vc编程实现sys文件的安装
#include <windows.h> #include <winsvc.h> #include <conio.h> #include <stdio.h> #define DRIVER_NAME "123467" #define DRIVER_PATH "..\HelloDDK.sys" //装载NT驱动程序 BOOL LoadNTDriver(char* lpszDriverName,char* lpszDriverPath) { /************************ 加载NT驱动的代码******************************* ① 调用OpenSCManager,打开SCM管理器.如果返回NULL,则返回失败,否则继续 ② 调用CreateService,创建服务,创建成功则转步骤 ⑥ ③ 用GetLastError的得到错误返回值 ④ 返回值为ERROR_IO_PENDING,说明服务已经创建过,用OpenService打开此服务. ⑤ 返回值为其他值, 创建武服务失败,返回失败. ⑥ 调用StartService开启服务 ⑦ 成功返回 ************************************************************************/ char szDriverImagePath[256]; //得到完整的驱动路径 GetFullPathName(lpszDriverPath, 256, szDriverImagePath, NULL); BOOL bRet = FALSE; SC_HANDLE hServiceMgr=NULL;// SCM管理器的句柄 SC_HANDLE hServiceDDK=NULL;// NT驱动程序的服务句柄 //打开服务控制管理器 hServiceMgr = OpenSCManager( NULL, NULL, SC_MANAGER_ALL_ACCESS ); if( hServiceMgr == NULL ) { // OpenSCManager失败 printf( "OpenSCManager() Faild %d ! n", GetLastError() ); bRet = FALSE; goto BeforeLeave; } else { // OpenSCManager成功 printf( "OpenSCManager() ok ! n" ); } //创建驱动所对应的服务 hServiceDDK = CreateService( hServiceMgr, lpszDriverName, // 驱动程序的在注册表中的名字 lpszDriverName, // 注册表驱动程序的 DisplayName 值 SERVICE_ALL_ACCESS, // 加载驱动程序的访问权限 SERVICE_KERNEL_DRIVER, // 表示加载的服务是驱动程序 SERVICE_DEMAND_START, // 注册表驱动程序的 Start 值 SERVICE_ERROR_IGNORE, // 注册表驱动程序的 ErrorControl 值 szDriverImagePath, // 注册表驱动程序的 ImagePath 值 NULL, NULL, NULL, NULL, NULL); DWORD dwRtn; // 判断服务是否失败 if( hServiceDDK == NULL ) { dwRtn = GetLastError(); if( dwRtn != ERROR_IO_PENDING && dwRtn != ERROR_SERVICE_EXISTS ) { //由于其他原因创建服务失败 printf( "CrateService() Faild %d ! n", dwRtn ); bRet = FALSE; goto BeforeLeave; } else { //服务创建失败,是由于服务已经创立过 printf( "CrateService() Faild Service is ERROR_IO_PENDING or ERROR_SERVICE_EXISTS! n" ); } // 驱动程序已经加载,只需要打开 hServiceDDK = OpenService( hServiceMgr, lpszDriverName, SERVICE_ALL_ACCESS ); if( hServiceDDK == NULL ) { // 如果打开服务也失败,则意味错误 dwRtn = GetLastError(); printf( "OpenService() Faild %d ! n", dwRtn ); bRet = FALSE; goto BeforeLeave; } else { printf( "OpenService() ok ! n" ); } } else { printf( "CrateService() ok ! n" ); } // 开启此项服务 bRet= StartService( hServiceDDK, NULL, NULL ); if( !bRet ) { DWORD dwRtn = GetLastError(); if( dwRtn != ERROR_IO_PENDING && dwRtn != ERROR_SERVICE_ALREADY_RUNNING ) { printf( "StartService() Faild %d ! n", dwRtn ); bRet = FALSE; goto BeforeLeave; } else { if( dwRtn == ERROR_IO_PENDING ) { // 设备被挂住 printf( "StartService() Faild ERROR_IO_PENDING ! n"); bRet = FALSE; goto BeforeLeave; } else { // 服务已经开启 printf( "StartService() Faild ERROR_SERVICE_ALREADY_RUNNING ! n"); bRet = TRUE; goto BeforeLeave; } } } bRet = TRUE; // 离开前关闭句柄 BeforeLeave: if(hServiceDDK) { CloseServiceHandle(hServiceDDK); // 服务句柄 } if(hServiceMgr) { CloseServiceHandle(hServiceMgr); // SCM句柄 } return bRet; } // 卸载驱动程序 BOOL UnloadNTDriver( char * szSvrName ) { /************************* 卸载NT驱动的代码****************************** ① 调用OpenSCManager,打开SCM管理器,如果返回NULL,则返回失败,否则继续. ② 调用OpenService.如果返回NULL,则返回失败,否则继续 ③ 调用DeleteService卸载此项服务. ④ 成功返回. ************************************************************************/ BOOL bRet = FALSE; SC_HANDLE hServiceMgr=NULL;// SCM管理器的句柄 SC_HANDLE hServiceDDK=NULL;// NT驱动程序的服务句柄 SERVICE_STATUS SvrSta; // 打开SCM管理器 hServiceMgr = OpenSCManager( NULL, NULL, SC_MANAGER_ALL_ACCESS ); if( hServiceMgr == NULL ) { // 打开SCM管理器失败 printf( "OpenSCManager() Faild %d ! n", GetLastError() ); bRet = FALSE; goto BeforeLeave; } else { // 打开SCM管理器失败成功 printf( "OpenSCManager() ok ! n" ); } // 打开驱动所对应的服务 hServiceDDK = OpenService( hServiceMgr, szSvrName, SERVICE_ALL_ACCESS ); if( hServiceDDK == NULL ) { // 打开驱动所对应的服务失败 printf( "OpenService() Faild %d ! n", GetLastError() ); bRet = FALSE; goto BeforeLeave; } else { printf( "OpenService() ok ! n" ); } // 停止驱动程序,如果停止失败,只有重新启动才能,再动态加载。 if( !ControlService( hServiceDDK, SERVICE_CONTROL_STOP , &SvrSta ) ) { printf( "ControlService() Faild %d !n", GetLastError() ); } else { // 打开驱动所对应的失败 printf( "ControlService() ok !n" ); } // 动态卸载驱动程序。 if( !DeleteService( hServiceDDK ) ) { // 卸载失败 printf( "DeleteSrevice() Faild %d !n", GetLastError() ); } else { // 卸载成功 printf( "DelServer:eleteSrevice() ok !n" ); } bRet = TRUE; BeforeLeave: // 离开前关闭打开的句柄 if(hServiceDDK) { CloseServiceHandle(hServiceDDK); // 服务句柄 } if(hServiceMgr) { CloseServiceHandle(hServiceMgr); // SCM 句柄 } return bRet; } void TestDriver() { // 测试驱动程序 HANDLE hDevice = CreateFile("\\.\HelloDDK", GENERIC_WRITE | GENERIC_READ, 0, NULL, OPEN_EXISTING, 0, NULL); if( hDevice != INVALID_HANDLE_VALUE ) { MessageBox(NULL,"SUCESSFULLY....ComeOn...","Yes",0); printf( "Create Device ok ! n" ); } else { printf( "Create Device faild %d ! n", GetLastError() ); MessageBox(NULL,"Faild...Fuckking...","No",0); } CloseHandle( hDevice ); } int main(int argc, char* argv[]) { UnloadNTDriver(DRIVER_NAME); // 加载驱动 BOOL bRet = LoadNTDriver(DRIVER_NAME,DRIVER_PATH); if (!bRet) { printf("LoadNTDriver errorn"); return 0; } // 加载成功 printf( "press any to create device!n" ); getch(); TestDriver(); // 这时候你可以通过注册表,或其他查看符号连接的软件验证。 printf( "press any to unload the driver!n" ); getch(); // 卸载驱动 UnloadNTDriver(DRIVER_NAME); // if (!bRet) // { // printf("UnloadNTDriver errorn"); // return 0; // } system("pause"); return 0; }
