Vault 7: Projects
This publication series is about specific projects related to the Vault 7 main publication.
Methods
bmfsInitialize (Constructor/Installer)
Begins the process of configuring BadMFS. bmfsInitalize will attempt to find a
previous installation of BadMFS and either make use of that installation, or if none is
found install BadMFS. This function must be called before the rest of the BadMFS
library can be utilized.
NTSTATUS bmfsInitialize( HANDLE hDevice );
Parameters
hDevice [in]
A handle to the device that BadMFS will be located on. Examples of valid
devices are, volume,
physical disk, socket, a file, or file stream.
BadMFS has currently been tested
using only a
physical disk.
The hDevice parameter must be created with read | write access, and
buffering should be
turned off. When using CreateFile this means using the flag
FILE_FLAG_NO_BUFFERING,
when using ZwCreateFile FILE_SYNCHRONOUS_IO_NONALERT |
FILE_NON_DIRECTORY_FILE | FILE_NO_INTERMEDIATE_BUFFERING is
recommended.
Return Value
STATUS_SUCCESS will be returned upon successful completion of the
initialization process.
Remarks
bmfsInitialize( [in] HANDLE hDevice ) will attempt to install BadMFS on the
first available space
BadMFS_Developer_Guide.pdf