|
阅读:1851回复:7
高手帮忙!如何通过deviceiocontrol发送数据?
想通过DeviceIocontrol发送数据,思路是自定义IOCTL然后调用函数通过ndissend发送数据。
哪位大侠做过这种功能呀? |
|
|
沙发#
发布于:2008-05-25 08:24
还是用ndisprot来改吧。MS提供的模板还是不错的
|
|
|
板凳#
发布于:2007-12-11 18:36
dump信息,但是看不到和passthru.sys相关的东西,高手帮帮忙吧!
Microsoft (R) Windows Debugger Version 6.8.0004.0 X86 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [E:\PLGUNDAM\CODE\DumpFile\MEMORY.DMP] Kernel Complete Dump File: Full address space is available Symbol search path is: F:\Symbols;E:\PLGUNDAM\CODE\Driver\NDIS\SendPacket\SysV0.2\objchk_wxp_x86\i386;E:\PLGUNDAM\CODE\Driver\NDIS\SendPacket\SendPacketThruIM\objchk_wxp_x86\i386 Executable search path is: E:\suc.3 Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Built by: 2600.xpsp_sp2_rtm.040803-2158 Kernel base = 0x804d8000 PsLoadedModuleList = 0x8055bb20 Debug session time: Tue Dec 11 18:11:42.942 2007 (GMT+8) System Uptime: 0 days 0:36:11.482 Loading Kernel Symbols .................................................................................................... Loading User Symbols ... Loading unloaded module list ............. ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck D1, {0, 2, 1, 7c80168a} ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: kernel32!pNlsUserInfo *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: kernel32!pNlsUserInfo *** *** *** ************************************************************************* Probably caused by : ntoskrnl.exe ( nt!KiTrap0E+233 ) Followup: MachineOwner --------- kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If kernel debugger is available get stack backtrace. Arguments: Arg1: 00000000, memory referenced Arg2: 00000002, IRQL Arg3: 00000001, value 0 = read operation, 1 = write operation Arg4: 7c80168a, address which referenced memory Debugging Details: ------------------ ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: kernel32!pNlsUserInfo *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: kernel32!pNlsUserInfo *** *** *** ************************************************************************* WRITE_ADDRESS: 00000000 CURRENT_IRQL: 2 FAULTING_IP: kernel32!DeviceIoControl+100 7c80168a 8908 mov dword ptr [eax],ecx PROCESS_NAME: SendPacketThruI//用户层程序 DEFAULT_BUCKET_ID: INTEL_CPU_MICROCODE_ZERO BUGCHECK_STR: 0xD1 LAST_CONTROL_TRANSFER: from 7c80168a to 804e3158 STACK_TEXT: f8cfcd64 7c80168a badb0d00 ffffffff f8cfcd98 nt!KiTrap0E+0x233 0006fe18 010026ae 000007e8 0012c814 002b3e48 kernel32!DeviceIoControl+0x100 //调用iocontrol 0006fe6c 010030f3 000007e8 002b3e48 00000605 SendPacketThruIM!SendBufferToDevice+0x4e //调用包含iocontrol的函数 0006ff78 0100367d 00000008 002b0b70 002b1200 SendPacketThruIM!main+0x4c3 0006ffc0 7c816d4f 00000028 00000000 7ffd3000 SendPacketThruIM!mainCRTStartup+0x14d [d:\srvrtm\base\crts\crtw32\startup\crt0.c @ 523] 0006fff0 00000000 01003530 00000000 78746341 kernel32!BaseProcessStart+0x23 STACK_COMMAND: kb FOLLOWUP_IP: nt!KiTrap0E+233 804e3158 f7457000000200 test dword ptr [ebp+70h],20000h SYMBOL_STACK_INDEX: 0 SYMBOL_NAME: nt!KiTrap0E+233 FOLLOWUP_NAME: MachineOwner MODULE_NAME: nt IMAGE_NAME: ntoskrnl.exe DEBUG_FLR_IMAGE_TIMESTAMP: 41108004 FAILURE_BUCKET_ID: 0xD1_W_nt!KiTrap0E+233 BUCKET_ID: 0xD1_W_nt!KiTrap0E+233 Followup: MachineOwner --------- |
|
|
地板#
发布于:2007-12-11 18:32
终于可以调用发了,但是不稳定,是不是就会出蓝屏错误!
|
|
|
地下室#
发布于:2007-11-30 00:47
可以调用,但是你要确定往下发的adapter
|
|
|
5楼#
发布于:2007-11-28 18:01
DEVICE IOCONTROL 只是用于给定义好的DEVICE发一个消息(事件), 同时可以往公共的内存里拷贝一些数据.DEVICE接收到这个消息后对共享内存的数据做处理. 查一下DEVICEIOCONTROL的帮助就知道了. 关键在于定义好一个虚拟设备.
|
|
|
|
6楼#
发布于:2007-11-28 16:19
你用 协议层 驱动直接发就是了
ndisprot 那例子你看看 |
|
|
7楼#
发布于:2007-11-23 13:56
ndissend不是你随便可以调用的,只有protocol driver或者相关的driver才可以调用.
 |
|
|