secret.cpp.svn-base

股票软件源码

// Only valid when bDriverError is SMART_IDE_ERROR. 
BYTE bReserved[2]; // Reserved for future expansion. 
DWORD dwReserved[2]; // Reserved for future expansion. 
} DRIVERSTATUS, *PDRIVERSTATUS, *LPDRIVERSTATUS; 
#endif	// (_WIN32_WINNT < 0x0400)


// Structure returned by PhysicalDrive IOCTL for several commands 
#if(_WIN32_WINNT < 0x0400)
typedef struct _SENDCMDOUTPARAMS 
{ 
DWORD cBufferSize; // Size of bBuffer in bytes 
DRIVERSTATUS DriverStatus; // Driver status structure. 
BYTE bBuffer[1]; // Buffer of arbitrary length in which to store the data read from the
				 // drive. 
} SENDCMDOUTPARAMS, *PSENDCMDOUTPARAMS, *LPSENDCMDOUTPARAMS; 
#endif	// (_WIN32_WINNT < 0x0400)


// The following struct defines the interesting part of the IDENTIFY 
// buffer: 
typedef struct _IDSECTOR 
{ 
USHORT wGenConfig; 
USHORT wNumCyls; 
USHORT wReserved; 
USHORT wNumHeads; 
USHORT wBytesPerTrack; 
USHORT wBytesPerSector; 
USHORT wSectorsPerTrack; 
USHORT wVendorUnique[3]; 
CHAR sSerialNumber[20]; 
USHORT wBufferType; 
USHORT wBufferSize; 
USHORT wECCSize; 
CHAR sFirmwareRev[8]; 
CHAR sModelNumber[40]; 
USHORT wMoreVendorUnique; 
USHORT wDoubleWordIO; 
USHORT wCapabilities; 
USHORT wReserved1; 
USHORT wPIOTiming; 
USHORT wDMATiming; 
USHORT wBS; 
USHORT wNumCurrentCyls; 
USHORT wNumCurrentHeads; 
USHORT wNumCurrentSectorsPerTrack; 
ULONG ulCurrentSectorCapacity; 
USHORT wMultSectorStuff; 
ULONG ulTotalAddressableSectors; 
USHORT wSingleWordDMA; 
USHORT wMultiWordDMA; 
BYTE bReserved[128]; 
} IDSECTOR, *PIDSECTOR; 


typedef struct _SRB_IO_CONTROL 
{ 
ULONG HeaderLength; 
UCHAR Signature[8]; 
ULONG Timeout; 
ULONG ControlCode; 
ULONG ReturnCode; 
ULONG Length; 
} SRB_IO_CONTROL, *PSRB_IO_CONTROL; 


// Define global buffers. 
BYTE IdOutCmd [sizeof (SENDCMDOUTPARAMS) + IDENTIFY_BUFFER_SIZE - 1]; 


char *ConvertToString (DWORD diskdata [256], int firstIndex, int lastIndex); 
void PrintIdeInfo (int drive, DWORD diskdata [256]); 
BOOL DoIDENTIFY (HANDLE, PSENDCMDINPARAMS, PSENDCMDOUTPARAMS, BYTE, BYTE, 
PDWORD); 
int ReadPhysicalDriveInNT (void) 
{ 
int done = FALSE; 
int drive = 0; 

for (drive = 0; drive < MAX_IDE_DRIVES; drive++) 
{ 
HANDLE hPhysicalDriveIOCTL = 0; 


// Try to get a handle to PhysicalDrive IOCTL, report failure 
// and exit if can't. 
char driveName [256]; 

sprintf (driveName, "\\\\.\\PhysicalDrive%d", drive); 

// Windows NT, Windows 2000, must have admin rights 
hPhysicalDriveIOCTL = CreateFile (driveName, 
GENERIC_READ | GENERIC_WRITE, 
FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, 
OPEN_EXISTING, 0, NULL); 
// if (hPhysicalDriveIOCTL == INVALID_HANDLE_VALUE) 
// printf ("Unable to open physical drive %d, error code: 0x%lX\n", 
// drive, GetLastError ()); 

if (hPhysicalDriveIOCTL != INVALID_HANDLE_VALUE) 
{ 
GETVERSIONOUTPARAMS VersionParams; 
DWORD cbBytesReturned = 0; 

// Get the version, etc of PhysicalDrive IOCTL 
memset ((void*) &VersionParams, 0, sizeof(VersionParams)); 

if ( ! DeviceIoControl (hPhysicalDriveIOCTL, DFP_GET_VERSION, 
NULL, 
0, 
&VersionParams, 
sizeof(VersionParams), 
&cbBytesReturned, NULL) ) 
{ 
// printf ("DFP_GET_VERSION failed for drive %d\n", i); 
// continue; 
} 

// If there is a IDE device at number "i" issue commands 
// to the device 
if (VersionParams.bIDEDeviceMap > 0) 
{ 
BYTE bIDCmd = 0; // IDE or ATAPI IDENTIFY cmd 
SENDCMDINPARAMS scip; 
//SENDCMDOUTPARAMS OutCmd; 

// Now, get the ID sector for all IDE devices in the sysstem. 
// If the device is ATAPI use the IDE_ATAPI_IDENTIFY command, 
// If the device is ATAPI use the IDE_ATAPI_IDENTIFY command, 
// otherwise use the IDE_ATA_IDENTIFY command 
bIDCmd = (VersionParams.bIDEDeviceMap >> drive & 0x10) ? \
IDE_ATAPI_IDENTIFY : IDE_ATA_IDENTIFY; 

memset (&scip, 0, sizeof(scip)); 
memset (IdOutCmd, 0, sizeof(IdOutCmd)); 

if ( DoIDENTIFY (hPhysicalDriveIOCTL, 
&scip, 
(PSENDCMDOUTPARAMS)&IdOutCmd, 
(BYTE) bIDCmd, 
(BYTE) drive, 
&cbBytesReturned)) 
{ 
DWORD diskdata [256]; 
int ijk = 0; 
USHORT *pIdSector = (USHORT *) 
((PSENDCMDOUTPARAMS) IdOutCmd) -> bBuffer; 

for (ijk = 0; ijk < 256; ijk++) 
diskdata [ijk] = pIdSector [ijk]; 


PrintIdeInfo (drive, diskdata); 

done = TRUE; 
} 
} 

CloseHandle (hPhysicalDriveIOCTL); 
} 
} 

return done; 
} 


// DoIDENTIFY 
// FUNCTION: Send an IDENTIFY command to the drive 
// bDriveNum = 0-3 
// bIDCmd = IDE_ATA_IDENTIFY or IDE_ATAPI_IDENTIFY 
BOOL DoIDENTIFY (HANDLE hPhysicalDriveIOCTL, PSENDCMDINPARAMS pSCIP, 
PSENDCMDOUTPARAMS pSCOP, BYTE bIDCmd, BYTE bDriveNum, 
PDWORD lpcbBytesReturned) 
{ 
// Set up data structures for IDENTIFY command. 
pSCIP -> cBufferSize = IDENTIFY_BUFFER_SIZE; 
pSCIP -> irDriveRegs.bFeaturesReg = 0; 
pSCIP -> irDriveRegs.bSectorCountReg = 1; 
pSCIP -> irDriveRegs.bSectorNumberReg = 1; 
pSCIP -> irDriveRegs.bCylLowReg = 0; 
pSCIP -> irDriveRegs.bCylHighReg = 0; 

// Compute the drive number. 
pSCIP -> irDriveRegs.bDriveHeadReg = 0xA0 | ((bDriveNum & 1) << 4); 

// The command can either be IDE identify or ATAPI identify. 
pSCIP -> irDriveRegs.bCommandReg = bIDCmd; 
pSCIP -> bDriveNumber = bDriveNum; 
pSCIP -> cBufferSize = IDENTIFY_BUFFER_SIZE; 

return ( DeviceIoControl (hPhysicalDriveIOCTL, DFP_RECEIVE_DRIVE_DATA, 
(LPVOID) pSCIP, 
sizeof(SENDCMDINPARAMS) - 1, 
(LPVOID) pSCOP, 
sizeof(SENDCMDOUTPARAMS) + IDENTIFY_BUFFER_SIZE - 1, 
lpcbBytesReturned, NULL) ); 
} 
// ------------------------------------------------- // 
// WinIo v1.2 // 
// Direct Hardware Access Under Windows 9x/NT/2000 // 
// Copyright 1998-2000 Yariv Kaplan // 
// http://www.internals.com // 
// ------------------------------------------------- // 

//#include <windows.h>
//#include "instdrv.h" 

BOOL LoadDeviceDriver( const TCHAR * Name, const TCHAR * Path, HANDLE * lphDevice );
BOOL UnloadDeviceDriver( const TCHAR * Name );

HANDLE hDriver;
bool IsNT;
bool IsWinIoInitialized = false;

bool IsWinNT()
{
OSVERSIONINFO OSVersionInfo;

OSVersionInfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);

GetVersionEx(&OSVersionInfo);

return OSVersionInfo.dwPlatformId == VER_PLATFORM_WIN32_NT; 
} 


bool InitializeWinIo() 
{ 
char szExePath[MAX_PATH]; 
PSTR pszSlash; 

IsNT = IsWinNT(); 
if (IsNT) 
{ 
if (!GetModuleFileName(GetModuleHandle(NULL), szExePath, 
sizeof(szExePath))) 
return false; 


pszSlash = strrchr(szExePath, '\\'); 

if (pszSlash) 
pszSlash[1] = 0; 
else 
return false; 

strcat(szExePath, "winio.sys"); 

// UnloadDeviceDriver("WINIO"); 

// if (!LoadDeviceDriver("WINIO", szExePath, &hDriver)) 
// return false; 
} 

IsWinIoInitialized = true; 

return true; 
} 


void ShutdownWinIo() 
{ 
// if (IsNT) 
// UnloadDeviceDriver("WINIO"); 
} 


// ------------------------------------------------ // 
// Port32 v3.0 // 
// Direct Port Access Under Windows 9x/NT/2000 // 
// Copyright 1998-2000 Yariv Kaplan // 
// http://www.internals.com // 
// ------------------------------------------------ // 

//#include <windows.h>
#include <winioctl.h>
//#include "diskid32.h" 
//#include "general.h" 

// These are our ring 0 functions responsible for tinkering with the hardware ports. 
// They have a similar privilege to a Windows VxD and are therefore free to re therefore free to access 
// protected system resources (such as the page tables) and even place calls to 
// exported VxD services. 

__declspec(naked) void Ring0GetPortVal() 
{ 
_asm 
{ 
Cmp CL, 1 
Je ByteVal 
Cmp CL, 2 
Je WordVal 
Cmp CL, 4 
Je DWordVal 

ByteVal: 

In AL, DX 
Mov [EBX], AL 
Retf 


WordVal: 

In AX, DX 
Mov [EBX], AX 
Retf 

DWordVal: 

In EAX, DX 
Mov [EBX], EAX 
Retf 
} 
} 
__declspec(naked) void Ring0SetPortVal() 
{ 
_asm 
{ 
Cmp CL, 1 
Je ByteVal 
Cmp CL, 2 
Je WordVal 
Cmp CL, 4 
Cmp CL, 4 
Je DWordVal 

ByteVal: 

Mov AL, [EBX] 
Out DX, AL 
Retf 

WordVal: 

Mov AX, [EBX] 
Out DX, AX 
Retf 

DWordVal: 

Mov EAX, [EBX] 
Out DX, EAX 
Retf 
} 
} 



// This function makes it possible to call ring 0 code from a ring 3 
// application. 

bool CallRing0(PVOID pvRing0FuncAddr, WORD wPortAddr, PDWORD pdwPortVal, BYTE 
bSize) 
{ 

struct GDT_DESCRIPTOR *pGDTDescriptor; 
struct GDTR gdtr; 
WORD CallgateAddr[3]; 
WORD wGDTIndex = 1; 

_asm Sgdt [gdtr] 

// Skip the null descriptor 

pGDTDescriptor = (struct GDT_DESCRIPTOR *)(gdtr.dwGDTBase + 8); 

// Search for a free GDT descriptor 

for (wGDTIndex = 1; wGDTIndex < (gdtr.wGDTLimit / 8); wGDTIndex++) 
{ 
if (pGDTDescriptor->Type == 0 && 
pGDTDescriptor->System == 0 && 
pGDTDescriptor->DPL == 0 && 
pGDTDescriptor->Present == 0) 
{ 
// Found one ! 
// Now we need to transform this descriptor into a callgate. 
// Note that we're using selector 0x28 since it corresponds 
// to a ring 0 segment which spans the entire linear address 
// space of the processor (0-4GB). 

struct CALLGATE_DESCRIPTOR *pCallgate; 

pCallgate = (struct CALLGATE_DESCRIPTOR *) pGDTDescriptor; 
pCallgate->Offset_0_15 = LOWORD(pvRing0FuncAddr); 
pCallgate->Selector = 0x28; 
pCallgate->ParamCount = 0; 
pCallgate->Unused = 0; 
pCallgate->Type = 0xc; 
pCallgate->System = 0; 
pCallgate->DPL = 3; 
pCallgate->DPL = 3; 
pCallgate->Present = 1; 
pCallgate->Offset_16_31 = HIWORD(pvRing0FuncAddr); 

// Prepare the far call parameters 
CallgateAddr[0] = 0x0; 
CallgateAddr[1] = 0x0; 
CallgateAddr[2] = (wGDTIndex << 3) | 3; 

// Please fasten your seat belts! 
// We're about to make a hyperspace jump into RING 0. 

_asm Mov DX, [wPortAddr] 
_asm Mov EBX, [pdwPortVal] 
_asm Mov CL, [bSize] 
_asm Call FWORD PTR [CallgateAddr] 

// We have made it ! 
// Now free the GDT descriptor 

memset(pGDTDescriptor, 0, 8); 

// Our journey was successful. Seeya. 

return true; 
} 

// Advance to the next GDT descriptor 

pGDTDescriptor++; 
} 

// Whoops, the GDT is full 

return false; 
} 

bool GetPortVal(WORD wPortAddr, PDWORD pdwPortVal, BYTE bSize) 
{ 
bool Result; 
DWORD dwBytesReturned; 
struct tagPort32Struct Port32Struct; 

if (IsNT) 
{ 
if (!IsWinIoInitialized) 
return false; 

Port32Struct.wPortAddr = wPortAddr; 
Port32Struct.bSize = bSize; 

if (!DeviceIoControl(hDriver, IOCTL_WINIO_READPORT, &Port32Struct, 
sizeof(struct tagPort32Struct), &Port32Struct, 
sizeof(struct tagPort32Struct), 
&dwBytesReturned, NULL)) 
return false; 
else 
*pdwPortVal = Port32Struct.dwPortVal; 
} 
else 
{ 
Result = CallRing0((PVOID)Ring0GetPortVal, wPortAddr, pdwPortVal, bSize); 

if (Result == false) 
return false; 
} 


return true; 
} 


bool SetPortVal(WORD wPortAddr, DWORD dwPortVal, BYTE bSize) 
{ 
DWORD dwBytesReturned; 
struct tagPort32Struct Port32Struct; 

if (IsNT) 
{ 
if (!IsWinIoInitialized) 
return false; 

Port32Struct.wPortAddr = wPortAddr; 
Port32Struct.dwPortVal = dwPortVal; 
Port32Struct.bSize = bSize; 
if (!DeviceIoControl(hDriver, IOCTL_WINIO_WRITEPORT, &Port32Struct, 
sizeof(struct tagPort32Struct), NULL, 0, 
&dwBytesReturned, NULL)) 
return false; 
} 
else 
return CallRing0((PVOID)Ring0SetPortVal, wPortAddr, &dwPortVal, bSize); 

return true; 
} 


int ReadDrivePortsInWin9X (void) 
{ 
int done = FALSE; 
int drive = 0; 

InitializeWinIo (); 

// Get IDE Drive info from the hardware ports 
// loop thru all possible drives 
for (drive = 0; drive < 8; drive++) 
{ 
DWORD diskdata [256]; 
WORD baseAddress = 0; // Base address of drive controller 
DWORD portValue = 0; 
int waitLoop = 0; 
int index = 0; 

switch (drive / 2) 
{ 
case 0: baseAddress = 0x1f0; break; 
case 1: baseAddress = 0x170; break; 
case 2: baseAddress = 0x1e8; break; 
case 3: baseAddress = 0x168; break; 
} 

// Wait for controller not busy 
waitLoop = 100000; 
while (--waitLoop > 0) 
{ 
GetPortVal ((WORD) (baseAddress + 7), &portValue, (BYTE) 1);