Mi pequeño Loader, que hace :
1-) registrar un servicio y ejecutarlo
2-) detener un servicio y eliminarlo
Loader:
#include <Windows.h>
#include <stdio.h>
char *driver = "C:\\hellowWorld.sys";
void instalar_driver() {
SC_HANDLE Manager = OpenSCManager(NULL, NULL, SC_MANAGER_CREATE_SERVICE);
if (Manager != ERROR) {
printf("\nCargando el driver...");
SC_HANDLE Service = CreateService(Manager, "TEST", "TEST", SERVICE_START | DELETE | SERVICE_STOP, SERVICE_KERNEL_DRIVER, SERVICE_DEMAND_START, SERVICE_ERROR_IGNORE, driver, NULL, NULL, NULL, NULL, NULL);
if (Service == ERROR) {
Service = OpenService(Manager, "TEST", SERVICE_START | DELETE | SERVICE_STOP);
}
if (Service) {
StartService(Service, 0, NULL);
printf("\nServicio Ejecutado");
}
CloseServiceHandle(Manager);
}
}
void eliminar_driver() {
SC_HANDLE Manager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
if (Manager != ERROR) {
SC_HANDLE Service = OpenService(Manager, "TEST", SERVICE_START | DELETE | SERVICE_STOP);
if (Service != ERROR) {
SERVICE_STATUS status;
ControlService(Service, SERVICE_CONTROL_STOP, &status);
printf("\nServicio Detenido");
DeleteService(Service);
printf("\nServicio Eliminado");
CloseServiceHandle(Service);
}
CloseServiceHandle(Manager);
}
}
int main(void) {
int opcion;
while (1)
{
printf("\n1) cargar driver");
printf("\n2) eliminar driver de la memoria");
printf("\n3) salir del menu");
printf("\n\n-> ");
scanf("%d", &opcion);
switch (opcion) {
case 1:
instalar_driver();
break;
case 2:
eliminar_driver();
break;
case 3:
exit(1);
default:
printf("\n\nOpcion incorrecta");
break;
}
}
return 0;
}
Codigo del Driver
#include <ntddk.h>
VOID Unload(PDRIVER_OBJECT DriverObject)
{
DbgPrint("Driver Unloaded From Memory\n");
}
NTSTATUS DriverEntry(PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegisterPath)
{
DbgPrint("Hellow World From Kernel Space\n");
DriverObject->DriverUnload = Unload; // No siempre hay que limpiar el codigo , pero si es recomendable si vamos a hacer pruebas, ya que , de lo contrario hay que reiniciar el ordenador continuamente
return STATUS_SUCCESS;
}
https://imgur.com/kfXwXNf (https://imgur.com/kfXwXNf)
https://imgur.com/oeWnpO1 (https://imgur.com/oeWnpO1)
https://imgur.com/4obeza9 (https://imgur.com/4obeza9)