|
|
- #nullable enable
- using System;
- using System.Collections.Generic;
- using System.Linq;
- using System.Runtime.InteropServices;
- using System.Text;
- using System.Threading.Tasks;
-
- namespace IPA.AntiMalware.WinAPI
- {
- [Guid("82d29c2e-f062-44e6-b5c9-3d9a2f24a2df")]
- [ComVisible(true)]
- internal interface IAntimalware
- {
- void Scan([In] IAmsiStream stream, [Out] out AmsiResult result, [Out] out IAntimalwareProvider provider);
- void CloseSession([In] ulong session);
- }
-
- [Guid("3e47f2e5-81d4-4d3b-897f-545096770373")]
- [ComVisible(true)]
- internal interface IAmsiStream
- {
- unsafe void GetAttribute([In] AmsiAttribute attribute, [In] uint dataSize, [Out] byte* buffer, out uint writtenData);
- unsafe void Read([In] ulong position, [In] uint dataSize, [Out] byte* buffer, out uint readSize);
- }
-
- [Guid("b2cabfe3-fe04-42b1-a5df-08d483d4d125")]
- [ComVisible(true)]
- internal interface IAntimalwareProvider
- {
- [return: MarshalAs(UnmanagedType.LPWStr)] string DisplayName();
-
- AmsiResult Scan([In] IAmsiStream stream);
- void CloseSession([In] ulong session);
- }
-
- internal enum AmsiResult
- {
- Clean = 0,
- NotDetected = 1,
- BlockedByAdminStart = 0x4000,
- BlockedByAdminEnd = 0x4fff,
- Detected = 32768
- }
-
- internal enum AmsiAttribute
- {
- AppName = 0,
- ContentName = 1,
- ContentSize = 2,
- ContentAddress = 3,
- Session = 4,
- RedirectChainSize = 5,
- RedirectChainAddress = 6,
- AllSize = 7,
- AllAddress = 8,
- }
- }
|
