阅读:3903回复:35
winxp下hook中断的问题
缘起:在winxp下,我参考《解析Windows2000的IDT扩展机制》写了一个hook 0x2e中断的driver,可是我的NewISR始终执行不到。
问题:winxp下综合运用了sysenter和int,难道不能把win2000的hook方法照搬到winxp下来呢? |
|
最新喜欢:cyliu
|
沙发#
发布于:2005-04-19 13:43
代码:
FARPROC HookInt(int nVector, FARPROC HookFun) { IDTR idtr; PIDTENTRY IdtEntry; __asm sidt idtr; IdtEntry = (PIDTENTRY)idtr.IDTBase; OldISR = (FUNC_INTERRUPT)((IdtEntry[nVector].OffsetHigh << 16) | (IdtEntry[nVector].OffsetLow)); __asm cli IdtEntry[nVector].OffsetLow = (unsigned short)NewISR; IdtEntry[nVector].OffsetHigh = (unsigned short)((unsigned int)NewISR >> 16); __asm sti; return (FARPROC)OldISR; } |
|
|
板凳#
发布于:2005-04-19 13:47
代码贴错了,重贴一下:
FARPROC HookInt(int nVector, FARPROC HookFun) { IDTR idtr; PIDTENTRY IdtEntry; __asm sidt idtr; IdtEntry = (PIDTENTRY)idtr.IDTBase; OldISR = (FUNC_INTERRUPT)((IdtEntry[nVector].OffsetHigh << 16) | (IdtEntry[nVector].OffsetLow)); __asm cli IdtEntry[nVector].OffsetLow = (unsigned short)HookFun; IdtEntry[nVector].OffsetHigh = (unsigned short)((unsigned int)HookFun >> 16); __asm sti; return (FARPROC)OldISR; } |
|
|
地板#
发布于:2005-04-20 09:52
代码贴错了,重贴一下: winxp下确实综合运用了sysenter和int,应该可以把win2000的hook方法照搬到winxp,请你将IDTR,IDTENTRY的定义一同铁出,并且给你一个测试方法,在softice中下断电bpint 2e,发生中断时看看IDT是否指向你的ISR |
|
|
地下室#
发布于:2005-04-21 11:17
如下:
typedef struct _idtr { short IDTLimit; unsigned int IDTBase; } IDTR,*PIDTR; typedef struct _idtentry { unsigned short OffsetLow; unsigned short Selector; unsigned char Reserved; unsigned char Type:4; unsigned char SegmentFlag:1; unsigned char DPL:2; unsigned char Present:1; unsigned short OffsetHigh; }IDTENTRY,*PIDTENTRY; |
|
|
5楼#
发布于:2005-04-21 11:23
代码都是从网上拷贝的。
我调试的时候,也遇到了一些不解之处。 那就是: 使用softice察看idt 2e的输出的地址, 又使用softice察看HookInt函数返回的OldISR, 两个地址总是不对劲。 |
|
|
6楼#
发布于:2005-04-21 11:57
代码都是从网上拷贝的。 地址不一样吗? 我也偷懒一把,把你的东东精简一下,写一个mini的直接截获int2e,什么也不干,然后直接调用原int2e的这个驱动,传上来,我在我的机器上试一下,我现在自从上回跟防病毒软件冲突后,我直接装了个裸xp,即不装任何应用程序。 |
|
|
7楼#
发布于:2005-04-21 13:27
mylock.c文件如下:
#define INITGUID #include \"wdm.h\" #include \"stdarg.h\" #include \"stdio.h\" #include \"windef.h\" // // Device Extension // typedef struct _DEVICE_EXTENSION { // // Back pointer to device object // PDEVICE_OBJECT DeviceObject; // // Target Device Object // PDEVICE_OBJECT TargetDeviceObject; // // Physical device object // PDEVICE_OBJECT PhysicalDeviceObject; BOOL bDiswrite; } DEVICE_EXTENSION, *PDEVICE_EXTENSION; /* Layout of Per Processor Counters is a contiguous block of memory: Processor 1 +-----------------------+ +-----------------------+ |PROCESSOR_COUNTERS_SIZE| ... |PROCESSOR_COUNTERS_SIZE| +-----------------------+ +-----------------------+ where PROCESSOR_COUNTERS_SIZE is less than sizeof(DISK_PERFORMANCE) since we only put those we actually use for counting. */ NTSTATUS DriverEntry( IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath ); NTSTATUS AddDevice( IN PDRIVER_OBJECT DriverObject, IN PDEVICE_OBJECT PhysicalDeviceObject ); NTSTATUS SendToNextDriver( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ); NTSTATUS DWDeviceControl( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ); NTSTATUS DWPNP( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ); VOID Unload( IN PDRIVER_OBJECT DriverObject ); ///////////////////////// /////////////////////////////////handerl // {8BDC432A-5403-4aa8-9D7C-71F0C2809A39} typedef struct _idtr { short IDTLimit; unsigned int IDTBase; } IDTR,*PIDTR; typedef struct _idtentry { unsigned short OffsetLow; unsigned short Selector; unsigned char Reserved; unsigned char Type:4; unsigned char SegmentFlag:1; unsigned char DPL:2; unsigned char Present:1; unsigned short OffsetHigh; }IDTENTRY,*PIDTENTRY; #define DISBURN_IOCTL_LOCK CTL_CODE(FILE_DEVICE_CD_ROM, 0x800, METHOD_BUFFERED, FILE_WRITE_DATA|FILE_READ_DATA) #define DISBURN_IOCTL_GETLOCK CTL_CODE(FILE_DEVICE_CD_ROM, 0x801, METHOD_BUFFERED, FILE_WRITE_DATA|FILE_READ_DATA) typedef VOID (* FUNC_INTERRUPT)(); FUNC_INTERRUPT OldISR; /* NTSTATUS IsIrpCD(IN PIRP Irp ); */ NTSTATUS FinishIrp(IN PDEVICE_OBJECT DeviceObject, IN OUT PIRP Irp ); VOID DisableWriteProtect( PULONG pOldAttr); VOID EnableWriteProtect( ULONG ulOldAttr ); FARPROC HookInt(int nVector, FARPROC HookFun); VOID UnhookInt(int nVector); NTSTATUS BeginHook(); void EndHook(); VOID /*__fastcall*/ NewISR(); //////////////////////////////////handerl /////////////////////////////////// // // Define the sections that allow for discarding (i.e. paging) some of // the code. // #ifdef ALLOC_PRAGMA #pragma alloc_text (INIT, DriverEntry) #pragma alloc_text (PAGE, AddDevice) #pragma alloc_text (PAGE, Unload) #pragma alloc_text (PAGE, DWDeviceControl) #pragma alloc_text (PAGE, DWPNP) #pragma alloc_text (PAGE, HookInt) #pragma alloc_text (PAGE, UnhookInt) #pragma alloc_text (PAGE, FinishIrp) #pragma alloc_text (PAGE, BeginHook) #pragma alloc_text (PAGE, EndHook) #endif //////////////////////////////////handerl /////////////////////////////////// VOID /*__fastcall*/ NewISR() { DWORD dwServiceId; BYTE nFunCode; BYTE nDrive; __asm mov dwServiceId,eax; __asm mov nFunCode, ah; __asm mov nDrive, dl; //todo: // //__asm iretd; OldISR(); // } FARPROC HookInt(int nVector, FARPROC HookFun) { IDTR idtr; PIDTENTRY IdtEntry; __asm sidt idtr; IdtEntry = (PIDTENTRY)idtr.IDTBase; OldISR = (FUNC_INTERRUPT)((IdtEntry[nVector].OffsetHigh << 16) | (IdtEntry[nVector].OffsetLow)); __asm cli IdtEntry[nVector].OffsetLow = (unsigned short)HookFun; IdtEntry[nVector].OffsetHigh = (unsigned short)((unsigned int)HookFun >> 16); __asm sti; return (FARPROC)OldISR; } VOID UnhookInt(int nVector) { IDTR idtr; PIDTENTRY IdtEntry; __asm sidt idtr; IdtEntry = (PIDTENTRY)idtr.IDTBase; __asm cli IdtEntry[nVector].OffsetLow = (unsigned short)OldISR; IdtEntry[nVector].OffsetHigh = (unsigned short)((unsigned int)OldISR >> 16); __asm sti; } /* NTSTATUS IsIrpCD(IN PIRP Irp ) { PSCSI_REQUEST_BLOCK srb = NULL; PIO_STACK_LOCATION currentIrpStack; if(!Irp) return STATUS_UNSUCCESSFUL; currentIrpStack = IoGetCurrentIrpStackLocation(Irp); srb = currentIrpStack->Parameters.Scsi.Srb; if(!srb) return STATUS_UNSUCCESSFUL; //if(srb->PathId) //if(srb->TargetId) if(srb->Lun != (UCHAR)(\'M\')) return STATUS_UNSUCCESSFUL; return STATUS_SUCCESS; }*/ NTSTATUS FinishIrp(IN PDEVICE_OBJECT DeviceObject, IN OUT PIRP Irp ) { if(!Irp) return STATUS_UNSUCCESSFUL; if(!DeviceObject) return STATUS_UNSUCCESSFUL; Irp->IoStatus.Information = 0; Irp->IoStatus.Status = STATUS_SUCCESS; IoCompleteRequest(Irp, IO_NO_INCREMENT ); return STATUS_SUCCESS; } VOID DisableWriteProtect( PULONG pOldAttr) { ULONG uAttr; _asm { push eax; mov eax, cr0; mov uAttr, eax; and eax, 0FFFEFFFFh; // CR0 16 BIT = 0 mov cr0, eax; pop eax; }; *pOldAttr = uAttr; //保存原有的 CRO 属性 } VOID EnableWriteProtect( ULONG uOldAttr ) { _asm { push eax; mov eax, uOldAttr; //恢复原有 CR0 属性 mov cr0, eax; pop eax; }; } NTSTATUS BeginHook() { NTSTATUS status; _asm cli OldISR = (FUNC_INTERRUPT)HookInt( 0x2e, (FARPROC)NewISR); _asm sti if ( OldISR == NULL) { return STATUS_UNSUCCESSFUL; } return STATUS_SUCCESS; } void EndHook() { _asm cli UnhookInt( 0x2E); _asm sti return ; } //////////////////////////////////handerl /////////////////////////////////// NTSTATUS DriverEntry( IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath ) { ULONG ulIndex; PDRIVER_DISPATCH * dispatch; // // Create dispatch points // for (ulIndex = 0, dispatch = DriverObject->MajorFunction; ulIndex <= IRP_MJ_MAXIMUM_FUNCTION; ulIndex++, dispatch++) { *dispatch = SendToNextDriver; } // // Set up the device driver entry points. // //DriverObject->MajorFunction[IRP_MJ_READ] = DWReadWrite; //DriverObject->MajorFunction[IRP_MJ_WRITE] = DWReadWrite; //DriverObject->MajorFunction[IRP_MJ_SCSI] = DWReadWrite; DriverObject->MajorFunction[IRP_MJ_PNP] = DWPNP; DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = DWDeviceControl; DriverObject->DriverExtension->AddDevice = AddDevice; DriverObject->DriverUnload = Unload; return(STATUS_SUCCESS); } // end DriverEntry() NTSTATUS AddDevice( IN PDRIVER_OBJECT DriverObject, IN PDEVICE_OBJECT PhysicalDeviceObject ) { NTSTATUS status; PDEVICE_OBJECT filterDeviceObject; PDEVICE_EXTENSION deviceExtension; UNICODE_STRING symbollink; UNICODE_STRING devicename; //const GUID guidname = //{ 0x8bdc432a, 0x5403, 0x4aa8, { 0x9d, 0x7c, 0x71, 0xf0, 0xc2, 0x80, 0x9a, 0x39 } }; PAGED_CODE(); RtlInitUnicodeString(&devicename, (PCWSTR)(L\"\\\\device\\\\hanlock\")); status = IoCreateDevice(DriverObject, sizeof(DEVICE_EXTENSION), &devicename, FILE_DEVICE_CD_ROM , 0, FALSE, &filterDeviceObject); if (!NT_SUCCESS(status)) { return status; } filterDeviceObject->Flags |= DO_DIRECT_IO; deviceExtension = (PDEVICE_EXTENSION) filterDeviceObject->DeviceExtension; RtlZeroMemory(deviceExtension, sizeof(DEVICE_EXTENSION)); //ZEROMEMORY deviceExtension->PhysicalDeviceObject = PhysicalDeviceObject; deviceExtension->TargetDeviceObject = IoAttachDeviceToDeviceStack(filterDeviceObject, PhysicalDeviceObject); if (deviceExtension->TargetDeviceObject == NULL) { IoDeleteDevice(filterDeviceObject); return STATUS_NO_SUCH_DEVICE; } deviceExtension->DeviceObject = filterDeviceObject; filterDeviceObject->Flags |= DO_POWER_PAGABLE; filterDeviceObject->Flags &= ~DO_DEVICE_INITIALIZING; RtlInitUnicodeString(&symbollink, (PCWSTR)(L\"\\\\??\\\\hanlock\")); IoCreateSymbolicLink(&symbollink, &devicename); //IoRegisterDeviceInterface(filterDeviceObject, &guidname, NULL, &symbollink); deviceExtension->bDiswrite = FALSE; return STATUS_SUCCESS; } NTSTATUS SendToNextDriver( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ) { PDEVICE_EXTENSION deviceExtension; IoSkipCurrentIrpStackLocation(Irp); deviceExtension = (PDEVICE_EXTENSION) DeviceObject->DeviceExtension; return IoCallDriver(deviceExtension->TargetDeviceObject, Irp); } // end SendToNextDriver() VOID Unload( IN PDRIVER_OBJECT DriverObject ) { PAGED_CODE(); return; } NTSTATUS DWDeviceControl( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ) { NTSTATUS status; PIO_STACK_LOCATION currentIrpStack; PDEVICE_EXTENSION deviceExtension; if(!Irp) return STATUS_UNSUCCESSFUL; currentIrpStack = IoGetCurrentIrpStackLocation(Irp); deviceExtension = (PDEVICE_EXTENSION) DeviceObject->DeviceExtension; if(currentIrpStack->Parameters.DeviceIoControl.IoControlCode == DISBURN_IOCTL_LOCK) { if( *(BYTE*)(Irp->AssociatedIrp.SystemBuffer) ) { status = STATUS_SUCCESS; if(!(deviceExtension->bDiswrite) ) status = BeginHook(); if( (NT_SUCCESS(status)) ) { *((PBOOLEAN)Irp->AssociatedIrp.SystemBuffer) = TRUE; //*((PBOOLEAN)Irp->UserBuffer) = TRUE; deviceExtension->bDiswrite = TRUE; } else *((PBOOLEAN)Irp->AssociatedIrp.SystemBuffer) = FALSE; //*((PBOOLEAN)Irp->UserBuffer) = FALSE; //currentIrpStack->Parameters.DeviceIoControl.OutputBufferLength = 1; Irp->IoStatus.Information = 1; Irp->IoStatus.Status = STATUS_SUCCESS; IoCompleteRequest(Irp, IO_NO_INCREMENT ); return STATUS_SUCCESS; } else { if(deviceExtension->bDiswrite ) EndHook(); deviceExtension->bDiswrite = FALSE; return FinishIrp(DeviceObject, Irp); } } else if(currentIrpStack->Parameters.DeviceIoControl.IoControlCode == DISBURN_IOCTL_GETLOCK) { if(deviceExtension->bDiswrite) *((PBOOLEAN)Irp->AssociatedIrp.SystemBuffer) = TRUE; //*((PBOOLEAN)Irp->UserBuffer) = TRUE; else *((PBOOLEAN)Irp->AssociatedIrp.SystemBuffer) = FALSE; //*((PBOOLEAN)Irp->UserBuffer) = FALSE; //currentIrpStack->Parameters.DeviceIoControl.OutputBufferLength = 1; Irp->IoStatus.Information = 1; Irp->IoStatus.Status = STATUS_SUCCESS; IoCompleteRequest(Irp, IO_NO_INCREMENT ); return STATUS_SUCCESS; } return SendToNextDriver(DeviceObject, Irp); } NTSTATUS DWPNP( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ) { //UNICODE_STRING symbollink; PDEVICE_EXTENSION deviceExtension; PIO_STACK_LOCATION currentIrpStack; PAGED_CODE(); currentIrpStack = IoGetCurrentIrpStackLocation(Irp); deviceExtension = (PDEVICE_EXTENSION) DeviceObject->DeviceExtension; if(IRP_MN_REMOVE_DEVICE == currentIrpStack->MinorFunction) { //RtlInitUnicodeString(&symbollink, (PCWSTR)(L\"\\\\??\\\\disburn\")); //IoDeleteSymbolicLink(&symbollink); IoDetachDevice(deviceExtension->TargetDeviceObject); IoDeleteDevice(DeviceObject); } return SendToNextDriver(DeviceObject, Irp); } /* 添加软件中断的实现过程 NTSTATUS InstallIG() { …… //判断我们想要添加的中断是否已被占用; if(IdtEntry[ADDINTID].OffsetLow != 0 || IdtEntry[ADDINTID].OffsetHigh != 0) { return STATUS_UNSUCCESSFUL; } //复制原始的中断门描述信息; RtlCopyMemory(&OldIdtEntry,&IdtEntry[ADDINTID],sizeof(OldIdtEntry)); //关中断 __asm cli //更新执行代码偏移量的底16位; IdtEntry[ADDINTID].OffsetLow = (unsigned short)InterruptServiceRoutine; //目的代码段的段选择器,CS为8; IdtEntry[ADDINTID].Selector = 8; //保留位,始终为零; IdtEntry[ADDINTID].Reserved = 0; //门类型,0xe代表中断门; IdtEntry[ADDINTID].Type = 0xe; //SegmentFlag设置0代码为段; IdtEntry[ADDINTID].SegmentFlag = 0; //描述符权限等级为3,允许用户模式程序调用本中断; IdtEntry[ADDINTID].DPL = 3; //呈现标志位,设置为一; IdtEntry[ADDINTID].Present = 1; //更新执行代码偏移量的高16位; IdtEntry[ADDINTID].OffsetHigh = (unsigned short)((unsigned int)InterruptServiceRoutine >> 16); //开中断 __asm sti return STATUS_SUCCESS; } VOID RemoveIG() { …… __asm cli //恢复我们修改过的中断门描述符; RtlCopyMemory(&IdtEntry[ADDINTID],&OldIdtEntry,sizeof(OldIdtEntry)); __asm sti } extern void _cdecl InterruptServiceRoutine(VOID) { unsigned int Command; //获取eax寄存器中的数值,接受从用户模式传入的命令参数; __asm mov Command,eax; //执行内核代码,获取操作系统版本号; DbgPrint(\"NtBuildNumber == %d\\n\",(unsigned short)NtBuildNumber); //中断返回; __asm iretd; } */ |
|
|
8楼#
发布于:2005-04-21 13:29
sources文件如下:
DRIVERTYPE=WDM TARGETNAME=hanlock TARGETTYPE=DRIVER TARGETPATH=obj #TARGETPATH=$(BASEDIR)\\lib #INCLUDES=$(BASEDIR)\\inc SOURCES=mylock.c |
|
|
9楼#
发布于:2005-04-21 13:32
inf文件如下:
;; Hanlock.inf ;; ********* PLEASE READ *********** ;; The wizard cannot create exact INF files for all buses and device types. ;; You may have to make changes to this file in order to get your device to ;; install. In particular, hardware IDs and logical configurations require ;; intervention. ;; ;; The Windows DDK documentation contains an excellent INF reference. ;--------- Version Section --------------------------------------------------- [Version] Signature=\"$Windows 95$\" ; If device fits one of the standard classes, use the name and GUID here, ; otherwise create your own device class and GUID as this example shows. Class=NewDeviceClass ClassGUID={ff646f80-8def-11d2-9449-00105a075f6b} Provider=%ProviderName% ;--------- SourceDiskNames and SourceDiskFiles Section ----------------------- ; These sections identify source disks and files for installation. They are ; shown here as an example, but commented out. ;[SourceDisksNames] ;1 = \"Install Disk\",Disk1,, ;[SourceDisksFiles] ;hanlock.sys = 1,, ;--------- ClassInstall/ClassInstall32 Section ------------------------------- ; Not necessary if using a standard class ; 9X Style [ClassInstall] Addreg=Class_AddReg ; NT Style [ClassInstall32] Addreg=Class_AddReg [Class_AddReg] HKR,,,,%DeviceClassName% HKR,,Icon,,\"-18\" ;--------- DestinationDirs Section ------------------------------------------- [DestinationDirs] Hanlock_Files_Driver = 10,System32\\Drivers ;--------- Manufacturer and Models Sections ---------------------------------- [Manufacturer] %MfgName%=Mfg0 [Mfg0] %DeviceDesc%=Hanlock_DDI, *hanlock ;---------- DDInstall Sections ----------------------------------------------- ; --------- Windows 9X ----------------- ; Experimentation has shown that DDInstall root names greater than 19 characters ; cause problems in Windows 98 [Hanlock_DDI] CopyFiles=Hanlock_Files_Driver AddReg=Hanlock_9X_AddReg [Hanlock_9X_AddReg] HKR,,DevLoader,,*ntkern HKR,,NTMPDriver,,hanlock.sys HKR, \"Parameters\", \"BreakOnEntry\", 0x00010001, 0 ; --------- Windows NT ----------------- [Hanlock_DDI.NT] CopyFiles=Hanlock_Files_Driver AddReg=Hanlock_NT_AddReg [Hanlock_DDI.NT.Services] Addservice = Hanlock, 0x00000002, Hanlock_AddService [Hanlock_AddService] DisplayName = %SvcDesc% ServiceType = 1 ; SERVICE_KERNEL_DRIVER StartType = 3 ; SERVICE_DEMAND_START ErrorControl = 1 ; SERVICE_ERROR_NORMAL ServiceBinary = %10%\\System32\\Drivers\\hanlock.sys [Hanlock_NT_AddReg] HKLM, \"System\\CurrentControlSet\\Services\\Hanlock\\Parameters\",\\ \"BreakOnEntry\", 0x00010001, 0 ; --------- Files (common) ------------- [Hanlock_Files_Driver] hanlock.sys ;--------- Strings Section --------------------------------------------------- [Strings] ProviderName=\"Your Company Name here\" MfgName=\"Name of HW Manufacturer here\" DeviceDesc=\"Hanlock Driver\" DeviceClassName=\"Description of Hanlock Device class here\" SvcDesc=\"Description of Hanlock NT service here\" |
|
|
10楼#
发布于:2005-04-21 13:34
老大,我是在windows xp下试验的。
麻烦你帮小弟看一下。先谢谢了。 |
|
|
11楼#
发布于:2005-04-21 13:40
对了,还有测试用的几个函数:
#include <winioctl.h> #define DISBURN_IOCTL_LOCK CTL_CODE(FILE_DEVICE_CD_ROM, 0x800, METHOD_BUFFERED, FILE_WRITE_DATA|FILE_READ_DATA) #define DISBURN_IOCTL_GETLOCK CTL_CODE(FILE_DEVICE_CD_ROM, 0x801, METHOD_BUFFERED, FILE_WRITE_DATA|FILE_READ_DATA) bool OpenDriver() { theApp.m_Driver = CreateFile(\"\\\\\\\\.\\\\hanlock\", GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL); if(theApp.m_Driver == INVALID_HANDLE_VALUE) return false; return true; } ////////////////////////////////////////// void CloseDriver() { if (theApp.m_Driver != INVALID_HANDLE_VALUE) { CloseHandle(theApp.m_Driver); theApp.m_Driver = INVALID_HANDLE_VALUE; } } ////////////////////////// BOOL BurnIsDVDBurnValid() { CHAR bufferOut[1]; ULONG nOutput = 0; memset(bufferOut, 0, 1); BOOL bRet = DeviceIoControl(theApp.m_Driver, DISBURN_IOCTL_GETLOCK, NULL, 0, bufferOut, 1, &nOutput, NULL); if(!bRet) return TRUE; if( (bufferOut[0]) ) return FALSE; return TRUE; } ////////////////////////////// BOOL BurnValidateDVDBurn(BOOL bEnabled) { CHAR bufferIn[1]; CHAR bufferOut[1]; ULONG nOutput = 0; memset(bufferIn, 0, 1); memset(bufferOut, 0, 1); if(!bEnabled) memset(bufferIn, 1, 1); BOOL bRet = DeviceIoControl(theApp.m_Driver, DISBURN_IOCTL_LOCK, bufferIn, 1, bufferOut, 1, &nOutput, NULL); if(!bRet) return FALSE; if(! (bufferOut[0]) ) return FALSE; return TRUE; } |
|
|
12楼#
发布于:2005-04-21 13:42
代码里有burn的字样,是以前遗留下来的。
|
|
|
13楼#
发布于:2005-04-21 14:25
麻烦老大有空的时候帮我看一下。我电脑上没有装 ftp服务器
之类的软件,所以只好贴源代码了。 |
|
|
14楼#
发布于:2005-04-21 15:48
麻烦老大有空的时候帮我看一下。我电脑上没有装 ftp服务器 小狗狗很可爱优,只是版本降低了,从idapro5到idapro47了,偶本想克隆一个,嘻嘻,回去在偶的实验机上跑跑 |
|
|
15楼#
发布于:2005-04-22 09:55
麻烦老大有空的时候帮我看一下。我电脑上没有装 ftp服务器 快救偶,本想试试,结果却自己死死了,看来以后不能偷懒用44了,嘿嘿... http://www.driverdevelop.com/forum/html_90820.html?1114134469 http://www.driverdevelop.com/forum/html_90817.html?1114134596 |
|
|
16楼#
发布于:2005-04-22 10:01
小狗狗很可爱优,只是版本降低了,从idapro5到idapro47了,偶本想克隆一个,嘻嘻,回去在偶的实验机上跑跑 小狗确实不错,健康活泼又可爱。 |
|
|
17楼#
发布于:2005-04-22 10:09
[quote] 小狗狗很可爱优,只是版本降低了,从idapro5到idapro47了,偶本想克隆一个,嘻嘻,回去在偶的实验机上跑跑 小狗确实不错,健康活泼又可爱。 [/quote] 小狗还很善良,快救偶... |
|
|
18楼#
发布于:2005-04-22 10:51
小狗还很善良,快救偶... 正义之狗,而且还很勇敢。 狗是动物中比较有灵气的啦。 |
|
|
19楼#
发布于:2005-04-25 09:48
没有完全按你的方法做,给你试好了,我还是喜欢动态加载驱动,所以又用了我以前的unwin2k,由于arthurtu老大的E文vs2003,我正下载中,所以周六折腾了一下午,全部重装那个破中文Vs 2003,还是用那个破中文Vs 2003做的。周日作的
结果可能令你吃惊,Xp不用int2e了,绝不,int2e已如末日黄花了,我做的时候,无数次将int 2e设错,但系统丝毫未受影响 |
|
|
上一页
下一页