控制台下修改系统驱动状态的代码
控制臺下修改系統驅動狀態的代碼
最近在sinister大哥的指點下,學習一些驅動方面的東西。在調一個程序很頭痛...于是寫了這個東西,可以安裝,卸載,啟動和停止驅動,也可以查詢當前系統加載驅動的狀況。
沒什么高深的東西,只是調用Advapi32.lib中API來實現的...代碼有點亂...
VC 6.0 sp5 + win2k pro
---------
多謝sinister大哥的指點..
#include <stdio.h>
#include <windows.h>
#include <Winsvc.h>
LPENUM_SERVICE_STATUS EnumServices(SC_HANDLE, LPDWORD);
BOOL InstallService(SC_HANDLE hSCManager, LPCTSTR ServiceName, LPCTSTR ServiceExe);
BOOL RemoveService(SC_HANDLE hSCManager, LPCTSTR ServiceName);
BOOL StartService(SC_HANDLE hSCManager, LPCTSTR ServiceName);
BOOL StopService(SC_HANDLE hSCManager, LPCTSTR ServiceName);
BOOL IsAdmin(void);
void err_show(char*);
void Usage(char*);
int main(int argc, char* argv[])
{
??? SC_HANDLE hSCManager = NULL;
??? int????????? nRet = 0;
??? nRet = IsAdmin();
??? if(!nRet)
??? {
??????? printf("Must administrator privilege!/n");
??? }
??? //
??? // 打開服務控制管理器
??? //
??? hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
??? if(hSCManager == NULL)
??? {
??????? fprintf(stderr, "OpenSCManager() failed. --err: %d/n", GetLastError());
??????? return -1;
??? }
??? //
??? // 調用EnumServices列舉系統中的服務
??? //
??? LPENUM_SERVICE_STATUS lpServices = NULL;
??? DWORD dwServicesReturned = 0;
??? lpServices = EnumServices(hSCManager, &dwServicesReturned);
??? if(lpServices == 0)
??? {
??????? free(lpServices);
??????? CloseServiceHandle(hSCManager);
??????? return -1;
??? }
???
??? //
??? // 顯示服務信息
??? //
??? if(argc == 2)
??? {
??????? //
??????? // 顯示幫助信息
??????? //
??????? if(!stricmp(argv[1], "-h") || !stricmp(argv[1], "-help"))
??????? {
??????????? Usage(argv[0]);
??????????? return 0;
??????? }
??????? for(DWORD i = 0; i < dwServicesReturned; i++, lpServices++)
??????? {
??????????? if(!stricmp(lpServices->lpServiceName, argv[1]))
??????????????? break;
??????? }
??????? if(i == dwServicesReturned)
??????? {
??????????? printf("Service not found!/n");
??????????? free(lpServices);
??????????? CloseServiceHandle(hSCManager);
??????????? return -1;
??????? }
??????? printf("[%s]/n", lpServices->lpDisplayName);
??????? printf("/tService Name: %s/n", lpServices->lpServiceName);
??????? printf("/tService Type: ");
??????? switch(lpServices->ServiceStatus.dwServiceType)
??????? {
??????? case SERVICE_FILE_SYSTEM_DRIVER: printf("File System Driver/n");
??????????? break;
??????? case SERVICE_KERNEL_DRIVER: printf("Device Driver/n");
??????????? break;
??????? default: printf("User-Mode Service/n");
??????????? break;
??????? }
??????? printf("/tState: ");
??????? switch(lpServices->ServiceStatus.dwCurrentState)
??????? {
??????? case SERVICE_PAUSED: printf("PAUSED/n");
??????????? break;
??????? case SERVICE_RUNNING: printf("RUNNING/n");
??????????? break;
??????? case SERVICE_STOPPED: printf("STOPPED/n");
??????????? break;
??????? default: printf("PENDING/n");
??????????? break;
??????? }
??????? free(lpServices);
??????? CloseServiceHandle(hSCManager);
??????? return 0;
??? }
??? if(argc == 1)
??? {
??????? for(DWORD i = 0; i < dwServicesReturned; i++, lpServices++)
??????????? printf("%s??? [%s]/n", lpServices->lpServiceName,
??????????????? lpServices->lpDisplayName);
??????? printf("/n/t/tTotal %d Service(s)./n/n", dwServicesReturned);
??????? free(lpServices);
??????? CloseServiceHandle(hSCManager);
??????? return 0;
??? }
??? // ------------------------
??? // 分析命令行參數
??? // ------------------------
??? //
??? // 安裝服務
??? //
??? if(!stricmp(argv[1], "-install"))
??? {
??????? if(argc != 4)
??????? {
??????????? Usage(argv[0]);
??????????? return 0;
??????? }
??????? nRet = InstallService(hSCManager, argv[2], argv[3]);
??????? if(!nRet)
??????? {
??????????? printf("Install service failed./n");
??????????? return -1;
??????? }
??? }
??? //
??? // 卸載服務
??? //
??? if(!stricmp(argv[1], "-remove"))
??? {
??????? if(argc != 3)
??????? {
??????????? Usage(argv[0]);
??????????? return 0;
??????? }
??????? nRet = RemoveService(hSCManager, argv[2]);
??????? if(!nRet)
??????? {
??????????? printf("Remove service failed./n");
??????????? return -1;
??????? }
??? }
??? //
??? // 啟動服務
??? //
??? if(!stricmp(argv[1], "-start"))
??? {
??????? if(argc != 3)
??????? {
??????????? Usage(argv[0]);
??????????? return 0;
??????? }
??????? nRet = StartService(hSCManager, argv[2]);
??????? if(!nRet)
??????? {
??????????? printf("Start service failed./n");
??????????? return -1;
??????? }
??? }
??? //
??? // 停止服務
??? //
??? if(!stricmp(argv[1], "-stop"))
??? {
??????? if(argc != 3)
??????? {
??????????? Usage(argv[0]);
??????????? return 0;
??????? }
??????? nRet = StopService(hSCManager, argv[2]);
??????? if(!nRet)
??????? {
??????????? printf("Stop service failed./n");
??????????? return -1;
??????? }
??? }
??? // -----------------------------------------------------
??? CloseServiceHandle(hSCManager);
??? return 0;
}
//
//? EnumServices
//? 列舉系統的驅動
//? ----------------------
//? 參數:
//??????? [IN]? SC_HANDLE hSCManager??? 服務管理器句柄
//??????? [OUT] LPDWORD?? lpdwServices? 系統中安裝的驅動的數量
//? 返回值:
//??????? 成功返回ENUM_SERVICE_STATUS結構的指針,否則返回NULL
//?
LPENUM_SERVICE_STATUS EnumServices(SC_HANDLE hSCManager, LPDWORD lpdwServices)
{
??? DWORD cbBytesNeeded = 0;
??? DWORD cbBufSize = 0;
??? DWORD dwServicesReturned = 0;
???
??? int????? nRet = 0;
???
??? //
??? // 首次調用EnumServicesStatus確定緩沖區的大小,由cbBytesNeeded返回
??? //
??? nRet = EnumServicesStatus(
??????? hSCManager,
??????? SERVICE_DRIVER,
??????? SERVICE_STATE_ALL,
??????? NULL,
??????? 0,
??????? &cbBytesNeeded,
??????? lpdwServices,
??????? 0);
??? LPENUM_SERVICE_STATUS lpServices = (LPENUM_SERVICE_STATUS) malloc(cbBytesNeeded);
???????
??? cbBufSize = cbBytesNeeded;
??? nRet = EnumServicesStatus(
??????? hSCManager,
??????? SERVICE_DRIVER,
??????? SERVICE_STATE_ALL,
??????? lpServices,
??????? cbBufSize,
??????? &cbBytesNeeded,
??????? lpdwServices,
??????? 0);
??? if(nRet == 0)
??? {
??????? err_show("EnumServicesStatus()");
??????? return NULL;
??? }
??? return lpServices;
}
//
//? InstallService
//? 安裝服務
//? 參數:
//????? [IN] SC_HANDLE hSCManager?? 服務管理器句柄
//????? [IN] LPCTSTR?? ServiceName? 服務名稱
//????? [IN] LPCTSTR?? ServiceExe?? 可執行文件(需全路徑)
//? 輸出:
//? 成功:返回TRUE,否則返回FALSE
//
BOOL InstallService(SC_HANDLE hSCManager, LPCTSTR ServiceName, LPCTSTR ServiceExe)
{
??? SC_HANDLE? schService;
??? //
??? // so #$%@! ...:)
??? //
??? printf("Install %s... ", ServiceExe);
??? schService = CreateService( hSCManager,???????????????? // SCManager database
??????????????????????????????? ServiceName,???????????? // name of service
??????????????????????????????? ServiceName,???????????? // name to display
??????????????????????????????? SERVICE_ALL_ACCESS,????? // desired access
??????????????????????????????? SERVICE_KERNEL_DRIVER,?? // service type
??????????????????????????????? SERVICE_DEMAND_START,??? // start type
??????????????????????????????? SERVICE_ERROR_NORMAL,??? // error control type
??????????????????????????????? ServiceExe,????????????? // service's binary
??????????????????????????????? NULL,??????????????????? // no load ordering group
??????????????????????????????? NULL,??????????????????? // no tag identifier
??????????????????????????????? NULL,??????????????????? // no dependencies
??????????????????????????????? NULL,??????????????????? // LocalSystem account
??????????????????????????????? NULL???????????????????? // no password
?????????????????????????????? );
??? if (schService == NULL)
??? {
??????? if(GetLastError() == ERROR_SERVICE_EXISTS)
??????? {
??????????? printf("Service has already installed!/n");
??????? }
??????? err_show("CreateService()");
??????? return FALSE;
??? }
??? printf("Ok!/n");
??? CloseServiceHandle(schService);
??? return TRUE;
}
//
//? StartService
//? 啟動服務
//? ----------------
//? 參數:
//????? [IN] SC_HANDLE hSCManager 服務管理器句柄
//????? [IN] LPCTSTR?? ServiceName 驅動名稱
//? 返回值:
//????? 成功返回TRUE,否則返回FALSE
//
BOOL StartService(SC_HANDLE hSCManager, LPCTSTR ServiceName)
{
??? SC_HANDLE? schService = NULL;
??? int??????? nRet = 0;
???
??? schService = OpenService(hSCManager, ServiceName, SERVICE_ALL_ACCESS);
??? if(schService == NULL)
??? {
??????? if(GetLastError() == ERROR_SERVICE_DOES_NOT_EXIST)
??????? {
??????????? printf("Service is not exist!/n");
??????????? return FALSE;
??????? }
??????? err_show("OpenService()");
??????? return FALSE;
??? }
??? nRet = StartService(schService, 0, NULL);
??? if(!nRet)
??? {
??????? if(GetLastError() == ERROR_SERVICE_ALREADY_RUNNING)
??????? {
??????????? printf("Service is already running!/n");
??????????? return nRet;
??????? }
??????? err_show("StartService()");
??? }
??? CloseServiceHandle(schService);
??? return nRet;
}
//
//? StopService
//? 停止驅動
//? ---------------
//? 參數:
//????? [IN] SC_HANDLE hSCManager? 服務管理器句柄
//????? [IN] LPCTSTR?? ServiceName 服務名稱
//? 返回值:
//????? 成功返回TRUE,否則返回FALSE
//
BOOL StopService(SC_HANDLE hSCManager, LPCTSTR ServiceName)
{
??? SC_HANDLE????? schService = NULL;
??? SERVICE_STATUS ServiceStatus;
??? int??????????? nRet = 0;
??? schService = OpenService(hSCManager, ServiceName, SERVICE_ALL_ACCESS);
??? if(schService == NULL)
??????? return FALSE;
??? nRet = ControlService(schService, SERVICE_CONTROL_STOP, &ServiceStatus);
??? if(!nRet)
??? {
??????? switch(GetLastError())
??????? {
??????? case ERROR_SERVICE_NOT_ACTIVE:
??????????? printf("Service has stopped!/n");
??????????? return nRet;
??????? case ERROR_INVALID_SERVICE_CONTROL:
??????????? printf("The requested control code is not valid!/n");
??????????? return nRet;
??????? }
??????? err_show("ControlService()");
??? }
???
??? CloseServiceHandle(schService);
??? return nRet;
}
//
//? RemoveService
//? 卸載服務
//? ------------
//? 參數:
//????? [IN] SC_HANDLE hSCManager?? 服務管理器句柄
//????? [IN] LPCTSTR?? ServiceName? 服務名稱
//? 返回值:
//????? 成功返回TRUE,否則返回FALSE
//
BOOL RemoveService(SC_HANDLE hSCManager, LPCTSTR ServiceName)
{
??? SC_HANDLE schService;
??? int????????? nRet = 0;
??? schService = OpenService(hSCManager, ServiceName, SERVICE_ALL_ACCESS);
??? if(schService == NULL)
??????? return FALSE;
??? nRet = DeleteService(schService);
??? if(!nRet)
??? {
??????? err_show("DeleteService()");
??? }
??? CloseServiceHandle(schService);
??? return nRet;
}
//
//? IsAdmin
//? 判斷當前用戶是否有Administrator的權限
//? -----------------------------------------
//? 參數:
//????? N/A
//? 返回值:
//????? 若具有權限返回TRUE,否則返回FALSE
//
BOOL IsAdmin(void)
{
??? HANDLE?????????????????? hAccessToken;
??? BYTE???????????????????? *InfoBuffer;
??? PTOKEN_GROUPS??????????? ptgGroups;
??? DWORD??????????????????? dwInfoBufferSize;
??? PSID???????????????????? psidAdministrators;
??? SID_IDENTIFIER_AUTHORITY siaNtAuthority = SECURITY_NT_AUTHORITY;
??? UINT???????????????????? i;
??? BOOL???????????????????? bRet = FALSE;
??? if(!OpenProcessToken(GetCurrentProcess(),TOKEN_QUERY,&hAccessToken))
??????? goto cleanup;
??? InfoBuffer = new BYTE[1024];
??? if(!InfoBuffer)
??????? goto cleanup;
??? bRet = GetTokenInformation(hAccessToken,
?????????????????????????????? TokenGroups,
?????????????????????????????? InfoBuffer,
?????????????????????????????? 1024,
?????????????????????????????? &dwInfoBufferSize);
??? CloseHandle(hAccessToken);
??? if(!bRet)
?????? goto cleanup;
??? if( !AllocateAndInitializeSid(&siaNtAuthority,
???????????????????????????????? 2,
???????????????????????????????? SECURITY_BUILTIN_DOMAIN_RID,
???????????????????????????????? DOMAIN_ALIAS_RID_ADMINS,
???????????????????????????????? 0,0,0,0,0,0,
???????????????????????????????? &psidAdministrators) )
?????? goto cleanup;
??? bRet = FALSE;
??? ptgGroups = (PTOKEN_GROUPS)InfoBuffer;
??? for(i = 0; i < ptgGroups->GroupCount; i++)
??? {
??????? if(EqualSid(psidAdministrators,ptgGroups->Groups[i].Sid))
??????? {
??????????? bRet = TRUE;
??????????? break;
??????? }
??? }
??? FreeSid(psidAdministrators);
cleanup:
??? if(InfoBuffer)
??????? delete InfoBuffer;
??? return bRet;
}
void err_show(char* msg)
{
??? fprintf(stderr, "%s failed. --err: %d/n", msg, GetLastError());
}
void Usage(char* msg)
{
??? printf("+------------------------------+/n");
??? printf("|????? Services tool v0.1????? |/n");
??? printf("|????? Write By CDrea????????? |/n");
??? printf("|????? 2004-11-1?????????????? |/n");
??? printf("|????? thx to sinister???????? |/n");
??? printf("|?? http://www.safechina.net??? |/n");
??? printf("+------------------------------+/n");???
??? printf("USAGE:/n");
??? printf("? %s [[-install srv exe] | [-remove srv] | [-start srv] | [-stop srv]] [srv]/n/n", msg);
??? printf("??? %s????????? Show all service/n", msg);
??? printf("??? %s srv????? Show status of srv_name/n", msg);
??? printf("??? -install srv exe???? Install a service, and must full path of exe/n");
??? printf("??? -remove? srv???????? Remove a service/n");
??? printf("??? -start?? srv???????? Start a service/n");
??? printf("??? -stop??? srv???????? Stop a service/n");
??? printf("eg./n");
??? printf("? %s -install fw c://fw.sys", msg);
}
總結
以上是生活随笔為你收集整理的控制台下修改系统驱动状态的代码的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: python状态机实现_如何实现Pyth
- 下一篇: ethernet调试工具_开发者分享 |