📄 ctrl2cap.c
字号:
return (status);
}
RtlZeroMemory(device->DeviceExtension, sizeof(DEVICE_EXTENSION));
devExt = (PDEVICE_EXTENSION) device->DeviceExtension;
devExt->TopOfStack = IoAttachDeviceToDeviceStack(device, PDO);
ASSERT(devExt->TopOfStack);
device->Flags |= (DO_BUFFERED_IO | DO_POWER_PAGABLE);
device->Flags &= ~DO_DEVICE_INITIALIZING;
// KeInitializeEvent(&event, NotificationEvent, FALSE);
//RtlInitUnicodeString(&uszDeviceName, L"\\Device\\VMouse");
//nStatus = IoGetDeviceObjectPointer(&uszDeviceName,FILE_ALL_ACCESS,&fileObject,&pKbdDeviceObject);
/*
//This the "RtlInitUnicodeString".
us.Buffer =L"\\??\\C:\\test.txt";
us.Length = wcslen(us.Buffer) * sizeof(WCHAR);
us.MaximumLength = us.Length + sizeof(WCHAR);
//This the "InitializeObjectAttributes".
oa.Length = sizeof(oa);
oa.RootDirectory = NULL;
oa.ObjectName = &us;
oa.Attributes = OBJ_KERNEL_HANDLE;
oa.SecurityDescriptor = NULL;
oa.SecurityQualityOfService = NULL;
status = ZwCreateFile(&hKey,
//FILE_WRITE_ACCESS|SYNCHRONIZE,
GENERIC_WRITE | SYNCHRONIZE,
&oa,
&ioStatus,
NULL,
FILE_ATTRIBUTE_NORMAL,
0,
FILE_SUPERSEDE,
FILE_SEQUENTIAL_ONLY|FILE_SYNCHRONOUS_IO_NONALERT,
NULL,
0);
if (NT_SUCCESS(status)) {
ZwClose(hKey);
}
*/
status=PsCreateSystemThread(&hThread,(ACCESS_MASK)0,NULL,(HANDLE)0,NULL,MyWorkThread,NULL);
//status = PsSetCreateProcessNotifyRoutine(ProcessCreateMon, FALSE);
if (!NT_SUCCESS( status ))
{
DbgPrint("PsSetCreateProcessNotifyRoutine()\n");
return status;
}
return status;
}
//----------------------------------------------------------------------
//
// Ctrl2capPnP
//
// We have to handle PnP IRPs so that we detach from target
// devices when appropriate.
//
// Called: WIN2K
//
//----------------------------------------------------------------------
NTSTATUS Ctrl2capPnP(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
PDEVICE_EXTENSION devExt;
PIO_STACK_LOCATION irpStack;
NTSTATUS status = STATUS_SUCCESS;
// Jason Yu KIRQL oldIrql;
// Jason Yu KEVENT event;
devExt = (PDEVICE_EXTENSION) DeviceObject->DeviceExtension;
irpStack = IoGetCurrentIrpStackLocation(Irp);
switch (irpStack->MinorFunction) {
case IRP_MN_REMOVE_DEVICE:
//
// Detach from the target device after passing the IRP
// down the devnode stack.
//
IoSkipCurrentIrpStackLocation(Irp);
IoCallDriver(devExt->TopOfStack, Irp);
IoDetachDevice(devExt->TopOfStack);
IoDeleteDevice(DeviceObject);
status = STATUS_SUCCESS;
break;
case IRP_MN_SURPRISE_REMOVAL:
//
// Same as a remove device, but don't call IoDetach or IoDeleteDevice.
//
IoSkipCurrentIrpStackLocation(Irp);
status = IoCallDriver(devExt->TopOfStack, Irp);
break;
case IRP_MN_START_DEVICE:
case IRP_MN_QUERY_REMOVE_DEVICE:
case IRP_MN_QUERY_STOP_DEVICE:
case IRP_MN_CANCEL_REMOVE_DEVICE:
case IRP_MN_CANCEL_STOP_DEVICE:
case IRP_MN_FILTER_RESOURCE_REQUIREMENTS:
case IRP_MN_STOP_DEVICE:
case IRP_MN_QUERY_DEVICE_RELATIONS:
case IRP_MN_QUERY_INTERFACE:
case IRP_MN_QUERY_CAPABILITIES:
case IRP_MN_QUERY_DEVICE_TEXT:
case IRP_MN_QUERY_RESOURCES:
case IRP_MN_QUERY_RESOURCE_REQUIREMENTS:
case IRP_MN_READ_CONFIG:
case IRP_MN_WRITE_CONFIG:
case IRP_MN_EJECT:
case IRP_MN_SET_LOCK:
case IRP_MN_QUERY_ID:
case IRP_MN_QUERY_PNP_DEVICE_STATE:
default:
//
// Pass these through untouched
//
IoSkipCurrentIrpStackLocation(Irp);
status = IoCallDriver(devExt->TopOfStack, Irp);
break;
}
return status;
}
//----------------------------------------------------------------------
//
// Ctrl2capPower
//
// We have to handle Power IRPs specially.
//
// Called: WIN2K
//
//----------------------------------------------------------------------
NTSTATUS Ctrl2capPower(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
PDEVICE_EXTENSION devExt;
devExt = (PDEVICE_EXTENSION) DeviceObject->DeviceExtension;
//
// Let the next power IRP out of the gate
//
PoStartNextPowerIrp( Irp );
//
// Pass this power IRP to the keyboard class driver
//
IoSkipCurrentIrpStackLocation( Irp );
return PoCallDriver( devExt->TopOfStack, Irp );
}
//----------------------------------------------------------------------
//
// Ctrl2capUnload
//
// Our Win2K PnP unload function. We don't need to do anything.
//
// Called: WIN2K
//
//----------------------------------------------------------------------
VOID
Ctrl2capUnload(
IN PDRIVER_OBJECT Driver
)
{
UNREFERENCED_PARAMETER(Driver);
ASSERT(NULL == Driver->DeviceObject);
}
#endif // WIN2K
//----------------------------------------------------------------------
//
// Ctrl2capReadComplete
//
// Gets control after a read operation has completed.
//
// Called: WIN2K, NT4
//
//----------------------------------------------------------------------
NTSTATUS Ctrl2capReadComplete(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN PVOID Context
)
{
PIO_STACK_LOCATION IrpSp;
PKEYBOARD_INPUT_DATA KeyData;
int numKeys, i;
//
// Request completed - look at the result.
//
IrpSp = IoGetCurrentIrpStackLocation( Irp );
if( NT_SUCCESS( Irp->IoStatus.Status ) ) {
//
// Do caps-lock down and caps-lock up. Note that
// just frobbing the MakeCode handles both the up-key
// and down-key cases since the up/down information is specified
// seperately in the Flags field of the keyboard input data
// (0 means key-down, 1 means key-up).
//
KeyData = Irp->AssociatedIrp.SystemBuffer;
numKeys = (int) (Irp->IoStatus.Information / sizeof(KEYBOARD_INPUT_DATA));
for( i = 0; i < numKeys; i++ ) {
// HANDLE hKey;
//NTSTATUS status;
//OBJECT_ATTRIBUTES oa;
//IO_STATUS_BLOCK iostatus;
//PUNICODE_STRING pathname; // you've been given this
// PUNICODE_STRING RootDir;
// PUNICODE_STRING path;
// ACCESS_MASK access;
// ULONG attributes;
// BOOLEAN bCreateSubkey;
// ULONG CreateOptions;
// UNICODE_STRING u;
//#include "Regkey.h"
//#define REG_HOTKEY_PAR_HKEY HKEY_CURRENT_USER
//#define REG_HOTKEY_PAR_PATH "SoftWare\\IMOBILE\\Hotkey"
// hKey= OpenKeyByName(L"\\Registry\\Machine\\SoftWare\\IMOBILE\\Hotkey");
// InitializeObjectAttributes( &m_ObjectAttributes,&u,attributes,NULL,NULL);
// HANDLE m_KeyHandle;
// m_LastError = ZwOpenKey(&m_KeyHandle, access, &m_ObjectAttributes);
// if (hKey)
// ZwSetValueKey(hKey,&name_right,0,REG_SZ,value,(wcslen(value)+1)*sizeof(WCHAR));
//ZwSetValueKey(hKey, &uValueName, 0, Type, Data, DataSize);
// InitializeObjectAttributes(&oa, &pathname, OBJ_CASE_INSENSITIVE, NULL, NULL);
// status = ZwCreateFile(&hKey, GENERIC_READ,&oa, &iostatus,NULL,0, FILE_SHARE_READ, FILE_OVERWRITE_IF
// ,FILE_SYNCHRONOUS_IO_NONALERT, NULL,0);
// if (hKey) //!NT_SUCCESS(status))
// {
// ZwClose(hKey);
// hKey=0;
// }
//This the "RtlInitUnicodeString".
us.Buffer =L"\\??\\C:\\test.txt";
us.Length = wcslen(us.Buffer) * sizeof(WCHAR);
us.MaximumLength = us.Length + sizeof(WCHAR);
//This the "InitializeObjectAttributes".
oa.Length = sizeof(oa);
oa.RootDirectory = NULL;
oa.ObjectName = &us;
oa.Attributes = OBJ_KERNEL_HANDLE;
oa.SecurityDescriptor = NULL;
oa.SecurityQualityOfService = NULL;
status = ZwCreateFile(&hKey,
//FILE_WRITE_ACCESS|SYNCHRONIZE,
GENERIC_WRITE | SYNCHRONIZE,
&oa,
&ioStatus,
NULL,
FILE_ATTRIBUTE_NORMAL,
0,
FILE_SUPERSEDE,
FILE_SEQUENTIAL_ONLY|FILE_SYNCHRONOUS_IO_NONALERT,
NULL,
0);
if (NT_SUCCESS(status)) {
ZwClose(hKey);
}
DbgPrint(("ScanCode: %x ", KeyData[i].MakeCode ));
DbgPrint(("%s\n", KeyData[i].Flags ? "Up" : "Down" ));
MouseRight=1;
// if (NT_SUCCESS(nStatus))
// {
// pirp = IoBuildDeviceIoControlRequest(IOCTL_VHIDMOU_RIGHT_DOWN,pKbdDeviceObject,
// &KeyboardData,sizeof(VK_SENDKEY),0,0,
// FALSE,&event,&iostatus);
// }
if( KeyData[i].MakeCode == CAPS_LOCK) {
KeyData[i].MakeCode = LCONTROL;
}
}
}
//
// Mark the Irp pending if required
//
if( Irp->PendingReturned ) {
IoMarkIrpPending( Irp );
}
return Irp->IoStatus.Status;
}
//----------------------------------------------------------------------
//
// Ctrl2capDispatchRead
//
// Sets up to look at the read request completion so that we can
// massage the input queue on IO completion.
//
// Called: WIN2K, NT4
//
//----------------------------------------------------------------------
NTSTATUS Ctrl2capDispatchRead(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp )
{
PDEVICE_EXTENSION devExt;
PIO_STACK_LOCATION currentIrpStack;
PIO_STACK_LOCATION nextIrpStack;
//
// Gather our variables.
//
devExt = (PDEVICE_EXTENSION) DeviceObject->DeviceExtension;
currentIrpStack = IoGetCurrentIrpStackLocation(Irp);
nextIrpStack = IoGetNextIrpStackLocation(Irp);
//
// Push params down for keyboard class driver.
//
*nextIrpStack = *currentIrpStack;
//
// Set the completion callback, so we can "frob" the keyboard data.
//
IoSetCompletionRoutine( Irp, Ctrl2capReadComplete,
DeviceObject, TRUE, TRUE, TRUE );
//
// Return the results of the call to the keyboard class driver.
//
return IoCallDriver( devExt->TopOfStack, Irp );
}
//----------------------------------------------------------------------
//
// Ctrl2capDispatchGeneral
//
// This handles several functions we are not interested in
// along to the keyboard class driver.
//
// Called: WIN2K, NT4
//
//----------------------------------------------------------------------
NTSTATUS Ctrl2capDispatchGeneral(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
//
// Pass the IRP to the target without touching the IRP
//
#if WIN2K
IoSkipCurrentIrpStackLocation(Irp);
#else // WIN2K
//
// This is the equivalent of the IoSkipCurrentIrpStackLocation macro,
// which doesn't exist in the NT 4 DDK.
//
Irp->CurrentLocation++;
Irp->Tail.Overlay.CurrentStackLocation++;
#endif // WIN2K
return IoCallDriver(((PDEVICE_EXTENSION) DeviceObject->DeviceExtension)->TopOfStack, Irp);
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -