📄 drvinterface.~pas
字号:
unit DrvInterface;
interface
uses
Windows, WinVer, CmnTnC;
type
tPortDWordIn = function(Port : DWord) : DWord;
tPortWordIn = function (Port : DWord) : Word;
tPortIn = function (Port : DWord) : Byte;
tPortDWordOut = procedure(Port : DWord; Data : DWord);
tPortWordOut = procedure(Port : DWord; Data : Word);
tPortOut = procedure (Port : DWord; Data : Byte);
tReadMSR = function(ulECX:DWord; var MSRreg:tmsr):boolean;
tWriteMSR = function(ulECX:DWord;MSRreg:tmsr):boolean;
tMemReadBlock = function(Addr: DWord; Size: Cardinal; var Dump): Boolean;
type
cDrvIface = class
private
WindowsVer: byte;
function PortDWordIn(Port : DWord) : DWord;
function PortWordIn(Port : DWord) : Word;
function PortIn(Port : DWord) : Byte;
procedure PortDWordOut(Port : DWord; Data : DWord);
procedure PortWordOut(Port : DWord; Data : Word);
procedure PortOut(Port : DWord; Data : Byte);
procedure GetFromResource(ResName, FileName: string; DestDir: string);
public
isLoad, isUnLoad: boolean;
constructor Create;
destructor Destroy; override;
function ReadMSR(ulECX:DWord; var MSRreg:tmsr):boolean;
function WriteMSR(ulECX:DWord;MSRreg:tmsr):boolean;
function MemReadDWord(Addr: DWord): DWord;
function MemReadWord(Addr: DWord): Word;
function MemReadByte(Addr: DWord): Byte;
property B[index: DWord]: byte read PortIn write PortOut;
property W[index: DWord]: word read PortWordIn write PortWordOut;
property L[index: DWord]: DWord read PortDWordIn write PortDWordOut;
end;
var
DriverHandle: THandle;
fDrvIface: cDrvIface;
implementation
uses LLDrv, SysUtils, Classes, WinNTMethods, Dialogs;
{$R OMCDRV.RES}
const
PCRAddress = $0cf8;
PCRData = $0cfc;
type
tOSMethods = packed record
OSVer: byte;
PDWI: tPortDWordIn;
PWI: tPortWordIn;
PI: tPortIn;
PDWO: tPortDWordOut;
PWO: tPortWordOut;
PO: tPortOut;
RMSR: tReadMSR;
WMSR: tWriteMSR;
MRB: tMemReadBlock;
end;
var
fLLDrv: cLLDrv;
fOSMethods: array[0..9] of tOSMethods =
(
(OSVer: Win95; PDWI: nil; PWI: nil; PI: nil; PDWO:nil; PWO: nil; PO:nil; RMSR: nil; WMSR: nil; MRB: nil),
(OSVer: Win98; PDWI: nil; PWI: nil; PI: nil; PDWO:nil; PWO: nil; PO:nil; RMSR: nil; WMSR: nil; MRB: nil),
(OSVer: WinNT3; PDWI: PortDWordInNT; PWI: PortWordInNT; PI: PortInNT; PDWO:PortDWordOutNT;
PWO: PortWordOutNT; PO:PortOutNT; RMSR: ReadMSRNT; WMSR:WriteMSRNT; MRB: MemReadBlockNt),
(OSVer: WinNT4; PDWI: PortDWordInNT; PWI: PortWordInNT; PI: PortInNT; PDWO:PortDWordOutNT;
PWO: PortWordOutNT; PO:PortOutNT; RMSR: ReadMSRNT; WMSR:WriteMSRNT; MRB: MemReadBlockNt),
(OSVer: WinMe; PDWI: nil; PWI: nil; PI: nil; PDWO:nil; PWO: nil; PO:nil; RMSR: nil; WMSR:nil; MRB: nil),
(OSVer: Win2K; PDWI: PortDWordInNT; PWI: PortWordInNT; PI: PortInNT; PDWO:PortDWordOutNT;
PWO: PortWordOutNT; PO:PortOutNT; RMSR: ReadMSRNT; WMSR:WriteMSRNT; MRB: MemReadBlockNt),
(OSVer: WinXP; PDWI: PortDWordInNT; PWI: PortWordInNT; PI: PortInNT; PDWO:PortDWordOutNT;
PWO: PortWordOutNT; PO:PortOutNT; RMSR: ReadMSRNT; WMSR:WriteMSRNT; MRB: MemReadBlockNt),
(OSVer: Win2K3; PDWI: PortDWordInNT; PWI: PortWordInNT; PI: PortInNT; PDWO:PortDWordOutNT;
PWO: PortWordOutNT; PO:PortOutNT; RMSR: ReadMSRNT; WMSR:WriteMSRNT; MRB: MemReadBlockNt),
(OSVer: WinVi32; PDWI: PortDWordInNT; PWI: PortWordInNT; PI: PortInNT; PDWO:PortDWordOutNT;
PWO: PortWordOutNT; PO:PortOutNT; RMSR: ReadMSRNT; WMSR:WriteMSRNT; MRB: MemReadBlockNt),
(OSVer: WinX64; PDWI: PortDWordInNT; PWI: PortWordInNT; PI: PortInNT; PDWO:PortDWordOutNT;
PWO: PortWordOutNT; PO:PortOutNT; RMSR: ReadMSRNT; WMSR:WriteMSRNT; MRB: MemReadBlockNt)
);
constructor cDrvIface.Create;
var
FileW: PChar;
lpBuffer: array[0..255] of Char;
DestDir: string;
HMod: THandle;
begin
inherited Create;
fLLDrv:=cLLDrv.Create;
isLoad:=false;
WindowsVer:=GetWinVer;
case WindowsVer of
WinX64: begin
try
ShowMessage('Windows X64 has been detected!');
GetWindowsDirectory(lpBuffer, 255);
DestDir:=StrPas(lpBuffer)+'\System32\Drivers\';
if FileExists(DestDir+FILE_NAME_X64) then DeleteFile(DestDir+FILE_NAME_X64);
GetFromResource(RES_NAME_X64, FILE_NAME_X64, DestDir);
FileW:=PChar(DestDir+FILE_NAME_X64);
isLoad:=fLLDrv.LoadDeviceDriver(DRIVER_NAME_X64, FileW);
//if failed, then trying to get handle again
if not isLoad then isLoad:=fLLDrv.LoadDeviceDriver(DRIVER_NAME_X64, FileW);
DriverHandle:=fLLDrv.m_hDriver;
except
isLoad:=false;
end;
end;
WinNT3, WinNT4, Win2K, WinXP, Win2K3, WinVi32:
begin
try
GetWindowsDirectory(lpBuffer, 255);
DestDir:=StrPas(lpBuffer)+'\System32\Drivers\';
if FileExists(DestDir+FILE_NAME_NT) then DeleteFile(DestDir+FILE_NAME_NT);
GetFromResource(RES_NAME_NT, FILE_NAME_NT, DestDir);
FileW:=PChar(DestDir+FILE_NAME_NT);
isLoad:=fLLDrv.LoadDeviceDriver(DRIVER_NAME_NT, FileW);
//if failed, then trying to get handle again
if not isLoad then isLoad:=fLLDrv.LoadDeviceDriver(DRIVER_NAME_NT, FileW);
DriverHandle:=fLLDrv.m_hDriver;
//Loading API functions
HMod:=GetModuleHandle('ntdll.dll');
if HMod = 0 then SetLastError(ERROR_CALL_NOT_IMPLEMENTED) else begin if not Assigned(ZwOpenSection) then ZwOpenSection:=GetProcAddress(HMod, 'ZwOpenSection'); if not Assigned(RtlNtStatusToDosError) then RtlNtStatusToDosError:=GetProcAddress(HMod, 'RtlNtStatusToDosError'); end; except
isLoad:=false;
end;
end;
Win95, Win98, WinMe:
begin
//isLoad:=true;
end;
end;
end;
procedure cDrvIface.GetFromResource(ResName, FileName: string; DestDir: string);
var
TR:TResourceStream;
tmp: AnsiString;
begin
TR:=TResourceStream.Create(0, ResName, RT_RCDATA);
tmp:=DestDir+FileName;
TR.SaveToFile(tmp);
TR.Free;
end;
function cDrvIface.PortDWordIn(Port : DWord) : DWord;
begin
FillChar(result, SizeOf(result), 0);
if not isLoad then exit;
if Assigned(fOSMethods[WindowsVer].PDWI) then
result:=fOSMethods[WindowsVer].PDWI(Port);
end;
function cDrvIface.PortWordIn(Port : DWord) : Word;
begin
FillChar(result, SizeOf(result), 0);
if not isLoad then exit;
if Assigned(fOSMethods[WindowsVer].PWI) then
result:=fOSMethods[WindowsVer].PWI(Port);
end;
function cDrvIface.PortIn(Port : DWord) : Byte;
begin
FillChar(result, SizeOf(result), 0);
if not isLoad then exit;
if Assigned(fOSMethods[WindowsVer].PI) then
result:=fOSMethods[WindowsVer].PI(Port);
end;
procedure cDrvIface.PortDWordOut(Port : DWord; Data : DWord);
begin
if not isLoad then exit;
if Assigned(fOSMethods[WindowsVer].PDWO) then
fOSMethods[WindowsVer].PDWO(Port, Data);
end;
procedure cDrvIface.PortWordOut(Port : DWord; Data : Word);
begin
if not isLoad then exit;
if Assigned(fOSMethods[WindowsVer].PWO) then
fOSMethods[WindowsVer].PWO(Port, Data);
end;
procedure cDrvIface.PortOut(Port : DWord; Data : Byte);
begin
if not isLoad then exit;
if Assigned(fOSMethods[WindowsVer].PO) then
fOSMethods[WindowsVer].PO(Port, Data);
end;
function cDrvIface.ReadMSR(ulECX:DWord; var MSRreg:tmsr):boolean;
begin
result:=false;
FillChar(MSRreg, SizeOf(MSRreg), 0);
if not isLoad then exit;
if Assigned(fOSMethods[WindowsVer].RMSR) then
result:=fOSMethods[WindowsVer].RMSR(ulECX, MSRreg);
end;
function cDrvIface.WriteMSR(ulECX:DWord;MSRreg:tmsr):boolean;
begin
result:=false;
if not isLoad then exit;
if Assigned(fOSMethods[WindowsVer].WMSR) then
result:=fOSMethods[WindowsVer].WMSR(ulECX, MSRreg);
end;
{function cDrvIface.MemReadBlockLong(Addr: Pointer; var data): DWord;
begin
result:=0;
if Assigned(fOSMethods[WindowsVer].MRB) then fOSMethods[WindowsVer].MRB(Addr, 4, data);
end;
function cDrvIface.MemReadBlockShort(Addr: Pointer; var data): DWord;
begin
result:=0;
if Assigned(fOSMethods[WindowsVer].MRB) then fOSMethods[WindowsVer].MRB(Addr, 2, data);
end;
function cDrvIface.MemReadBlockChar(Addr: Pointer; var data): DWord;
begin
result:=0;
if Assigned(fOSMethods[WindowsVer].MRB) then fOSMethods[WindowsVer].MRB(Addr, 1, data);
end;}
function cDrvIface.MemReadDWord(Addr: DWord): DWord;
var
data: DWord;
begin
if Assigned(fOSMethods[WindowsVer].MRB) then fOSMethods[WindowsVer].MRB(Addr, 4, data);
result:=data;
end;
function cDrvIface.MemReadWord(Addr: DWord): Word;
var
data: Word;
begin
if Assigned(fOSMethods[WindowsVer].MRB) then fOSMethods[WindowsVer].MRB(Addr, 2, data);
result:=data;
end;
function cDrvIface.MemReadByte(Addr: DWord): Byte;
var
data: Byte;
begin
if Assigned(fOSMethods[WindowsVer].MRB) then fOSMethods[WindowsVer].MRB(Addr, 1, data);
result:=data;
end;
destructor cDrvIface.Destroy;
begin
inherited Destroy;
if isLoad then
case WindowsVer of
WinNT3, WinNT4, Win2K, WinXP:
isUnLoad:=fLLDrv.UnLoadDeviceDriver(DRIVER_NAME_NT);
end;
fLLDrv.Destroy;
end;
end.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -