📄 albondkeyboard.cpp
字号:
extern "C" {
#include <ntddk.h>
#include <ntifs.h>
}
#define IOCTL_IO_CONTROL CTL_CODE(FILE_DEVICE_UNKNOWN, 0x800, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
#define IOCTL2_IO_CONTROL CTL_CODE(FILE_DEVICE_UNKNOWN, 0x801, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
#define NT_DEVICE_NAME L"\\Device\\AlbondKeyBoard"
#define NT_D_LINK_NAME L"\\DosDevices\\AlbondKeyBoard"
typedef struct _IO_STRUCT_DRIVER {
ULONG inc;
ULONG dec;
} IO_STRUCT_DRIVER, *PIO_STRUCT_DRIVER;
PDEVICE_OBJECT pDeviceObject = NULL;
UNICODE_STRING ntDeviceName;
UNICODE_STRING g_usSymbolicLinkName;
void KeyScanCode(char key) {
_asm {
pusha
cli
mov dl, key
mov ecx,10000h
WaitWhlFull:
in al, 64h
test al, 1
loopnz WaitWhlFull
mov ecx,10000h
TstCmdPortLp1:
in al, 64h
test al, 2
loopnz TstCmdPortLp1
mov al, 0d2h
out 64h, al
mov ecx,10000h
TstCmdPortLp2:
in al, 64h
test al, 2
loopnz TstCmdPortLp2
mov al, dl
out 60h, al
sti
popa
}
}
void KeyEmulate(char key) {
KeyScanCode(key);
KeyScanCode(key|0x80);
}
NTSTATUS DispatchControl(IN PDEVICE_OBJECT DeviceObject,IN PIRP Irp)
{
_IO_STACK_LOCATION *stack = IoGetCurrentIrpStackLocation(Irp);
NTSTATUS status = STATUS_SUCCESS;
ULONG dwBytesReturned = 0;
DbgPrint("In IO Control.");
if ((IoGetCurrentIrpStackLocation(Irp)->Parameters.DeviceIoControl.IoControlCode==0x222000) && (stack->Parameters.DeviceIoControl.InputBufferLength == sizeof(char)))
{
DbgPrint("Irp->IoControlCode==0x800");
char st = *((PCHAR)Irp->AssociatedIrp.SystemBuffer);
KeyScanCode(st);
}
if ((IoGetCurrentIrpStackLocation(Irp)->Parameters.DeviceIoControl.IoControlCode==0x222004) && (stack->Parameters.DeviceIoControl.InputBufferLength == sizeof(char)))
{
DbgPrint("Irp->IoControlCode==0x801");
char st = *((PCHAR)Irp->AssociatedIrp.SystemBuffer);
KeyScanCode(st|0x80);
}
DbgPrint("Irp->IoControlCode==%x",IoGetCurrentIrpStackLocation(Irp)->Parameters.DeviceIoControl.IoControlCode);
Irp->IoStatus.Status = status;
Irp->IoStatus.Information = 0;
IoCompleteRequest(Irp,IO_NO_INCREMENT);
return status;
}
NTSTATUS DrCreatClose(IN PDEVICE_OBJECT DeviceObject,IN PIRP Irp)
{
Irp->IoStatus.Status = STATUS_SUCCESS;
Irp->IoStatus.Information = 0;
IoCompleteRequest(Irp,IO_NO_INCREMENT);
return Irp->IoStatus.Status;
}
VOID DriverUnload(IN PDRIVER_OBJECT DriverObject)
{
IoDeleteSymbolicLink(&g_usSymbolicLinkName);
IoDeleteDevice(pDeviceObject);
}
extern "C" NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath)
{
NTSTATUS status;
RtlInitUnicodeString(&ntDeviceName,NT_DEVICE_NAME);
RtlInitUnicodeString(&g_usSymbolicLinkName,NT_D_LINK_NAME);
status = IoCreateDevice(DriverObject,0,&ntDeviceName, FILE_DEVICE_UNKNOWN,0,TRUE, &pDeviceObject);
if (status==STATUS_SUCCESS)
status = IoCreateSymbolicLink(&g_usSymbolicLinkName, &ntDeviceName);
if (status==STATUS_SUCCESS)
{
DbgPrint("DrCreatClose - IRP_MJ_CREATE");
DriverObject->MajorFunction[IRP_MJ_CREATE] = DrCreatClose;
DbgPrint("DrCreatClose - IRP_MJ_CLOSE");
DriverObject->MajorFunction[IRP_MJ_PNP] = DrCreatClose;
DbgPrint("DriverUnload");
DriverObject->DriverUnload = DriverUnload;
DbgPrint("DispatchControl - IRP_MJ_DEVICE_CONTROL");
DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = DispatchControl;
}
return STATUS_SUCCESS;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -