Home > Others

Load the NT driver code at the application layer

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

//
// Load NT driver
//
BOOL LoadNTDriver (LPTSTR lpszDriverName, LPTSTR lpszDriverPath)
{
TCHAR szDriverImagePath [1, 256] = {0 };
 
//
// Get complete driver path
//
GetFullPathName (lpszDriverPath, 256, szDriverImagePath, NULL );

BOOL bRet = FALSE;

SC _HANDLE hServiceMgr = NULL; // SCM handle (SCM --> Service Control Manager)
SC _HANDLE hServiceDDK = NULL; // NT driver service handle
 
CComMonitorApp * ptheApp = (CComMonitorApp *) AfxGetApp ();

//
// Open SCM
//
HServiceMgr = OpenSCManager (NULL, NULL, SC _MANAGER_ALL_ACCESS );

If (hServiceMgr = NULL)
{
// OpenSCManager fail
DisplayError (ptheApp-> m_pMainWnd-> GetSafeHwnd (), "OpenSCManager () failed ");
BRet = FALSE;
Goto BeforeLeave;
}
// Else
//{
/// OpenSCManager successfully
// Printf ("OpenSCManager () OK! /N ");
//}
 
//
// Create service for the driver
//
HServiceDDK = CreateService (hServiceMgr,
LpszDriverName, // name of the driver in the Registry
LpszDriverName, // DisplayName value of the registry driver
SERVICE_ALL_ACCESS, // access permission for loading the driver
SERVICE_KERNEL_DRIVER, // indicates that the loaded service is a driver.
SERVICE_DEMAND_START, // The Start value of the registry driver
SERVICE_ERROR_IGNORE, // The ErrorControl value of the registry driver
SzDriverImagePath, // The ImagePath value of the registry driver
NULL,
NULL,
NULL,
NULL,
NULL );
 
DWORD dwRtn;

//
// Judge whether service is created.
//
If (hServiceDDK = NULL)
{
DwRtn = GetLastError ();
If (dwRtn! = ERROR_IO_PENDING & dwRtn! = ERROR_SERVICE_EXISTS)
{
//
// An error occurs
//
Displayerror (ptheapp-> m_pmainwnd-> getsafehwnd (), "createservice () failed ");
Bret = false;
Goto beforeleave;
}

//
// Just open the service as the service is already set up.
//
Hserviceddk = openservice (hservicemgr, lpszdrivername, service_all_access );
If (hserviceddk = NULL)
{
//
// If open the service failed, an error occured.
//
DisplayError (ptheApp-> m_pMainWnd-> GetSafeHwnd (), "OpenService () failed ");
BRet = FALSE;
Goto BeforeLeave;
}
}
 
// AdjustServicePrevelidge (hServiceDDK); // Elevation of Privilege

//
// Start the service
//
BRet = StartService (hServiceDDK, NULL, NULL );
If (! BRet)
{
DWORD dwRtn = GetLastError ();
If (dwRtn! = ERROR_IO_PENDING & dwRtn! = ERROR_SERVICE_ALREADY_RUNNING)
{
DisplayError (ptheApp-> m_pMainWnd-> GetSafeHwnd (), "StartService () failed ");
BRet = FALSE;
Goto BeforeLeave;
}
Else
{
If (dwRtn = ERROR_IO_PENDING)
{
//
// Device is pending
//
BRet = FALSE;
Goto BeforeLeave;
}
Else
{
//
// Service is already running
//
BRet = TRUE;
Goto BeforeLeave;
}
}
}
BRet = TRUE;

//
// Close all handles before return.
//
BeforeLeave:
If (hServiceDDK)
{
CloseServiceHandle (hServiceDDK );
}
If (hServiceMgr)
{
CloseServiceHandle (hServiceMgr );
}

Return bRet;
}

//
// Unload a driver
//
BOOL UnloadNTDriver (LPTSTR szSvrName)
{
BOOL bRet = TRUE;
SC _HANDLE hServiceMgr = NULL; // SCM handle
SC _HANDLE hServiceDDK = NULL; // NT driver's service handle
SERVICE_STATUS SvrSta;
 
CComMonitorApp * ptheApp = (CComMonitorApp *) AfxGetApp ();

//
// Open SCM --- service control manager.
//
HServiceMgr = OpenSCManager (NULL, NULL, SC _MANAGER_ALL_ACCESS );
If (hServiceMgr = NULL)
{
DisplayError (ptheApp-> m_pMainWnd-> GetSafeHwnd (), "OpenSCManager () failed ");
BRet = FALSE;
Goto BeforeLeave;
}

//
// Open the service for the driver.
//
HServiceDDK = OpenService (hServiceMgr, szSvrName, SERVICE_ALL_ACCESS );

If (hServiceDDK = NULL)
{
// Open service failed.
DisplayError (ptheApp-> m_pMainWnd-> GetSafeHwnd (), "OpenService () failed ");

BRet = FALSE;
Goto BeforeLeave;
}
 
//
// Stop the driver, if failed, restart the system and reload it.
//
If (! ControlService (hServiceDDK, SERVICE_CONTROL_STOP, & SvrSta ))
{
DisplayError (ptheApp-> m_pMainWnd-> GetSafeHwnd (), "ControlService () failed ");
BRet = FALSE;
}

// Delete the service of the driver, here don't delete the, just stop the service.
// If (! DeleteService (hServiceDDK ))
//{
// DisplayError (ptheApp-> m_pMainWnd-> GetSafeHwnd (), "DeleteService () failed ");
// BRet = FALSE;
//}

BeforeLeave:
// Close the opened handle before leaving
If (hServiceDDK)
{
CloseServiceHandle (hServiceDDK );
}
If (hServiceMgr)
{
CloseServiceHandle (hServiceMgr );
}
 
Return bRet;
}

 

 

It should be called "manually load" the driver. The driver is also a service. Applications can be installed using CreateService and loaded using StartService. Drivers can use ZwLoadDriver to load another driver.

Note: after the driver is installed, its registry key has a Start key value, which means:
0 -- load when the system starts;
1 -- load after kernel Initialization is complete;
2 -- load after the system is started;
3 -- manual Loading;
4 -- Do not load.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
get the permalink application layer ddos application layer gateway sip application layer ddos attacks application layer in osi model load dll at runtime application load balancer cloudformation
Related Article
OpenGL Series Tutorial Eight: OpenGL vertex buffer Object (VBO)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More