Write kernel driver loader

I. common ways to load kernel driversAPI introduce.

Load kernel driver, Use ourring3 LowerAPI Can finish.

API Namely:

OpenSCManager  open device( service) Manager

CreateService   Create service( Or equipment, Different according to different parameters)

OpenService      Open device or service.

StartService            Startup service, Boot device.

ControlService        Control the status of a device or service.

CloseServiceHandle  Close handle to service or device

DeleteService        Uninstall service

Parameter introduction:

1. Open device manager
SC_HANDLE OpenSCManager( LPCTSTR lpMachineName, //
Machine name. Computers can be developed, If not specified, toNULL Open yourself. LPCTSTR lpDatabaseName, //
Name of the open device manager database, If soNULL Use the default. DWORD dwDesiredAccess // Open permissions. );
Return value:

   Success:  Returns the handle to the device manager

   fail:  ReturnNULL

 

2. Create device or service.
SC_HANDLE CreateService(
SC_HANDLE hSCManager, // Device manager handle, adoptOpenScManger Return LPCTSTR lpServiceName, //
Name of service or device startup LPCTSTR lpDisplayName, // Display name of service or DWORD dwDesiredAccess, //
Access to services or devices DWORD dwServiceType, // Type of service or device created, If it's a kernel driver, You can give it here DWORD
dwStartType,// When does the service or device start DWORD dwErrorControl, //
If the service or device fails to start, Then specify what the application should do,( restart, Or grow again.) LPCTSTR lpBinaryPathName, //
File path of service or device, Must give. LPCTSTR lpLoadOrderGroup, // Service or equipment rent arrangement. LPDWORD lpdwTagId, //
The service can be started through the registry. LPCTSTR lpDependencies, // array of dependency names LPCTSTR
lpServiceStartName,// Start name of the service. LPCTSTR lpPassword // Password;
Return value:

   Success:  Returns a handle to create a service or device.

   fail:  ReturnNULL

3. Open service or device.
SC_HANDLE OpenService( SC_HANDLE hSCManager, // Handle to Device Manager, adoptOpenScManger Return.
LPCTSTR lpServiceName,// Name of service or device. DWORD dwDesiredAccess // Permission to open a service or device. );
Return value:

   Success:  Returns a handle to a service or device.

   fail:  ReturnNULL

4. Start service or device.
BOOL StartService( SC_HANDLE hService, // Service or device handle DWORD dwNumServiceArgs, //
Number of 2D arrays. LPCTSTR* lpServiceArgVectors // Two-dimensional array. Each group stores a service name. If it's a kernel driver, give it allNULL that will do. );
Return value:

   Success:  Return non-zero value

   fail:  Return zero value.

5. Control service or equipment.
BOOL ControlService( SC_HANDLE hService, //
Service or device handle, adoptOpenService perhapsCreateService Return. DWORD dwControl, // Control code.
If givenSERVICE_CONTROL_PAUSE Then the service will be suspended LPSERVICE_STATUS lpServiceStatus //
Status of the service. It's a structure, The operating system helps you fill it out.


structural morphology:
typedef struct _SERVICE_STATUS { DWORD dwServiceType;     // Type of service DWORD
dwCurrentState;    // Current status of the service, Suspended or stopped.... DWORD dwControlsAccepted; // Control code of service.
DWORD dwWin32ExitCode;    // Service error or stop return error DWORD dwServiceSpecificExitCode;
// Error code returned by service startup. DWORD dwCheckPoint;      // Whether the number of times the service is enabled for statistics. Arrive100 Start complete. Use of general progress bar
DWORD dwWaitHint; } SERVICE_STATUS,*LPSERVICE_STATUS// Given an expectation. time. And then start up in time.
6. Close service handle.
BOOL CloseServiceHandle( SC_HANDLE hSCObject // Handle to service or device );
 7. Uninstall service
BOOL DeleteService( SC_HANDLE hService // handle to service);
 

II. Detailed code

It's simpleAPI introduce. Here is the complete code.

Please note that I am usingMFC Compiling.  But each of its functions does not depend on each other. If you're copying code. Then you can copy them and use them.

1. Install kernel driver code
m_CreateService = CreateService( m_ScHand, Service or device name, // for example: MySystem.sys
Name of service or device, SC_MANAGER_ALL_ACCESS, SERVICE_KERNEL_DRIVER,//
Installed properties, I'm here for the kernel. So the kernel is installed. SERVICE_DEMAND_START, SERVICE_ERROR_SEVERE,
m_EdtPathName, NULL, NULL, NULL, NULL, NULL);if (m_CreateService == NULL) {
::CloseServiceHandle(m_CreateService); ::CloseServiceHandle(m_ScHand);
::MessageBox(NULL, TEXT("Sorry Install Drive Fail"), TEXT("Error"), NULL);
return; } ::CloseServiceHandle(m_CreateService);
::CloseServiceHandle(m_ScHand); ::MessageBox(NULL, TEXT("InStall Drive Sucess"
), TEXT("Sucess"), NULL);
2. Uninstall code
m_ScHand = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS); if (m_ScHand ==
NULL) { ::MessageBox(NULL, TEXT("Sorry OpenScManger Fail\r\n"), TEXT("Error"),
MB_ICONEXCLAMATION);return; } //open Service m_CreateService =
OpenService(m_ScHand, m_ServiceName, SERVICE_STOP | DELETE); if
(m_CreateService == NULL) { ::MessageBox(NULL, TEXT("Sorry Install Drive Fail"
), TEXT("Error"), NULL); return; } BOOL bRet = FALSE; bRet =
DeleteService(m_CreateService);if (!bRet) {
::CloseServiceHandle(m_CreateService); ::CloseServiceHandle(m_ScHand);
::MessageBox(NULL, TEXT("Sorry UnInstall Drive Fail"), TEXT("Error"), NULL);
return; } DeleteService(m_CreateService);
::CloseServiceHandle(m_CreateService); ::CloseServiceHandle(m_ScHand);
::MessageBox(NULL, TEXT("UnInstall Drive Sucess"), TEXT("Sucess"), NULL);
3. Code to start kernel driver
  m_ScHand = NULL; m_CreateService = NULL; m_ScHand = OpenSCManager(NULL,
NULL, SC_MANAGER_ALL_ACCESS);if (m_ScHand == NULL) { ::MessageBox(NULL, TEXT("
Sorry OpenScManger Fail\r\n"), TEXT("Error"), MB_ICONEXCLAMATION); return; } //
open Service m_CreateService = OpenService(m_ScHand, m_ServiceName,
SERVICE_START);if (m_CreateService == NULL) { ::MessageBox(NULL, TEXT("Sorry
Start Drive Fail"), TEXT("Error"), NULL); return; } UpdateData(TRUE); BOOL bRet
= StartService(m_CreateService,0,NULL); // Important places. if (bRet == NULL) {
::CloseServiceHandle(m_CreateService); ::CloseServiceHandle(m_ScHand);
::MessageBox(NULL, TEXT("Sorry Start Service Fail\r\n"), TEXT("Error"), IDOK);
return; } ::CloseServiceHandle(m_CreateService);
::CloseServiceHandle(m_ScHand); ::MessageBox(NULL, TEXT(" Start Service
Sucess\r\n"), TEXT("Sucess"), IDOK);
4.. Pause kernel drive.
m_ScHand = NULL; m_CreateService = NULL; UpdateData(TRUE); m_ScHand =
OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS); SERVICE_STATUS svcsta= { 0 };
if (m_ScHand != NULL){ SC_HANDLE hService = OpenService(m_ScHand,
m_ServiceName, SERVICE_STOP);if (hService != NULL) { if
(ControlService(m_CreateService, SERVICE_CONTROL_STOP, &svcsta)) {
CloseServiceHandle(m_CreateService); CloseServiceHandle(m_ScHand);
::MessageBox(NULL, TEXT(" Stop Service Sucess\r\n"), TEXT("Sucess"), IDOK);
return ; } CloseServiceHandle(m_CreateService); CloseServiceHandle(m_ScHand);
::MessageBox(NULL, TEXT(" Stop Service Fail\r\n"), TEXT("Error"), IDOK); return
; } CloseServiceHandle(m_ScHand);return ; } else { ::MessageBox(NULL, TEXT("
Stop Service Fail\r\n"), TEXT("Fail"), IDOK); return ; } return;
 

Complete engineering code data download:

   link:https://pan.baidu.com/s/1kWoHJZD <https://pan.baidu.com/s/1kWoHJZD>
Password:osy7

 

Originality is not easy. Reprint please indicate the source.