From a0db4e7fee1ab76cbd8b5186d7b1904f5c6f835d Mon Sep 17 00:00:00 2001
From: luce lux <1098346640@qq.com>
Date: Tue, 3 Feb 2026 17:49:23 +0800
Subject: [PATCH] =?UTF-8?q?choro:=20=E7=94=9F=E6=88=90=E9=85=8D=E7=BD=AE?=
=?UTF-8?q?=E6=94=AF=E6=8C=81=E5=88=B0win11=EF=BC=8C=E4=BF=AE=E5=A4=8D?=
=?UTF-8?q?=E9=83=A8=E5=88=86=E5=8D=B3=E5=B0=86=E5=BC=83=E7=94=A8=E7=9A=84?=
=?UTF-8?q?API?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
HyperHide/HyperHide.vcxproj | 8 ++--
HyperHideDrv/Hider.cpp | 14 +++----
HyperHideDrv/HyperHideDrv.vcxproj | 68 ++++++++++++++++++++++---------
HyperHideDrv/Ntenums.h | 6 +--
HyperHideDrv/Utils.cpp | 12 +++---
5 files changed, 68 insertions(+), 40 deletions(-)
diff --git a/HyperHide/HyperHide.vcxproj b/HyperHide/HyperHide.vcxproj
index fb7e5a2..a8d1e07 100644
--- a/HyperHide/HyperHide.vcxproj
+++ b/HyperHide/HyperHide.vcxproj
@@ -29,26 +29,26 @@
DynamicLibrary
true
- v142
+ v145
MultiByte
DynamicLibrary
false
- v142
+ v145
true
Unicode
DynamicLibrary
true
- v142
+ v145
Unicode
DynamicLibrary
false
- v142
+ v145
true
Unicode
diff --git a/HyperHideDrv/Hider.cpp b/HyperHideDrv/Hider.cpp
index 6369d7f..cbadc83 100644
--- a/HyperHideDrv/Hider.cpp
+++ b/HyperHideDrv/Hider.cpp
@@ -133,13 +133,13 @@ namespace Hider
HiddenThread = (PHIDDEN_THREAD)CONTAINING_RECORD(CurrentThread, HIDDEN_THREAD, HiddenThreadList);
CurrentThread = CurrentThread->Flink;
- if (HiddenThread->ThreadObject == ThreadObject)
- goto End;
- }
+ if (HiddenThread->ThreadObject == ThreadObject)
+ goto End;
+ }
- HiddenThread = (PHIDDEN_THREAD)ExAllocatePoolWithTag(NonPagedPool, sizeof(HIDDEN_THREAD), DRIVER_TAG);
- if (HiddenThread == NULL)
- return NULL;
+ HiddenThread = (PHIDDEN_THREAD)ExAllocatePool2(POOL_FLAG_NON_PAGED, sizeof(HIDDEN_THREAD), DRIVER_TAG);
+ if (HiddenThread == NULL)
+ return NULL;
RtlSecureZeroMemory(HiddenThread, sizeof(HIDDEN_THREAD));
HiddenThread->ThreadObject = ThreadObject;
@@ -325,7 +325,7 @@ namespace Hider
BOOLEAN CreateEntry(PEPROCESS DebuggerProcess, PEPROCESS DebuggedProcess)
{
- PHIDDEN_PROCESS HiddenProcess = (PHIDDEN_PROCESS)ExAllocatePoolWithTag(NonPagedPool, sizeof(HIDDEN_PROCESS), DRIVER_TAG);
+ PHIDDEN_PROCESS HiddenProcess = (PHIDDEN_PROCESS)ExAllocatePool2(POOL_FLAG_NON_PAGED, sizeof(HIDDEN_PROCESS), DRIVER_TAG);
if (HiddenProcess == NULL)
{
LogError("Allocation failed");
diff --git a/HyperHideDrv/HyperHideDrv.vcxproj b/HyperHideDrv/HyperHideDrv.vcxproj
index f72b049..2afb526 100644
--- a/HyperHideDrv/HyperHideDrv.vcxproj
+++ b/HyperHideDrv/HyperHideDrv.vcxproj
@@ -1,4 +1,4 @@
-
+
@@ -18,26 +18,26 @@
Debug
Win32
HyperHideDrv
- 10.0.19041.0
+ 10.0.26100.0
- Windows7
+ Windows10
true
WindowsKernelModeDriver10.0
Driver
KMDF
Desktop
- Spectre
+ SpectrefalseOff
- Windows7
+ Windows10
false
WindowsKernelModeDriver10.0
Driver
KMDF
Desktop
- Spectre
+ SpectrefalseOff
@@ -61,6 +61,7 @@
%(AdditionalDependencies);$(KernelBufferOverflowLib);$(DDK_LIB_PATH)ntoskrnl.lib;$(DDK_LIB_PATH)hal.lib;$(DDK_LIB_PATH)wmilib.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfLdr.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfDriverEntry.lib
+ false
MaxSpeed
Speed
false
@@ -69,6 +70,7 @@
4603;4627;4986;4987;%(DisableSpecificWarnings)
AnySuitable
true
+ false
@@ -77,27 +79,55 @@
/INTEGRITYCHECK %(AdditionalOptions)
+ false
false
stdcpp20
+ false
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+ false
+
+
+ false
+
+
+ false
+
+
+ false
+
+
+ false
+
+
+ false
+
+
+ false
+
+
+ false
+
+
+ false
+
+
+ false
+
+
+ false
+
+
+ false
+
+
+ false
+
diff --git a/HyperHideDrv/Ntenums.h b/HyperHideDrv/Ntenums.h
index d0c326e..d270682 100644
--- a/HyperHideDrv/Ntenums.h
+++ b/HyperHideDrv/Ntenums.h
@@ -14,10 +14,8 @@ enum _LDR_DLL_LOAD_REASON
LoadReasonUnknown = -1
};
-typedef enum _PSCREATETHREADNOTIFYTYPE {
- PsCreateThreadNotifyNonSystem = 0,
- PsCreateThreadNotifySubsystems = 1
-} PSCREATETHREADNOTIFYTYPE;
+// _PSCREATETHREADNOTIFYTYPE is already defined in Windows 10 SDK
+// Removed duplicate definition to avoid C2011 error
enum SYSDBG_COMMAND
{
diff --git a/HyperHideDrv/Utils.cpp b/HyperHideDrv/Utils.cpp
index 46ebfaf..0615094 100644
--- a/HyperHideDrv/Utils.cpp
+++ b/HyperHideDrv/Utils.cpp
@@ -181,7 +181,7 @@ BOOLEAN GetProcessInfo(CONST CHAR* Name, ULONG64& ImageSize, PVOID& ImageBase)
{
ULONG Bytes;
NTSTATUS Status = ZwQuerySystemInformation(SystemModuleInformation, 0, 0, &Bytes);
- PSYSTEM_MODULE_INFORMATION Mods = (PSYSTEM_MODULE_INFORMATION)ExAllocatePoolWithTag(NonPagedPool, Bytes, DRIVER_TAG);
+ PSYSTEM_MODULE_INFORMATION Mods = (PSYSTEM_MODULE_INFORMATION)ExAllocatePool2(POOL_FLAG_NON_PAGED, Bytes, DRIVER_TAG);
if (Mods == NULL)
return FALSE;
@@ -224,7 +224,7 @@ PEPROCESS GetProcessByName(CONST WCHAR* ProcessName)
ULONG Bytes;
ZwQuerySystemInformation(SystemProcessInformation, NULL, NULL, &Bytes);
- PSYSTEM_PROCESS_INFO ProcInfo = (PSYSTEM_PROCESS_INFO)ExAllocatePoolWithTag(NonPagedPool, Bytes, DRIVER_TAG);
+ PSYSTEM_PROCESS_INFO ProcInfo = (PSYSTEM_PROCESS_INFO)ExAllocatePool2(POOL_FLAG_NON_PAGED, Bytes, DRIVER_TAG);
if (ProcInfo == NULL)
return NULL;
@@ -383,7 +383,7 @@ BOOLEAN ClearBypassProcessFreezeFlag(PEPROCESS TargetProcess)
}
ZwQuerySystemInformation(SystemProcessInformation, NULL, NULL, &Bytes);
- PSYSTEM_PROCESS_INFO ProcInfo = (PSYSTEM_PROCESS_INFO)ExAllocatePoolWithTag(NonPagedPool, Bytes, DRIVER_TAG);
+ PSYSTEM_PROCESS_INFO ProcInfo = (PSYSTEM_PROCESS_INFO)ExAllocatePool2(POOL_FLAG_NON_PAGED, Bytes, DRIVER_TAG);
if (ProcInfo == NULL)
return FALSE;
@@ -425,11 +425,11 @@ BOOLEAN ClearThreadHideFromDebuggerFlag(PEPROCESS TargetProcess)
ULONG Bytes;
ZwQuerySystemInformation(SystemProcessInformation, NULL, NULL, &Bytes);
- PSYSTEM_PROCESS_INFO ProcInfo = (PSYSTEM_PROCESS_INFO)ExAllocatePoolWithTag(NonPagedPool, Bytes, DRIVER_TAG);
+ PSYSTEM_PROCESS_INFO ProcInfo = (PSYSTEM_PROCESS_INFO)ExAllocatePool2(POOL_FLAG_NON_PAGED, Bytes, DRIVER_TAG);
if (ProcInfo == NULL)
return FALSE;
-
+
RtlSecureZeroMemory(ProcInfo, Bytes);
Status = ZwQuerySystemInformation(SystemProcessInformation, ProcInfo, Bytes, &Bytes);
@@ -529,7 +529,7 @@ BOOLEAN ClearThreadBreakOnTerminationFlags(PEPROCESS TargetProcess)
ULONG Bytes;
ZwQuerySystemInformation(SystemProcessInformation, NULL, NULL, &Bytes);
- PSYSTEM_PROCESS_INFO ProcInfo = (PSYSTEM_PROCESS_INFO)ExAllocatePoolWithTag(NonPagedPool, Bytes, DRIVER_TAG);
+ PSYSTEM_PROCESS_INFO ProcInfo = (PSYSTEM_PROCESS_INFO)ExAllocatePool2(POOL_FLAG_NON_PAGED, Bytes, DRIVER_TAG);
if (ProcInfo == NULL)
return FALSE;