Mi pequeño Loader, que hace :
1-) registrar un servicio y ejecutarlo
2-) detener un servicio y eliminarlo
Loader:
#include <Windows.h>
#include <stdio.h>
char *driver = "C:\\hellowWorld.sys";
void instalar_driver() {
SC_HANDLE Manager = OpenSCManager(NULL, NULL, SC_MANAGER_CREATE_SERVICE);
if (Manager != ERROR) {
printf("\nCargando el driver..."); SC_HANDLE Service = CreateService(Manager, "TEST", "TEST", SERVICE_START | DELETE | SERVICE_STOP, SERVICE_KERNEL_DRIVER, SERVICE_DEMAND_START, SERVICE_ERROR_IGNORE, driver, NULL, NULL, NULL, NULL, NULL);
if (Service == ERROR) {
Service = OpenService(Manager, "TEST", SERVICE_START | DELETE | SERVICE_STOP);
}
if (Service) {
StartService(Service, 0, NULL);
printf("\nServicio Ejecutado"); }
CloseServiceHandle(Manager);
}
}
void eliminar_driver() {
SC_HANDLE Manager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
if (Manager != ERROR) {
SC_HANDLE Service = OpenService(Manager, "TEST", SERVICE_START | DELETE | SERVICE_STOP);
if (Service != ERROR) {
SERVICE_STATUS status;
ControlService(Service, SERVICE_CONTROL_STOP, &status);
printf("\nServicio Detenido"); DeleteService(Service);
printf("\nServicio Eliminado"); CloseServiceHandle(Service);
}
CloseServiceHandle(Manager);
}
}
int main(void) {
int opcion;
while (1)
{
printf("\n2) eliminar driver de la memoria"); printf("\n3) salir del menu"); switch (opcion) {
case 1:
instalar_driver();
break;
case 2:
eliminar_driver();
break;
case 3:
default:
printf("\n\nOpcion incorrecta"); break;
}
}
return 0;
}
Codigo del Driver
#include <ntddk.h>
VOID Unload(PDRIVER_OBJECT DriverObject)
{
DbgPrint("Driver Unloaded From Memory\n");
}
NTSTATUS DriverEntry(PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegisterPath)
{
DbgPrint("Hellow World From Kernel Space\n");
DriverObject->DriverUnload = Unload; // No siempre hay que limpiar el codigo , pero si es recomendable si vamos a hacer pruebas, ya que , de lo contrario hay que reiniciar el ordenador continuamente
return STATUS_SUCCESS;
}
https://imgur.com/kfXwXNf (https://imgur.com/kfXwXNf)
https://imgur.com/oeWnpO1 (https://imgur.com/oeWnpO1)
https://imgur.com/4obeza9 (https://imgur.com/4obeza9)