1 // encryptServiceManage.cpp: 定义控制台应用程序的入口点。
2 //
3
4 #include "stdafx.h"
5 #include <Windows.h>
6 #include <winsvc.h>
7 #include <winioctl.h>
8
9
10 #define DRIVER_NAME "HelloDDK"
11 #define DRIVER_PATH ".\\HelloDDK.sys"
12
13 //typedef bool BOOL;
14
15 BOOL InstallDriver(LPCTSTR lpszDriverName, LPCTSTR lpszDriverPath, LPCTSTR lpszAltitude);
16
17 BOOL StartDriver(LPCTSTR lpszDriverName);
18
19 BOOL StopDriver(LPCTSTR lpszDriverName);
20
21 BOOL DeleteDriver(LPCTSTR lpszDriverName);
22
23 int _tmain(DWORD argc, PWCHAR* argv)
24 {
25 for (DWORD i = 0; i < argc; i++)
26 {
27 printf("argv[%d] = %ls\n", i, argv[i]);
28 }
29 printf("\n");
30 if (argc == 4)
31 {
32 if (0 != lstrcmp(argv[1], TEXT("install")))
33 {
34 printf("Usage: argv[0] install ServiceName Altitude\n");
35 return 1;
36 }
37 TCHAR imageName[MAX_PATH] = { 0 };
38 lstrcpy(imageName, argv[2]);
39 lstrcat(imageName, TEXT(".sys"));
40 if (InstallDriver(argv[2], imageName, TEXT("145120")))
41 {
42 printf("服务安装成功!\n");
43 }
44 else {
45 printf("服务安装失败\n");
46 return 2;
47 }
48 }
49
50 else if (argc == 3)
51 {
52 if (0 != lstrcmp(argv[1], TEXT("start")) &&
53 0 != lstrcmp(argv[1], TEXT("stop")) &&
54 0 != lstrcmp(argv[1], TEXT("delete")))
55 {
56 printf("Usage: argv[0] start|stop|delete ServiceName\n");
57 return 3;
58 }
59 if (0 == lstrcmp(argv[1], TEXT("start")))
60 {
61 if (StartDriver(argv[2]))
62 {
63 printf("服务启动成功!\n");
64 }
65 else {
66 printf("服务启动失败\n");
67 return 4;
68 }
69 }
70 else if (0 == lstrcmp(argv[1], TEXT("stop")))
71 {
72 if (StopDriver(argv[2]))
73 {
74 printf("服务关闭成功!\n");
75 }
76 else {
77 printf("服务关闭失败\n");
78 return 5;
79 }
80 }
81 else if((0 == lstrcmp(argv[1], TEXT("delete"))))
82 {
83 if (DeleteDriver(argv[2]))
84 {
85 printf("服务卸载成功!\n");
86 }
87 else {
88 printf("服务卸载失败\n");
89 return 6;
90 }
91 }
92 }
93 else {
94 printf("unknown command\n");
95 }
96
97 return 0;
98 }
99
100
101 //======================================== 动态加载/卸载sys驱动 ======================================
102 // SYS文件跟程序放在同个目录下
103 // 如果产生的SYS名为HelloDDK.sys,那么安装驱动InstallDriver("HelloDDK",".\\HelloDDK.sys","370030"/*Altitude*/);
104 // 启动驱动服务 StartDriver("HelloDDK");
105 // 停止驱动服务 StopDriver("HelloDDK");
106 // 卸载SYS也是类似的调用过程, DeleteDriver("HelloDDK");
107 //====================================================================================================
108
109 BOOL InstallDriver(LPCTSTR lpszDriverName, LPCTSTR lpszDriverPath, LPCTSTR lpszAltitude)
110 {
111 TCHAR szTempStr[MAX_PATH] = {0};
112 HKEY hKey = 0;
113 DWORD dwData = 0;
114 TCHAR szDriverImagePath[MAX_PATH] = {0};
115 TCHAR szDriverSysImagePath[MAX_PATH] = { 0 };
116
117 if (NULL == lpszDriverName || NULL == lpszDriverPath)
118 {
119 return FALSE;
120 }
121 //得到当前完整的驱动路径
122 GetFullPathName(lpszDriverPath, MAX_PATH, szDriverImagePath, NULL);
123 //得到系统驱动存放目录
124 lstrcpy(szDriverSysImagePath, TEXT("C:\\Windows\\System32\\drivers\\"));
125 lstrcat(szDriverSysImagePath, lpszDriverPath);
126
127 //将当前驱动文件复制到系统驱动目录
128 if (!CopyFile(szDriverImagePath, szDriverSysImagePath, FALSE))
129 {
130 printf("szDriverImagePath = %ls\n", szDriverImagePath);
131 printf("szDriverSysImagePath = %ls\n", szDriverSysImagePath);
132 printf("copy failure!\n");
133 return 8;
134 }
135
136 SC_HANDLE hServiceMgr = NULL;// SCM管理器的句柄
137 SC_HANDLE hService = NULL;// NT驱动程序的服务句柄
138
139 //打开服务控制管理器
140 hServiceMgr = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
141 if (hServiceMgr == NULL)
142 {
143 // OpenSCManager失败
144 CloseServiceHandle(hServiceMgr);
145 return FALSE;
146 }
147
148 // OpenSCManager成功
149
150 //创建驱动所对应的服务
151 hService = CreateService(hServiceMgr,
152 lpszDriverName, // 驱动程序的在注册表中的名字
153 lpszDriverName, // 注册表驱动程序的DisplayName 值
154 SERVICE_ALL_ACCESS, // 加载驱动程序的访问权限
155 SERVICE_FILE_SYSTEM_DRIVER, // 表示加载的服务是文件系统驱动程序
156 SERVICE_DEMAND_START, // 注册表驱动程序的Start 值
157 SERVICE_ERROR_IGNORE, // 注册表驱动程序的ErrorControl 值
158 szDriverSysImagePath, // 注册表驱动程序的ImagePath 值
159 TEXT("FSFilter Activity Monitor"),// 注册表驱动程序的Group 值
160 NULL,
161 TEXT("FltMgr"), // 注册表驱动程序的DependOnService 值
162 NULL,
163 NULL);
164
165 if (hService == NULL)
166 {
167 if (GetLastError() == ERROR_SERVICE_EXISTS)
168 {
169 //服务创建失败,是由于服务已经创立过
170 CloseServiceHandle(hService); // 服务句柄
171 CloseServiceHandle(hServiceMgr); // SCM句柄
172 return TRUE;
173 }
174 else
175 {
176 CloseServiceHandle(hService); // 服务句柄
177 CloseServiceHandle(hServiceMgr); // SCM句柄
178 return FALSE;
179 }
180 }
181 CloseServiceHandle(hService); // 服务句柄
182 CloseServiceHandle(hServiceMgr); // SCM句柄
183
184 //-------------------------------------------------------------------------------------------------------
185 // SYSTEM\\CurrentControlSet\\Services\\DriverName\\Instances子健下的键值项
186 //-------------------------------------------------------------------------------------------------------
187 lstrcpy(szTempStr, TEXT("SYSTEM\\CurrentControlSet\\Services\\"));
188 lstrcat(szTempStr, lpszDriverName);
189 lstrcat(szTempStr, TEXT("\\Instances"));
190 if (RegCreateKeyEx(HKEY_LOCAL_MACHINE, szTempStr, 0, NULL, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &hKey, (LPDWORD)&dwData) != ERROR_SUCCESS)
191 {
192 return FALSE;
193 }
194 // 注册表驱动程序的DefaultInstance 值
195 lstrcpy(szTempStr, lpszDriverName);
196 lstrcat(szTempStr, TEXT(" Instance"));
197 printf("%ls length = %d\n", szTempStr, lstrlen(szTempStr));
198 if (RegSetValueEx(hKey, TEXT("DefaultInstance"), 0, REG_SZ, (CONST BYTE*)szTempStr, (DWORD)lstrlen(szTempStr) * sizeof(TCHAR)) != ERROR_SUCCESS)
199 {
200 return FALSE;
201 }
202 RegFlushKey(hKey);//刷新注册表
203 RegCloseKey(hKey);
204 //-------------------------------------------------------------------------------------------------------
205
206 //-------------------------------------------------------------------------------------------------------
207 // SYSTEM\\CurrentControlSet\\Services\\DriverName\\Instances\\DriverName Instance子健下的键值项
208 //-------------------------------------------------------------------------------------------------------
209 lstrcpy(szTempStr, TEXT("SYSTEM\\CurrentControlSet\\Services\\"));
210 lstrcat(szTempStr, lpszDriverName);
211 lstrcat(szTempStr, TEXT("\\Instances\\"));
212 lstrcat(szTempStr, lpszDriverName);
213 lstrcat(szTempStr, TEXT(" Instance"));
214 if (RegCreateKeyEx(HKEY_LOCAL_MACHINE, szTempStr, 0, NULL, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &hKey, (LPDWORD)&dwData) != ERROR_SUCCESS)
215 {
216 return FALSE;
217 }
218 // 注册表驱动程序的Altitude 值
219 lstrcpy(szTempStr, lpszAltitude);
220 //注意此处最后一个参数指的是字节为单位的长度
221 if (RegSetValueEx(hKey, TEXT("Altitude"), 0, REG_SZ, (CONST BYTE*)szTempStr, (DWORD)lstrlen(szTempStr) * sizeof(TCHAR)) != ERROR_SUCCESS)
222 {
223 return FALSE;
224 }
225 // 注册表驱动程序的Flags 值
226 dwData = 0x0;
227 if (RegSetValueEx(hKey, TEXT("Flags"), 0, REG_DWORD, (CONST BYTE*)&dwData, sizeof(DWORD)) != ERROR_SUCCESS)
228 {
229 return FALSE;
230 }
231 RegFlushKey(hKey);//刷新注册表
232 RegCloseKey(hKey);
233 //-------------------------------------------------------------------------------------------------------
234
235 return TRUE;
236 }
237
238 BOOL StartDriver(LPCTSTR lpszDriverName)
239 {
240 SC_HANDLE schManager;
241 SC_HANDLE schService;
242 // SERVICE_STATUS svcStatus;
243
244 if (NULL == lpszDriverName)
245 {
246 return FALSE;
247 }
248
249 schManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
250 if (NULL == schManager)
251 {
252 CloseServiceHandle(schManager);
253 return FALSE;
254 }
255 schService = OpenService(schManager, lpszDriverName, SERVICE_ALL_ACCESS);
256 if (NULL == schService)
257 {
258 CloseServiceHandle(schService);
259 CloseServiceHandle(schManager);
260 return FALSE;
261 }
262
263 if (!StartService(schService, 0, NULL))
264 {
265 CloseServiceHandle(schService);
266 CloseServiceHandle(schManager);
267 if (GetLastError() == ERROR_SERVICE_ALREADY_RUNNING)
268 {
269 // 服务已经开启
270 return TRUE;
271 }
272 return FALSE;
273 }
274
275 CloseServiceHandle(schService);
276 CloseServiceHandle(schManager);
277
278 return TRUE;
279 }
280
281 BOOL StopDriver(LPCTSTR lpszDriverName)
282 {
283 SC_HANDLE schManager;
284 SC_HANDLE schService;
285 SERVICE_STATUS svcStatus;
286 bool bStopped = false;
287
288 schManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
289 if (NULL == schManager)
290 {
291 return FALSE;
292 }
293 schService = OpenService(schManager, lpszDriverName, SERVICE_ALL_ACCESS);
294 if (NULL == schService)
295 {
296 CloseServiceHandle(schManager);
297 return FALSE;
298 }
299 if (!ControlService(schService, SERVICE_CONTROL_STOP, &svcStatus) && (svcStatus.dwCurrentState != SERVICE_STOPPED))
300 {
301 CloseServiceHandle(schService);
302 CloseServiceHandle(schManager);
303 return FALSE;
304 }
305
306 CloseServiceHandle(schService);
307 CloseServiceHandle(schManager);
308
309 return TRUE;
310 }
311
312 BOOL DeleteDriver(LPCTSTR lpszDriverName)
313 {
314 SC_HANDLE schManager;
315 SC_HANDLE schService;
316 SERVICE_STATUS svcStatus;
317
318 schManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
319 if (NULL == schManager)
320 {
321 return FALSE;
322 }
323 schService = OpenService(schManager, lpszDriverName, SERVICE_ALL_ACCESS);
324 if (NULL == schService)
325 {
326 CloseServiceHandle(schManager);
327 return FALSE;
328 }
329 ControlService(schService, SERVICE_CONTROL_STOP, &svcStatus);
330 if (!DeleteService(schService))
331 {
332 CloseServiceHandle(schService);
333 CloseServiceHandle(schManager);
334 return FALSE;
335 }
336 CloseServiceHandle(schService);
337 CloseServiceHandle(schManager);
338
339 //删除驱动文件
340 TCHAR imagePath[MAX_PATH] = { 0 };
341 lstrcpy(imagePath, TEXT("C:\\Windows\\System32\\drivers\\"));
342 lstrcat(imagePath, lpszDriverName);
343 lstrcat(imagePath, TEXT(".sys"));
344 DeleteFile(imagePath);
345 return TRUE;
346 }
浙公网安备 33010602011771号