?? driver.cpp
字號:
//////////////////////////////////////////////////////////////////////////
// SSDTDump by 李馬
// http://www.titilima.cn
//////////////////////////////////////////////////////////////////////////
#include <windows.h>
#include <shlwapi.h>
#include <tchar.h>
#include "Driver.h"
BOOL GetDriverPath( OUT LPTSTR lpFileName, IN DWORD dwSize )
{
// 確定驅(qū)動位置
TCHAR szPath[MAX_PATH];
GetModuleFileName( NULL, szPath, MAX_PATH );
lstrcpy( _tcsrchr( szPath, _T('\\') ) + 1, _T("SSDTDump.sys") );
lstrcpyn( lpFileName, szPath, dwSize );
return PathFileExists( lpFileName );
}
HANDLE LoadDriver( IN LPCTSTR lpFileName )
{
HANDLE hDriver = INVALID_HANDLE_VALUE;
SC_HANDLE hSCManager = OpenSCManager( NULL, NULL,
SC_MANAGER_CREATE_SERVICE );
if ( NULL != hSCManager )
{
SC_HANDLE hService = CreateService( hSCManager, _T("SSDTDump"),
_T("SSDTDump Driver"), SERVICE_START,
SERVICE_KERNEL_DRIVER, SERVICE_DEMAND_START,
SERVICE_ERROR_IGNORE, lpFileName, NULL, NULL, NULL, NULL, NULL );
if ( ERROR_SERVICE_EXISTS == GetLastError() )
{
hService = OpenService( hSCManager, _T("SSDTDump"), SERVICE_START );
}
StartService( hService, 0, NULL );
CloseServiceHandle( hService );
CloseServiceHandle( hSCManager );
hDriver = CreateFileA( "\\\\.\\SSDTDump",
GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL );
}
return hDriver;
}
void UnloadDriver( IN HANDLE hDriver )
{
CloseHandle( hDriver );
SC_HANDLE hSCManager = OpenSCManager( NULL, NULL,
SC_MANAGER_CREATE_SERVICE );
if ( NULL != hSCManager )
{
SC_HANDLE hService = OpenService( hSCManager, _T("SSDTDump"), DELETE | SERVICE_STOP );
if ( NULL != hService )
{
SERVICE_STATUS ss;
ControlService( hService, SERVICE_CONTROL_STOP, &ss );
DeleteService( hService );
CloseServiceHandle( hService );
}
CloseServiceHandle( hSCManager );
}
}
?? 快捷鍵說明
復(fù)制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -