?? ntdrivercontroller.cpp
字號:
//---------------------------------------------------------------------------
//
// NtDriverController.cpp
//
// SUBSYSTEM:
// API Hooking system
// MODULE:
// 提供簡單的接口,用于管理設備驅動
//
// DESCRIPTION:
//
// AUTHOR: Ivo Ivanov (ivopi@hotmail.com)
//
//---------------------------------------------------------------------------
#include "StdAfx.h"
#include "NtCommon.h"
#include "NtDriverController.h"
#include "SysUtils.h"
//---------------------------------------------------------------------------
//
// class CNtDriverController
//
//---------------------------------------------------------------------------
CNtDriverController::CNtDriverController():
m_hSCM(NULL),
m_hDriver(NULL),
m_bDriverStarted(FALSE),
m_bErrorOnStart(FALSE)
{
if (TRUE == Open())
{
char szFullFileName[MAX_PATH];
memset(m_szName, 0, MAX_PATH);
memset(m_szInfo, 0, MAX_PATH);
strncpy_s(m_szName, 260, "Cyber02Hide", sizeof("Cyber02Hide"));
strncpy_s(m_szInfo, 260, "Cyber02Hide", sizeof("Cyber02Hide"));
GetSystemDirectory(szFullFileName, MAX_PATH);
if (szFullFileName[strlen(szFullFileName) - 1] != '\\')
strcat_s(szFullFileName, MAX_PATH, "\\");
strcat_s(szFullFileName, MAX_PATH, "drivers\\Cyber02Hide.sys");
wsprintf(m_szFullFileName,_T("%s"), szFullFileName);
m_bDriverStarted = InstallAndStart();
} // if
}
CNtDriverController::~CNtDriverController()
{
StopAndRemove();
Close();
}
//
// 獲得服務控制句柄
//
BOOL CNtDriverController::Open()
{
m_hSCM = ::OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
return (m_hSCM != NULL);
}
//
// 關閉句柄obtained from Open()
//
void CNtDriverController::Close()
{
if (m_hDriver != NULL)
{
::CloseServiceHandle(m_hDriver);
m_hDriver = NULL;
}
if (m_hSCM != NULL)
{
::CloseServiceHandle(m_hSCM);
m_hSCM = NULL;
}
}
//
// 等待,直到driver達到需求的狀態或錯誤發生
//
BOOL CNtDriverController::WaitForState(
DWORD dwDesiredState,
SERVICE_STATUS* pss
)
{
BOOL bResult = FALSE;
if (NULL != m_hDriver)
{
// Loop until driver reaches desired state or error occurs
while (1)
{
// 得到driver的目前狀態
bResult = ::QueryServiceStatus(m_hDriver, pss);
// 不能查詢,退出
if (!bResult)
break;
// 達到所需狀態,退出
if (pss->dwCurrentState == dwDesiredState)
break;
// 再service_status中有一個下次操作的暗示時間
DWORD dwWaitHint = pss->dwWaitHint / 10; // Poll 1/10 of the wait hint
if (dwWaitHint < 1000) dwWaitHint = 1000; // At most once a second
if (dwWaitHint > 10000) dwWaitHint = 10000; // At least every 10 seconds
::Sleep(dwWaitHint);
} // while
} // if
return bResult;
}
//
// 增加driver到系統中,并啟動它
//
BOOL CNtDriverController::InstallAndStart()
{
BOOL bResult = FALSE;
if (NULL != m_hSCM)
{
m_hDriver = ::CreateService(
m_hSCM,
m_szName,
m_szInfo,
SERVICE_ALL_ACCESS,
SERVICE_KERNEL_DRIVER,
SERVICE_DEMAND_START,
SERVICE_ERROR_NORMAL,
m_szFullFileName,
NULL,
NULL,
NULL,
NULL,
NULL
);
if (NULL == m_hDriver)
{
DWORD error = ::GetLastError();
if ( (error == ERROR_SERVICE_EXISTS) ||
(error == ERROR_SERVICE_MARKED_FOR_DELETE) ||
(error == ERROR_DUPLICATE_SERVICE_NAME)
)
m_hDriver = ::OpenService(
m_hSCM,
m_szName,
SERVICE_ALL_ACCESS
);
}
if (NULL != m_hDriver)
{
SERVICE_STATUS serviceStatus = { 0 };
bResult = ::StartService(m_hDriver, 0, NULL);
if (bResult)
bResult = WaitForState(SERVICE_RUNNING, &serviceStatus);
else
bResult = (::GetLastError() == ERROR_SERVICE_ALREADY_RUNNING);
// We should call DeleteService() if the SCM reports an error
// on StartService(). Otherwise, the service will remain loaded
// in an undesired state
if (!bResult)
{
// Mark the service for deletion.
::DeleteService(m_hDriver);
if (m_hDriver != NULL)
{
::CloseServiceHandle(m_hDriver);
m_hDriver = NULL;
}
m_bErrorOnStart = TRUE;
}
} // if
} // if
return bResult;
}
//
// 停止driver并從系統中移除
//
void CNtDriverController::StopAndRemove()
{
if ((NULL != m_hDriver) && (!m_bErrorOnStart))
{
BOOL bResult;
SERVICE_STATUS serviceStatus = { 0 };
// Notifies a service that it should stop.
bResult = ::ControlService(m_hDriver, SERVICE_CONTROL_STOP, &serviceStatus);
if (bResult)
bResult = WaitForState(SERVICE_STOPPED, &serviceStatus);
// Mark the service for deletion.
::DeleteService(m_hDriver);
} // if
}
//----------------------------End of the file -------------------------------?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -