zoukankan      html  css  js  c++  java

  • 服务方式加载卸载NT驱动函数集

    /***************************************************************************
    *
    *    原理:利用SCM组件服务方式加载驱动
    *    1、创建服务
    *    2、开启服务
    *    3、关闭服务
    *    4、删除服务
    *
    ****************************************************************************/
    /****************************************************************************
    *
    *    函数名:LoadNTDriver
    *    参数:
    *            【IN】char* DriverName , char* DriverPath
    *            【OUT】
    *    功能描述:加载NT驱动
    *    返回值:Bool 成功返回TRUE 失败返回FALSE
    *  
    *
    ****************************************************************************/
    #include <windows.h>
    BOOL LoadNTDriver( char* DriverName, char* DriverPath )
    {
    BOOL bRet = false;
    SC_HANDLE hManager = NULL;    //SCM管理句柄
    SC_HANDLE hService = NULL;    //NT驱动服务句柄

    //打开服务控制管理器SCM
    hManager = OpenSCManager ( NULL, NULL, SC_MANAGER_ALL_ACCESS );
    if( hManager == NULL )
    {
    //打开服务管理器失败
    MessageBox( NULL, "ERROR", "OpenSCM", MB_OK );
    bRet = false;
    CloseServiceHandle( hManager );
    return bRet;
    }
    else
    {
    MessageBox( NULL, "SUCCESS", "OpenSCM", MB_OK );
    }

    //创建服务
    hService = CreateService( hManager,
    DriverName,
    DriverName,
    SERVICE_ALL_ACCESS,
    SERVICE_KERNEL_DRIVER,
    SERVICE_DEMAND_START,
    SERVICE_ERROR_IGNORE,
    DriverPath,
    NULL,
    NULL,
    NULL,
    NULL,
    NULL );
    DWORD dwRtn;
    if( hService == NULL )
    {
    dwRtn = GetLastError();
    if( dwRtn != ERROR_IO_PENDING && dwRtn != ERROR_SERVICE_EXISTS )
    {
    //由于其他原因创建服务失败
    MessageBox( NULL, "ERROR", "CreateService", MB_OK );
    bRet = false;
    CloseServiceHandle( hManager );
    CloseServiceHandle( hService );
    return bRet;
    }
    else
    {
    //服务已经创建过  只需打开服务
    MessageBox( NULL, "ERROR", "Service Created", MB_OK );
    }
    //打开服务
    hService = OpenService( hManager, DriverName, SERVICE_ALL_ACCESS );
    if( hService == NULL )
    {
    //打开服务失败
    MessageBox( NULL, "ERROR", "OpenService", MB_OK );
    bRet = false;
    CloseServiceHandle( hManager );
    CloseServiceHandle( hService );
    return bRet;
    }
    else
    {
    MessageBox( NULL, "SUCCESS", "OpenService", MB_OK );
    }
    }
    else
    {
    MessageBox( NULL, "SUCCESS", "CreateService", MB_OK );
    }

    //开启服务
    bRet = StartService( hService, NULL, NULL);
    if( !bRet )
    {
    dwRtn = GetLastError();
    if( dwRtn != ERROR_IO_PENDING && dwRtn != ERROR_SERVICE_ALREADY_RUNNING)
    {
    MessageBox( NULL, "SUCCESS", "StartService", MB_OK );
    bRet = false;
    CloseServiceHandle( hManager );
    CloseServiceHandle( hService );
    return bRet;
    }
    else
    {
    if( dwRtn == ERROR_IO_PENDING )
    {
    //设备被挂住
    MessageBox( NULL, "ERROR", "StartService", MB_OK );
    bRet = false;
    CloseServiceHandle( hManager );
    CloseServiceHandle( hService );
    return bRet;
    }
    else
    {
    //服务已经启动
    MessageBox( NULL, "SUCCESS", "StartService", MB_OK );
    bRet = true;
    CloseServiceHandle( hManager );
    CloseServiceHandle( hService );
    return bRet;

    }
    }
    }
    MessageBox( NULL, "SUCCESS", "StartService", MB_OK );
    CloseServiceHandle( hManager );
    CloseServiceHandle( hService );
    return bRet;
    }
    /****************************************************************************
    *
    *    函数名:UnLoadNTDriver
    *    参数:
    *            【IN】char* DriverName , char* DriverPath
    *            【OUT】
    *    功能描述:卸载NT驱动
    *    返回值:Bool 成功返回TRUE 失败返回FALSE
    *    作者:sysdog , 2009/10/7
    *
    ****************************************************************************/
    BOOL UnLoadNTDriver( char* DriverName, char* DriverPath )
    {
    BOOL bRet = false;
    SC_HANDLE hManager = NULL;
    SC_HANDLE hService = NULL;
    SERVICE_STATUS SvrSta;

    //打开SCM管理器
    hManager = OpenSCManager( NULL, NULL, SC_MANAGER_ALL_ACCESS );
    if( hManager == NULL )
    {
    //打开服务管理器失败
    MessageBox( NULL, "ERROR", "OpenSCM", MB_OK );
    bRet = false;
    CloseServiceHandle( hManager );
    return bRet;
    }
    else
    {
    MessageBox( NULL, "SUCCESS", "OpenSCM", MB_OK );
    }
    //打开服务
    hService = OpenService( hManager, DriverName, SERVICE_ALL_ACCESS );
    if( hService == NULL )
    {
    //打开服务失败
    MessageBox( NULL, "ERROR", "OpenService", MB_OK );
    bRet = false;
    CloseServiceHandle( hManager );
    CloseServiceHandle( hService );
    return bRet;
    }
    else
    {
    MessageBox( NULL, "SUCCESS", "OpenService", MB_OK );
    }
    //停止驱动
    if( !ControlService( hService,SERVICE_CONTROL_STOP, &SvrSta) )
    {
    MessageBox( NULL, "ERROR", "ControlService", MB_OK );
    }
    else
    {
    MessageBox( NULL, "SUCCESS", "ControlService", MB_OK );
    }
    //卸载服务
    if( !DeleteService( hService ) )
    {
    MessageBox( NULL, "ERROR", "DeleteService", MB_OK );
    }
    else
    {
    MessageBox( NULL, "SUCCESS", "DeleteService", MB_OK );
    }
    bRet = true;
    CloseServiceHandle( hManager );
    CloseServiceHandle( hService );
    return bRet;
    }
  • 相关阅读:
    MySQL的注入过程
    nmap 扫描器的功能
    用dvwa演示带有用户令牌(user_token)的暴力破解
    在python中安装requests模块
    如何发现struts2漏洞
    vs2017的主题颜色的配置
    在vs上开发linux c++
    linux主机之间的SSH链接
    verilog 实用的小技巧
    verilog 实现DDS
  • 原文地址:https://www.cnblogs.com/forlina/p/2134567.html
Copyright © 2011-2022 走看看