinorNdisVersion : 0x1e ''
+0x01a Flags : 0
+0x020 NdisDriverInfo : (null)
+0x028 DriverObject : 0xffffe108`9dace760 _DRIVER_OBJECT
+0x030 ServiceRegPath : _UNICODE_STRING "\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\BthPan"
+0x040 MiniportDriverContext : (null)
+0x048 AssociatedProtocol : (null)
+0x050 DeviceList : _LIST_ENTRY [ 0xffffe108`9dad2d58 - 0xffffe108`9dad2d58 ]
+0x060 PendingDeviceList : (null)
+0x068 UnloadHandler : (null)
+0x070 MiniportDriverCharacteristics : _NDIS_MINIPORT_DRIVER_CHARACTERISTICS
+0x070 MiniportCharacteristics : _NDIS51_MINIPORT_CHARACTERISTICS
+0x160 UnhookedCharacteristics : wistd::unique_ptr<_NDIS_MINIPORT_DRIVER_CHARACTERISTICS,wistd::default_delete<_NDIS_MINIPORT_DRIVER_CHARACTERISTICS> >
+0x168 CxBlock : (null)
+0x170 MiniportsRemovedEvent : _KEVENT
+0x188 Ref : _REFERENCE_EX
+0x1a0 IMStartRemoveMutex : _KMUTANT
+0x1d8 IMStartRemoveMutexOwnerThread : (null)
+0x1e0 DriverVersion : 0
+0x1e8 ServiceName : _UNICODE_STRING "BthPan"
+0x1f8 CoCreateVcHandler : (null)
+0x200 CoDeleteVcHandler : (null)
+0x208 CoActivateVcHandler : (null)
+0x210 CoDeactivateVcHandler : (null)
+0x218 CoSendNetBufferListsHandler : (null)
+0x220 CoRequestHandler : (null)
+0x228 CoOidRequestHandler : (null)
+0x230 InitiateOffloadHandler : (null)
+0x238 TerminateOffloadHandler : (null)
+0x240 UpdateOffloadHandler : (null)
+0x248 InvalidateOffloadHandler : (null)
+0x250 QueryOffloadHandler : (null)
+0x258 TcpOffloadSendHandler : (null)
+0x260 TcpOffloadReceiveHandler : (null)
+0x268 TcpOffloadDisconnectHandler : (null)
+0x270 TcpOffloadForwardHandler : (null)
+0x278 CallMgrChars : _NDIS_CO_CALL_MANAGER_OPTIONAL_HANDLERS
+0x308 AddDeviceHandler : (null)
+0x310 RemoveDeviceHandler : (null)
+0x318 FilterResourceRequirementsHandler : (null)
+0x320 StartDeviceHandler : (null)
+0x328 OpenNDKAdapterHandler : (null)
+0x330 CloseNDKAdapterHandler : (null)
+0x338 SysPowerNotifyHandler : (null)
+0x340 IdleNotificationHandler : (null)
+0x348 CancelIdleNotificationHandler : (null)
+0x350 DevicePowerNotifyHandler : (null)
+0x358 ReenumerateFailedAdapterHandler : (null)
+0x360 LiveDumpCallback : (null)
+0x368 ImageName : _UNICODE_STRING "bthpan.sys"
+0x378 HookDriverHandle : (null)
+0x380 HookType : 0 ( NdisMiniportHookDriverTypeNone )
+0x384 HookRegistered : 0
+0x388 AllocateNetBufferListForwardingContextHandler : (null)
+0x390 FreeNetBufferListForwardingContextHandler : (null)
+0x398 AddNetBufferListDestinationHandler : (null)
+0x3a0 SetNetBufferListSourceHandler : (null)
+0x3a8 GrowNetBufferListDestinationsHandler : (null)
+0x3b0 GetNetBufferListDestinationsHandler : (null)
+0x3b8 UpdateNetBufferListDestinationsHandler : (null)
+0x3c0 CopyNetBufferListInfoHandler : (null)
+0x3c8 ReferenceSwitchNicHandler : (null)
+0x3d0 DereferenceSwitchNicHandler : (null)
+0x3d8 ReferenceSwitchPortHandler : (null)
+0x3e0 DereferenceSwitchPortHandler : (null)
+0x3e8 ReportFilteredNetBufferListsHandler : (null)
+0x3f0 SetNetBufferListSwitchContextHandler : (null)
+0x3f8 GetNetBufferListSwitchContextHandler : (null)
+0x400 PDExtProviderRegisterClient : (null)
+0x408 PDExtProviderDeregisterClient : (null)
+0x410 PDExtProviderGetFreePDBuffer : (null)
+0x418 PDExtProviderReturnPDBuffer : (null)
+0x420 PDExtProviderInjectPDBuffer : (null)
+0x428 PDExtProviderCopyPDBufferInfo : (null)
+0x430 PDExtProviderGetPDBufferClientContext : (null)
+0x438 PDExtProviderGetPDBufferDestinations : (null)
+0x440 PDExtProviderAddPDBufferDestination : (null)
+0x448 PDExtProviderUpdatePDBufferDestinations : (null)
+0x450 PDExtProviderGetPDBufferForwardingDetail : (null)
+0x458 PDExtProviderSetupBufferFromPDBuffer : (null)
+0x460 PDExtProviderGrowPDBufferDestinations : (null)
+0x468 PDExtProviderGetSwitchInfo : (null)
+0x470 PDBMCreateDomain : (null)
+0x478 PDBMAddMemberToDomain : (null)
+0x480 PDBMRemoveMemberFromDomain : (null)
+0x488 PDBMDeleteDomain : (null)
+0x490 PDBMAllocateCommonBuffer : (null)
+0x498 PDBMFreeCommonBuffer : (null)
0: kd> dt 0xffffe108`9c5e7ab0 _NDIS_M_DRIVER_BLOCK
ndis!_NDIS_M_DRIVER_BLOCK
_NDIS_M_DRIVER_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x008 NextDriver : (null) 结束标志。
+0x010 MiniportQueue : 0xffffe108`9c5e81a0 _NDIS_MINIPORT_BLOCK
+0x018 MajorNdisVersion : 0x6 ''
+0x019 MinorNdisVersion : 0x32 '2'
+0x01a Flags : 0
+0x020 NdisDriverInfo : (null)
+0x028 DriverObject : 0xffffe108`9c597e00 _DRIVER_OBJECT
+0x030 ServiceRegPath : _UNICODE_STRING "\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\e1i68x64"
+0x040 MiniportDriverContext : (null)
+0x048 AssociatedProtocol : (null)
+0x050 DeviceList : _LIST_ENTRY [ 0xffffe108`9c217a48 - 0xffffe108`9c217a48 ]
+0x060 PendingDeviceList : (null)
+0x068 UnloadHandler : (null)
+0x070 MiniportDriverCharacteristics : _NDIS_MINIPORT_DRIVER_CHARACTERISTICS
+0x070 MiniportCharacteristics : _NDIS51_MINIPORT_CHARACTERISTICS
+0x160 UnhookedCharacteristics : wistd::unique_ptr<_NDIS_MINIPORT_DRIVER_CHARACTERISTICS,wistd::default_delete<_NDIS_MINIPORT_DRIVER_CHARACTERISTICS> >
+0x168 CxBlock : (null)
+0x170 MiniportsRemovedEvent : _KEVENT
+0x188 Ref : _REFERENCE_EX
+0x1a0 IMStartRemoveMutex : _KMUTANT
+0x1d8 IMStartRemoveMutexOwnerThread : (null)
+0x1e0 DriverVersion : 0xc0012
+0x1e8 ServiceName : _UNICODE_STRING "e1i68x64"
+0x1f8 CoCreateVcHandler : (null)
+0x200 CoDeleteVcHandler : (null)
+0x208 CoActivateVcHandler : (null)
+0x210 CoDeactivateVcHandler : (null)
+0x218 CoSendNetBufferListsHandler : (null)
+0x220 CoRequestHandler : (null)
+0x228 CoOidRequestHandler : (null)
+0x230 InitiateOffloadHandler : (null)
+0x238 TerminateOffloadHandler : (null)
+0x240 UpdateOffloadHandler : (null)
+0x248 InvalidateOffloadHandler : (null)
+0x250 QueryOffloadHandler : (null)
+0x258 TcpOffloadSendHandler : (null)
+0x260 TcpOffloadReceiveHandler : (null)
+0x268 TcpOffloadDisconnectHandler : (null)
+0x270 TcpOffloadForwardHandler : (null)
+0x278 CallMgrChars : _NDIS_CO_CALL_MANAGER_OPTIONAL_HANDLERS
+0x308 AddDeviceHandler : 0xfffff804`80b41540 int e1i68x64!MiniportAddDevice+0
+0x310 RemoveDeviceHandler : 0xfffff804`80b41f10 void e1i68x64!MiniportRemoveDevice+0
+0x318 FilterResourceRequirementsHandler : 0xfffff804`80b418d0 int e1i68x64!MiniportFilterResourceRequirements+0
+0x320 StartDeviceHandler : 0xfffff804`80b41fc0 int e1i68x64!INTERRUPT::IntHandleSDP0Interrupt+0
+0x328 OpenNDKAdapterHandler : (null)
+0x330 CloseNDKAdapterHandler : (null)
+0x338 SysPowerNotifyHandler : (null)
+0x340 IdleNotificationHandler : (null)
+0x348 CancelIdleNotificationHandler : (null)
+0x350 DevicePowerNotifyHandler : (null)
+0x358 ReenumerateFailedAdapterHandler : (null)
+0x360 LiveDumpCallback : (null)
+0x368 ImageName : _UNICODE_STRING "e1i68x64.sys"
+0x378 HookDriverHandle : (null)
+0x380 HookType : 0 ( NdisMiniportHookDriverTypeNone )
+0x384 HookRegistered : 0
+0x388 AllocateNetBufferListForwardingContextHandler : (null)
+0x390 FreeNetBufferListForwardingContextHandler : (null)
+0x398 AddNetBufferListDestinationHandler : (null)
+0x3a0 SetNetBufferListSourceHandler : (null)
+0x3a8 GrowNetBufferListDestinationsHandler : (null)
+0x3b0 GetNetBufferListDestinationsHandler : (null)
+0x3b8 UpdateNetBufferListDestinationsHandler : (null)
+0x3c0 CopyNetBufferListInfoHandler : (null)
+0x3c8 ReferenceSwitchNicHandler : (null)
+0x3d0 DereferenceSwitchNicHandler : (null)
+0x3d8 ReferenceSwitchPortHandler : (null)
+0x3e0 DereferenceSwitchPortHandler : (null)
+0x3e8 ReportFilteredNetBufferListsHandler : (null)
+0x3f0 SetNetBufferListSwitchContextHandler : (null)
+0x3f8 GetNetBufferListSwitchContextHandler : (null)
+0x400 PDExtProviderRegisterClient : (null)
+0x408 PDExtProviderDeregisterClient : (null)
+0x410 PDExtProviderGetFreePDBuffer : (null)
+0x418 PDExtProviderReturnPDBuffer : (null)
+0x420 PDExtProviderInjectPDBuffer : (null)
+0x428 PDExtProviderCopyPDBufferInfo : (null)
+0x430 PDExtProviderGetPDBufferClientContext : (null)
+0x438 PDExtProviderGetPDBufferDestinations : (null)
+0x440 PDExtProviderAddPDBufferDestination : (null)
+0x448 PDExtProviderUpdatePDBufferDestinations : (null)
+0x450 PDExtProviderGetPDBufferForwardingDetail : (null)
+0x458 PDExtProviderSetupBufferFromPDBuffer : (null)
+0x460 PDExtProviderGrowPDBufferDestinations : (null)
+0x468 PDExtProviderGetSwitchInfo : (null)
+0x470 PDBMCreateDomain : (null)
+0x478 PDBMAddMemberToDomain : (null)
+0x480 PDBMRemoveMemberFromDomain : (null)
+0x488 PDBMDeleteDomain : (null)
+0x490 PDBMAllocateCommonBuffer : (null)
+0x498 PDBMFreeCommonBuffer : (null)下面继续看看详细的信息,如:_NDIS_MINIPORT_BLOCK。
0: kd> dt 0xffffe108`9dacf1a0 _NDIS_MINIPORT_BLOCK
ndis!_NDIS_MINIPORT_BLOCK
_NDIS_MINIPORT_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x008 NextMiniport : (null)
+0x010 BaseMiniport : 0xffffe108`9dacf1a0 _NDIS_MINIPORT_BLOCK
+0x018 MiniportAdapterContext : 0xffffe108`9a959010 Void
+0x020 Reserved4 : _UNICODE_STRING ""
+0x020 MajorNdisVersion : 0x6 ''
+0x021 MinorNdisVersion : 0x1e ''
+0x028 PcwDataBlock : (null)
+0x030 PcwDatapathEventMask : 0n0
+0x030 Reserved28 : (null)
+0x038 OpenQueue : 0xffffe108`9ddeeaa0 _NDIS_OPEN_BLOCK
+0x040 ShortRef : _REFERENCE
+0x050 PcwDatapathCycleMask : 0n0
+0x050 Reserved29 : (null)
+0x058 LinkStateIndicationFlags : 0x1f ''
+0x059 LockAcquired : 0 ''
+0x05a PmodeOpens : 0 ''
+0x05b LoopbackOpens : 0 ''
+0x060 Lock : 0
+0x068 Reserved25 : (null)
+0x070 Interrupt : (null)
+0x078 Flags : 0xc450000
+0x07c PnPFlags : 0x418023
+0x080 PacketList : _LIST_ENTRY [ 0xffffe108`9dacf220 - 0xffffe108`9dacf220 ]
+0x090 FirstPendingPacket : (null)
+0x098 ReturnPacketsQueue : (null)
+0x0a0 RequestBuffer : 0xb
+0x0a8 Reserved26 : (null)
+0x0b0 PrimaryMiniport : 0xffffe108`9dacf1a0 _NDIS_MINIPORT_BLOCK
+0x0b8 NextCancelSendNetBufferListsHandler : 0xfffff804`7ccc3c50 void ndis!ndis6DummyReceiveComplete+0
+0x0c0 OidContext : (null)
+0x0c8 SupportedOidListLength : 0x70
+0x0d0 Resources : (null)
+0x0d8 WakeUpDpcTimer : _NDIS_TIMER
+0x158 Reserved20 : _UNICODE_STRING ""
+0x158 MiniportMediaConnectState : 2 ( MediaConnectStateDisconnected )
+0x15c MiniportMediaDuplexState : 2 ( MediaDuplexStateFull )
+0x168 SymbolicLinkName : _UNICODE_STRING "\??\BTH#MS_BTHPAN#7&20f38eb4&0&2#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{369292E4-DD92-46B9-B680-A71531F1B46E}"
+0x178 CheckForHangSeconds : 2
+0x17c CFHangTicks : 0
+0x17e CFHangCurrentTick : 0
+0x180 ResetStatus : 0n0
+0x188 ResetOpen : (null)
+0x190 EthDB : 0xffffe108`9d39ec30 _X_FILTER
+0x190 NullDB : 0xffffe108`9d39ec30 _X_FILTER
+0x198 Unused1 : (null)
+0x1a0 Unused2 : (null)
+0x1a8 Unused3 : (null)
+0x1b0 PacketIndicateHandler : 0xfffff804`7cd3a420 void ndis!ndisMDummyIndicatePacket+0
+0x1b8 SendCompleteHandler : 0xfffff804`7cd72c70 void ndis!ndisMSendCompleteX+0
+0x1c0 SendResourcesHandler : 0xfffff804`7cd735b0 void ndis!NdisMSendResourcesAvailable+0
+0x1c8 ResetCompleteHandler : 0xfffff804`7cd1a1b0 void ndis!NdisMResetComplete+0
+0x1d0 MediaType : 0 ( NdisMedium802_3 )
+0x1d4 AutoNegotiationFlags : 0
+0x1d8 Reserved5 : 0 ( NdisInterfaceInternal )
+0x1dc AdapterType : 5 ( NdisInterfacePci )
+0x1e0 Reserved6 : 0x00000000`00000002 _DEVICE_OBJECT
+0x1e0 MediaConnectState : 2 ( MediaConnectStateDisconnected )
+0x1e8 Reserved7 : 0x00000000`00000002 _DEVICE_OBJECT
+0x1e8 MediaDuplexState : 2 ( MediaDuplexStateFull )
+0x1f0 SupportedOidList : 0xffffe108`9c58aa90 -> 0x10102
+0x1f8 MiniportSGDmaBlock : (null)
+0x200 CallMgrAfList : (null)
+0x208 MiniportThread : (null)
+0x210 SetInfoBuf : (null)
+0x218 SetInfoBufLen : 0
+0x21a MaxSendPackets : 0
+0x21c FakeStatus : 0n-1071448033
+0x220 Reserved24 : 0xfffff804`7cd9b970 Void
+0x220 GlobalTriageBlock : 0xfffff804`7cd9b970 Void
+0x228 CombinedNdisRSSParameters : (null)
+0x230 TimerQueue : (null)
+0x230 TimerObjectQueue : (null)
+0x238 MacOptions : 0xd
+0x240 PendingRequest : (null)
+0x248 MaximumLongAddresses : 0x20
+0x24c Reserved27 : 0
+0x250 MiniportCurrentLookahead : 0x3e
+0x254 MiniportMaximumLookahead : 0x200
+0x258 Reserved1 : 0
+0x258 NullMediaFilter : (null)
+0x260 DisableInterruptHandler : (null)
+0x268 EnableInterruptHandler : (null)
+0x270 SendPacketsHandler : (null)
+0x278 DeferredSendHandler : (null)
+0x280 EthRxIndicateHandler : 0xfffff804`7cd0d190 void ndis!EthFilterDprIndicateReceive+0
+0x288 Reserved30 : (null)
+0x290 NextSendNetBufferListsHandler : 0xfffff804`7cd15e80 void ndis!ndisMFakeSendNetBufferLists+0
+0x298 EthRxCompleteHandler : 0xfffff804`7cd0d5c0 void ndis!EthFilterDprIndicateReceiveComplete+0
+0x2a0 Reserved31 : (null)
+0x2a8 SavedNextSendNetBufferListsHandler : 0xfffff804`7ccb5390 void ndis!ndisMSendNBLToMiniport+0
+0x2b0 StatusHandler : 0xfffff804`7cd19d00 void ndis!NdisMIndicateStatus+0
+0x2b8 StatusCompleteHandler : 0xfffff804`7ccc3c50 void ndis!ndis6DummyReceiveComplete+0
+0x2c0 TDCompleteHandler : 0xfffff804`7cd738c0 void ndis!NdisMTransferDataComplete+0
+0x2c8 QueryCompleteHandler : 0xfffff804`7cd51de0 void ndis!NdisMQueryInformationComplete+0
+0x2d0 SetCompleteHandler : 0xfffff804`7cd51ef0 void ndis!NdisMSetInformationComplete+0
+0x2d8 WanSendCompleteHandler : 0xfffff804`7cd5fd60 void ndis!ndisMWanSendCompleteInternal+0
+0x2e0 WanRcvHandler : 0xfffff804`7cd1a5a0 void ndis!NdisMWanIndicateReceive+0
+0x2e8 WanRcvCompleteHandler : 0xfffff804`7cd1a670 void ndis!NdisMWanIndicateReceiveComplete+0
+0x2f0 SendNetBufferListsCompleteHandler : 0xfffff804`7ccb3640 void ndis!NdisMSendNetBufferListsComplete+0
+0x2f8 PnPEventLockEvent : (null)
+0x300 MediaSpecificAttributes : (null)
+0x308 PendingQueryPowerIrp : (null)
+0x310 InterruptEx : (null)
+0x318 XmitLinkSpeed : 0x2dc6c0
+0x320 RcvLinkSpeed : 0x2dc6c0
+0x328 PauseFunctions : 0 ( NdisPauseFunctionsUnsupported )
+0x32c MiniportPauseFunctions : 0 ( NdisPauseFunctionsUnsupported )
+0x330 MiniportAutoNegotiationFlags : 0
+0x338 WorkQueue : [7] _SINGLE_LIST_ENTRY
+0x370 SingleWorkItems : [6] _SINGLE_LIST_ENTRY
+0x3a0 SendFlags : 0x2 ''
+0x3a1 MP6SupportPM : 0x1 ''
+0x3a2 XState : 0x2 ''
+0x3a8 Log : (null)
+0x3b0 AllocatedResources : (null)
+0x3b8 AllocatedResourcesTranslated : (null)
+0x3c0 PatternList : _SINGLE_LIST_ENTRY
+0x3c8 WOLPatternList : _SINGLE_LIST_ENTRY
+0x3d0 PMProtocolOffloadList : _SINGLE_LIST_ENTRY
+0x3d8 PMCapabilities61 : _NDIS_PNP_CAPABILITIES
+0x3e8 PMHardwareCapabilities : _NDIS_PM_CAPABILITIES
+0x424 PMAdvertisedCapabilities : _NDIS_PM_CAPABILITIES
+0x460 PMCurrentParameters : _NDIS_PM_PARAMETERS
+0x474 PMWmiParameters : _NDIS_PM_PARAMETERS
+0x488 OriginalDeviceCaps : _DEVICE_CAPABILITIES
+0x4c8 DeviceCaps : _DEVICE_CAPABILITIES
+0x508 S0WakeupSupported : 0 ''
+0x50c WakeUpEnable : 0
+0x510 WaitWakeIrp : (null)
+0x518 WaitWakeIrpCompleted : _KEVENT
+0x530 WaitWakeIoCompletionRoutineRan : 0
+0x531 WaitWakeCancelInProgress : 0
+0x532 WaitWakeCancelAttempted : 0
+0x534 WaitWakeSystemState : 0 ( PowerSystemUnspecified )
+0x538 VcIndex : _LARGE_INTEGER 0x0
+0x540 VcCountLock : 0
+0x548 WmiEnabledVcs : _LIST_ENTRY [ 0xffffe108`9dacf6e8 - 0xffffe108`9dacf6e8 ]
+0x558 pNdisGuidMap : 0xffffe108`9dad4010 _NDIS_GUID
+0x560 pCustomGuidMap : 0xffffe108`9dad4d30 _NDIS_GUID
+0x568 VcCount : 0
+0x56a cNdisGuidMap : 0x7f
+0x56c cCustomGuidMap : 7
+0x570 MediaDisconnectTimer : _NDIS_TIMER
+0x5f0 PnPDeviceState : 1 ( NdisPnPDeviceStarted )
+0x5f4 OldPnPDeviceState : 0 ( NdisPnPDeviceAdded )
+0x5f8 DeferredDpc : _KDPC
+0x638 StartTicks : _LARGE_INTEGER 0x1a9
+0x640 IndicatedPacket : 0xffffe108`9dad09a8 -> (null)
+0x648 RemoveReadyEvent : (null)
+0x650 AllRequestsCompletedEvent : (null)
+0x658 InitTimeMs : 0
+0x660 WorkItemBuffer : [6] _NDIS_MINIPORT_WORK_ITEM
+0x6f0 OidList : 0xffffe108`9d31daa0 _OID_LIST
+0x6f8 InternalResetCount : 0
+0x6fa MiniportResetCount : 0
+0x6fc MediaSenseConnectCount : 0
+0x6fe MediaSenseDisconnectCount : 5
+0x700 xPackets : (null)
+0x708 UserModeOpenReferences : 0
+0x710 WSendPacketsHandler : (null)
+0x718 MiniportAttributes : 0x3e0
+0x71c NumOpens : 4
+0x71e CFHangXTicks : 0
+0x720 RequestCount : 0
+0x724 IndicatedPacketsCount : 0
+0x728 PhysicalMediumType : a ( NdisPhysicalMediumBluetooth )
+0x72c MiniportMediaType : 0 ( NdisMedium802_3 )
+0x730 DataLinkLayerType : 0 ( NdisMedium802_3 )
+0x734 MpSpecifiedMediaType : 0 ( NdisMedium802_3 )
+0x738 LastRequest : (null)
+0x740 FakeMac : (null)
+0x748 LockThread : (null)
+0x750 InfoFlags : 0x82320800
+0x758 TimerQueueLock : 0
+0x760 ResetCompletedEvent : (null)
+0x768 SavedPacketIndicateHandler : 0xfffff804`7cd0c6a0 void ndis!ethFilterDprIndicateReceivePacket+0
+0x770 RegisteredInterrupts : 0n0
+0x774 SetOid : 0
+0x778 CFHCompletedEvent : _KEVENT
+0x790 CFHWorkItem : _WORK_QUEUE_ITEM
+0x7b0 CFHWorkItemQueued : 0n0
+0x7b8 DeviceContext : (null)
+0x7c0 RssParametersBuffer : (null)
+0x7c8 UsingMSIX : 0 ''
+0x7c9 Miniport5InNdis6Mode : 0 ''
+0x7ca Miniport5HasNdis6Component : 0x1 ''
+0x7cb InitMode : 0 ''
+0x7cc InitModeNotNeededAnymore : 0x1 ''
+0x7cd MediaChangeFilters : 0 ''
+0x7ce CheckPacketFilters : 0x1 ''
+0x7cf ReceiveFilters : 0 ''
+0x7d0 RecvLock : 0
+0x7d8 RecvState : 6 ( NdisMiniportPaused )
+0x7dc OutstandingReceives : 0
+0x7e0 MiniportRecvLockThread : (null)
+0x7e8 NextSendPacketsHandler : 0xfffff804`7cd748d0 void ndis!ndisMSendPacketsToNetBufferLists+0
+0x7f0 FinalSendPacketsHandler : 0xfffff804`7cd748d0 void ndis!ndisMSendPacketsToNetBufferLists+0
+0x7f8 LowestFilter : (null)
+0x800 HighestFilter : (null)
+0x808 ShutdownContext : (null)
+0x810 ShutdownHandler : (null)
+0x818 BugcheckCallbackRecord : _KBUGCHECK_CALLBACK_RECORD
+0x858 TopIndicateNetBufferListsHandler : 0xfffff804`7cd48020 void ndis!ndisMDispatchReceiveNetBufferLists+0
+0x860 TopIndicateLoopbackNetBufferListsHandler : 0xfffff804`7cd48020 void ndis!ndisMDispatchReceiveNetBufferLists+0
+0x868 Ndis5PacketIndicateHandler : 0xfffff804`7cd0c6a0 void ndis!ethFilterDprIndicateReceivePacket+0
+0x870 MiniportReturnPacketHandler : (null)
+0x878 MiniportReturnPacketContext : (null)
+0x880 SynchronousReturnPacketHandler : 0xfffff804`7cd74670 void ndis!ndisSynchReturnPacketsForTranslation+0
+0x888 SynchronousReturnPacketContext : 0xffffe108`9dacf1a0 Void
+0x890 OidRequestList : _LIST_ENTRY [ 0xffffe108`9dacfa30 - 0xffffe108`9dacfa30 ]
+0x8a0 PendingOidRequest : (null)
+0x8a8 ProcessedOidRequest : (null)
+0x8b0 HookedOidRequest : (null)
+0x8b8 NextCoOidRequestHandle : (null)
+0x8c0 Ndis6ProtocolsBound : 1
+0x8c4 PmodeOpen6 : 0
+0x8c8 State : 4 ( NdisMiniportRunning )
+0x8d0 AsyncOpCompletionEvent : (null)
+0x8d8 AsyncOpCompletionStatus : 0n0
+0x8e0 MaxXmitLinkSpeed : 0x2dc6c0
+0x8e8 MaxRcvLinkSpeed : 0x2dc6c0
+0x8f0 SupportedPacketFilters : 0x2f
+0x8f8 NoFilter : _NDIS_MINIPORT_HANDLERS
+0x9b0 Next : _NDIS_MINIPORT_HANDLERS
+0xa68 ReceivePathEnabled : 0 ''
+0xa69 NormalTopReceive : 0x1 ''
+0xa6c SendPathType : 3 ( NdisFakeSendPath )
+0xa70 SavedSendPathType : 1 ( NdisNoFilterSendPath )
+0xa74 SavedReceivePathEnabled : 0x1 ''
+0xa78 TimestampFlags : 0
+0xa7c FilterPnPFlags : 0x80
+0xa80 SupportedStatistics : 0x879ffef
+0xa84 RecvScaleCapabilities : _NDIS_RECEIVE_SCALE_CAPABILITIES
+0xa98 GeneralAttributes : (null)
+0xaa0 PortList : _LIST_ENTRY [ 0xffffe108`9dacfc40 - 0xffffe108`9dacfc40 ]
+0xab0 AllocatedPortIndices : (null)
+0xab8 AllocatedPortIndicesLength : 0
+0xabc NumberOfPorts : 0
+0xac0 NumberOfActivePorts : 0
+0xac8 MiniportXmitLinkSpeed : 0x2dc6c0
+0xad0 MiniportRcvLinkSpeed : 0x2dc6c0
+0xad8 InitModeTimeoutTimer : _NDIS_TIMER
+0xb58 InitModeTimeoutWorkItem : _NDIS_WORK_ITEM
+0xba8 InitModeTimeoutTimerQueuedEvent : _KEVENT
+0xbc0 DataBackFillSize : 0
+0xbc4 ContextBackFillSize : 0
+0xbc8 TopFilterRestartAttributes : _NDIS_RESTART_GENERAL_ATTRIBUTES
+0xc20 TopRecvScaleCapabilities : _NDIS_RECEIVE_SCALE_CAPABILITIES
+0xc34 NsiOpenReferences : 0
+0xc38 ProcessingOpen : (null)
+0xc40 NsiRequestsCompletedEvent : (null)
+0xc48 QueryPowerDeviceState : 0 ( PowerDeviceUnspecified )
+0xc4c MinimumNdisMajorVersion : 0x6 ''
+0xc4d MinimumNdisMinorVersion : 0x1e ''
+0xc50 BottomIfStats : (null)
+0xc58 PeriodicReceiveQueue : _NDIS_M_PERIODIC_RECEIVES
+0xce0 PeriodicReceivesNblCountIndex : 0xffffc981`7a12d180 Unimplemented error for ndisMaxNumberOfProcessors
6
+0xce8 DefaultSendControlState : 2 ( NdisPortControlStateUncontrolled )
+0xcec DefaultRcvControlState : 2 ( NdisPortControlStateUncontrolled )
+0xcf0 DefaultSendAuthorizationState : 2 ( NdisPortUnauthorized )
+0xcf4 DefaultRcvAuthorizationState : 2 ( NdisPortUnauthorized )
+0xcf8 DefaultPortSendControlState : 2 ( NdisPortControlStateUncontrolled )
+0xcfc DefaultPortRcvControlState : 2 ( NdisPortControlStateUncontrolled )
+0xd00 DefaultPortSendAuthorizationState : 2 ( NdisPortUnauthorized )
+0xd04 DefaultPortRcvAuthorizationState : 2 ( NdisPortUnauthorized )
+0xd08 PciDeviceCustomProperties : _NDIS_PCI_DEVICE_CUSTOM_PROPERTIES
+0xd40 TopNdis5PacketIndicateHandler : 0xfffff804`7cd0c6a0 void ndis!ethFilterDprIndicateReceivePacket+0
+0xd48 ndisSupportedOidList : 0xffffe108`9da36440 -> 0x10101
+0xd50 ndisSupportedOidListLength : 0x160
+0xd54 MsiIntCount : 0
+0xd58 MiniportDpcWorkItem : _WORK_QUEUE_ITEM
+0xd78 InvalidFrames : 0
+0xd80 PagingPathCount : 0n0
+0xd88 ReceiveQueueList : _LIST_ENTRY [ 0xffffe108`9dacff28 - 0xffffe108`9dacff28 ]
+0xd98 AllocatedQueueIndices : (null)
+0xda0 AllocatedQueueIndicesLength : 0
+0xda4 NumReceiveQueues : 0
+0xda8 ReceiveFilterList : _LIST_ENTRY [ 0xffffe108`9dacff48 - 0xffffe108`9dacff48 ]
+0xdb8 AllocatedReceiveFilterIndices : (null)
+0xdc0 AllocatedReceiveFilterIndicesLength : 0
+0xdc4 NumReceiveFilters : 0
+0xdc8 EnabledReceiveFilterTypes : 0
+0xdcc EnabledReceiveQueueTypes : 0
+0xdd0 ReceiveFilterHwCapabilities : (null)
+0xdd8 ReceiveFilterCurrentCapabilities : (null)
+0xde0 TopReceiveFilterCurrentCapabilities : (null)
+0xde8 NicSwitchHwCapabilities : (null)
+0xdf0 NicSwitchCurrentCapabilities : (null)
+0xdf8 TopNicSwitchCurrentCapabilities : (null)
+0xe00 SharedMemoryBlockList : _LIST_ENTRY [ 0xffffe108`9dacffa0 - 0xffffe108`9dacffa0 ]
+0xe10 AllocateSharedMemoryHandler : (null)
+0xe18 FreeSharedMemoryHandler : (null)
+0xe20 AllocateSharedMemoryContext : (null)
+0xe28 MsiCaps : PCI_MSI_CAPABILITY
+0xe40 MsiXCaps : PCI_MSIX_CAPABILITY
+0xe50 NumberOfIndirectionTableChanges : 0
+0xe58 PciDeviceSriovSupport : 0
+0xe5c BeginSavedFields : 0 ''
+0xe5c NumUserOpens : 0
+0xe60 OffloadRegistry : _NDIS_MINIPORT_OFFLOAD_REG
+0xe64 MediaDisconnectTimeOut : 0x14
+0xe66 SGMapRegistersNeeded : 0x10
+0xe68 DriverVerifyFlags : 0
+0xe70 SetBusData : (null)
+0xe78 GetBusData : (null)
+0xe80 BusDataContext : (null)
+0xe88 BusType : 1 ( Isa )
+0xe8c BusNumber : 0xffffffff
+0xe90 OpenReadyEvent : _NDIS_EVENT
+0xea8 NumAdminOpens : 0
+0xeb0 DriverHandle : 0xffffe108`9dace930 _NDIS_M_DRIVER_BLOCK
+0xeb8 BindPaths : 0xffffe108`9a80e9c0 _NDIS_BIND_PATHS
+0xec0 MiniportPhysicalMediumType : a ( NdisPhysicalMediumBluetooth )
+0xec8 SecurityDescriptor : 0xffffe108`9a80f5a0 Void
+0xed0 BaseName : _UNICODE_STRING "{369292E4-DD92-46B9-B680-A71531F1B46E}"
+0xee0 MiniportName : _UNICODE_STRING "\DEVICE\{369292E4-DD92-46B9-B680-A71531F1B46E}"
+0xef0 DeviceObject : 0xffffe108`9dacf050 _DEVICE_OBJECT
+0xef8 PhysicalDeviceObject : 0xffffe108`9dac9dc0 _DEVICE_OBJECT
+0xf00 NextDeviceObject : 0xffffe108`9dac9dc0 _DEVICE_OBJECT
+0xf08 NextGlobalMiniport : 0xffffe108`9c5e81a0 _NDIS_MINIPORT_BLOCK
+0xf10 pAdapterInstanceName : 0xffffe108`9c58a510 _UNICODE_STRING "Bluetooth Device (Personal Area Network)"
+0xf18 PnPCapabilities : 0
+0xf1c CurrentDevicePowerState : 1 ( PowerDeviceD0 )
+0xf20 PowerStateLock : 0
+0xf28 DriverPowerState : 1 ( PowerDeviceD0 )
+0xf2c PrevDriverPowerState : 0 ( PowerDeviceUnspecified )
+0xf30 LowPowerRcvReturnNbls : (null)
+0xf38 PendingReturnNBLCount : 0
+0xf3c SurpriseRemoveFlushedRcvReturnQueue : 0 ''
+0xf40 LowPowerRcvReturnNblTracker : 0xffffe108`9dadc5c1 ffffe1089dadc5c0 - Bluetooth Device (Personal Area Network)
+0xf48 PMAdminConfig : _NDIS_PM_ADMIN_CONFIG
+0xf50 PMPatternSemaphore : _KSEMAPHORE
+0xf70 PMOffloadSemaphore : _KSEMAPHORE
+0xf90 BusInterface : (null)
+0xf98 InstanceNumber : 2
+0xfa0 ConfigurationHandle : 0xffffe108`9a80fa00 Void
+0xfa8 InterfaceGuid : _GUID {369292e4-dd92-46b9-b680-a71531f1b46e}
+0xfb8 NetLuid : _NET_LUID_LH 06:8002
+0xfc0 IfBlockAvailable : 0x1 ''
+0xfc8 IfBlock : 0xffffe108`9c2228a0 _NDIS_IF_BLOCK
+0xfd0 IfBlockPointerRefZeroEvent : (null)
+0xfd8 IfIndex : 6
+0xfdc AdminStatus : 1 ( NET_IF_ADMIN_STATUS_UP )
+0xfe0 OperStatus : 2 ( NET_IF_OPER_STATUS_DOWN )
+0xfe4 OperStatusFlags : 2
+0xfe8 SendHandler : (null)
+0xfe8 WanSendHandler : (null)
+0xff0 NblTracker : 0xffffe108`9dadc6e1 ffffe1089dadc6e0 - Bluetooth Device (Personal Area Network)
+0xff8 ReenumerateSelfInterface : (null)
+0x1000 Offload : (null)
+0x1008 NDKBlock : (null)
+0x1010 AddDeviceContext : (null)
+0x1018 RemoveLock : _IO_REMOVE_LOCK
+0x1038 DevinterfaceNetSymbolicLinkName : _UNICODE_STRING "\??\BTH#MS_BTHPAN#7&20f38eb4&0&2#{cac88484-7515-4c03-82e6-71a87abac361}"
+0x1048 PhysicalMediumInInf : 0xa
+0x1050 ExportName : wistd::unique_ptr<Rtl::KString,wistd::default_delete<Rtl::KString> >
+0x1058 FilterClass : wistd::unique_ptr<Rtl::KString,wistd::default_delete<Rtl::KString> >
+0x1060 StatusProcessingThread : (null)
+0x1068 FdoName : _UNICODE_STRING "\Device\NDMP2"
+0x1078 PowerD0CompleteEvent : _KEVENT
+0x1090 LastD0CompleteStatus : 0n0
+0x1094 LastD0Reason : 0 ( NdisMEvent_Unknown )
+0x1098 DirectOidRequestCount : 0
+0x10a0 AllDirectRequestsCompletedEvent : (null)
+0x10a8 HDSplitCurrentConfig : (null)
+0x10b0 MSIXConfigContext : (null)
+0x10b8 SetMSIXTableEntry : (null)
+0x10c0 MaskMSIXTableEntry : (null)
+0x10c8 UnmaskMSIXTableEntry : (null)
+0x10d0 DevicePowerStateWorkItem : _WORK_QUEUE_ITEM
+0x10f0 SystemPowerStateWorkItem : _WORK_QUEUE_ITEM
+0x1110 DefaultReceiveQueue : 0xffffe108`9c3208a0 _NDIS_RECEIVE_QUEUE_BLOCK
+0x1118 MaxNumRssProcessors : 0
+0x111c RssBaseProcessor : _PROCESSOR_NUMBER
+0x1120 RssMaxProcessor : _PROCESSOR_NUMBER
+0x1124 RssProfile : 4 ( NdisRssProfileNumaStatic )
+0x1128 NumaNodeId : 0
+0x1130 NumaDistances : 0xffffe108`9da2a1f0 -> 0
+0x1138 pModifiedInstanceName : (null)
+0x1140 SyncFlags : 0
+0x1144 WSyncFlags : 0
+0x1148 InterlockedFlags : 0
+0x1150 Ref : _ULONG_REFERENCE
+0x1160 SelectiveSuspend : (null)
+0x1168 AoAc : (null)
+0x1170 LastWakeReason : 0 ( NdisWakeReasonUnspecified )
+0x1178 PnpEventLog : 0xffffe108`9d08c870 NDIS_EVENT_LOG_HANDLE__
+0x1180 D0CompleteSignalWorkItem : _NDIS_D0_SIGNAL_WORK_ITEM
+0x11d8 PhysicalPerformanceCounters : (null)
+0x11e0 TimeOfInitialization : _LARGE_INTEGER 0x01da3fa1`1487af40
+0x11e8 LastSystemSleepTime : _LARGE_INTEGER 0x0
+0x11f0 TotalSystemSleepTimeMs : 0
+0x11f8 SriovHwCapabilities : (null)
+0x1200 SriovCurrentCapabilities : (null)
+0x1208 InvalidateBlockMask : 0
+0x1210 InvalidateBlockIoctlPf : (null)
+0x1218 InvalidateBlockIoctlVf : (null)
+0x1220 InvalidateBlockVfParams : _VPCI_INVALIDATE_BLOCK_OUTPUT
+0x1228 InvalidateBlockEvent : _KEVENT
+0x1240 InvalidateVfId : 0
+0x1242 InvalidateBlockCancelling : 0 ''
+0x1248 PFBlock : (null)
+0x1250 NumSwitches : 0
+0x1258 NicSwitchList : _LIST_ENTRY [ 0xffffe108`9dad03f8 - 0xffffe108`9dad03f8 ]
+0x1268 NumAllocatedVFs : 0
+0x1270 VFList : _LIST_ENTRY [ 0xffffe108`9dad0410 - 0xffffe108`9dad0410 ]
+0x1280 NumActiveVPorts : 0
+0x1288 VPortList : _LIST_ENTRY [ 0xffffe108`9dad0428 - 0xffffe108`9dad0428 ]
+0x1298 AllocatedVPortIndices : (null)
+0x12a0 AllocatedVPortIndicesLength : 0
+0x12a8 SetVirtualFunctionData : (null)
+0x12b0 GetVirtualFunctionData : (null)
+0x12b8 EnableVirtualization : (null)
+0x12c0 GetVirtualDeviceLocation : (null)
+0x12c8 GetVirtualFunctionProbedBars : (null)
+0x12d0 VirtInterfaceContext : (null)
+0x12d8 DevinterfaceVirtSymbolicLinkName : _UNICODE_STRING ""
+0x12e8 VpciInterfaceDereference : (null)
+0x12f0 WriteVfConfigBlock : (null)
+0x12f8 ReadVfConfigBlock : (null)
+0x1300 VpciInterfaceContext : (null)
+0x1308 VfSerialNumber : 0
+0x130c SriovLuid : _LUID
+0x1318 RefCountTracker : 0xffffe108`9c8057f0 _NDIS_REFCOUNT_BLOCK
+0x1320 NsiRefCountTracker : 0xffffe108`9c805e80 _NDIS_REFCOUNT_BLOCK
+0x1328 QosHwCapabilities : (null)
+0x1330 QosCurrentCapabilities : (null)
+0x1338 QosOperationalParameters : (null)
+0x1340 QosOperationalParametersBufferSize : 0
+0x1348 QosRemoteParameters : (null)
+0x1350 QosRemoteParametersBufferSize : 0
+0x1358 DeviceFlags : 0
+0x1360 VerifierContext : (null)
+0x1368 SurpriseRemovalWorkItem : WORKITEM_WITH_IRP
+0x1390 Bindings : Ndis::BindStack
+0x13f8 BindEngine : Ndis::BindEngine
+0x1470 MiniportOwner : Rtl::KNeutralLock<enum NDIS_MINIPORT_POLICY_OWNER>
+0x1498 PmInterruptedByPnp : 0
+0x1499 DoNotBlockOnMiniportLock : 0
+0x149a PoFxDStateReportingEnabled : 0
+0x14a0 HookAdapterHandle : (null)
+0x14a8 InterfaceUpdateWorkItem : _WORK_QUEUE_ITEM
+0x14c8 InterfaceUpdateInProgress : 0
+0x14c9 MacAddressUpdateQueued : 0
+0x14ca MtuUpdateQueued : 0
+0x14cc PendingMacAddress : [Zero-length address]
+0x14f0 PendingMtuSize : 0
+0x14f8 PnPInstanceId : 0xffffe108`9da5ce70 "BTH\MS_BTHPAN\7&20f38eb4&0&2"
+0x1500 DevicePowerOnWorkItem : WORKITEM_WITH_IRP
+0x1528 DevicePowerDownWorkItem : WORKITEM_WITH_IRP
+0x1550 PendingOidWatchdog : wil::unique_any_t<wil::details::unique_storage<wil::details::resource_policy<NDISWATCHDOG__ *,void (__cdecl*)(NDISWATCHDOG__ *),&ndisFreeWatchdog,wistd::integral_constant<unsigned __int64,1>,NDISWATCHDOG__ *,__int64,-1,std::nullptr_t> > >
+0x1558 HookedOidWatchdog : wil::unique_any_t<wil::details::unique_storage<wil::details::resource_policy<NDISWATCHDOG__ *,void (__cdecl*)(NDISWATCHDOG__ *),&ndisFreeWatchdog,wistd::integral_constant<unsigned __int64,1>,NDISWATCHDOG__ *,__int64,-1,std::nullptr_t> > >
+0x1560 ReenumerateWatchdog : wil::unique_any_t<wil::details::unique_storage<wil::details::resource_policy<NDISWATCHDOG__ *,void (__cdecl*)(NDISWATCHDOG__ *),&ndisFreeWatchdog,wistd::integral_constant<unsigned __int64,1>,NDISWATCHDOG__ *,__int64,-1,std::nullptr_t> > >
+0x1568 PDBlock : (null)
+0x1570 PdcHandle : (null)
+0x1578 PdcTaskClientDisableTimer : _NDIS_TIMER
+0x15f8 PdcTaskClientDisableWorkItem : _NDIS_WORK_ITEM
+0x1648 PdcTaskClientMode : 0n0
+0x164c ModernStandbyWoLMagicPacketEnable : 0
+0x1650 RssV2Context : 0xffffe108`9dad1040 _NDIS_RSS_DPC_WORKER_CONTEXT
+0x1658 RssV2CompletionCount : 0n0
+0x1660 RssV2CompletionEvent : _KEVENT
+0x1678 RssV2Initialized : 0 ''
+0x1680 SynchronousOidCalls : _LIST_ENTRY [ 0xffffe108`9dad0820 - 0xffffe108`9dad0820 ]
+0x1690 HwTimestampCapabilities : (null)
+0x1698 HwTimestampCurrentConfig : (null)
+0x16a0 TopTimestampConfig : (null)
+0x16a8 TopHwTimestampCapabilities : (null)
+0x16b0 PktMonComp : _PKTMON_COMPONENT_CONTEXT
+0x16e8 PktMonEdge : _PKTMON_EDGE_CONTEXT
+0x1710 PollModeConfigKnobsNamespace : KnobNamespace
+0x1758 PollModeConfigKnobDescriptors : Rtl::KArray<KnobDescriptor,1>
+0x1768 PollModeConfigKnobs : _EXECUTION_CONTEXT_RUNTIME_KNOBS
+0x17a4 WdfCxPowerManagement : 0 ''
0: kd> dt 0xffffe108`9c5e81a0 _NDIS_MINIPORT_BLOCK
ndis!_NDIS_MINIPORT_BLOCK
_NDIS_MINIPORT_BLOCK
+0x000 Header : _NDIS_OBJECT_HEADER
+0x008 NextMiniport : (null)
+0x010 BaseMiniport : 0xffffe108`9c5e81a0 _NDIS_MINIPORT_BLOCK
+0x018 MiniportAdapterContext : 0xffffe108`9c66d000 Void
+0x020 Reserved4 : _UNICODE_STRING ""
+0x020 MajorNdisVersion : 0x6 ''
+0x021 MinorNdisVersion : 0x32 '2'
+0x028 PcwDataBlock : (null)
+0x030 PcwDatapathEventMask : 0n0
+0x030 Reserved28 : (null)
+0x038 OpenQueue : 0xffffe108`9dde9aa0 _NDIS_OPEN_BLOCK
+0x040 ShortRef : _REFERENCE
+0x050 PcwDatapathCycleMask : 0n0
+0x050 Reserved29 : (null)
+0x058 LinkStateIndicationFlags : 0x1f ''
+0x059 LockAcquired : 0 ''
+0x05a PmodeOpens : 0 ''
+0x05b LoopbackOpens : 0 ''
+0x060 Lock : 0
+0x068 Reserved25 : (null)
+0x070 Interrupt : (null)
+0x078 Flags : 0x2c450218
+0x07c PnPFlags : 0x4210061
+0x080 PacketList : _LIST_ENTRY [ 0xffffe108`9c5e8220 - 0xffffe108`9c5e8220 ]
+0x090 FirstPendingPacket : (null)
+0x098 ReturnPacketsQueue : (null)
+0x0a0 RequestBuffer : 0xb
+0x0a8 Reserved26 : (null)
+0x0b0 PrimaryMiniport : 0xffffe108`9c5e81a0 _NDIS_MINIPORT_BLOCK
+0x0b8 NextCancelSendNetBufferListsHandler : 0xfffff804`7cd46760 void ndis!ndisOpenCancelSendNetBufferLists+0
+0x0c0 OidContext : (null)
+0x0c8 SupportedOidListLength : 0x40c
+0x0d0 Resources : (null)
+0x0d8 WakeUpDpcTimer : _NDIS_TIMER
+0x158 Reserved20 : _UNICODE_STRING ""
+0x158 MiniportMediaConnectState : 1 ( MediaConnectStateConnected )
+0x15c MiniportMediaDuplexState : 2 ( MediaDuplexStateFull )
+0x168 SymbolicLinkName : _UNICODE_STRING "\??\PCI#VEN_8086&DEV_10D3&SUBSYS_07D015AD&REV_00#000C29FFFFCD0F3B00#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{65174C02-ADC6-4292-B214-E79177770A8E}"
+0x178 CheckForHangSeconds : 2
+0x17c CFHangTicks : 0
+0x17e CFHangCurrentTick : 0
+0x180 ResetStatus : 0n0
+0x188 ResetOpen : (null)
+0x190 EthDB : 0xffffe108`9c7be150 _X_FILTER
+0x190 NullDB : 0xffffe108`9c7be150 _X_FILTER
+0x198 Unused1 : (null)
+0x1a0 Unused2 : (null)
+0x1a8 Unused3 : (null)
+0x1b0 PacketIndicateHandler : 0xfffff804`7cd0c6a0 void ndis!ethFilterDprIndicateReceivePacket+0
+0x1b8 SendCompleteHandler : 0xfffff804`7cd72c70 void ndis!ndisMSendCompleteX+0
+0x1c0 SendResourcesHandler : 0xfffff804`7cd735b0 void ndis!NdisMSendResourcesAvailable+0
+0x1c8 ResetCompleteHandler : 0xfffff804`7cd1a1b0 void ndis!NdisMResetComplete+0
+0x1d0 MediaType : 0 ( NdisMedium802_3 )
+0x1d4 AutoNegotiationFlags : 0xb
+0x1d8 Reserved5 : 0 ( NdisInterfaceInternal )
+0x1dc AdapterType : 5 ( NdisInterfacePci )
+0x1e0 Reserved6 : 0x00000000`00000001 _DEVICE_OBJECT
+0x1e0 MediaConnectState : 1 ( MediaConnectStateConnected )
+0x1e8 Reserved7 : 0x00000000`00000002 _DEVICE_OBJECT
+0x1e8 MediaDuplexState : 2 ( MediaDuplexStateFull )
+0x1f0 SupportedOidList : 0xffffe108`9c2168a0 -> 0x1010f
+0x1f8 MiniportSGDmaBlock : 0xffffe108`9c6144a0 _NDIS_SG_DMA_BLOCK
+0x200 CallMgrAfList : (null)
+0x208 MiniportThread : (null)
+0x210 SetInfoBuf : (null)
+0x218 SetInfoBufLen : 0
+0x21a MaxSendPackets : 0
+0x21c FakeStatus : 0n-1071448033
+0x220 Reserved24 : 0xfffff804`7cd9b970 Void
+0x220 GlobalTriageBlock : 0xfffff804`7cd9b970 Void
+0x228 CombinedNdisRSSParameters : 0xffffe108`9c9e0640 _NDIS_RECEIVE_SCALE_PARAMETERS
+0x230 TimerQueue : (null)
+0x230 TimerObjectQueue : (null)
+0x238 MacOptions : 0x2cd
+0x240 PendingRequest : (null)
+0x248 MaximumLongAddresses : 0x80
+0x24c Reserved27 : 0
+0x250 MiniportCurrentLookahead : 0
+0x254 MiniportMaximumLookahead : 0x200
+0x258 Reserved1 : 0
+0x258 NullMediaFilter : (null)
+0x260 DisableInterruptHandler : (null)
+0x268 EnableInterruptHandler : (null)
+0x270 SendPacketsHandler : (null)
+0x278 DeferredSendHandler : (null)
+0x280 EthRxIndicateHandler : 0xfffff804`7cd0d190 void ndis!EthFilterDprIndicateReceive+0
+0x288 Reserved30 : (null)
+0x290 NextSendNetBufferListsHandler : 0xfffff804`7cce4ae0 void ndis!ndisSendNBLToFilter+0
+0x298 EthRxCompleteHandler : 0xfffff804`7cd0d5c0 void ndis!EthFilterDprIndicateReceiveComplete+0
+0x2a0 Reserved31 : (null)
+0x2a8 SavedNextSendNetBufferListsHandler : 0xfffff804`7cce4ae0 void ndis!ndisSendNBLToFilter+0
+0x2b0 StatusHandler : 0xfffff804`7cd19d00 void ndis!NdisMIndicateStatus+0
+0x2b8 StatusCompleteHandler : 0xfffff804`7ccc3c50 void ndis!ndis6DummyReceiveComplete+0
+0x2c0 TDCompleteHandler : 0xfffff804`7cd738c0 void ndis!NdisMTransferDataComplete+0
+0x2c8 QueryCompleteHandler : 0xfffff804`7cd51de0 void ndis!NdisMQueryInformationComplete+0
+0x2d0 SetCompleteHandler : 0xfffff804`7cd51ef0 void ndis!NdisMSetInformationComplete+0
+0x2d8 WanSendCompleteHandler : 0xfffff804`7cd5fd60 void ndis!ndisMWanSendCompleteInternal+0
+0x2e0 WanRcvHandler : 0xfffff804`7cd1a5a0 void ndis!NdisMWanIndicateReceive+0
+0x2e8 WanRcvCompleteHandler : 0xfffff804`7cd1a670 void ndis!NdisMWanIndicateReceiveComplete+0
+0x2f0 SendNetBufferListsCompleteHandler : 0xfffff804`7ccb3640 void ndis!NdisMSendNetBufferListsComplete+0
+0x2f8 PnPEventLockEvent : (null)
+0x300 MediaSpecificAttributes : (null)
+0x308 PendingQueryPowerIrp : (null)
+0x310 InterruptEx : 0xffffe108`9a959720 _NDIS_INTERRUPT_BLOCK
+0x318 XmitLinkSpeed : 0x3b9aca00
+0x320 RcvLinkSpeed : 0x3b9aca00
+0x328 PauseFunctions : 0 ( NdisPauseFunctionsUnsupported )
+0x32c MiniportPauseFunctions : 0 ( NdisPauseFunctionsUnsupported )
+0x330 MiniportAutoNegotiationFlags : 0xb
+0x338 WorkQueue : [7] _SINGLE_LIST_ENTRY
+0x370 SingleWorkItems : [6] _SINGLE_LIST_ENTRY
+0x3a0 SendFlags : 0x2 ''
+0x3a1 MP6SupportPM : 0x1 ''
+0x3a2 XState : 0 ''
+0x3a8 Log : (null)
+0x3b0 AllocatedResources : 0xffffe108`9c214220 _CM_RESOURCE_LIST
+0x3b8 AllocatedResourcesTranslated : 0xffffe108`9c214310 _CM_RESOURCE_LIST
+0x3c0 PatternList : _SINGLE_LIST_ENTRY
+0x3c8 WOLPatternList : _SINGLE_LIST_ENTRY
+0x3d0 PMProtocolOffloadList : _SINGLE_LIST_ENTRY
+0x3d8 PMCapabilities61 : _NDIS_PNP_CAPABILITIES
+0x3e8 PMHardwareCapabilities : _NDIS_PM_CAPABILITIES
+0x424 PMAdvertisedCapabilities : _NDIS_PM_CAPABILITIES
+0x460 PMCurrentParameters : _NDIS_PM_PARAMETERS
+0x474 PMWmiParameters : _NDIS_PM_PARAMETERS
+0x488 OriginalDeviceCaps : _DEVICE_CAPABILITIES
+0x4c8 DeviceCaps : _DEVICE_CAPABILITIES
+0x508 S0WakeupSupported : 0x1 ''
+0x50c WakeUpEnable : 0
+0x510 WaitWakeIrp : 0xffffe108`9c6fa4e0 _IRP
+0x518 WaitWakeIrpCompleted : _KEVENT
+0x530 WaitWakeIoCompletionRoutineRan : 0
+0x531 WaitWakeCancelInProgress : 0
+0x532 WaitWakeCancelAttempted : 0
+0x534 WaitWakeSystemState : 4 ( PowerSystemSleeping3 )
+0x538 VcIndex : _LARGE_INTEGER 0x0
+0x540 VcCountLock : 0
+0x548 WmiEnabledVcs : _LIST_ENTRY [ 0xffffe108`9c5e86e8 - 0xffffe108`9c5e86e8 ]
+0x558 pNdisGuidMap : 0xffffe108`9c9de010 _NDIS_GUID
+0x560 pCustomGuidMap : (null)
+0x568 VcCount : 0
+0x56a cNdisGuidMap : 0x85
+0x56c cCustomGuidMap : 0
+0x570 MediaDisconnectTimer : _NDIS_TIMER
+0x5f0 PnPDeviceState : 1 ( NdisPnPDeviceStarted )
+0x5f4 OldPnPDeviceState : 0 ( NdisPnPDeviceAdded )
+0x5f8 DeferredDpc : _KDPC
+0x638 StartTicks : _LARGE_INTEGER 0xabfa6
+0x640 IndicatedPacket : 0xffffe108`9c5e99a8 -> (null)
+0x648 RemoveReadyEvent : (null)
+0x650 AllRequestsCompletedEvent : (null)
+0x658 InitTimeMs : 0x87
+0x660 WorkItemBuffer : [6] _NDIS_MINIPORT_WORK_ITEM
+0x6f0 OidList : 0xffffe108`9c493010 _OID_LIST
+0x6f8 InternalResetCount : 0
+0x6fa MiniportResetCount : 0
+0x6fc MediaSenseConnectCount : 0xa
+0x6fe MediaSenseDisconnectCount : 1
+0x700 xPackets : (null)
+0x708 UserModeOpenReferences : 0
+0x710 WSendPacketsHandler : (null)
+0x718 MiniportAttributes : 0x228
+0x71c NumOpens : 5
+0x71e CFHangXTicks : 0
+0x720 RequestCount : 0
+0x724 IndicatedPacketsCount : 0
+0x728 PhysicalMediumType : e ( NdisPhysicalMedium802_3 )
+0x72c MiniportMediaType : 0 ( NdisMedium802_3 )
+0x730 DataLinkLayerType : 0 ( NdisMedium802_3 )
+0x734 MpSpecifiedMediaType : 0 ( NdisMedium802_3 )
+0x738 LastRequest : (null)
+0x740 FakeMac : (null)
+0x748 LockThread : (null)
+0x750 InfoFlags : 0x82030805
+0x758 TimerQueueLock : 0
+0x760 ResetCompletedEvent : (null)
+0x768 SavedPacketIndicateHandler : 0xfffff804`7cd0c6a0 void ndis!ethFilterDprIndicateReceivePacket+0
+0x770 RegisteredInterrupts : 0n1
+0x774 SetOid : 0
+0x778 CFHCompletedEvent : _KEVENT
+0x790 CFHWorkItem : _WORK_QUEUE_ITEM
+0x7b0 CFHWorkItemQueued : 0n0
+0x7b8 DeviceContext : (null)
+0x7c0 RssParametersBuffer : 0xffffe108`9c9e0640 _NDIS_MINIPORT_RSS_PARAMETERS_CACHE
+0x7c8 UsingMSIX : 0x1 ''
+0x7c9 Miniport5InNdis6Mode : 0 ''
+0x7ca Miniport5HasNdis6Component : 0x1 ''
+0x7cb InitMode : 0 ''
+0x7cc InitModeNotNeededAnymore : 0x1 ''
+0x7cd MediaChangeFilters : 0 ''
+0x7ce CheckPacketFilters : 0x1 ''
+0x7cf ReceiveFilters : 0x1 ''
+0x7d0 RecvLock : 0
+0x7d8 RecvState : 6 ( NdisMiniportPaused )
+0x7dc OutstandingReceives : 0
+0x7e0 MiniportRecvLockThread : (null)
+0x7e8 NextSendPacketsHandler : 0xfffff804`7cd748d0 void ndis!ndisMSendPacketsToNetBufferLists+0
+0x7f0 FinalSendPacketsHandler : 0xfffff804`7cd748d0 void ndis!ndisMSendPacketsToNetBufferLists+0
+0x7f8 LowestFilter : 0xffffe108`9c9d37a0 _NDIS_FILTER_BLOCK
+0x800 HighestFilter : 0xffffe108`9c9df010 _NDIS_FILTER_BLOCK
+0x808 ShutdownContext : (null)
+0x810 ShutdownHandler : (null)
+0x818 BugcheckCallbackRecord : _KBUGCHECK_CALLBACK_RECORD
+0x858 TopIndicateNetBufferListsHandler : 0xfffff804`7cd48020 void ndis!ndisMDispatchReceiveNetBufferLists+0
+0x860 TopIndicateLoopbackNetBufferListsHandler : 0xfffff804`7cd48020 void ndis!ndisMDispatchReceiveNetBufferLists+0
+0x868 Ndis5PacketIndicateHandler : 0xfffff804`7cd0c6a0 void ndis!ethFilterDprIndicateReceivePacket+0
+0x870 MiniportReturnPacketHandler : (null)
+0x878 MiniportReturnPacketContext : (null)
+0x880 SynchronousReturnPacketHandler : 0xfffff804`7cd74670 void ndis!ndisSynchReturnPacketsForTranslation+0
+0x888 SynchronousReturnPacketContext : 0xffffe108`9c5e81a0 Void
+0x890 OidRequestList : _LIST_ENTRY [ 0xffffe108`9c5e8a30 - 0xffffe108`9c5e8a30 ]
+0x8a0 PendingOidRequest : (null)
+0x8a8 ProcessedOidRequest : (null)
+0x8b0 HookedOidRequest : (null)
+0x8b8 NextCoOidRequestHandle : (null)
+0x8c0 Ndis6ProtocolsBound : 1
+0x8c4 PmodeOpen6 : 0
+0x8c8 State : 4 ( NdisMiniportRunning )
+0x8d0 AsyncOpCompletionEvent : (null)
+0x8d8 AsyncOpCompletionStatus : 0n0
+0x8e0 MaxXmitLinkSpeed : 0x3b9aca00
+0x8e8 MaxRcvLinkSpeed : 0x3b9aca00
+0x8f0 SupportedPacketFilters : 0x2f
+0x8f8 NoFilter : _NDIS_MINIPORT_HANDLERS
+0x9b0 Next : _NDIS_MINIPORT_HANDLERS
+0xa68 ReceivePathEnabled : 0x1 ''
+0xa69 NormalTopReceive : 0x1 ''
+0xa6c SendPathType : 0 ( NdisFilterSendPath )
+0xa70 SavedSendPathType : 0 ( NdisFilterSendPath )
+0xa74 SavedReceivePathEnabled : 0x1 ''
+0xa78 TimestampFlags : 0
+0xa7c FilterPnPFlags : 0x80
+0xa80 SupportedStatistics : 0x87fffff
+0xa84 RecvScaleCapabilities : _NDIS_RECEIVE_SCALE_CAPABILITIES
+0xa98 GeneralAttributes : (null)
+0xaa0 PortList : _LIST_ENTRY [ 0xffffe108`9c5e8c40 - 0xffffe108`9c5e8c40 ]
+0xab0 AllocatedPortIndices : (null)
+0xab8 AllocatedPortIndicesLength : 0
+0xabc NumberOfPorts : 0
+0xac0 NumberOfActivePorts : 0
+0xac8 MiniportXmitLinkSpeed : 0x3b9aca00
+0xad0 MiniportRcvLinkSpeed : 0x3b9aca00
+0xad8 InitModeTimeoutTimer : _NDIS_TIMER
+0xb58 InitModeTimeoutWorkItem : _NDIS_WORK_ITEM
+0xba8 InitModeTimeoutTimerQueuedEvent : _KEVENT
+0xbc0 DataBackFillSize : 0
+0xbc4 ContextBackFillSize : 0
+0xbc8 TopFilterRestartAttributes : _NDIS_RESTART_GENERAL_ATTRIBUTES
+0xc20 TopRecvScaleCapabilities : _NDIS_RECEIVE_SCALE_CAPABILITIES
+0xc34 NsiOpenReferences : 0
+0xc38 ProcessingOpen : (null)
+0xc40 NsiRequestsCompletedEvent : (null)
+0xc48 QueryPowerDeviceState : 0 ( PowerDeviceUnspecified )
+0xc4c MinimumNdisMajorVersion : 0x6 ''
+0xc4d MinimumNdisMinorVersion : 0x1e ''
+0xc50 BottomIfStats : (null)
+0xc58 PeriodicReceiveQueue : _NDIS_M_PERIODIC_RECEIVES
+0xce0 PeriodicReceivesNblCountIndex : 0xffffc981`7a12d0e0 Unimplemented error for ndisMaxNumberOfProcessors
6
+0xce8 DefaultSendControlState : 2 ( NdisPortControlStateUncontrolled )
+0xcec DefaultRcvControlState : 2 ( NdisPortControlStateUncontrolled )
+0xcf0 DefaultSendAuthorizationState : 2 ( NdisPortUnauthorized )
+0xcf4 DefaultRcvAuthorizationState : 2 ( NdisPortUnauthorized )
+0xcf8 DefaultPortSendControlState : 2 ( NdisPortControlStateUncontrolled )
+0xcfc DefaultPortRcvControlState : 2 ( NdisPortControlStateUncontrolled )
+0xd00 DefaultPortSendAuthorizationState : 2 ( NdisPortUnauthorized )
+0xd04 DefaultPortRcvAuthorizationState : 2 ( NdisPortUnauthorized )
+0xd08 PciDeviceCustomProperties : _NDIS_PCI_DEVICE_CUSTOM_PROPERTIES
+0xd40 TopNdis5PacketIndicateHandler : 0xfffff804`7cd0c6a0 void ndis!ethFilterDprIndicateReceivePacket+0
+0xd48 ndisSupportedOidList : 0xffffe108`9c705880 -> 0x10101
+0xd50 ndisSupportedOidListLength : 0x160
+0xd54 MsiIntCount : 4
+0xd58 MiniportDpcWorkItem : _WORK_QUEUE_ITEM
+0xd78 InvalidFrames : 0
+0xd80 PagingPathCount : 0n0
+0xd88 ReceiveQueueList : _LIST_ENTRY [ 0xffffe108`9c5e8f28 - 0xffffe108`9c5e8f28 ]
+0xd98 AllocatedQueueIndices : (null)
+0xda0 AllocatedQueueIndicesLength : 0
+0xda4 NumReceiveQueues : 0
+0xda8 ReceiveFilterList : _LIST_ENTRY [ 0xffffe108`9c5e8f48 - 0xffffe108`9c5e8f48 ]
+0xdb8 AllocatedReceiveFilterIndices : (null)
+0xdc0 AllocatedReceiveFilterIndicesLength : 0
+0xdc4 NumReceiveFilters : 0
+0xdc8 EnabledReceiveFilterTypes : 0
+0xdcc EnabledReceiveQueueTypes : 0
+0xdd0 ReceiveFilterHwCapabilities : (null)
+0xdd8 ReceiveFilterCurrentCapabilities : (null)
+0xde0 TopReceiveFilterCurrentCapabilities : (null)
+0xde8 NicSwitchHwCapabilities : (null)
+0xdf0 NicSwitchCurrentCapabilities : (null)
+0xdf8 TopNicSwitchCurrentCapabilities : (null)
+0xe00 SharedMemoryBlockList : _LIST_ENTRY [ 0xffffe108`9c914010 - 0xffffe108`9c7e2330 ]
+0xe10 AllocateSharedMemoryHandler : (null)
+0xe18 FreeSharedMemoryHandler : (null)
+0xe20 AllocateSharedMemoryContext : (null)
+0xe28 MsiCaps : PCI_MSI_CAPABILITY
+0xe40 MsiXCaps : PCI_MSIX_CAPABILITY
+0xe50 NumberOfIndirectionTableChanges : 0
+0xe58 PciDeviceSriovSupport : 0xffffffff
+0xe5c BeginSavedFields : 0 ''
+0xe5c NumUserOpens : 0
+0xe60 OffloadRegistry : _NDIS_MINIPORT_OFFLOAD_REG
+0xe64 MediaDisconnectTimeOut : 0x14
+0xe66 SGMapRegistersNeeded : 0x10
+0xe68 DriverVerifyFlags : 0
+0xe70 SetBusData : 0xfffff804`7c1ec590 unsigned long pci!PciBusInterface_SetBusData+0
+0xe78 GetBusData : 0xfffff804`7c1e1010 unsigned long pci!PciBusInterface_GetBusData+0
+0xe80 BusDataContext : 0xffffe108`9ac0e270 Void
+0xe88 BusType : 5 ( PCIBus )
+0xe8c BusNumber : 3
+0xe90 OpenReadyEvent : _NDIS_EVENT
+0xea8 NumAdminOpens : 0
+0xeb0 DriverHandle : 0xffffe108`9c5e7ab0 _NDIS_M_DRIVER_BLOCK
+0xeb8 BindPaths : 0xffffe108`9a8bf2b0 _NDIS_BIND_PATHS
+0xec0 MiniportPhysicalMediumType : e ( NdisPhysicalMedium802_3 )
+0xec8 SecurityDescriptor : 0xffffe108`9a8bec70 Void
+0xed0 BaseName : _UNICODE_STRING "{65174C02-ADC6-4292-B214-E79177770A8E}"
+0xee0 MiniportName : _UNICODE_STRING "\DEVICE\{65174C02-ADC6-4292-B214-E79177770A8E}"
+0xef0 DeviceObject : 0xffffe108`9c5e8050 _DEVICE_OBJECT
+0xef8 PhysicalDeviceObject : 0xffffe108`9ac0e120 _DEVICE_OBJECT
+0xf00 NextDeviceObject : 0xffffe108`9a72cd30 _DEVICE_OBJECT
+0xf08 NextGlobalMiniport : (null)
+0xf10 pAdapterInstanceName : 0xffffe108`9c56d710 _UNICODE_STRING "Intel(R) 82574L Gigabit Network Connection"
+0xf18 PnPCapabilities : 0x10000100
+0xf1c CurrentDevicePowerState : 1 ( PowerDeviceD0 )
+0xf20 PowerStateLock : 0
+0xf28 DriverPowerState : 1 ( PowerDeviceD0 )
+0xf2c PrevDriverPowerState : 0 ( PowerDeviceUnspecified )
+0xf30 LowPowerRcvReturnNbls : (null)
+0xf38 PendingReturnNBLCount : 0
+0xf3c SurpriseRemoveFlushedRcvReturnQueue : 0 ''
+0xf40 LowPowerRcvReturnNblTracker : 0xffffe108`9c7fb681 ffffe1089c7fb680 - Intel(R) 82574L Gigabit Network Connection
+0xf48 PMAdminConfig : _NDIS_PM_ADMIN_CONFIG
+0xf50 PMPatternSemaphore : _KSEMAPHORE
+0xf70 PMOffloadSemaphore : _KSEMAPHORE
+0xf90 BusInterface : (null)
+0xf98 InstanceNumber : 1
+0xfa0 ConfigurationHandle : 0xffffe108`9a8bf7b0 Void
+0xfa8 InterfaceGuid : _GUID {65174c02-adc6-4292-b214-e79177770a8e}
+0xfb8 NetLuid : _NET_LUID_LH 06:8001
+0xfc0 IfBlockAvailable : 0x1 ''
+0xfc8 IfBlock : 0xffffe108`9c289030 _NDIS_IF_BLOCK
+0xfd0 IfBlockPointerRefZeroEvent : (null)
+0xfd8 IfIndex : 8
+0xfdc AdminStatus : 1 ( NET_IF_ADMIN_STATUS_UP )
+0xfe0 OperStatus : 1 ( NET_IF_OPER_STATUS_UP )
+0xfe4 OperStatusFlags : 0
+0xfe8 SendHandler : (null)
+0xfe8 WanSendHandler : (null)
+0xff0 NblTracker : 0xffffe108`9c7fb9e1 ffffe1089c7fb9e0 - Intel(R) 82574L Gigabit Network Connection
+0xff8 ReenumerateSelfInterface : (null)
+0x1000 Offload : 0xffffe108`9c7d36e0 _NDIS_MINIPORT_OFFLOAD
+0x1008 NDKBlock : (null)
+0x1010 AddDeviceContext : 0xffffe108`9c2cf9d0 Void
+0x1018 RemoveLock : _IO_REMOVE_LOCK
+0x1038 DevinterfaceNetSymbolicLinkName : _UNICODE_STRING "\??\PCI#VEN_8086&DEV_10D3&SUBSYS_07D015AD&REV_00#000C29FFFFCD0F3B00#{cac88484-7515-4c03-82e6-71a87abac361}"
+0x1048 PhysicalMediumInInf : 0xe
+0x1050 ExportName : wistd::unique_ptr<Rtl::KString,wistd::default_delete<Rtl::KString> >
+0x1058 FilterClass : wistd::unique_ptr<Rtl::KString,wistd::default_delete<Rtl::KString> >
+0x1060 StatusProcessingThread : (null)
+0x1068 FdoName : _UNICODE_STRING "\Device\NDMP1"
+0x1078 PowerD0CompleteEvent : _KEVENT
+0x1090 LastD0CompleteStatus : 0n0
+0x1094 LastD0Reason : 0 ( NdisMEvent_Unknown )
+0x1098 DirectOidRequestCount : 0
+0x10a0 AllDirectRequestsCompletedEvent : (null)
+0x10a8 HDSplitCurrentConfig : 0xffffe108`9c802610 _NDIS_HD_SPLIT_CURRENT_CONFIG
+0x10b0 MSIXConfigContext : 0xffffe108`9ac0e270 Void
+0x10b8 SetMSIXTableEntry : 0xfffff804`7c204e80 long pci!PciMsiXInterface_SetTableEntry+0
+0x10c0 MaskMSIXTableEntry : 0xfffff804`7c204dd0 long pci!PciMsiXInterface_MaskTableEntry+0
+0x10c8 UnmaskMSIXTableEntry : 0xfffff804`7c204fb0 long pci!PciMsiXInterface_UnmaskTableEntry+0
+0x10d0 DevicePowerStateWorkItem : _WORK_QUEUE_ITEM
+0x10f0 SystemPowerStateWorkItem : _WORK_QUEUE_ITEM
+0x1110 DefaultReceiveQueue : 0xffffe108`9c31c8a0 _NDIS_RECEIVE_QUEUE_BLOCK
+0x1118 MaxNumRssProcessors : 0
+0x111c RssBaseProcessor : _PROCESSOR_NUMBER
+0x1120 RssMaxProcessor : _PROCESSOR_NUMBER
+0x1124 RssProfile : 4 ( NdisRssProfileNumaStatic )
+0x1128 NumaNodeId : 0
+0x1130 NumaDistances : 0xffffe108`9c0feed0 -> 0
+0x1138 pModifiedInstanceName : (null)
+0x1140 SyncFlags : 0
+0x1144 WSyncFlags : 0
+0x1148 InterlockedFlags : 0
+0x1150 Ref : _ULONG_REFERENCE
+0x1160 SelectiveSuspend : (null)
+0x1168 AoAc : (null)
+0x1170 LastWakeReason : 0 ( NdisWakeReasonUnspecified )
+0x1178 PnpEventLog : 0xffffe108`9c2cea00 NDIS_EVENT_LOG_HANDLE__
+0x1180 D0CompleteSignalWorkItem : _NDIS_D0_SIGNAL_WORK_ITEM
+0x11d8 PhysicalPerformanceCounters : 0xffffe108`9c802c40 _NDIS_PHYSICAL_PERFORMANCE_COUNTERS
+0x11e0 TimeOfInitialization : _LARGE_INTEGER 0x01da3fa1`12290ef0
+0x11e8 LastSystemSleepTime : _LARGE_INTEGER 0x0
+0x11f0 TotalSystemSleepTimeMs : 0
+0x11f8 SriovHwCapabilities : (null)
+0x1200 SriovCurrentCapabilities : (null)
+0x1208 InvalidateBlockMask : 0
+0x1210 InvalidateBlockIoctlPf : (null)
+0x1218 InvalidateBlockIoctlVf : (null)
+0x1220 InvalidateBlockVfParams : _VPCI_INVALIDATE_BLOCK_OUTPUT
+0x1228 InvalidateBlockEvent : _KEVENT
+0x1240 InvalidateVfId : 0
+0x1242 InvalidateBlockCancelling : 0 ''
+0x1248 PFBlock : (null)
+0x1250 NumSwitches : 0
+0x1258 NicSwitchList : _LIST_ENTRY [ 0xffffe108`9c5e93f8 - 0xffffe108`9c5e93f8 ]
+0x1268 NumAllocatedVFs : 0
+0x1270 VFList : _LIST_ENTRY [ 0xffffe108`9c5e9410 - 0xffffe108`9c5e9410 ]
+0x1280 NumActiveVPorts : 0
+0x1288 VPortList : _LIST_ENTRY [ 0xffffe108`9c5e9428 - 0xffffe108`9c5e9428 ]
+0x1298 AllocatedVPortIndices : (null)
+0x12a0 AllocatedVPortIndicesLength : 0
+0x12a8 SetVirtualFunctionData : (null)
+0x12b0 GetVirtualFunctionData : (null)
+0x12b8 EnableVirtualization : (null)
+0x12c0 GetVirtualDeviceLocation : (null)
+0x12c8 GetVirtualFunctionProbedBars : (null)
+0x12d0 VirtInterfaceContext : (null)
+0x12d8 DevinterfaceVirtSymbolicLinkName : _UNICODE_STRING ""
+0x12e8 VpciInterfaceDereference : (null)
+0x12f0 WriteVfConfigBlock : (null)
+0x12f8 ReadVfConfigBlock : (null)
+0x1300 VpciInterfaceContext : (null)
+0x1308 VfSerialNumber : 0
+0x130c SriovLuid : _LUID
+0x1318 RefCountTracker : 0xffffe108`9c2c78d0 _NDIS_REFCOUNT_BLOCK
+0x1320 NsiRefCountTracker : 0xffffe108`9c2c7450 _NDIS_REFCOUNT_BLOCK
+0x1328 QosHwCapabilities : (null)
+0x1330 QosCurrentCapabilities : (null)
+0x1338 QosOperationalParameters : (null)
+0x1340 QosOperationalParametersBufferSize : 0
+0x1348 QosRemoteParameters : (null)
+0x1350 QosRemoteParametersBufferSize : 0
+0x1358 DeviceFlags : 0
+0x1360 VerifierContext : (null)
+0x1368 SurpriseRemovalWorkItem : WORKITEM_WITH_IRP
+0x1390 Bindings : Ndis::BindStack
+0x13f8 BindEngine : Ndis::BindEngine
+0x1470 MiniportOwner : Rtl::KNeutralLock<enum NDIS_MINIPORT_POLICY_OWNER>
+0x1498 PmInterruptedByPnp : 0
+0x1499 DoNotBlockOnMiniportLock : 0
+0x149a PoFxDStateReportingEnabled : 0
+0x14a0 HookAdapterHandle : (null)
+0x14a8 InterfaceUpdateWorkItem : _WORK_QUEUE_ITEM
+0x14c8 InterfaceUpdateInProgress : 0
+0x14c9 MacAddressUpdateQueued : 0
+0x14ca MtuUpdateQueued : 0
+0x14cc PendingMacAddress : [Zero-length address]
+0x14f0 PendingMtuSize : 0
+0x14f8 PnPInstanceId : 0xffffe108`9c36b890 "PCI\VEN_8086&DEV_10D3&SUBSYS_07D015AD&REV_00\000C29FFFFCD0F3B00"
+0x1500 DevicePowerOnWorkItem : WORKITEM_WITH_IRP
+0x1528 DevicePowerDownWorkItem : WORKITEM_WITH_IRP
+0x1550 PendingOidWatchdog : wil::unique_any_t<wil::details::unique_storage<wil::details::resource_policy<NDISWATCHDOG__ *,void (__cdecl*)(NDISWATCHDOG__ *),&ndisFreeWatchdog,wistd::integral_constant<unsigned __int64,1>,NDISWATCHDOG__ *,__int64,-1,std::nullptr_t> > >
+0x1558 HookedOidWatchdog : wil::unique_any_t<wil::details::unique_storage<wil::details::resource_policy<NDISWATCHDOG__ *,void (__cdecl*)(NDISWATCHDOG__ *),&ndisFreeWatchdog,wistd::integral_constant<unsigned __int64,1>,NDISWATCHDOG__ *,__int64,-1,std::nullptr_t> > >
+0x1560 ReenumerateWatchdog : wil::unique_any_t<wil::details::unique_storage<wil::details::resource_policy<NDISWATCHDOG__ *,void (__cdecl*)(NDISWATCHDOG__ *),&ndisFreeWatchdog,wistd::integral_constant<unsigned __int64,1>,NDISWATCHDOG__ *,__int64,-1,std::nullptr_t> > >
+0x1568 PDBlock : (null)
+0x1570 PdcHandle : (null)
+0x1578 PdcTaskClientDisableTimer : _NDIS_TIMER
+0x15f8 PdcTaskClientDisableWorkItem : _NDIS_WORK_ITEM
+0x1648 PdcTaskClientMode : 0n0
+0x164c ModernStandbyWoLMagicPacketEnable : 0
+0x1650 RssV2Context : 0xffffe108`9c7cb080 _NDIS_RSS_DPC_WORKER_CONTEXT
+0x1658 RssV2CompletionCount : 0n0
+0x1660 RssV2CompletionEvent : _KEVENT
+0x1678 RssV2Initialized : 0 ''
+0x1680 SynchronousOidCalls : _LIST_ENTRY [ 0xffffe108`9c5e9820 - 0xffffe108`9c5e9820 ]
+0x1690 HwTimestampCapabilities : 0xffffe108`9c54de20 _NDIS_TIMESTAMP_CAPABILITIES
+0x1698 HwTimestampCurrentConfig : 0xffffe108`9c54d4c0 _NDIS_TIMESTAMP_CAPABILITIES
+0x16a0 TopTimestampConfig : 0xffffe108`9c54d600 _NDIS_TIMESTAMP_CAPABILITIES
+0x16a8 TopHwTimestampCapabilities : 0xffffe108`9c54db50 _NDIS_TIMESTAMP_CAPABILITIES
+0x16b0 PktMonComp : _PKTMON_COMPONENT_CONTEXT
+0x16e8 PktMonEdge : _PKTMON_EDGE_CONTEXT
+0x1710 PollModeConfigKnobsNamespace : KnobNamespace
+0x1758 PollModeConfigKnobDescriptors : Rtl::KArray<KnobDescriptor,1>
+0x1768 PollModeConfigKnobs : _EXECUTION_CONTEXT_RUNTIME_KNOBS
+0x17a4 WdfCxPowerManagement : 0 ''下面用命令看看,对比下。
0: kd> !ndiskd.miniport
Driver NetAdapter Name
ffffe1089dace930 ffffe1089dacf1a0 Bluetooth Device (Personal Area Network)
ffffe1089c5e7ab0 ffffe1089c5e81a0 Intel(R) 82574L Gigabit Network Connection可以看到个数,地址,名字都符合的。
下面可以用命令看看更详细的信息:
0: kd> !ndiskd.minidriver ffffe1089dace930
MINIPORT DRIVER
BthPan
Ndis handle ffffe1089dace930
Driver context NULL
DRIVER_OBJECT ffffe1089dace760
Driver image bthpan.sys
Registry path \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\BthPan
Reference Count 2
Flags [No flags set]
MINIPORTS
Miniport
ffffe1089dacf1a0 - Bluetooth Device (Personal Area Network)
Handlers
Device objects
0: kd> !ndiskd.minidriver ffffe1089c5e7ab0
MINIPORT DRIVER
e1i68x64
Ndis handle ffffe1089c5e7ab0
Driver context NULL
DRIVER_OBJECT ffffe1089c597e00
Driver image e1i68x64.sys
Registry path \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\e1i68x64
Reference Count 2
Flags [No flags set]
MINIPORTS
Miniport
ffffe1089c5e81a0 - Intel(R) 82574L Gigabit Network Connection
Handlers
Device objects
0: kd> !ndiskd.netadapter ffffe1089dacf1a0
MINIPORT
Bluetooth Device (Personal Area Network)
Ndis handle ffffe1089dacf1a0
Ndis API version v6.30
Adapter context ffffe1089a959010
Driver ffffe1089dace930 - BthPan v0.0
Network interface ffffe1089c2228a0
Media type 802.3
Physical medium Bluetooth
Device instance BTH\MS_BTHPAN\7&20f38eb4&0&2
Device object ffffe1089dacf050 More information
MAC address 2c-6d-c1-0f-d4-66
STATE
Miniport Running
Device PnP Started Show state history
Datapath DIVERTED_BECAUSE_MEDIA_DISCONNECTED
NBL status NDIS_STATUS_MEDIA_DISCONNECTED
Operational status DOWN
Operational flags DOWN_NOT_CONNECTED
Admin status ADMIN_UP
Media MediaDisconnected
Power D0
References 5 Show detail
Total resets 0
Pending OID None
Flags NOT_BUS_MASTER, DEFAULT_PORT_ACTIVATED,
SUPPORTS_MEDIA_SENSE, DOES_NOT_DO_LOOPBACK,
NOT_MEDIA_CONNECTED
PnP flags PM_SUPPORTED, VIRTUAL_DEVICE, DEVICE_POWER_ENABLED,
NO_HALT_ON_SUSPEND, RECEIVED_START, NDIS_WDM_DRIVER
BINDINGS
Protocol list Driver Open Context
Filter list Driver Module Context
Some binding data appears to be paged out. Retrying to display bindings
with less detail.
BINDINGS
Protocol list Driver Open Context
RSPNDR ffffe1089de60ae0 ffffe1089ddeeaa0 ffffe1089de71010
LLTDIO ffffe1089a16cb30 ffffe1089ddebaa0 ffffe1089a1793c0
TCPIP6 ffffe1089c26bb30 ffffe1089d319aa0 ffffe1089d3315e0
TCPIP ffffe1089c203bb0 ffffe1089d31aaa0 ffffe1089d332010
Filter list Driver Module Context
No filters are attached
MORE INFORMATION
Driver handlers Task offloads
Power management PM protocol offloads
Pending OIDs Timers
Pending NBLs
Wake-on-LAN (WoL) Packet filter
Receive queues Receive filtering
RSS NIC switch
Hardware resources Selective suspend
NDIS ports WMI guids
0: kd> !ndiskd.netadapter ffffe1089c5e81a0
MINIPORT
Intel(R) 82574L Gigabit Network Connection
Ndis handle ffffe1089c5e81a0
Ndis API version v6.50
Adapter context ffffe1089c66d000
Driver ffffe1089c5e7ab0 - e1i68x64 v12.18
Network interface ffffe1089c289030
Media type 802.3
Device instance PCI\VEN_8086&DEV_10D3&SUBSYS_07D015AD&REV_00\000C29FFFFCD0F3B00
Device object ffffe1089c5e8050 More information
MAC address 00-0c-29-cd-0f-3b
STATE
Miniport Running
Device PnP Started Show state history
Datapath Normal
Interface Up
Media Connected
Power D0
References 0n13 Show detail
Total resets 0
Pending OID None
Flags BUS_MASTER, 64BIT_DMA, SG_DMA, DEFAULT_PORT_ACTIVATED,
SUPPORTS_MEDIA_SENSE, DOES_NOT_DO_LOOPBACK,
MEDIA_CONNECTED
PnP flags PM_SUPPORTED, DEVICE_POWER_ENABLED,
DEVICE_POWER_WAKE_ENABLE, RECEIVED_START,
HARDWARE_DEVICE, WAKE_CAPABLE
BINDINGS
Protocol list Driver Open Context
Filter list Driver Module Context
Some binding data appears to be paged out. Retrying to display bindings
with less detail.
BINDINGS
Protocol list Driver Open Context
RSPNDR ffffe1089de60ae0 ffffe1089dde9aa0 ffffe1089de6e5d0
MSLLDP ffffe1089a16eb30 ffffe1089ddeaaa0 ffffe1089a0b0020
LLTDIO ffffe1089a16cb30 ffffe1089ddef010 ffffe1089a09e9f0
TCPIP6 ffffe1089c26bb30 ffffe1089c636480 ffffe1089c1ee9f0
TCPIP ffffe1089c203bb0 ffffe1089c35b010 ffffe1089c1f01a0
Filter list Driver Module Context
WFP 802.3 MAC Layer LightWeight Filter-0000
ffffe1089a87dd00 ffffe1089c9df010 ffffe1089c9cabe0
QoS Packet Scheduler-0000
ffffe1089c4a0d90 ffffe1089c9cdaa0 ffffe1089c7e2420
WFP Native MAC Layer LightWeight Filter-0000
ffffe1089a87cd00 ffffe1089c9d37a0 ffffe1089c9dd050
MORE INFORMATION
Driver handlers Task offloads
Power management PM protocol offloads
Pending OIDs Timers
Pending NBLs
Wake-on-LAN (WoL) Packet filter
Receive queues Receive filtering
RSS NIC switch
Hardware resources Selective suspend
NDIS ports WMI guids本工程的目的是要在驱动中获取这些信息并输出给应用层看,特别是那些函数地址等。
编码实现
#include "MiniDriver.h"
PKSPIN_LOCK ndisMiniDriverListLock;//ndis.sys定义的是结构,这里定义的是指针。测试时,可赋予x ndis!ndisMiniDriverListLock的值。
PNDIS_M_DRIVER_BLOCK ndisMiniDriverList;//测试的时候可以赋予dq ndis!ndisMiniDriverList L1的值。
void DumpOneMiniDriverInfo(PNDIS_M_DRIVER_BLOCK MiniDriver)
/*
这里只打印MiniportDriverCharacteristics的信息,因为这个是用户传递过来的。
别的信息,除非特别需要,可考虑添加过来,如:根据DriverObject/ServiceRegPath获取一些信息(ImageName)。
*/
{
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "NdisVersion:%d:%d", MiniDriver->MiniportDriverCharacteristics.MajorNdisVersion, MiniDriver->MiniportDriverCharacteristics.MinorNdisVersion);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "DriverVersion:%d:%d", MiniDriver->MiniportDriverCharacteristics.MajorDriverVersion, MiniDriver->MiniportDriverCharacteristics.MinorDriverVersion);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "Flags:%d", MiniDriver->MiniportDriverCharacteristics.Flags);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "SetOptionsHandler:%p", MiniDriver->MiniportDriverCharacteristics.SetOptionsHandler);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "InitializeHandlerEx:%p", MiniDriver->MiniportDriverCharacteristics.InitializeHandlerEx);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "HaltHandlerEx:%p", MiniDriver->MiniportDriverCharacteristics.HaltHandlerEx);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "UnloadHandler:%p", MiniDriver->MiniportDriverCharacteristics.UnloadHandler);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "PauseHandler:%p", MiniDriver->MiniportDriverCharacteristics.PauseHandler);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "RestartHandler:%p", MiniDriver->MiniportDriverCharacteristics.RestartHandler);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "OidRequestHandler:%p", MiniDriver->MiniportDriverCharacteristics.OidRequestHandler);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "SendNetBufferListsHandler:%p", MiniDriver->MiniportDriverCharacteristics.SendNetBufferListsHandler);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "ReturnNetBufferListsHandler:%p", MiniDriver->MiniportDriverCharacteristics.ReturnNetBufferListsHandler);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "CancelSendHandler:%p", MiniDriver->MiniportDriverCharacteristics.CancelSendHandler);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "CheckForHangHandlerEx:%p", MiniDriver->MiniportDriverCharacteristics.CheckForHangHandlerEx);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "ResetHandlerEx:%p", MiniDriver->MiniportDriverCharacteristics.ResetHandlerEx);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "DevicePnPEventNotifyHandler:%p", MiniDriver->MiniportDriverCharacteristics.DevicePnPEventNotifyHandler);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "ShutdownHandlerEx:%p", MiniDriver->MiniportDriverCharacteristics.ShutdownHandlerEx);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "CancelOidRequestHandler:%p", MiniDriver->MiniportDriverCharacteristics.CancelOidRequestHandler);
//#if (NDIS_SUPPORT_NDIS61)
if (MiniDriver->MiniportDriverCharacteristics.Header.Size > 0x088) {//也可以考虑根据版本(MajorNdisVersion + MinorNdisVersion)判别。
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "DirectOidRequestHandler:%p", MiniDriver->MiniportDriverCharacteristics.DirectOidRequestHandler);
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "CancelDirectOidRequestHandler:%p", MiniDriver->MiniportDriverCharacteristics.CancelDirectOidRequestHandler);
}
//#endif // (NDIS_SUPPORT_NDIS61)
//#if (NDIS_SUPPORT_NDIS680)
if (MiniDriver->MiniportDriverCharacteristics.Header.Size > 0x098) {//也可以考虑根据版本(MajorNdisVersion + MinorNdisVersion)判别。
Print(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "SynchronousOidRequestHandler:%p", MiniDriver->MiniportDriverCharacteristics.SynchronousOidRequestHandler);
}
//#endif // (NDIS_SUPPORT_NDIS680)
DbgPrintEx(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "\r\n");
}
void DumpMiniDriverInfo()
{
if (!ndisMiniDriverListLock || !ndisMiniDriverList) {
return;
}
KIRQL Irql = KeAcquireSpinLockRaiseToDpc(ndisMiniDriverListLock);
for (PNDIS_M_DRIVER_BLOCK Tmp = ndisMiniDriverList; Tmp; Tmp = Tmp->NextDriver) {
DumpOneMiniDriverInfo(Tmp);
}
KeReleaseSpinLock(ndisMiniDriverListLock, Irql);
}测试效果
0: kd> g
FILE:MiniDriver.cpp, LINE:15, NdisVersion:6:30.
FILE:MiniDriver.cpp, LINE:16, DriverVersion:0:0.
FILE:MiniDriver.cpp, LINE:17, Flags:2.
FILE:MiniDriver.cpp, LINE:19, SetOptionsHandler:0000000000000000.
FILE:MiniDriver.cpp, LINE:20, InitializeHandlerEx:FFFFF80490771AC0.
FILE:MiniDriver.cpp, LINE:21, HaltHandlerEx:FFFFF80490771950.
FILE:MiniDriver.cpp, LINE:22, UnloadHandler:FFFFF80490771500.
FILE:MiniDriver.cpp, LINE:23, PauseHandler:FFFFF804907721C0.
FILE:MiniDriver.cpp, LINE:24, RestartHandler:FFFFF80490772BC0.
FILE:MiniDriver.cpp, LINE:25, OidRequestHandler:FFFFF80490771FF0.
FILE:MiniDriver.cpp, LINE:26, SendNetBufferListsHandler:FFFFF80490772DB0.
FILE:MiniDriver.cpp, LINE:27, ReturnNetBufferListsHandler:FFFFF80490772D10.
FILE:MiniDriver.cpp, LINE:28, CancelSendHandler:FFFFF80490771890.
FILE:MiniDriver.cpp, LINE:29, CheckForHangHandlerEx:0000000000000000.
FILE:MiniDriver.cpp, LINE:30, ResetHandlerEx:FFFFF80490772B30.
FILE:MiniDriver.cpp, LINE:31, DevicePnPEventNotifyHandler:FFFFF804907718A0.
FILE:MiniDriver.cpp, LINE:32, ShutdownHandlerEx:FFFFF80490771890.
FILE:MiniDriver.cpp, LINE:33, CancelOidRequestHandler:FFFFF80490771890.
FILE:MiniDriver.cpp, LINE:37, DirectOidRequestHandler:0000000000000000.
FILE:MiniDriver.cpp, LINE:38, CancelDirectOidRequestHandler:0000000000000000.
FILE:MiniDriver.cpp, LINE:15, NdisVersion:6:50.
FILE:MiniDriver.cpp, LINE:16, DriverVersion:12:18.
FILE:MiniDriver.cpp, LINE:17, Flags:0.
FILE:MiniDriver.cpp, LINE:19, SetOptionsHandler:FFFFF80480B41F70.
FILE:MiniDriver.cpp, LINE:20, InitializeHandlerEx:FFFFF80480B23000.
FILE:MiniDriver.cpp, LINE:21, HaltHandlerEx:FFFFF80480B241D0.
FILE:MiniDriver.cpp, LINE:22, UnloadHandler:FFFFF80480B24CD0.
FILE:MiniDriver.cpp, LINE:23, PauseHandler:FFFFF80480B24520.
FILE:MiniDriver.cpp, LINE:24, RestartHandler:FFFFF80480B24880.
FILE:MiniDriver.cpp, LINE:25, OidRequestHandler:FFFFF80480B2EC80.
FILE:MiniDriver.cpp, LINE:26, SendNetBufferListsHandler:FFFFF80480B347A0.
FILE:MiniDriver.cpp, LINE:27, ReturnNetBufferListsHandler:FFFFF80480B390C0.
FILE:MiniDriver.cpp, LINE:28, CancelSendHandler:FFFFF80480B2EC70.
FILE:MiniDriver.cpp, LINE:29, CheckForHangHandlerEx:FFFFF80480B25160.
FILE:MiniDriver.cpp, LINE:30, ResetHandlerEx:FFFFF80480B25C00.
FILE:MiniDriver.cpp, LINE:31, DevicePnPEventNotifyHandler:FFFFF80480B26DA0.
FILE:MiniDriver.cpp, LINE:32, ShutdownHandlerEx:FFFFF80480B249F0.
FILE:MiniDriver.cpp, LINE:33, CancelOidRequestHandler:FFFFF80480B2EC70.
FILE:MiniDriver.cpp, LINE:37, DirectOidRequestHandler:FFFFF80480B2EC80.
FILE:MiniDriver.cpp, LINE:38, CancelDirectOidRequestHandler:FFFFF80480B2EC70.如果想看更详细的结果,请移步:https://github.com/kouzhudong/AntiHook/blob/main/log/EnumMiniPortDriver.txt
作者信息
made by correy
made at 2024-01-07
https://github.com/kouzhudong
转载
分享
0 条评论
可输入 255 字
发布投稿
