1 #include "DriverTester.h"
4 SetPrivilege(BOOL bSet
)
10 if (!OpenProcessToken(GetCurrentProcess(),
11 TOKEN_ADJUST_PRIVILEGES
,
17 if(!LookupPrivilegeValue(NULL
,
25 tp
.PrivilegeCount
= 1;
26 tp
.Privileges
[0].Luid
= luid
;
30 tp
.Privileges
[0].Attributes
= SE_PRIVILEGE_ENABLED
;
34 tp
.Privileges
[0].Attributes
= 0;
37 AdjustTokenPrivileges(hToken
,
40 sizeof(TOKEN_PRIVILEGES
),
43 if (GetLastError() != ERROR_SUCCESS
)
56 ConvertPath(LPCWSTR lpPath
,
59 LPWSTR lpFullPath
= NULL
;
64 size
= GetLongPathNameW(lpPath
,
70 size
= (size
+ 1) * sizeof(WCHAR
);
72 lpFullPath
= HeapAlloc(GetProcessHeap(),
78 if (GetLongPathNameW(lpPath
,
83 POBJECT_NAME_INFORMATION pObjName
;
87 hDevice
= CreateFileW(lpFullPath
,
88 GENERIC_READ
| GENERIC_WRITE
,
92 FILE_ATTRIBUTE_NORMAL
,
95 HeapFree(GetProcessHeap(), 0, lpFullPath
);
97 if(hDevice
== INVALID_HANDLE_VALUE
)
99 wprintf(L
"[%x] Failed to open %s\n", GetLastError(), DRIVER_NAME
);
103 size
= MAX_PATH
* sizeof(WCHAR
);
104 pObjName
= HeapAlloc(GetProcessHeap(), 0, size
);
108 Status
= NtQueryObject(hDevice
,
109 ObjectNameInformation
,
113 if (Status
== STATUS_SUCCESS
)
115 len
= pObjName
->Name
.Length
/ sizeof(WCHAR
);
116 wcsncpy(lpDevice
, pObjName
->Name
.Buffer
, len
);
117 lpDevice
[len
] = UNICODE_NULL
;
119 HeapFree(GetProcessHeap(), 0, pObjName
);
124 HeapFree(GetProcessHeap(), 0, pObjName
);
133 NtStartDriver(LPCWSTR lpService
)
135 WCHAR szDriverPath
[MAX_PATH
];
136 UNICODE_STRING DriverPath
;
137 NTSTATUS Status
= -1;
140 L
"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\");
144 RtlInitUnicodeString(&DriverPath
,
147 if (SetPrivilege(TRUE
))
149 Status
= NtLoadDriver(&DriverPath
);
150 if (Status
!= STATUS_SUCCESS
)
152 DWORD err
= RtlNtStatusToDosError(Status
);
153 wprintf(L
"NtUnloadDriver failed [%lu]\n", err
);
159 return (Status
== STATUS_SUCCESS
);
164 NtStopDriver(LPCWSTR lpService
)
166 WCHAR szDriverPath
[MAX_PATH
];
167 UNICODE_STRING DriverPath
;
168 NTSTATUS Status
= -1;
171 L
"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\");
175 RtlInitUnicodeString(&DriverPath
,
178 if (SetPrivilege(TRUE
))
180 Status
= NtUnloadDriver(&DriverPath
);
181 if (Status
!= STATUS_SUCCESS
)
183 DWORD err
= RtlNtStatusToDosError(Status
);
184 wprintf(L
"NtUnloadDriver failed [%lu]\n", err
);
190 return (Status
== STATUS_SUCCESS
);
195 // We shouldn't be able to call this from umode.
199 LoadVia_SystemLoadGdiDriverInformation(LPWSTR lpDriverPath
)
202 SYSTEM_GDI_DRIVER_INFORMATION Buffer
;
205 bufSize
= sizeof(SYSTEM_GDI_DRIVER_INFORMATION
);
207 ZeroMemory(&Buffer
, bufSize
);
208 RtlInitUnicodeString(&Buffer
.DriverName
, lpDriverPath
);
210 if (SetPrivilege(TRUE
))
212 Status
= NtSetSystemInformation(SystemLoadGdiDriverInformation
,
215 if (Status
== STATUS_PRIVILEGE_NOT_HELD
)
217 wprintf(L
"SystemLoadGdiDriverInformation can only be used in kmode.\n");
219 else if (Status
== STATUS_SUCCESS
)
221 wprintf(L
"SystemLoadGdiDriverInformation incorrectly loaded the driver\n");
222 NtUnloadDriver(&Buffer
.DriverName
);
228 DWORD err
= RtlNtStatusToDosError(Status
);
229 wprintf(L
"LoadVia_SystemLoadGdiDriverInformation failed [%lu]\n", err
);
240 LoadVia_SystemExtendServiceTableInformation(LPWSTR lpDriverPath
)
243 UNICODE_STRING Buffer
;
246 RtlInitUnicodeString(&Buffer
, lpDriverPath
);
247 bufSize
= sizeof(UNICODE_STRING
);
249 if (SetPrivilege(TRUE
))
251 Status
= NtSetSystemInformation(SystemExtendServiceTableInformation
,
254 if (Status
== STATUS_PRIVILEGE_NOT_HELD
)
256 wprintf(L
"SystemExtendServiceTableInformation can only be used in kmode.\n");
258 else if (Status
== STATUS_SUCCESS
)
260 wprintf(L
"SystemExtendServiceTableInformation incorrectly loaded the driver\n");
261 NtUnloadDriver(&Buffer
);
267 DWORD err
= RtlNtStatusToDosError(Status
);
268 wprintf(L
"LoadVia_SystemExtendServiceTableInformation failed [%lu] - 0x%x\n", err
, Status
);