asahi/KernelCommunication
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

添加项目文件。

Browse Source
This commit is contained in:
381848900@qq.com 2025-03-09 18:36:11 +08:00
parent fe1d8726bb
commit 3816431b47
10 changed files with 737 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
KernelCommunication.sln Normal file
View File

@ -0,0 +1,71 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio Version 17
VisualStudioVersion = 17.13.35825.156 d17.13
MinimumVisualStudioVersion = 10.0.40219.1
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "KernelCommunication", "KernelCommunication\KernelCommunication.vcxproj", "{B1740CFB-94A0-BAA6-1165-49A4F96703C3}"
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "TestDrvice", "TestDrvice\TestDrvice.vcxproj", "{1D6E4646-A62F-46CF-9D43-BDD49EADCE40}"
ProjectSection(ProjectDependencies) = postProject
{B1740CFB-94A0-BAA6-1165-49A4F96703C3} = {B1740CFB-94A0-BAA6-1165-49A4F96703C3}
EndProjectSection
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|ARM64 = Debug|ARM64
Debug|Win32 = Debug|Win32
Debug|x64 = Debug|x64
Debug|x86 = Debug|x86
Release|ARM64 = Release|ARM64
Release|Win32 = Release|Win32
Release|x64 = Release|x64
Release|x86 = Release|x86
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Debug|ARM64.ActiveCfg = Debug|ARM64
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Debug|ARM64.Build.0 = Debug|ARM64
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Debug|ARM64.Deploy.0 = Debug|ARM64
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Debug|Win32.ActiveCfg = Debug|Win32
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Debug|Win32.Build.0 = Debug|Win32
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Debug|Win32.Deploy.0 = Debug|Win32
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Debug|x64.ActiveCfg = Debug|x64
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Debug|x64.Build.0 = Debug|x64
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Debug|x86.ActiveCfg = Debug|Win32
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Debug|x86.Build.0 = Debug|Win32
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Debug|x86.Deploy.0 = Debug|Win32
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Release|ARM64.ActiveCfg = Release|ARM64
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Release|ARM64.Build.0 = Release|ARM64
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Release|ARM64.Deploy.0 = Release|ARM64
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Release|Win32.ActiveCfg = Release|Win32
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Release|Win32.Build.0 = Release|Win32
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Release|Win32.Deploy.0 = Release|Win32
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Release|x64.ActiveCfg = Release|x64
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Release|x64.Build.0 = Release|x64
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Release|x64.Deploy.0 = Release|x64
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Release|x86.ActiveCfg = Release|Win32
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Release|x86.Build.0 = Release|Win32
{B1740CFB-94A0-BAA6-1165-49A4F96703C3}.Release|x86.Deploy.0 = Release|Win32
{1D6E4646-A62F-46CF-9D43-BDD49EADCE40}.Debug|ARM64.ActiveCfg = Debug|x64
{1D6E4646-A62F-46CF-9D43-BDD49EADCE40}.Debug|ARM64.Build.0 = Debug|x64
{1D6E4646-A62F-46CF-9D43-BDD49EADCE40}.Debug|Win32.ActiveCfg = Debug|Win32
{1D6E4646-A62F-46CF-9D43-BDD49EADCE40}.Debug|Win32.Build.0 = Debug|Win32
{1D6E4646-A62F-46CF-9D43-BDD49EADCE40}.Debug|x64.ActiveCfg = Debug|Win32
{1D6E4646-A62F-46CF-9D43-BDD49EADCE40}.Debug|x64.Build.0 = Debug|Win32
{1D6E4646-A62F-46CF-9D43-BDD49EADCE40}.Debug|x86.ActiveCfg = Debug|Win32
{1D6E4646-A62F-46CF-9D43-BDD49EADCE40}.Debug|x86.Build.0 = Debug|Win32
{1D6E4646-A62F-46CF-9D43-BDD49EADCE40}.Release|ARM64.ActiveCfg = Release|x64
{1D6E4646-A62F-46CF-9D43-BDD49EADCE40}.Release|ARM64.Build.0 = Release|x64
{1D6E4646-A62F-46CF-9D43-BDD49EADCE40}.Release|Win32.ActiveCfg = Release|Win32
{1D6E4646-A62F-46CF-9D43-BDD49EADCE40}.Release|Win32.Build.0 = Release|Win32
{1D6E4646-A62F-46CF-9D43-BDD49EADCE40}.Release|x64.ActiveCfg = Release|x64
{1D6E4646-A62F-46CF-9D43-BDD49EADCE40}.Release|x64.Build.0 = Release|x64
{1D6E4646-A62F-46CF-9D43-BDD49EADCE40}.Release|x86.ActiveCfg = Release|Win32
{1D6E4646-A62F-46CF-9D43-BDD49EADCE40}.Release|x86.Build.0 = Release|Win32
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution
SolutionGuid = {5319418A-99CE-45F2-8C25-C2E41230A676}
EndGlobalSection
EndGlobal

145
KernelCommunication/KernelCommunication.vcxproj Normal file
View File

@ -0,0 +1,145 @@
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|ARM64">
<Configuration>Debug</Configuration>
<Platform>ARM64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|ARM64">
<Configuration>Release</Configuration>
<Platform>ARM64</Platform>
</ProjectConfiguration>
</ItemGroup>
<PropertyGroup Label="Globals">
<ProjectGuid>{B1740CFB-94A0-BAA6-1165-49A4F96703C3}</ProjectGuid>
<TemplateGuid>{dd38f7fc-d7bd-488b-9242-7d8754cde80d}</TemplateGuid>
<TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
<MinimumVisualStudioVersion>12.0</MinimumVisualStudioVersion>
<Configuration>Debug</Configuration>
<Platform Condition="'$(Platform)' == ''">x64</Platform>
<RootNamespace>KernelCommunication</RootNamespace>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
<TargetVersion>Windows10</TargetVersion>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
<ConfigurationType>Driver</ConfigurationType>
<DriverType>WDM</DriverType>
<DriverTargetPlatform>Desktop</DriverTargetPlatform>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
<TargetVersion>Windows10</TargetVersion>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
<ConfigurationType>Driver</ConfigurationType>
<DriverType>WDM</DriverType>
<DriverTargetPlatform>Desktop</DriverTargetPlatform>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
<TargetVersion>Windows10</TargetVersion>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
<ConfigurationType>Driver</ConfigurationType>
<DriverType>WDM</DriverType>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
<TargetVersion>Windows10</TargetVersion>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
<ConfigurationType>Driver</ConfigurationType>
<DriverType>WDM</DriverType>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'" Label="Configuration">
<TargetVersion>Windows10</TargetVersion>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
<ConfigurationType>Driver</ConfigurationType>
<DriverType>WDM</DriverType>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'" Label="Configuration">
<TargetVersion>Windows10</TargetVersion>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
<ConfigurationType>Driver</ConfigurationType>
<DriverType>WDM</DriverType>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ImportGroup Label="ExtensionSettings">
</ImportGroup>
<ImportGroup Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<PropertyGroup Label="UserMacros" />
<PropertyGroup />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
</PropertyGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<DriverSign>
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
</DriverSign>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<DriverSign>
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
</DriverSign>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<DriverSign>
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
</DriverSign>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<DriverSign>
<FileDigestAlgorithm>sha256</FileDigestAlgorithm>
</DriverSign>
</ItemDefinitionGroup>
<ItemGroup>
<FilesToPackage Include="$(TargetPath)" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="main.cpp" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="ioctl.h" />
<ClInclude Include="main.h" />
<ClInclude Include="MyDriverGuids.h" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
</Project>

37
KernelCommunication/KernelCommunication.vcxproj.filters Normal file
View File

@ -0,0 +1,37 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup>
<Filter Include="Source Files">
<UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
<Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
</Filter>
<Filter Include="Header Files">
<UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
<Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
</Filter>
<Filter Include="Resource Files">
<UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
<Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
</Filter>
<Filter Include="Driver Files">
<UniqueIdentifier>{8E41214B-6785-4CFE-B992-037D68949A14}</UniqueIdentifier>
<Extensions>inf;inv;inx;mof;mc;</Extensions>
</Filter>
</ItemGroup>
<ItemGroup>
<ClCompile Include="main.cpp">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="main.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="ioctl.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="MyDriverGuids.h">
<Filter>Header Files</Filter>
</ClInclude>
</ItemGroup>
</Project>

6
KernelCommunication/MyDriverGuids.h Normal file
View File

@ -0,0 +1,6 @@
#pragma once
#include <wdm.h>
// {9A6B1C56-BB85-401D-9E67-AED2561C4B06}
static const GUID MyCustomDeviceGUID =
{ 0x9a6b1c56, 0xbb85, 0x401d, { 0x9e, 0x67, 0xae, 0xd2, 0x56, 0x1c, 0x4b, 0x6 } };

5
KernelCommunication/ioctl.h Normal file
View File

@ -0,0 +1,5 @@
#pragma once
#define MY_DRVICE_NAME L"YhyDrvice"
#define SYMBOLIC_LINK L"\\??\\" MY_DRVICE_NAME
#define IOCTL_READ_MEMORY CTL_CODE(FILE_DEVICE_UNKNOWN, 0x800, METHOD_BUFFERED, FILE_ANY_ACCESS)

110
KernelCommunication/main.cpp Normal file
View File

@ -0,0 +1,110 @@
#include "main.h"
VOID onUnload(_In_ struct _DRIVER_OBJECT* DriverObject) {
UNREFERENCED_PARAMETER(DriverObject);
KdPrint(("[yhy]: %s", __FUNCDNAME__));
UNICODE_STRING symLink;
RtlInitUnicodeString(&symLink, SYMBOLIC_LINK);
NTSTATUS status = IoDeleteSymbolicLink(&symLink); // 删除符号链接
if (!NT_SUCCESS(status)) {
KdPrint(("[yhy] [Error]: IoDeleteSymbolicLink Error! rrorCode:%08x\n", status));
return;
}
// 删除设备
if (DriverObject->DeviceObject != NULL) {
IoDeleteDevice(DriverObject->DeviceObject);
}
KdPrint(("[yhy]: onUnload Success!\n"));
KdPrint(("[yhy]: Bye!\n"));
}
NTSTATUS DispatchCreate(_In_ struct _DEVICE_OBJECT* DeviceObject, _Inout_ struct _IRP* Irp) {
NTSTATUS status = STATUS_SUCCESS;
KdPrint(("[yhy]: %s\n", __FUNCDNAME__));
IoCompleteRequest(Irp, IO_NO_INCREMENT);
UNREFERENCED_PARAMETER(DeviceObject);
return status;
}
NTSTATUS DispatchClose(_In_ struct _DEVICE_OBJECT* DeviceObject, _Inout_ struct _IRP* Irp) {
NTSTATUS status = STATUS_SUCCESS;
KdPrint(("[yhy]: %s\n", __FUNCDNAME__));
IoCompleteRequest(Irp, IO_NO_INCREMENT);
UNREFERENCED_PARAMETER(DeviceObject);
Irp->IoStatus.Status = STATUS_SUCCESS;
Irp->IoStatus.Information = 0;
return status;
}
NTSTATUS DispatchRead(_In_ struct _DEVICE_OBJECT* DeviceObject, _Inout_ struct _IRP* Irp) {
NTSTATUS status = STATUS_SUCCESS;
KdPrint(("[yhy]: %s\n", __FUNCDNAME__));
IoCompleteRequest(Irp, IO_NO_INCREMENT);
UNREFERENCED_PARAMETER(DeviceObject);
return status;
}
NTSTATUS DispatchWrite(_In_ struct _DEVICE_OBJECT* DeviceObject, _Inout_ struct _IRP* Irp) {
NTSTATUS status = STATUS_SUCCESS;
KdPrint(("[yhy]: %s\n", __FUNCDNAME__));
IoCompleteRequest(Irp, IO_NO_INCREMENT);
UNREFERENCED_PARAMETER(DeviceObject);
return status;
}
NTSTATUS DispatchControl(_In_ struct _DEVICE_OBJECT* DeviceObject, _Inout_ struct _IRP* Irp) {
NTSTATUS status = STATUS_SUCCESS;
UNREFERENCED_PARAMETER(DeviceObject);
KdPrint(("[yhy]: %s\n", __FUNCDNAME__));
PIO_STACK_LOCATION pIrpStack = IoGetCurrentIrpStackLocation(Irp);
if (pIrpStack->Parameters.DeviceIoControl.IoControlCode == IOCTL_READ_MEMORY) {
PVOID ioBuffer = Irp->AssociatedIrp.SystemBuffer;
//ULONG bufferLen = max(pIrpStack->Parameters.DeviceIoControl.InputBufferLength, pIrpStack->Parameters.DeviceIoControl.OutputBufferLength);
// 读取目标内存
void* targetAddress = *(void**)ioBuffer;
KdPrint(("[yhy]: DispatchControl ioBuffer:%p targetAddress:%p\n", ioBuffer, targetAddress));
int newValue = 0x12341234;
RtlCopyMemory(ioBuffer, &newValue, 4);
Irp->IoStatus.Status = STATUS_SUCCESS;
Irp->IoStatus.Information = 4;
}
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return status;
}
NTSTATUS DriverEntry(
_In_ PDRIVER_OBJECT DriverObject,
_In_ PUNICODE_STRING RegistryPath
)
{
UNREFERENCED_PARAMETER(RegistryPath);
// NTSTATUS variable to record success or failure
NTSTATUS status = STATUS_SUCCESS;
DriverObject->DriverUnload = onUnload;
// 1. 绑定IRP 处理Dispatch例程
DriverObject->MajorFunction[IRP_MJ_CREATE] = DispatchCreate;
DriverObject->MajorFunction[IRP_MJ_CLOSE] = DispatchClose;
DriverObject->MajorFunction[IRP_MJ_READ] = DispatchRead;
DriverObject->MajorFunction[IRP_MJ_WRITE] = DispatchWrite;
DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = DispatchControl;
// 2. 创建设备对象
UNICODE_STRING deviceName;
PDEVICE_OBJECT pDevice = NULL;
RtlInitUnicodeString(&deviceName, L"\\Device\\" MY_DRVICE_NAME);
KdPrint(("[yhy] deviceName: %wZ", &deviceName));
status = IoCreateDevice(DriverObject, 0, &deviceName, FILE_DEVICE_UNKNOWN, FILE_DEVICE_SECURE_OPEN, FALSE /*非独占*/,
&pDevice);
if (!NT_SUCCESS(status)) {
KdPrint(("[yhy] DriverEntry IoCreateDevice ErrorCode:%08x\n", status));
return status;
}
// 3. 创建符号
UNICODE_STRING symbolName;
// L"\\DosDevices\\MY_DRVICE_NAME"
RtlInitUnicodeString(&symbolName, SYMBOLIC_LINK);
status = IoCreateSymbolicLink(&symbolName, &deviceName);
if (!NT_SUCCESS(status)) {
KdPrint(("[yhy] DriverEntry IoCreateSymbolicLink ErrorCode:%08x\n", status));
return status;
}
KdPrint(("[yhy] DriverEntry IoCreateSymbolicLink Success! symbolName is :%wZ", &symbolName));
return status;
}

10
KernelCommunication/main.h Normal file
View File

@ -0,0 +1,10 @@
#pragma once
#include <ntddk.h>
#include "ioctl.h"
extern "C" NTSTATUS DriverEntry(
_In_ PDRIVER_OBJECT DriverObject,
_In_ PUNICODE_STRING RegistryPath
);

194
TestDrvice/TestDrvice.cpp Normal file
View File

@ -0,0 +1,194 @@
#include <iostream>
#include <cstdlib>
#include <Windows.h>
#include "../KernelCommunication/ioctl.h"
#include <memory>
#define TEST_SERVICE_NAME "aaayhytestservice"
void ShowError(const char* szName) {
DWORD dwErrorCode = GetLastError();
LPVOID lpMsgBuf;
FormatMessage(
FORMAT_MESSAGE_ALLOCATE_BUFFER |
FORMAT_MESSAGE_FROM_SYSTEM |
FORMAT_MESSAGE_IGNORE_INSERTS,
NULL,
dwErrorCode,
MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
(LPTSTR)&lpMsgBuf,
0,
NULL
);
printf("[%-15s] ErrorCode:%08x ErrorMsg:%s", szName, dwErrorCode, (char*)lpMsgBuf);
LocalFree(lpMsgBuf);
}
int LoadDriver(const char* szBinPath) {
using namespace std;
int Result = -1;
SC_HANDLE schSCManager = OpenSCManager(
NULL, // local computer
NULL, // ServicesActive database
SC_MANAGER_ALL_ACCESS); // full access rights
if (NULL == schSCManager) {
ShowError("OpenSCManager");
return Result;
}
cout << "[+] OpenSCManager Success!" << endl;
//创建服务
SC_HANDLE schService = CreateService(
schSCManager, // SCM database
TEST_SERVICE_NAME, // name of service
TEST_SERVICE_NAME, // service name to display
SERVICE_ALL_ACCESS, // desired access
SERVICE_KERNEL_DRIVER, // service type
SERVICE_DEMAND_START, // start type
SERVICE_ERROR_NORMAL, // error control type
szBinPath, // path to service's binary
NULL, // no load ordering group
NULL, // no tag identifier
NULL, // no dependencies
NULL, // LocalSystem account
NULL); // no password
if (schService == NULL) {
if (GetLastError() != ERROR_SERVICE_EXISTS) {
ShowError("CreateService");
CloseServiceHandle(schSCManager);
return Result;
}
schService = OpenService(schSCManager, TEST_SERVICE_NAME, SERVICE_ALL_ACCESS);
if (schService == NULL) {
ShowError("OpenService");
CloseServiceHandle(schSCManager);
return Result;
}
}
cout << "[+] CreateService Success!" << endl;
SERVICE_STATUS Status;
ControlService(schService, SERVICE_CONTROL_STOP, &Status);
//启动服务
if (!StartService(schService, NULL, NULL)) {
ShowError("StartService");
}
else {
cout << "[+] StartService Success!" << endl;
Result = 0;
}
CloseServiceHandle(schService);
CloseServiceHandle(schSCManager);
return Result;
}
// 停止并卸载服务
int UnLoadDriver(const char* szServiceName) {
int Result = -1;
SC_HANDLE schSCManager = OpenSCManager(
NULL, // local computer
NULL, // ServicesActive database
SC_MANAGER_ALL_ACCESS); // full access rights
if (NULL == schSCManager) {
ShowError("OpenSCManager");
return Result;
}
//打开服务
SC_HANDLE schService = OpenService(schSCManager, szServiceName, SERVICE_ALL_ACCESS);
if (schService == NULL) {
ShowError("OpenService");
CloseServiceHandle(schSCManager);
return Result;
}
//停止服务
SERVICE_STATUS Status;
ControlService(schService, SERVICE_CONTROL_STOP, &Status);
//删除服务
if (!DeleteService(schService)) {
ShowError("DeleteService");
}
else {
Result = 0;
}
CloseServiceHandle(schService);
CloseServiceHandle(schSCManager);
return Result;
}
void UseDriver() {
HANDLE hFile = CreateFileW(L"\\\\.\\" MY_DRVICE_NAME,
GENERIC_READ | GENERIC_WRITE,
0,
NULL,
OPEN_EXISTING,
0,
NULL);
printf("CreateFile hFile:%p ErrCode:%08x\n", hFile, GetLastError());
// 测试ReadFile 功能
char Buffer[MAXBYTE] = { 0 };
DWORD dwBytes = 0;
BOOL Result = ReadFile(hFile, Buffer, sizeof(Buffer), &dwBytes, NULL);
printf("ReadFile Result:%d dwBytes:%d Buffer:%s ErrCode:%08x\n", Result, dwBytes, Buffer, GetLastError());
// 测试WriteFile 功能
WriteFile(hFile, Buffer, sizeof(Buffer), &dwBytes, NULL);
printf("WriteFile Result:%d dwBytes:%d Buffer:%s ErrCode:%08x\n", Result, dwBytes, Buffer, GetLastError());
// 测试DeviceIoControl 功能
char data[4] = { 0x78, 0x56, 0x34, 0x12 };
printf("Data value: %p\n", *(int*)data);
DeviceIoControl(hFile, IOCTL_READ_MEMORY, &data, sizeof(data),
data, sizeof(data), &dwBytes, NULL);
printf("DeviceIoControl Result:%d dwBytes:%d Data:%s ErrCode:%08x\n", Result, dwBytes, data, GetLastError());
printf("Data newValue: %p\n", *(int*)data);
// 关闭文件
CloseHandle(hFile);
return;
}
int main(int argc, char* argv[])
{
using namespace std;
if (argc < 2) {
std::cerr << "Please drag the driver onto this program icon to test the installation!" << std::endl;
system("pause");
return -1;
}
const char* driverPath = argv[1];
cout << "[+] Loading the test driver" << driverPath << endl;
if (LoadDriver(driverPath) != 0) {
cerr << "[x] LoadDriver Error!" << endl;
system("pause");
return -1;
}
cout << "======== LoadDriver done! ===========" << endl;
// TODO: 做一些事情
UseDriver();
if (UnLoadDriver(TEST_SERVICE_NAME) != 0) {
cerr << "[x] UnLoadDriver Faile! " << endl;
system("pause");
return -1;
}
cout << "======== UnLoadDriver done! ===========" << endl;
cout << "======== Bye! ===========" << endl;
system("pause");
return 0;
}
//int main() {
// char data[] = { 0x12, 0x34, 0x56, 0x78 };
// printf("%p", *(int*)data);
//}

137
TestDrvice/TestDrvice.vcxproj Normal file
View File

@ -0,0 +1,137 @@
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<PropertyGroup Label="Globals">
<VCProjectVersion>17.0</VCProjectVersion>
<Keyword>Win32Proj</Keyword>
<ProjectGuid>{1d6e4646-a62f-46cf-9d43-bdd49eadce40}</ProjectGuid>
<RootNamespace>TestDrvice</RootNamespace>
<WindowsTargetPlatformVersion>7.0</WindowsTargetPlatformVersion>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v141_xp</PlatformToolset>
<CharacterSet>MultiByte</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v143</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v141_xp</PlatformToolset>
<CharacterSet>MultiByte</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v143</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ImportGroup Label="ExtensionSettings">
</ImportGroup>
<ImportGroup Label="Shared">
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<PropertyGroup Label="UserMacros" />
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>false</ConformanceMode>
<RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
<RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemGroup>
<ClCompile Include="TestDrvice.cpp" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
</Project>

22
TestDrvice/TestDrvice.vcxproj.filters Normal file
View File

@ -0,0 +1,22 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup>
<Filter Include="源文件">
<UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
<Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
</Filter>
<Filter Include="头文件">
<UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
<Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
</Filter>
<Filter Include="资源文件">
<UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
<Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
</Filter>
</ItemGroup>
<ItemGroup>
<ClCompile Include="TestDrvice.cpp">
<Filter>源文件</Filter>
</ClCompile>
</ItemGroup>
</Project>