强烈请求TA做个关于驱动的动画教程
RT老强烈了 唉,有时间就做个教程吧。。。 TA答应了
我们有福了
哈哈, 另外还有,
能不能用vb写一个加载驱动的小东西
就像DrvLoader.exe这个软件这样的 这个可以有.
记得见过的.
与加载服务差不多的代码... 是不是这样?
用炉子的那个类
然后再这样:
Private Sub Form_Load()
With c_drv
.szDrvFilePath = App.Path & "\killvv.sys"
.szDrvLinkName = "killvv"
.szDrvSvcName = "killvv"
.szDrvDisplayName = "killvv"
.InstDrv
.StartDrv
.OpenDrv
End With
End Sub当运行程序的时候,驱动killvv.sys就加在上了
我这么理解对吗?
附上炉子的类模块代码
Option Explicit
Private Declare Function OpenSCManager Lib "advapi32.dll" Alias "OpenSCManagerA" (ByVal lpMachineName As String, ByVal lpDatabaseName As String, ByVal dwDesiredAccess As Long) As Long
Private Declare Function OpenService Lib "advapi32.dll" Alias "OpenServiceA" (ByVal hSCManager As Long, ByVal lpServiceName As String, ByVal dwDesiredAccess As Long) As Long
Private Declare Function StartService Lib "advapi32.dll" Alias "StartServiceA" (ByVal hService As Long, ByVal dwNumServiceArgs As Long, ByVal lpServiceArgVectors As Long) As Long
Private Declare Function CreateService Lib "advapi32.dll" Alias "CreateServiceA" (ByVal hSCManager As Long, ByVal lpServiceName As String, ByVal lpDisplayName As String, ByVal dwDesiredAccess As Long, ByVal dwServiceType As Long, ByVal dwStartType As Long, ByVal dwErrorControl As Long, ByVal lpBinaryPathName As String, ByVal lpLoadOrderGroup As Long, ByVal lpdwTagId As Long, ByVal lpDependencies As Long, ByVal lp As Long, ByVal lpPassword As Long) As Long
Private Declare Function ControlService Lib "advapi32.dll" (ByVal hService As Long, ByVal dwControl As Long, ByVal lpServiceStatus As Long) As Long
Private Declare Function DeleteService Lib "advapi32.dll" (ByVal hService As Long) As Long
Private Declare Function CloseServiceHandle Lib "advapi32.dll" (ByVal hSCObject As Long) As Long
Private Const SC_MANAGER_CONNECT = &H1
Private Const SC_MANAGER_CREATE_SERVICE = &H2
Private Const SC_MANAGER_ENUMERATE_SERVICE = &H4
Private Const SC_MANAGER_LOCK = &H8
Private Const SC_MANAGER_QUERY_LOCK_STATUS = &H10
Private Const SC_MANAGER_MODIFY_BOOT_CONFIG = &H20
Private Const STANDARD_RIGHTS_REQUIRED = &HF0000
Private Const SC_MANAGER_ALL_ACCESS = (STANDARD_RIGHTS_REQUIRED Or SC_MANAGER_CONNECT Or SC_MANAGER_CREATE_SERVICE Or SC_MANAGER_ENUMERATE_SERVICE Or SC_MANAGER_LOCK Or SC_MANAGER_QUERY_LOCK_STATUS Or SC_MANAGER_MODIFY_BOOT_CONFIG)
Private Const SERVICE_QUERY_CONFIG = &H1
Private Const SERVICE_CHANGE_CONFIG = &H2
Private Const SERVICE_QUERY_STATUS = &H4
Private Const SERVICE_ENUMERATE_DEPENDENTS = &H8
Private Const SERVICE_START = &H10
Private Const SERVICE_STOP = &H20
Private Const SERVICE_PAUSE_CONTINUE = &H40
Private Const SERVICE_INTERROGATE = &H80
Private Const SERVICE_USER_DEFINED_CONTROL = &H100
Private Const SERVICE_ALL_ACCESS = (STANDARD_RIGHTS_REQUIRED Or SERVICE_QUERY_CONFIG Or SERVICE_CHANGE_CONFIG Or SERVICE_QUERY_STATUS Or SERVICE_ENUMERATE_DEPENDENTS Or SERVICE_START Or SERVICE_STOP Or SERVICE_PAUSE_CONTINUE Or SERVICE_INTERROGATE Or SERVICE_USER_DEFINED_CONTROL)
Private Const SERVICE_KERNEL_DRIVER As Long = &H1
Private Const SERVICE_DEMAND_START As Long = &H3
Private Const SERVICE_ERROR_NORMAL As Long = &H1
Private Const SERVICE_CONTROL_STOP = &H1
Private Declare Function QueryServiceStatus Lib "advapi32.dll" (ByVal hService As Long, ByRef lpServiceStatus As SERVICE_STATUS) As Long
Private Type SERVICE_STATUS
dwServiceType As Long
dwCurrentState As Long
dwControlsAccepted As Long
dwWin32ExitCode As Long
dwServiceSpecificExitCode As Long
dwCheckPoint As Long
dwWaitHint As Long
End Type
Private Const SERVICE_START_PENDING As Long = &H2
Private Const SERVICE_RUNNING As Long = &H4
Private Const SERVICE_RUNS_IN_SYSTEM_PROCESS As Long = &H1
Private Const SERVICE_STOP_PENDING As Long = &H3
Private Const SERVICE_STOPPED As Long = &H1
Private Declare Sub Sleep Lib "kernel32.dll" (ByVal dwMilliseconds As Long)
Private Declare Function CreateFile Lib "kernel32.dll" Alias "CreateFileA" (ByVal lpFileName As String, ByVal dwDesiredAccess As Long, ByVal dwShareMode As Long, ByVal lpSecurityAttributes As Long, ByVal dwCreationDisposition As Long, ByVal dwFlagsAndAttributes As Long, ByVal hTemplateFile As Long) As Long
Private Declare Function CloseHandle Lib "kernel32.dll" (ByVal hObject As Long) As Long
Private Const GENERIC_READ As Long = &H80000000
Private Const GENERIC_WRITE As Long = &H40000000
Private Const OPEN_EXISTING As Long = 3
Private Const FILE_ATTRIBUTE_NORMAL As Long = &H80
Private Const FILE_FLAG_OVERLAPPED As Long = &H40000000
Private Const FILE_FLAG_DELETE_ON_CLOSE As Long = &H4000000
Private Const FILE_SHARE_READ As Long = &H1
Private Const FILE_SHARE_WRITE As Long = &H2
Private Const INVALID_HANDLE_VALUE As Long = (-1)
Private Declare Function DeviceIoControl Lib "kernel32" (ByVal hDevice As Long, ByVal dwIoControlCode As Long, ByVal lpInBuffer As Long, ByVal nInBufferSize As Long, ByVal lpOutBuffer As Long, ByVal nOutBufferSize As Long, lpBytesReturned As Long, ByVal lpOverlapped As Long) As Long
Private Const FILE_DEVICE_UNKNOWN As Long = &H22
Private Const METHOD_BUFFERED As Long = 0
Private Const FILE_ANY_ACCESS As Long = 0
Private Declare Function GetLastError Lib "kernel32.dll" () As Long
Private Const ERROR_SERVICE_EXISTS As Long = 1073&
Private Const ERROR_IO_PENDING As Long = 997
Private Const ERROR_SERVICE_MARKED_FOR_DELETE As Long = 1072&
Public szDrvSvcName As String
Public szDrvDisplayName As String
Public szDrvFilePath As String
Public szDrvLinkName As String 'e.g. "\\.\TestDrv"
'Public szDrvDeviceName As String 'e.g."\Device\TestDrv"
Dim hSvcHandle As Long
Dim scHandle As Long
Dim hDrvHandle As Long
Public Function InstDrv() As Boolean
Dim ret&
Static nTry As Integer
scHandle = OpenSCManager(vbNullString, vbNullString, SC_MANAGER_ALL_ACCESS)
If (Not CBool(scHandle)) Then DelDrv: Exit Function
hSvcHandle = CreateService(scHandle, szDrvSvcName, szDrvDisplayName, SERVICE_ALL_ACCESS, SERVICE_KERNEL_DRIVER, SERVICE_DEMAND_START, SERVICE_ERROR_NORMAL, szDrvFilePath, 0, 0, 0, 0, 0)
If (Not CBool(hSvcHandle)) Then
'If ((GetLastError = ERROR_SERVICE_EXISTS) Or (GetLastError = ERROR_SERVICE_MARKED_FOR_DELETE)) Then
If (nTry > 5) Then InstDrv = False: nTry = 0: Exit Function
hSvcHandle = OpenService(scHandle, szDrvSvcName, SERVICE_ALL_ACCESS)
DelDrv
nTry = nTry + 1
InstDrv
'Else
'DelDrv
'Exit Function
'End If
End If
InstDrv = True
End Function
'lpInBuf 和 lpOutBuf 都是指向缓冲区的指针
Public Function IoControl(ByVal dwIoControlCode As Long, ByVal lpInBuffer As Long, ByVal nInBufferSize As Long, ByVal lpOutBuffer As Long, ByVal nOutBufferSize As Long, Optional ByRef lpBytesReturned As Long = 0) As Long
Dim lDrvRetSize As Long
IoControl = DeviceIoControl(hDrvHandle, dwIoControlCode, ByVal lpInBuffer, nInBufferSize, ByVal lpOutBuffer, nOutBufferSize, lDrvRetSize, ByVal 0)
lpBytesReturned = lDrvRetSize
End Function
Public Function StartDrv() As Boolean
Dim ret&
Dim ss As SERVICE_STATUS
Call QueryServiceStatus(hSvcHandle, ss)
'If (ss.dwCurrentState = SERVICE_RUNS_IN_SYSTEM_PROCESS) Then StartDrv = True: Exit Function
ret = StartService(hSvcHandle, 0, 0)
If (ret) Then
Dim nTry As Integer: nTry = 0
Call QueryServiceStatus(hSvcHandle, ss)
While ((ss.dwCurrentState = SERVICE_START_PENDING) And (nTry < 80))
Sleep (50)
nTry = nTry + 1
Call QueryServiceStatus(hSvcHandle, ss)
Wend
End If
StartDrv = ret
End Function
Public Function OpenDrv() As Boolean
If (hDrvHandle <> INVALID_HANDLE_VALUE) Then OpenDrv = True: Exit Function
hDrvHandle = CreateFile(IIf(Left(szDrvLinkName, Len("\\.\")) = "\\.\", szDrvLinkName, "\\.\" & szDrvLinkName), _
GENERIC_READ Or GENERIC_WRITE, _
0, _
0, _
OPEN_EXISTING, _
FILE_ATTRIBUTE_NORMAL, _
0)
OpenDrv = (hDrvHandle <> INVALID_HANDLE_VALUE)
End Function
'Public Function OpenDrvByDeviceName() As Boolean
' If (hDrvHandle <> INVALID_HANDLE_VALUE) Then OpenDrvByDeviceName = True: Exit Function
' hDrvHandle = CreateFile(IIf(Left(szDrvDeviceName, Len("\Device\")) = "\Device\", szDrvDeviceName, "\Device\" & szDrvDeviceName), _
' GENERIC_READ Or GENERIC_WRITE, _
' 0, _
' 0, _
' OPEN_EXISTING, _
' FILE_ATTRIBUTE_NORMAL, _
' 0)
' OpenDrvByDeviceName = (hDrvHandle <> INVALID_HANDLE_VALUE)
'End Function
Public Function StopDrv() As Boolean
Dim ret&
Dim ss As SERVICE_STATUS
Dim lpSt As Long
StopDrv = ControlService(hSvcHandle, SERVICE_CONTROL_STOP, VarPtr(lpSt))
If (ret) Then
Dim nTry As Integer: nTry = 0
Call QueryServiceStatus(hSvcHandle, ss)
While ((ss.dwCurrentState = SERVICE_STOP_PENDING) And (nTry < 80))
Sleep (50)
nTry = nTry + 1
Call QueryServiceStatus(hSvcHandle, ss)
Wend
End If
End Function
Public Function DelDrv() As Boolean
Call CloseHandle(hDrvHandle)
Call StopDrv
Call DeleteService(hSvcHandle)
Call CloseServiceHandle(hSvcHandle)
Call CloseServiceHandle(scHandle)
hSvcHandle = 0
scHandle = 0
DelDrv = True
End Function
'构造函数
Private Sub Class_Initialize()
hSvcHandle = 0
scHandle = 0
hDrvHandle = INVALID_HANDLE_VALUE
End Sub
'构析函数
Private Sub Class_Terminate()
DelDrv
End Sub
Public Function CTL_CODE(lngDevFileSys As Long, lngFunction As Long, lngMethod As Long, lngAccess As Long) As Long
CTL_CODE = (lngDevFileSys * (2 ^ 16)) Or (lngAccess * (2 ^ 14)) Or (lngFunction * (2 ^ 2)) Or lngMethod
End Function
Public Function CTL_CODE_GEN(ByVal lngFunction As Long) As Long
CTL_CODE_GEN = (FILE_DEVICE_UNKNOWN * (2 ^ 16)) Or (FILE_ANY_ACCESS * (2 ^ 14)) Or (lngFunction * (2 ^ 2)) Or METHOD_BUFFERED
End Function 貌似就是这样.
与加载服务是同一套API,流程也类似.
不过我是没啥机会试了,嘎~~~ 老马,你说这样是不是所有的驱动都可以加载啊? 动画教程,ok大哥你饶了我吧。。。
我哪里的这么多时间啊,我来这里只是想把我写的或找到的源码分享给大家而已。 VC写的驱动加载源码,喜欢的自己看看。 VC的看不懂
VB的还行
有没有VB的? 就像这个就行 VC的看不懂
VB的还行
有没有VB的?
ok100fen 发表于 2010-8-5 11:20 http://www.m5home.com/bbs/images/common/back.gif
我上传了一个:
http://www.m5home.com/bbs/thread-4021-1-1.html
你试一下吧. 其实直接clsDriver就行了,你那么理解是对的.没想到连这个都...... to 老马
1.缺一个modontop模块
2.运行后,没有达到目的,用以前的加载软件可以出现“hello world”,而这个没出现
to xiaoly99
理论上可以,为什么加载后,和以前的效果不一样呢?
比如说以前的用Dbgview可以看到“helloworld”,而用那个模块却用Dbgview看不到,
没出现任何反应
到底是哪里出现了问题? 1.你QQ多少?
2.把你加载那个Hello World的VB代码发上来.
3.你不会真的把DbgPrint的代码加载那里了吧.
4.QQ上聊方便点. xiaoly99神童的时间真多
页:
[1]