📄 driver.cpp
字号:
/************************************************************************
* 文件名称:driver.cpp
* 作 者:李骥
*************************************************************************/
#include "stdafx.h"
#include <windows.h>
#include <shlwapi.h>
#include <tchar.h>
#include "Driver.h"
#pragma comment(lib,"shlwapi.lib")
BOOL GetDriverPath( OUT LPTSTR lpFileName, IN DWORD dwSize )
{
// 确定驱动位置
WCHAR szPath[MAX_PATH];
GetModuleFileName( NULL, szPath, MAX_PATH );
lstrcpy( _tcsrchr( szPath, '\\' ) + 1, L"KeProcessManage_Drv.sys" );
lstrcpyn( lpFileName, szPath, dwSize );
return PathFileExists( lpFileName );
}
HANDLE LoadDriver( IN LPCTSTR lpFileName )
{
HANDLE hDriver = INVALID_HANDLE_VALUE;
SC_HANDLE hSCManager = OpenSCManager( NULL, NULL,
SC_MANAGER_CREATE_SERVICE );
if ( NULL != hSCManager )
{
SC_HANDLE hService = CreateService( hSCManager, L"KeProcessManage_Drv",
L"KeProcessManage_Drv Driver", SERVICE_START,
SERVICE_KERNEL_DRIVER, SERVICE_DEMAND_START,
SERVICE_ERROR_IGNORE, lpFileName, NULL, NULL, NULL, NULL, NULL );
if ( ERROR_SERVICE_EXISTS == GetLastError() )
{
hService = OpenService( hSCManager, L"KeProcessManage_Drv", SERVICE_START );
}
StartService( hService, 0, NULL );
CloseServiceHandle( hService );
CloseServiceHandle( hSCManager );
hDriver = CreateFile( L"\\\\.\\MyProcessManage",
GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL );
}
return hDriver;
}
void UnloadDriver( IN HANDLE hDriver )
{
CloseHandle( hDriver );
SC_HANDLE hSCManager = OpenSCManager( NULL, NULL,
SC_MANAGER_CREATE_SERVICE );
if ( NULL != hSCManager )
{
SC_HANDLE hService = OpenService( hSCManager, L"KeProcessManage_Drv", DELETE | SERVICE_STOP );
if ( NULL != hService )
{
SERVICE_STATUS ss;
ControlService( hService, SERVICE_CONTROL_STOP, &ss );
DeleteService( hService );
CloseServiceHandle( hService );
}
CloseServiceHandle( hSCManager );
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -