控制台下修改系统驱动状态的程序(源代码)
论坛登陆名: CDrea
提交者邮件地址: CDrea@safechina.net
提交者QQ号码: 51714608
标题: 控制台下修改系统驱动状态的程序(源代码)
内容:
最近在sinister大哥的指点下,学习一些驱动方面的东西。最近在调一个程序很头痛...于是写了小东西,可以安装,卸载,启动和停止驱动(别指望它能把NDIS给停了,功能还没那么强,呵呵),也可以查询当前系统加载驱动的状况。
最近版面不振,我还是有一定责任的...什么事都做做停停的...也怪对不起大家的...唉,跑题了,发点牢骚。
使用方法:
svcs 查询系统中已运行的驱动
svcs [服务名] 查询指定驱动的状态
svcs -install [服务名] [驱动程序] 安装一个驱动程序,必须指定驱动程序的全路径名
svcs -remove [服务名] 卸载相应的驱动
svcs -start [服务名] 启动一个驱动
svcs -stop [服务名] 停止一个驱动
eg.
svcs -install fw c:\firewall.sys
svcs -start fw
svcs -stop fw
svcs -remove fw
主要是调用了Winsvc.h头文件中的API,没什么高难的技术。
VC 6.0 + SP5 + win2k pro
代码有点乱,不好意思...
#include &l!
t;stdio.h>
#include <windows.h>
#include <Winsvc.h>
LPENUM_SERVICE_STATUS EnumServices(SC_HANDLE, LPDWORD);
BOOL InstallService(SC_HANDLE hSCManager, LPCTSTR ServiceName, LPCTSTR ServiceExe);
BOOL RemoveService(SC_HANDLE hSCManager, LPCTSTR ServiceName);
BOOL StartService(SC_HANDLE hSCManager, LPCTSTR ServiceName);
BOOL StopService(SC_HANDLE hSCManager, LPCTSTR ServiceName);
BOOL IsAdmin(void);
void err_show(char*);
void Usage(char*);
int main(int argc, char* argv[])
{
SC_HANDLE hSCManager = NULL;
int nRet = 0;
nRet = IsAdmin();
if(!nRet)
{
printf("Must administrator privilege!\n");
}
//
// 打开服务控制管理器
//
hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
if(hSCManager == NULL)
{
fprintf(stderr, "OpenSCManager() failed. --err: %d\n", GetLastError());
return -1;
}
//
// 调用EnumServices列举系统中的服务
//
!
LPENUM_SERVICE_STATUS lpServices = NULL;
DWORD dwServicesRe!
turned =
0;
lpServices = EnumServices(hSCManager, &dwServicesReturned);
if(lpServices == 0)
{
free(lpServices);
CloseServiceHandle(hSCManager);
return -1;
}
//
// 显示服务信息
//
if(argc == 2)
{
//
// 显示帮助信息
//
if(!stricmp(argv[1], "-h") ││ !stricmp(argv[1], "-help"))
{
Usage(argv[0]);
return 0;
}
for(DWORD i = 0; i < dwServicesReturned; i++, lpServices++)
{
if(!stricmp(lpServices->lpServiceName, argv[1]))
break;
}
if(i == dwServicesReturned)
{
printf("Service not found!\n");
free(lpServices);
CloseServiceHandle(hSCManager);
return -1;
}
printf("[%s]\n", lpServices->lpDisplayName);
printf("\tService Name: %s\n", lpServices->lpServiceName);
printf("\tService Type: ");
switch(lpServices->ServiceStatus.dwServiceType)
{
case SERVICE_FILE_SYSTEM_DRIVER: printf("File System Driver\n!
");
break;
case SERVICE_KERNEL_DRIVER: printf("Device Driver\n");
break;
default: printf("User-Mode Service\n");
break;
}
printf("\tState: ");
switch(lpServices->ServiceStatus.dwCurrentState)
{
case SERVICE_PAUSED: printf("PAUSED\n");
break;
case SERVICE_RUNNING: printf("RUNNING\n");
break;
case SERVICE_STOPPED: printf("STOPPED\n");
break;
default: printf("PENDING\n");
break;
}
free(lpServices);
CloseServiceHandle(hSCManager);
return 0;
}
if(argc == 1)
{
for(DWORD i = 0; i < dwServicesReturned; i++, lpServices++)
printf("%s [%s]\n", lpServices->lpServiceName,
lpServices->lpDisplayName);
printf("\n\t\tTotal %d Service(s).\n\n", dwServicesReturned);
free(lpServices);
CloseServiceHandle(hSCManager);
return 0;
}
// ------------------------
// !
分析命令行参数
// ------------------------
//
// !
安装服务
//
if(!stricmp(argv[1], "-install"))
{
if(argc != 4)
{
Usage(argv[0]);
return 0;
}
nRet = InstallService(hSCManager, argv[2], argv[3]);
if(!nRet)
{
printf("Install service failed.\n");
return -1;
}
}
//
// 卸载服务
//
if(!stricmp(argv[1], "-remove"))
{
if(argc != 3)
{
Usage(argv[0]);
return 0;
}
nRet = RemoveService(hSCManager, argv[2]);
if(!nRet)
{
printf("Remove service failed.\n");
return -1;
}
}
//
// 启动服务
//
if(!stricmp(argv[1], "-start"))
{
if(argc != 3)
{
Usage(argv[0]);
return 0;
}
nRet = StartService(hSCManager, argv[2]);
if(!nRet)
{
printf("Start service failed.\n");
return -1;
}
}
//
// 停止服务
//
if(!stricmp(argv[1], "-stop"))
{
if(argc != 3)
{
Usage(argv[0]);
return 0;
}
nRet = StopService(hSCManage!
r, argv[2]);
if(!nRet)
{
printf("Stop service failed.\n");
return -1;
}
}
// -----------------------------------------------------
CloseServiceHandle(hSCManager);
return 0;
}
//
// EnumServices
// 列举系统的驱动
// ----------------------
// 参数:
// [IN] SC_HANDLE hSCManager 服务管理器句柄
// [OUT] LPDWORD lpdwServices 系统中安装的驱动的数量
// 返回值:
//成功返回ENUM_SERVICE_STATUS结构的指针,否则返回NULL
//
LPENUM_SERVICE_STATUS EnumServices(SC_HANDLE hSCManager, LPDWORD lpdwServices)
{
DWORD cbBytesNeeded = 0;
DWORD cbBufSize = 0;
DWORD dwServicesReturned = 0;
int nRet = 0;
//
// 首次调用EnumServicesStatus确定缓冲区的大小,由cbBytesNeeded?
祷?br>//
nRet = EnumServicesStatus(
hSCManager,
SERV!
ICE_DRIV
ER,
SERVICE_STATE_ALL,
NULL,
0,
&cbBytesNeeded,
lpdwServices,
0);
LPENUM_SERVICE_STATUS lpServices = (LPENUM_SERVICE_STATUS) malloc(cbBytesNeeded);
cbBufSize = cbBytesNeeded;
nRet = EnumServicesStatus(
hSCManager,
SERVICE_DRIVER,
SERVICE_STATE_ALL,
lpServices,
cbBufSize,
&cbBytesNeeded,
lpdwServices,
0);
if(nRet == 0)
{
err_show("EnumServicesStatus()");
return NULL;
}
return lpServices;
}
//
// InstallService
// 安装服务
// 参数:
// [IN] SC_HANDLE hSCManager 服务管理器句柄
// [IN] LPCTSTR ServiceName 服务名称
// [IN] LPCTSTR ServiceExe 可执行文件(需全路径)
// 输出:
// 成功:返回TRUE,否则返回FALSE
//
BOOL InstallService(SC_HA!
NDLE hSCManager, LPCTSTR ServiceName, LPCTSTR ServiceExe)
{
SC_HANDLE schService;
//
// so #$%@! ...:)
//
printf("Install %s... ", ServiceExe);
schService = CreateService( hSCManager, // SCManager database
ServiceName, // name of service
ServiceName, // name to display
&nb!
sp; !
; &
nbsp; SERVICE_ALL_ACCESS, // desired access
SERVICE_KERNEL_DRIVER, // service type
SERVICE_DEMAND_START, // start type
SERVICE_ERROR_NORMAL, // error control type
&n!
bsp; ServiceExe, // service's binary
NULL, // no load ordering group
NULL, // no tag identifier
!
; &!
nbsp;&nb
sp; NULL, // no dependencies
NULL, // LocalSystem account
NULL // no password
!
; );
if (schService == NULL)
{
if(GetLastError() == ERROR_SERVICE_EXISTS)
{
printf("Service has already installed!\n");
}
err_show("CreateService()");
return FALSE;
}
printf("Ok!\n");
CloseServiceHandle(schService);
return TRUE;
}
//
// StartService
// 启动服务
// ----------------
// 参数:
// [IN] SC_HANDLE hSCManager 服务管理器句柄
// [IN] LPCTSTR ServiceName 驱动名称
// 返回值:
// 成功返回TRUE,否则返回FALSE
//
BOOL StartService(SC_HANDLE hSCManager, LPCTSTR ServiceName)
{
SC_HANDLE schService = NULL;
&!
nbsp; int !
&n
bsp;nRet = 0;
schService = OpenService(hSCManager, ServiceName, SERVICE_ALL_ACCESS);
if(schService == NULL)
{
if(GetLastError() == ERROR_SERVICE_DOES_NOT_EXIST)
{
printf("Service is not exist!\n");
return FALSE;
}
err_show("OpenService()");
return FALSE;
}
nRet = StartService(schService, 0, NULL);
if(!nRet)
{
if(GetLastError() == ERROR_SERVICE_ALREADY_RUNNING)
{
printf("Service is already running!\n");
return nRet;
}
err_show("StartService()");
}
CloseServiceHandle(schService);
return nRet;
}
//
// StopService
// 停止驱动
// ---------------
// 参数:
// [IN] SC_HANDLE hSCManager !
;服务管理器句柄
// [IN] LPCTSTR ServiceName 服务名称
// 返回值:
// 成功返回TRUE,否则返回FALSE
//
BOOL StopService(SC_HANDLE hSCManager, LPCTSTR ServiceName)
{
SC_HANDLE schService = NULL;
SERVICE_STATUS ServiceStatus;
int nRet = 0;
schService = OpenService(hSCManager, ServiceName, SERVICE_ALL_ACCESS);
if(schService == NULL)
return FALSE;
nRet = ControlService(schService, SERVICE_CONTROL_STOP, &ServiceStatus);
if(!nRet)
{
switch(GetLastError())
{
case ERROR_SERVICE_NOT_ACTIVE:
printf("Service has stopped!\n");
return nRet;
case E!
RROR_INVALID_SERVICE_CONTROL:
printf("The requested co!
ntrol co
de is not valid!\n");
return nRet;
}
err_show("ControlService()");
}
CloseServiceHandle(schService);
return nRet;
}
//
// RemoveService
// 卸载服务
// ------------
// 参数:
// [IN] SC_HANDLE hSCManager 服务管理器句柄
// [IN] LPCTSTR ServiceName 服务名称
// 返回值:
// 成功返回TRUE,否则返回FALSE
//
BOOL RemoveService(SC_HANDLE hSCManager, LPCTSTR ServiceName)
{
SC_HANDLE schService;
int nRet = 0;
schService = OpenService(hSCManager, ServiceName, SERVICE_ALL_ACCESS);
if(schService == NULL)<!
br>return FALSE;
nRet = DeleteService(schService);
if(!nRet)
{
err_show("DeleteService()");
}
CloseServiceHandle(schService);
return nRet;
}
//
// IsAdmin
// 判断当前用户是否有Administrator的权限
// -----------------------------------------
// 参数:
// N/A
// 返回值:
// 若具有权限返回TRUE,否则返回FALSE
//
BOOL IsAdmin(void)
{
HANDLE hAccessToken;
BYTE *InfoBuffer;
PTOKEN_GROUPS &nbs!
p; ptgGroups;
&nbs!
p;
DWORD dwInfoBufferSize;
PSID psidAdministrators;
SID_IDENTIFIER_AUTHORITY siaNtAuthority = SECURITY_NT_AUTHORITY;
UINT i;
BOOL bRet = FALSE;
if(!OpenProcessToken(GetCurrentProcess(),TOKEN_QUERY,&hAccessToken))
goto cleanup;
InfoBuffer = new BYTE[1024];
if(!InfoBuffer)
goto cleanup;
!
; bRet = GetTokenInformation(hAccessToken,
TokenGroups,
InfoBuffer,
1024,
&dwInfoBufferSize);
CloseHandle(hAccessToken);
if(!bRet)
goto cleanup;<!
br>
if( !AllocateAndInitializeSid(&!
siaNtAut
hority,
2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0,0,0,0,0,0,
&nbs!
p; &psidAdministrators) )
goto cleanup;
bRet = FALSE;
ptgGroups = (PTOKEN_GROUPS)InfoBuffer;
for(i = 0; i < ptgGroups->GroupCount; i++)
{
if(EqualSid(psidAdministrators,ptgGroups->Groups[i].Sid))
{
bRet = TRUE;
break;
}
}
FreeSid(psidAdministrators);
cleanup:
if(InfoBuffer)
delete InfoBuffer;
return bRet;
}
void er!
r_show(char* msg)
{
fprintf(stderr, "%s failed. --e!
rr: %d\n
", msg, GetLastError());
}
void Usage(char* msg)
{
printf("+------------------------------+\n");
printf("│ Services tool v0.1 │\n");
printf("│ Write By CDrea │\n");
printf("│ 2004-11-1 │\n");
printf("│ thx to sinister │\n");
printf("│ http://www.safechina.net │\n");
printf("+------------------------------+\n");
printf("USAGE:\n");
printf(" %s [[-install srv exe] │ [-remove srv] │ [-start srv] │ [-stop srv]] [srv]\n\n", msg);
printf(&!
quot; %s Show all service\n", msg);
printf(" %s srv Show status of srv_name\n", msg);
printf(" -install srv exe Install a service, and must full path of exe\n");
printf(" -remove srv Remove a service\n");
printf(" -start srv Start a service\n");
printf(" -stop srv Stop a service\n");
printf("eg.\n");
printf(" %s -install fw c:\\fw.sys", msg);
}
推荐
评论(0条)
