From e07214c6f5d495b0f7dca18185a89a3db4ef6a6c Mon Sep 17 00:00:00 2001
From: Duncan Ogilvie <mr.exodia.tpodt@gmail.com>
Date: Mon, 29 Nov 2021 04:40:59 +0100
Subject: [PATCH] Ignore some files and stub ZwQueryInformationToken

---
 .gitignore                 | 4 ++++
 src/dumpulator/native.py   | 1 +
 src/dumpulator/syscalls.py | 6 +++++-
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index 7cec61c..c78b92c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,3 +5,7 @@ venv/
 .idea/
 __pycache__/
 *.pyc
+/tests/*.trace
+/tests/*.dd32
+/tests/*.dd64
+/tests/*.txt
\ No newline at end of file
diff --git a/src/dumpulator/native.py b/src/dumpulator/native.py
index c9bb341..9bbb272 100644
--- a/src/dumpulator/native.py
+++ b/src/dumpulator/native.py
@@ -8,6 +8,7 @@ def make_global(t):
 
 STATUS_SUCCESS = 0
 STATUS_NOT_IMPLEMENTED = 0xC0000002
+STATUS_ACCESS_DENIED = 0xC0000022
 
 class MEMORY_INFORMATION_CLASS(Enum):
     MemoryBasicInformation = 0
diff --git a/src/dumpulator/syscalls.py b/src/dumpulator/syscalls.py
index c499d00..a639c1c 100644
--- a/src/dumpulator/syscalls.py
+++ b/src/dumpulator/syscalls.py
@@ -128,4 +128,8 @@ def ZwQueryVolumeInformationFile(dp: Dumpulator,
                                  FsInformationClass: FS_INFORMATION_CLASS
                                  ):
     # TODO: implement
-    return STATUS_SUCCESS
\ No newline at end of file
+    return STATUS_SUCCESS
+
+@syscall
+def ZwQueryInformationToken(dp: Dumpulator):
+    return STATUS_NOT_IMPLEMENTED
\ No newline at end of file