Hello,
I want to create a file or open an existing txt file and then write some data into that file from ClassifyFn in Windows Filtering Platform. I am using ZwCreateFile to create or open the file but its not working. Here is my code for writing to the ftxt file.
Code:
HANDLE handle;
IO_STATUS_BLOCK ioStatusBlock;
UNICODE_STRING uniName;
OBJECT_ATTRIBUTES objAttr;
RtlInitUnicodeString(&uniName, L"\??\E:\log_net_buffer.txt");
InitializeObjectAttributes(&objAttr, &uniName, OBJ_CASE_INSENSITIVE |OBJ_KERNEL_HANDLE, NULL, NULL);
status = ZwCreateFile(&handle,
GENERIC_WRITE,
&objAttr, &ioStatusBlock, NULL,
FILE_ATTRIBUTE_NORMAL,
FILE_SHARE_WRITE,
FILE_OPEN_IF,
FILE_SYNCHRONOUS_IO_NONALERT | FILE_NON_DIRECTORY_FILE,
NULL, 0);
if (status != STATUS_SUCCESS)
{
DbgPrint(“The file create failed:%x\n”, status);
return;
}
status = NtWriteFile(handle, NULL, NULL, NULL, &ioStatusBlock,
pContiguousData, strlen(pContiguousData), NULL, NULL);
if (status != STATUS_SUCCESS)
{
DbgPrint(“The file write failed:%x\n”, status);
return;
}
NtClose(handle);
Reply as soon as possible.