├── MyARK
├── MyARK
│ ├── Tool.cpp
│ ├── Data.cpp
│ ├── Data.h
│ ├── Tool.h
│ ├── MyARK.aps
│ ├── MyARK.rc
│ ├── res
│ │ ├── MyARK.ico
│ │ └── MyARK.rc2
│ ├── pch.cpp
│ ├── targetver.h
│ ├── MyARK.vcxproj.user
│ ├── CTab.h
│ ├── pch.h
│ ├── CTab.cpp
│ ├── MyARK.h
│ ├── CModule.h
│ ├── CThread.h
│ ├── CGDT.h
│ ├── CIDT.h
│ ├── CSSDT.h
│ ├── CEnumFile.h
│ ├── CRegister.h
│ ├── CDriver.h
│ ├── CProcess.h
│ ├── MyARKDlg.h
│ ├── framework.h
│ ├── resource.h
│ ├── MyARK.cpp
│ ├── CModule.cpp
│ ├── CSSDT.cpp
│ ├── CIDT.cpp
│ ├── CThread.cpp
│ ├── CGDT.cpp
│ ├── MyARK.vcxproj.filters
│ ├── CDriver.cpp
│ ├── CEnumFile.cpp
│ ├── CProcess.cpp
│ ├── CRegister.cpp
│ ├── MyARKDlg.cpp
│ └── MyARK.vcxproj
└── MyARK.sln
├── MyARKDriver
├── MyARKDriver
│ ├── data.c
│ ├── ARM
│ │ └── Debug
│ │ │ ├── MyARKDriver.Build.CppClean.log
│ │ │ └── MyARKDriver.log
│ ├── Driver.c
│ ├── Tool.c
│ ├── Tool.h
│ ├── data.h
│ ├── Debug
│ │ ├── Tool.obj
│ │ ├── data.obj
│ │ ├── vc142.pdb
│ │ ├── Driver.obj
│ │ ├── KernelFunction.obj
│ │ ├── MyARKDriver.tlog
│ │ │ ├── CL.read.1.tlog
│ │ │ ├── CL.write.1.tlog
│ │ │ ├── CL.command.1.tlog
│ │ │ ├── link.read.1.tlog
│ │ │ ├── link.write.1.tlog
│ │ │ ├── inf2cat.read.1.tlog
│ │ │ ├── inf2cat.write.1.tlog
│ │ │ ├── link.command.1.tlog
│ │ │ ├── signtool.read.1.tlog
│ │ │ ├── stampinf.read.1.tlog
│ │ │ ├── Inf2Cat.command.1.tlog
│ │ │ ├── signtool.write.1.tlog
│ │ │ ├── stampinf.write.1.tlog
│ │ │ ├── signtool.command.1.tlog
│ │ │ ├── stampinf.command.1.tlog
│ │ │ ├── inf2cat-expand.read.1.tlog
│ │ │ ├── inf2cat-expand.write.1.tlog
│ │ │ ├── inf2cat-expand.12304.read.1.tlog
│ │ │ ├── inf2cat-expand.12304.write.1.tlog
│ │ │ ├── signtool.timestamp.1.tlog
│ │ │ └── MyARKDriver.lastbuildstate
│ │ ├── MyARKDriver.inf
│ │ ├── MyARKDriver.log
│ │ └── MyARKDriver.Build.CppClean.log
│ ├── KernelFunction.c
│ ├── KernelFunction.h
│ ├── MyARKDriver.vcxproj.user
│ ├── MyARKDriver.inf
│ ├── MyARKDriver.vcxproj.filters
│ └── MyARKDriver.vcxproj
└── MyARKDriver.sln
└── README.md
/MyARK/MyARK/Tool.cpp:
--------------------------------------------------------------------------------
1 | #include "pch.h"
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/data.c:
--------------------------------------------------------------------------------
1 | #include "data.h"
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/ARM/Debug/MyARKDriver.Build.CppClean.log:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/MyARK/MyARK/Data.cpp:
--------------------------------------------------------------------------------
1 | #include "pch.h"
2 | #include "Data.h"
3 | HANDLE g_hDev = NULL;
--------------------------------------------------------------------------------
/MyARK/MyARK/Data.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARK/MyARK/Data.h
--------------------------------------------------------------------------------
/MyARK/MyARK/Tool.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARK/MyARK/Tool.h
--------------------------------------------------------------------------------
/MyARK/MyARK/MyARK.aps:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARK/MyARK/MyARK.aps
--------------------------------------------------------------------------------
/MyARK/MyARK/MyARK.rc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARK/MyARK/MyARK.rc
--------------------------------------------------------------------------------
/MyARK/MyARK/res/MyARK.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARK/MyARK/res/MyARK.ico
--------------------------------------------------------------------------------
/MyARK/MyARK/res/MyARK.rc2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARK/MyARK/res/MyARK.rc2
--------------------------------------------------------------------------------
/MyARK/MyARK/pch.cpp:
--------------------------------------------------------------------------------
1 | // pch.cpp: 与预编译标头对应的源文件
2 |
3 | #include "pch.h"
4 |
5 | // 当使用预编译的头时,需要使用此源文件,编译才能成功。
6 |
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Driver.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Driver.c
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Tool.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Tool.c
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Tool.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Tool.h
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/data.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/data.h
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # MyArk
2 | 模仿PCHUNTER的ARK工具
3 | 仿照PCHUNTER,实现R3与R0的通讯、遍历和隐藏驱动、遍历进程、线程、模块、文件管理、注册表管理、进程保护等功能。
4 |
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/Tool.obj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/Tool.obj
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/data.obj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/data.obj
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/vc142.pdb:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/vc142.pdb
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/Driver.obj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/Driver.obj
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/KernelFunction.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/KernelFunction.c
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/KernelFunction.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/KernelFunction.h
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/KernelFunction.obj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/KernelFunction.obj
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/CL.read.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/CL.read.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/CL.write.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/CL.write.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/CL.command.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/CL.command.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/link.read.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/link.read.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/link.write.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/link.write.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/inf2cat.read.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/inf2cat.read.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/inf2cat.write.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/inf2cat.write.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/link.command.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/link.command.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/signtool.read.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/signtool.read.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/stampinf.read.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/stampinf.read.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/Inf2Cat.command.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/Inf2Cat.command.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/signtool.write.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/signtool.write.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/stampinf.write.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/stampinf.write.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/signtool.command.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/signtool.command.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/stampinf.command.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/stampinf.command.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/inf2cat-expand.read.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/inf2cat-expand.read.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/inf2cat-expand.write.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/inf2cat-expand.write.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/inf2cat-expand.12304.read.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/inf2cat-expand.12304.read.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/inf2cat-expand.12304.write.1.tlog:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lracker/MyArk/HEAD/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/inf2cat-expand.12304.write.1.tlog
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/ARM/Debug/MyARKDriver.log:
--------------------------------------------------------------------------------
1 | D:\Windows Kits\10\build\WindowsDriver.common.targets(146,5): error : The 'Desktop' target platform is not supported by the target OS 'Windows10' (0xA000007) for 'ARM'.
2 |
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/MyARKDriver.vcxproj.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/MyARK/MyARK/targetver.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | // 包括 SDKDDKVer.h 将定义可用的最高版本的 Windows 平台。
4 |
5 | // 如果要为以前的 Windows 平台生成应用程序,请包括 WinSDKVer.h,并将
6 | // 将 _WIN32_WINNT 宏设置为要支持的平台,然后再包括 SDKDDKVer.h。
7 |
8 | #include
9 |
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/signtool.timestamp.1.tlog:
--------------------------------------------------------------------------------
1 | C:\USERS\CANARY\SOURCE\REPOS\MYARKDRIVER\DEBUG\MYARKDRIVER.SYS|637131188072655550
2 | C:\USERS\CANARY\SOURCE\REPOS\MYARKDRIVER\DEBUG\MYARKDRIVER\MYARKDRIVER.CAT|637131188080476444
3 |
--------------------------------------------------------------------------------
/MyARK/MyARK/MyARK.vcxproj.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | MyARK.rc
5 |
6 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CTab.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 |
4 | // CTab
5 |
6 | class CTab : public CTabCtrl
7 | {
8 | DECLARE_DYNAMIC(CTab)
9 |
10 | public:
11 | CTab();
12 | virtual ~CTab();
13 | DWORD m_dwTabNum;
14 | CDialogEx* m_Dia[7];
15 | protected:
16 | DECLARE_MESSAGE_MAP()
17 | };
18 |
19 |
20 |
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.tlog/MyARKDriver.lastbuildstate:
--------------------------------------------------------------------------------
1 | #TargetFrameworkVersion=v4.5:PlatformToolSet=WindowsKernelModeDriver10.0:EnableManagedIncrementalBuild=false:VCToolArchitecture=Native32Bit:WindowsTargetPlatformVersion=10.0.18362.0
2 | Debug|Win32|C:\Users\Canary\source\repos\MyARKDriver\|
3 |
--------------------------------------------------------------------------------
/MyARK/MyARK/pch.h:
--------------------------------------------------------------------------------
1 | // pch.h: 这是预编译标头文件。
2 | // 下方列出的文件仅编译一次,提高了将来生成的生成性能。
3 | // 这还将影响 IntelliSense 性能,包括代码完成和许多代码浏览功能。
4 | // 但是,如果此处列出的文件中的任何一个在生成之间有更新,它们全部都将被重新编译。
5 | // 请勿在此处添加要频繁更新的文件,这将使得性能优势无效。
6 |
7 | #ifndef PCH_H
8 | #define PCH_H
9 |
10 | // 添加要在此处预编译的标头
11 | #include "framework.h"
12 | #include
13 | #include
14 | #include
15 |
16 | #endif //PCH_H
17 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CTab.cpp:
--------------------------------------------------------------------------------
1 | // CTab.cpp: 实现文件
2 | //
3 |
4 | #include "pch.h"
5 | #include "MyARK.h"
6 | #include "CTab.h"
7 |
8 |
9 | // CTab
10 |
11 | IMPLEMENT_DYNAMIC(CTab, CTabCtrl)
12 |
13 | CTab::CTab()
14 | {
15 | m_dwTabNum = 7;
16 | }
17 |
18 | CTab::~CTab()
19 | {
20 | }
21 |
22 |
23 | BEGIN_MESSAGE_MAP(CTab, CTabCtrl)
24 | END_MESSAGE_MAP()
25 |
26 |
27 |
28 | // CTab 消息处理程序
29 |
30 |
31 |
--------------------------------------------------------------------------------
/MyARK/MyARK/MyARK.h:
--------------------------------------------------------------------------------
1 |
2 | // MyARK.h: PROJECT_NAME 应用程序的主头文件
3 | //
4 |
5 | #pragma once
6 |
7 | #ifndef __AFXWIN_H__
8 | #error "在包含此文件之前包含 'pch.h' 以生成 PCH"
9 | #endif
10 |
11 | #include "resource.h" // 主符号
12 |
13 |
14 | // CMyARKApp:
15 | // 有关此类的实现,请参阅 MyARK.cpp
16 | //
17 |
18 | class CMyARKApp : public CWinApp
19 | {
20 | public:
21 | CMyARKApp();
22 |
23 | // 重写
24 | public:
25 | virtual BOOL InitInstance();
26 |
27 | // 实现
28 |
29 | DECLARE_MESSAGE_MAP()
30 | };
31 |
32 | extern CMyARKApp theApp;
33 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CModule.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 |
4 | // CModule 对话框
5 |
6 | class CModule : public CDialogEx
7 | {
8 | DECLARE_DYNAMIC(CModule)
9 |
10 | public:
11 | CModule(CWnd* pParent = nullptr); // 标准构造函数
12 | virtual ~CModule();
13 |
14 | // 对话框数据
15 | #ifdef AFX_DESIGN_TIME
16 | enum { IDD = IDD_MODULE };
17 | #endif
18 |
19 | protected:
20 | virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
21 |
22 | DECLARE_MESSAGE_MAP()
23 | public:
24 | DWORD m_dwPID;
25 | CListCtrl m_ListCtrl;
26 | VOID GetModule();
27 | virtual BOOL OnInitDialog();
28 | };
29 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CThread.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 |
4 | // CThread 对话框
5 |
6 | class CThread : public CDialogEx
7 | {
8 | DECLARE_DYNAMIC(CThread)
9 |
10 | public:
11 | CThread(CWnd* pParent = nullptr); // 标准构造函数
12 | virtual ~CThread();
13 |
14 | // 对话框数据
15 | #ifdef AFX_DESIGN_TIME
16 | enum { IDD = IDD_THREAD };
17 | #endif
18 |
19 | protected:
20 | virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
21 |
22 | DECLARE_MESSAGE_MAP()
23 | public:
24 | DWORD m_dwPID;
25 | CListCtrl m_ListCtrl;
26 | virtual BOOL OnInitDialog();
27 | VOID GetThread();
28 | };
29 |
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/MyARKDriver.inf:
--------------------------------------------------------------------------------
1 | ;
2 | ; MyARKDriver.inf
3 | ;
4 |
5 | [Version]
6 | Signature="$WINDOWS NT$"
7 | Class=System
8 | ClassGuid={4d36e97d-e325-11ce-bfc1-08002be10318}
9 | Provider=%ManufacturerName%
10 | DriverVer=
11 | CatalogFile=MyARKDriver.cat
12 |
13 | [DestinationDirs]
14 | DefaultDestDir = 12
15 |
16 |
17 | [SourceDisksNames]
18 | 1 = %DiskName%,,,""
19 |
20 | [SourceDisksFiles]
21 |
22 |
23 | [Manufacturer]
24 | %ManufacturerName%=Standard,NT$ARCH$
25 |
26 | [Standard.NT$ARCH$]
27 |
28 |
29 | [Strings]
30 | ManufacturerName="" ;TODO: Replace with your manufacturer name
31 | ClassName=""
32 | DiskName="MyARKDriver Source Disk"
33 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CGDT.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 |
4 | // CGDT 对话框
5 |
6 | class CGDT : public CDialogEx
7 | {
8 | DECLARE_DYNAMIC(CGDT)
9 |
10 | public:
11 | CGDT(CWnd* pParent = nullptr); // 标准构造函数
12 | virtual ~CGDT();
13 |
14 | // 对话框数据
15 | #ifdef AFX_DESIGN_TIME
16 | enum { IDD = IDD_GDT };
17 | #endif
18 |
19 | protected:
20 | virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
21 |
22 | DECLARE_MESSAGE_MAP()
23 | public:
24 | CMenu m_Menu;
25 | CListCtrl m_ListCtrl;
26 | virtual BOOL OnInitDialog();
27 | afx_msg void OnFlush();
28 | afx_msg void OnRclickList1(NMHDR* pNMHDR, LRESULT* pResult);
29 | afx_msg LRESULT OnFlushgdt(WPARAM wParam, LPARAM lParam);
30 | };
31 |
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.inf:
--------------------------------------------------------------------------------
1 | ;
2 | ; MyARKDriver.inf
3 | ;
4 |
5 | [Version]
6 | Signature="$WINDOWS NT$"
7 | Class=System
8 | ClassGuid={4d36e97d-e325-11ce-bfc1-08002be10318}
9 | Provider=%ManufacturerName%
10 | DriverVer = 12/28/2019,16.33.26.144
11 | CatalogFile=MyARKDriver.cat
12 |
13 | [DestinationDirs]
14 | DefaultDestDir = 12
15 |
16 |
17 | [SourceDisksNames]
18 | 1 = %DiskName%,,,""
19 |
20 | [SourceDisksFiles]
21 |
22 |
23 | [Manufacturer]
24 | %ManufacturerName%=Standard,NTx86
25 |
26 | [Standard.NTx86]
27 |
28 |
29 | [Strings]
30 | ManufacturerName="" ;TODO: Replace with your manufacturer name
31 | ClassName=""
32 | DiskName="MyARKDriver Source Disk"
33 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CIDT.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 |
4 | // CIDT 对话框
5 |
6 | class CIDT : public CDialogEx
7 | {
8 | DECLARE_DYNAMIC(CIDT)
9 |
10 | public:
11 | CIDT(CWnd* pParent = nullptr); // 标准构造函数
12 | virtual ~CIDT();
13 |
14 | // 对话框数据
15 | #ifdef AFX_DESIGN_TIME
16 | enum { IDD = IDD_IDT };
17 | #endif
18 |
19 | protected:
20 | virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
21 |
22 | DECLARE_MESSAGE_MAP()
23 | public:
24 | CMenu m_Menu;
25 | CListCtrl m_ListCtrl;
26 | virtual BOOL OnInitDialog();
27 | protected:
28 | afx_msg LRESULT OnFlushIDT(WPARAM wParam, LPARAM lParam);
29 | public:
30 | afx_msg void OnFlush();
31 | afx_msg void OnRclickList1(NMHDR* pNMHDR, LRESULT* pResult);
32 | };
33 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CSSDT.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 |
4 | // CSSDT 对话框
5 |
6 | class CSSDT : public CDialogEx
7 | {
8 | DECLARE_DYNAMIC(CSSDT)
9 |
10 | public:
11 | CSSDT(CWnd* pParent = nullptr); // 标准构造函数
12 | virtual ~CSSDT();
13 |
14 | // 对话框数据
15 | #ifdef AFX_DESIGN_TIME
16 | enum { IDD = IDD_SSDT };
17 | #endif
18 |
19 | protected:
20 | virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
21 |
22 | DECLARE_MESSAGE_MAP()
23 | public:
24 | CMenu m_Menu;
25 | CListCtrl m_ListCtrl;
26 | virtual BOOL OnInitDialog();
27 | afx_msg void OnRclickList1(NMHDR* pNMHDR, LRESULT* pResult);
28 | afx_msg void OnFlushSSDT();
29 | protected:
30 | afx_msg LRESULT OnFlushssdt(WPARAM wParam, LPARAM lParam);
31 | };
32 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CEnumFile.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 |
4 | // CEnumFile 对话框
5 |
6 | class CEnumFile : public CDialogEx
7 | {
8 | DECLARE_DYNAMIC(CEnumFile)
9 |
10 | public:
11 | CEnumFile(CWnd* pParent = nullptr); // 标准构造函数
12 | virtual ~CEnumFile();
13 |
14 | // 对话框数据
15 | #ifdef AFX_DESIGN_TIME
16 | enum { IDD = IDD_ENUMFILE };
17 | #endif
18 |
19 | protected:
20 | virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
21 |
22 | DECLARE_MESSAGE_MAP()
23 | public:
24 | CTreeCtrl m_Tree;
25 | CListCtrl m_ListCtrl;
26 | CString m_Dir;
27 | CString m_FileName;
28 | CMenu m_Menu;
29 | virtual BOOL OnInitDialog();
30 | afx_msg void OnClickTree1(NMHDR* pNMHDR, LRESULT* pResult);
31 | afx_msg void OnDeleteFile();
32 | afx_msg void OnRclickList1(NMHDR* pNMHDR, LRESULT* pResult);
33 | };
34 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CRegister.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 |
4 | // CRegister 对话框
5 |
6 | class CRegister : public CDialogEx
7 | {
8 | DECLARE_DYNAMIC(CRegister)
9 |
10 | public:
11 | CRegister(CWnd* pParent = nullptr); // 标准构造函数
12 | virtual ~CRegister();
13 |
14 | // 对话框数据
15 | #ifdef AFX_DESIGN_TIME
16 | enum { IDD = IDD_REGISTER };
17 | #endif
18 |
19 | protected:
20 | virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
21 |
22 | DECLARE_MESSAGE_MAP()
23 | public:
24 | CListCtrl m_ListCtrl;
25 | CTreeCtrl m_Tree;
26 | CMenu m_Menu;
27 | CString m_FileName;
28 | virtual BOOL OnInitDialog();
29 | afx_msg void OnClickTree1(NMHDR* pNMHDR, LRESULT* pResult);
30 | afx_msg void OnRclickTree1(NMHDR* pNMHDR, LRESULT* pResult);
31 | afx_msg void OnNew();
32 | afx_msg void OnDelete();
33 | };
34 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CDriver.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 |
4 | // CDriver 对话框
5 |
6 | class CDriver : public CDialogEx
7 | {
8 | DECLARE_DYNAMIC(CDriver)
9 |
10 | public:
11 | CDriver(CWnd* pParent = nullptr); // 标准构造函数
12 | virtual ~CDriver();
13 |
14 | // 对话框数据
15 | #ifdef AFX_DESIGN_TIME
16 | enum { IDD = IDD_DRIVER };
17 | #endif
18 |
19 | protected:
20 | virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
21 |
22 | DECLARE_MESSAGE_MAP()
23 | public:
24 | virtual BOOL OnInitDialog();
25 | CListCtrl m_ListCtrl;
26 | CMenu m_Menu;
27 | WCHAR m_HideDriverName[256];
28 | protected:
29 | afx_msg LRESULT OnFlushDriver(WPARAM wParam, LPARAM lParam);
30 | public:
31 | afx_msg void OnRclickList1(NMHDR* pNMHDR, LRESULT* pResult);
32 | afx_msg void OnFLUSHLIST();
33 | afx_msg void OnHideDriver();
34 | };
35 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CProcess.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 |
4 | // CProcess 对话框
5 |
6 | class CProcess : public CDialogEx
7 | {
8 | DECLARE_DYNAMIC(CProcess)
9 |
10 | public:
11 | CProcess(CWnd* pParent = nullptr); // 标准构造函数
12 | virtual ~CProcess();
13 |
14 | // 对话框数据
15 | #ifdef AFX_DESIGN_TIME
16 | enum { IDD = IDD_PROCESS };
17 | #endif
18 |
19 | protected:
20 | virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
21 |
22 | DECLARE_MESSAGE_MAP()
23 | public:
24 | DWORD m_dwPID;
25 | CMenu m_Menu;
26 | CListCtrl m_ListCtrl;
27 | virtual BOOL OnInitDialog();
28 | protected:
29 | afx_msg LRESULT OnFlushProcess(WPARAM wParam, LPARAM lParam);
30 | public:
31 | afx_msg void OnRclickList1(NMHDR* pNMHDR, LRESULT* pResult);
32 | afx_msg void OnFlushList();
33 | afx_msg void OnThread();
34 | afx_msg void OnModule();
35 | afx_msg void OnHideProcess();
36 | afx_msg void OnTerminateProcess();
37 | };
38 |
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.log:
--------------------------------------------------------------------------------
1 | Building 'MyARKDriver' with toolset 'WindowsKernelModeDriver10.0' and the 'Desktop' target platform.
2 | Stamping Debug\MyARKDriver.inf
3 | Stamping [Version] section with DriverVer=12/28/2019,16.33.26.144
4 | data.c
5 | Driver.c
6 | KernelFunction.c
7 | Tool.c
8 | 正在生成代码...
9 | MyARKDriver.vcxproj -> C:\Users\Canary\source\repos\MyARKDriver\Debug\MyARKDriver.sys
10 | Done Adding Additional Store
11 | Successfully signed: C:\Users\Canary\source\repos\MyARKDriver\Debug\MyARKDriver.sys
12 |
13 | ........................
14 | Signability test complete.
15 |
16 | Errors:
17 | None
18 |
19 | Warnings:
20 | None
21 |
22 | Catalog generation complete.
23 | C:\Users\Canary\source\repos\MyARKDriver\Debug\MyARKDriver\myarkdriver.cat
24 | Done Adding Additional Store
25 | Successfully signed: C:\Users\Canary\source\repos\MyARKDriver\Debug\MyARKDriver\myarkdriver.cat
26 |
27 |
--------------------------------------------------------------------------------
/MyARK/MyARK/MyARKDlg.h:
--------------------------------------------------------------------------------
1 |
2 | // MyARKDlg.h: 头文件
3 | //
4 |
5 | #pragma once
6 | #include "Data.h"
7 | #include "CTab.h"
8 | #include
9 |
10 | // CMyARKDlg 对话框
11 | class CMyARKDlg : public CDialogEx
12 | {
13 | // 构造
14 | public:
15 | CMyARKDlg(CWnd* pParent = nullptr); // 标准构造函数
16 |
17 | // 对话框数据
18 | #ifdef AFX_DESIGN_TIME
19 | enum { IDD = IDD_MYARK_DIALOG };
20 | #endif
21 |
22 | protected:
23 | virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
24 |
25 |
26 | // 实现
27 | protected:
28 | HICON m_hIcon;
29 | // 生成的消息映射函数
30 | virtual BOOL OnInitDialog();
31 | afx_msg void OnPaint();
32 | afx_msg HCURSOR OnQueryDragIcon();
33 | DECLARE_MESSAGE_MAP()
34 | public:
35 | DWORD m_dwLastError;
36 | CString m_Path;
37 | SC_HANDLE m_hSCManager;
38 | SC_HANDLE m_hService;
39 | CTab m_TabCtrl;
40 | afx_msg void OnSelchangeTab1(NMHDR* pNMHDR, LRESULT* pResult);
41 | // 加载驱动
42 | VOID LoadDriver();
43 | // 启动驱动
44 | VOID StartDriver();
45 | // 停止驱动
46 | VOID StopDriver();
47 | // 卸载驱动
48 | VOID UnLoadDriver();
49 | virtual BOOL DestroyWindow();
50 | };
51 |
--------------------------------------------------------------------------------
/MyARK/MyARK.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.29613.14
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "MyARK", "MyARK\MyARK.vcxproj", "{9E525D7E-73FF-4B2E-AEB9-822A71C9B48E}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|x64 = Debug|x64
11 | Debug|x86 = Debug|x86
12 | Release|x64 = Release|x64
13 | Release|x86 = Release|x86
14 | EndGlobalSection
15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | {9E525D7E-73FF-4B2E-AEB9-822A71C9B48E}.Debug|x64.ActiveCfg = Debug|x64
17 | {9E525D7E-73FF-4B2E-AEB9-822A71C9B48E}.Debug|x64.Build.0 = Debug|x64
18 | {9E525D7E-73FF-4B2E-AEB9-822A71C9B48E}.Debug|x86.ActiveCfg = Debug|Win32
19 | {9E525D7E-73FF-4B2E-AEB9-822A71C9B48E}.Debug|x86.Build.0 = Debug|Win32
20 | {9E525D7E-73FF-4B2E-AEB9-822A71C9B48E}.Release|x64.ActiveCfg = Release|x64
21 | {9E525D7E-73FF-4B2E-AEB9-822A71C9B48E}.Release|x64.Build.0 = Release|x64
22 | {9E525D7E-73FF-4B2E-AEB9-822A71C9B48E}.Release|x86.ActiveCfg = Release|Win32
23 | {9E525D7E-73FF-4B2E-AEB9-822A71C9B48E}.Release|x86.Build.0 = Release|Win32
24 | EndGlobalSection
25 | GlobalSection(SolutionProperties) = preSolution
26 | HideSolutionNode = FALSE
27 | EndGlobalSection
28 | GlobalSection(ExtensibilityGlobals) = postSolution
29 | SolutionGuid = {FB1ABCB3-3CAF-4BE7-85E0-FAF5D709E113}
30 | EndGlobalSection
31 | EndGlobal
32 |
--------------------------------------------------------------------------------
/MyARK/MyARK/framework.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #ifndef VC_EXTRALEAN
4 | #define VC_EXTRALEAN // 从 Windows 头中排除极少使用的资料
5 | #endif
6 |
7 | #include "targetver.h"
8 |
9 | #define _ATL_CSTRING_EXPLICIT_CONSTRUCTORS // 某些 CString 构造函数将是显式的
10 |
11 | // 关闭 MFC 的一些常见且经常可放心忽略的隐藏警告消息
12 | #define _AFX_ALL_WARNINGS
13 |
14 | #include // MFC 核心组件和标准组件
15 | #include // MFC 扩展
16 |
17 |
18 | #include // MFC 自动化类
19 |
20 |
21 |
22 | #ifndef _AFX_NO_OLE_SUPPORT
23 | #include // MFC 对 Internet Explorer 4 公共控件的支持
24 | #endif
25 | #ifndef _AFX_NO_AFXCMN_SUPPORT
26 | #include // MFC 对 Windows 公共控件的支持
27 | #endif // _AFX_NO_AFXCMN_SUPPORT
28 |
29 | #include // MFC 支持功能区和控制条
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 | #ifdef _UNICODE
40 | #if defined _M_IX86
41 | #pragma comment(linker,"/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='x86' publicKeyToken='6595b64144ccf1df' language='*'\"")
42 | #elif defined _M_X64
43 | #pragma comment(linker,"/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='amd64' publicKeyToken='6595b64144ccf1df' language='*'\"")
44 | #else
45 | #pragma comment(linker,"/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='*' publicKeyToken='6595b64144ccf1df' language='*'\"")
46 | #endif
47 | #endif
48 |
49 |
50 |
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/MyARKDriver.vcxproj.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
7 |
8 |
9 | {93995380-89BD-4b04-88EB-625FBE52EBFB}
10 | h;hpp;hxx;hm;inl;inc;xsd
11 |
12 |
13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
15 |
16 |
17 | {8E41214B-6785-4CFE-B992-037D68949A14}
18 | inf;inv;inx;mof;mc;
19 |
20 |
21 |
22 |
23 | Driver Files
24 |
25 |
26 |
27 |
28 | Source Files
29 |
30 |
31 | Source Files
32 |
33 |
34 | Source Files
35 |
36 |
37 | Source Files
38 |
39 |
40 |
41 |
42 | Header Files
43 |
44 |
45 | Header Files
46 |
47 |
48 | Header Files
49 |
50 |
51 |
--------------------------------------------------------------------------------
/MyARK/MyARK/resource.h:
--------------------------------------------------------------------------------
1 | //{{NO_DEPENDENCIES}}
2 | // Microsoft Visual C++ 生成的包含文件。
3 | // 供 MyARK.rc 使用
4 | //
5 | #define IDD_MYARK_DIALOG 102
6 | #define IDR_MAINFRAME 128
7 | #define IDD_DRIVER 134
8 | #define IDR_MENU1 136
9 | #define IDD_PROCESS 137
10 | #define IDR_MENU2 139
11 | #define IDD_THREAD 140
12 | #define IDD_MODULE 142
13 | #define IDD_ENUMFILE 144
14 | #define IDR_MENU3 146
15 | #define IDD_IDT 147
16 | #define IDR_MENU4 149
17 | #define IDD_GDT 150
18 | #define IDR_MENU5 152
19 | #define IDD_SSDT 153
20 | #define IDR_MENU6 155
21 | #define IDD_REGISTER 156
22 | #define IDR_MENU7 158
23 | #define IDC_TAB1 1002
24 | #define IDC_LIST1 1003
25 | #define IDC_TREE1 1012
26 | #define ID_32771 32771
27 | #define ID_32772 32772
28 | #define ID_32773 32773
29 | #define ID_32774 32774
30 | #define ID_32775 32775
31 | #define ID_32776 32776
32 | #define ID_32777 32777
33 | #define ID_32778 32778
34 | #define ID_IDT_32779 32779
35 | #define ID_GDT_32780 32780
36 | #define ID_SSDT_32781 32781
37 | #define ID_32782 32782
38 | #define ID_32783 32783
39 |
40 | // Next default values for new objects
41 | //
42 | #ifdef APSTUDIO_INVOKED
43 | #ifndef APSTUDIO_READONLY_SYMBOLS
44 | #define _APS_NEXT_RESOURCE_VALUE 159
45 | #define _APS_NEXT_COMMAND_VALUE 32784
46 | #define _APS_NEXT_CONTROL_VALUE 1014
47 | #define _APS_NEXT_SYMED_VALUE 101
48 | #endif
49 | #endif
50 |
--------------------------------------------------------------------------------
/MyARK/MyARK/MyARK.cpp:
--------------------------------------------------------------------------------
1 |
2 | // MyARK.cpp: 定义应用程序的类行为。
3 | //
4 |
5 | #include "pch.h"
6 | #include "framework.h"
7 | #include "MyARK.h"
8 | #include "MyARKDlg.h"
9 |
10 | #ifdef _DEBUG
11 | #define new DEBUG_NEW
12 | #endif
13 |
14 |
15 | // CMyARKApp
16 |
17 | BEGIN_MESSAGE_MAP(CMyARKApp, CWinApp)
18 | ON_COMMAND(ID_HELP, &CWinApp::OnHelp)
19 | END_MESSAGE_MAP()
20 |
21 |
22 | // CMyARKApp 构造
23 |
24 | CMyARKApp::CMyARKApp()
25 | {
26 | // 支持重新启动管理器
27 | m_dwRestartManagerSupportFlags = AFX_RESTART_MANAGER_SUPPORT_RESTART;
28 |
29 | // TODO: 在此处添加构造代码,
30 | // 将所有重要的初始化放置在 InitInstance 中
31 | }
32 |
33 |
34 | // 唯一的 CMyARKApp 对象
35 |
36 | CMyARKApp theApp;
37 |
38 |
39 | // CMyARKApp 初始化
40 |
41 | BOOL CMyARKApp::InitInstance()
42 | {
43 | // 如果一个运行在 Windows XP 上的应用程序清单指定要
44 | // 使用 ComCtl32.dll 版本 6 或更高版本来启用可视化方式,
45 | //则需要 InitCommonControlsEx()。 否则,将无法创建窗口。
46 | INITCOMMONCONTROLSEX InitCtrls;
47 | InitCtrls.dwSize = sizeof(InitCtrls);
48 | // 将它设置为包括所有要在应用程序中使用的
49 | // 公共控件类。
50 | InitCtrls.dwICC = ICC_WIN95_CLASSES;
51 | InitCommonControlsEx(&InitCtrls);
52 |
53 | CWinApp::InitInstance();
54 |
55 |
56 | AfxEnableControlContainer();
57 |
58 | // 创建 shell 管理器,以防对话框包含
59 | // 任何 shell 树视图控件或 shell 列表视图控件。
60 | CShellManager *pShellManager = new CShellManager;
61 |
62 | // 激活“Windows Native”视觉管理器,以便在 MFC 控件中启用主题
63 | CMFCVisualManager::SetDefaultManager(RUNTIME_CLASS(CMFCVisualManagerWindows));
64 |
65 | // 标准初始化
66 | // 如果未使用这些功能并希望减小
67 | // 最终可执行文件的大小,则应移除下列
68 | // 不需要的特定初始化例程
69 | // 更改用于存储设置的注册表项
70 | // TODO: 应适当修改该字符串,
71 | // 例如修改为公司或组织名
72 | SetRegistryKey(_T("应用程序向导生成的本地应用程序"));
73 |
74 | CMyARKDlg dlg;
75 | m_pMainWnd = &dlg;
76 | INT_PTR nResponse = dlg.DoModal();
77 | if (nResponse == IDOK)
78 | {
79 | // TODO: 在此放置处理何时用
80 | // “确定”来关闭对话框的代码
81 | }
82 | else if (nResponse == IDCANCEL)
83 | {
84 | // TODO: 在此放置处理何时用
85 | // “取消”来关闭对话框的代码
86 | }
87 | else if (nResponse == -1)
88 | {
89 | TRACE(traceAppMsg, 0, "警告: 对话框创建失败,应用程序将意外终止。\n");
90 | TRACE(traceAppMsg, 0, "警告: 如果您在对话框上使用 MFC 控件,则无法 #define _AFX_NO_MFC_CONTROLS_IN_DIALOGS。\n");
91 | }
92 |
93 | // 删除上面创建的 shell 管理器。
94 | if (pShellManager != nullptr)
95 | {
96 | delete pShellManager;
97 | }
98 |
99 | #if !defined(_AFXDLL) && !defined(_AFX_NO_MFC_CONTROLS_IN_DIALOGS)
100 | ControlBarCleanUp();
101 | #endif
102 |
103 | // 由于对话框已关闭,所以将返回 FALSE 以便退出应用程序,
104 | // 而不是启动应用程序的消息泵。
105 | return FALSE;
106 | }
107 |
108 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CModule.cpp:
--------------------------------------------------------------------------------
1 | // CModule.cpp: 实现文件
2 | //
3 |
4 | #include "pch.h"
5 | #include "MyARK.h"
6 | #include "CModule.h"
7 | #include "afxdialogex.h"
8 | #include "Data.h"
9 |
10 |
11 | // CModule 对话框
12 |
13 | IMPLEMENT_DYNAMIC(CModule, CDialogEx)
14 |
15 | CModule::CModule(CWnd* pParent /*=nullptr*/)
16 | : CDialogEx(IDD_MODULE, pParent)
17 | {
18 |
19 | }
20 |
21 | CModule::~CModule()
22 | {
23 | }
24 |
25 | void CModule::DoDataExchange(CDataExchange* pDX)
26 | {
27 | CDialogEx::DoDataExchange(pDX);
28 | DDX_Control(pDX, IDC_LIST1, m_ListCtrl);
29 | }
30 |
31 |
32 | BEGIN_MESSAGE_MAP(CModule, CDialogEx)
33 | END_MESSAGE_MAP()
34 |
35 |
36 | // CModule 消息处理程序
37 |
38 |
39 | //*****************************************************************************************
40 | // 函数名称: GetModule
41 | // 函数说明: 获取模块的
42 | // 作 者: lracker
43 | // 时 间: 2019/12/25
44 | // 返 回 值: VOID
45 | //*****************************************************************************************
46 | VOID CModule::GetModule()
47 | {
48 | m_ListCtrl.DeleteAllItems();
49 | PMODULE test;
50 | DWORD dwSize = 0;
51 | // 先发出一次请求,返回所需要的大小。
52 | DeviceIoControl(g_hDev, ENUMMODULE, &m_dwPID, sizeof(DWORD), &test, sizeof(MODULE), &dwSize, NULL);
53 | // 根据返回来的大小重新申请空间
54 | PMODULE pModule = new MODULE[dwSize]();
55 | DeviceIoControl(g_hDev, ENUMMODULE, &m_dwPID, dwSize, pModule, dwSize, &dwSize, NULL);
56 | // 所有项数
57 | int nCount = dwSize / sizeof(MODULE);
58 | int i = 0;
59 | int nIndex = 0;
60 | while (nCount)
61 | {
62 | --nCount;
63 | m_ListCtrl.InsertItem(nIndex, _T(""));
64 | CString Temp;
65 | Temp.Format(L"%d", nIndex + 1);
66 | m_ListCtrl.SetItemText(nIndex, 0, Temp); // 序号
67 | m_ListCtrl.SetItemText(nIndex, 1, pModule[i].FULLDLLNAME); // 路径
68 | Temp.Format(L"0x%08x", pModule[i].dwStartAddress);
69 | m_ListCtrl.SetItemText(nIndex, 2, Temp); // 基地址
70 | Temp.Format(L"0x%08x", pModule[i].dwSize);
71 | m_ListCtrl.SetItemText(nIndex, 3, Temp); // 大小
72 | ++i;
73 | ++nIndex;
74 | }
75 | delete[] pModule;
76 | }
77 |
78 | BOOL CModule::OnInitDialog()
79 | {
80 | CDialogEx::OnInitDialog();
81 |
82 | DWORD dwStyle = 0;
83 | dwStyle = m_ListCtrl.GetExtendedStyle();
84 | m_ListCtrl.SetExtendedStyle(dwStyle | LVS_EX_GRIDLINES | LVS_EX_FULLROWSELECT);
85 | CRect cRect;
86 | m_ListCtrl.GetClientRect(cRect);
87 | m_ListCtrl.InsertColumn(0, L"序号", 0, cRect.Width() / 4);
88 | m_ListCtrl.InsertColumn(1, L"模块路径", 0, cRect.Width() / 4);
89 | m_ListCtrl.InsertColumn(2, L"基地址", 0, cRect.Width() / 4);
90 | m_ListCtrl.InsertColumn(3, L"大小", 0, cRect.Width() / 4);
91 | GetModule();
92 | return TRUE; // return TRUE unless you set the focus to a control
93 | // 异常: OCX 属性页应返回 FALSE
94 | }
95 |
96 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CSSDT.cpp:
--------------------------------------------------------------------------------
1 | // CSSDT.cpp: 实现文件
2 | //
3 |
4 | #include "pch.h"
5 | #include "MyARK.h"
6 | #include "CSSDT.h"
7 | #include "afxdialogex.h"
8 | #include "Data.h"
9 |
10 |
11 | // CSSDT 对话框
12 |
13 | IMPLEMENT_DYNAMIC(CSSDT, CDialogEx)
14 |
15 | CSSDT::CSSDT(CWnd* pParent /*=nullptr*/)
16 | : CDialogEx(IDD_SSDT, pParent)
17 | {
18 |
19 | }
20 |
21 | CSSDT::~CSSDT()
22 | {
23 | }
24 |
25 | void CSSDT::DoDataExchange(CDataExchange* pDX)
26 | {
27 | CDialogEx::DoDataExchange(pDX);
28 | DDX_Control(pDX, IDC_LIST1, m_ListCtrl);
29 | }
30 |
31 |
32 | BEGIN_MESSAGE_MAP(CSSDT, CDialogEx)
33 | ON_NOTIFY(NM_RCLICK, IDC_LIST1, &CSSDT::OnRclickList1)
34 | ON_COMMAND(ID_SSDT_32781, &CSSDT::OnFlushSSDT)
35 | ON_MESSAGE(WM_FLUSHSSDT, &CSSDT::OnFlushssdt)
36 | END_MESSAGE_MAP()
37 |
38 |
39 | // CSSDT 消息处理程序
40 | DWORD WINAPI ThreadProc4(_In_ LPVOID lpParameter)
41 | {
42 | Sleep(300);
43 | HWND hWnd = (HWND)lpParameter;
44 | SendMessage(hWnd, WM_FLUSHSSDT, 0, 0);
45 | return 0;
46 | }
47 |
48 | BOOL CSSDT::OnInitDialog()
49 | {
50 | CDialogEx::OnInitDialog();
51 | DWORD dwOldStyle = 0;
52 | dwOldStyle = m_ListCtrl.GetExtendedStyle();
53 | m_ListCtrl.SetExtendedStyle(dwOldStyle | LVS_EX_FULLROWSELECT | LVS_EX_GRIDLINES);
54 | CRect cRect;
55 | m_ListCtrl.GetClientRect(cRect);
56 | m_ListCtrl.InsertColumn(0, L"系统调用号", 0, cRect.Width() / 2);
57 | m_ListCtrl.InsertColumn(1, L"地址", 0, cRect.Width() / 2);
58 | m_Menu.LoadMenuW(IDR_MENU6);
59 | CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)ThreadProc4, this->m_hWnd, 0, 0);
60 | return TRUE; // return TRUE unless you set the focus to a control
61 | // 异常: OCX 属性页应返回 FALSE
62 | }
63 |
64 |
65 | void CSSDT::OnRclickList1(NMHDR* pNMHDR, LRESULT* pResult)
66 | {
67 | LPNMITEMACTIVATE pNMItemActivate = reinterpret_cast(pNMHDR);
68 | POINT Point = { 0 };
69 | GetCursorPos(&Point);
70 | // 获取菜单的子菜单
71 | CMenu* SubMenu = m_Menu.GetSubMenu(0);
72 | *pResult = 0;
73 | }
74 |
75 |
76 | void CSSDT::OnFlushSSDT()
77 | {
78 | SendMessage(WM_FLUSHSSDT, 0, 0);
79 | }
80 |
81 | afx_msg LRESULT CSSDT::OnFlushssdt(WPARAM wParam, LPARAM lParam)
82 | {
83 | SSDT test;
84 | DWORD dwSize = 0;
85 | DeviceIoControl(g_hDev, ENUMSSDT, NULL, NULL, &test, sizeof(SSDT), &dwSize, NULL);
86 | int nNum = dwSize / sizeof(SSDT);
87 | PSSDT pSSDT = new SSDT[nNum]();
88 | DeviceIoControl(g_hDev, ENUMSSDT, NULL, NULL, pSSDT, dwSize, &dwSize, NULL);
89 | CString Buffer;
90 | for (int i = 0; i < nNum; ++i)
91 | {
92 | m_ListCtrl.InsertItem(i, _T(""));
93 | Buffer.Format(L"0x%x", pSSDT[i].SysCallIndex);
94 | m_ListCtrl.SetItemText(i, 0, Buffer);
95 | Buffer.Format(L"0x%08x", pSSDT[i].Address);
96 | m_ListCtrl.SetItemText(i, 1, Buffer);
97 | }
98 | return 0;
99 | }
100 |
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/Debug/MyARKDriver.Build.CppClean.log:
--------------------------------------------------------------------------------
1 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\vc142.pdb
2 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\tool.obj
3 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\kernelfunction.obj
4 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\driver.obj
5 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\data.obj
6 | c:\users\canary\source\repos\myarkdriver\debug\myarkdriver\myarkdriver.cat
7 | c:\users\canary\source\repos\myarkdriver\debug\myarkdriver.sys
8 | c:\users\canary\source\repos\myarkdriver\debug\myarkdriver.pdb
9 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.inf
10 | c:\users\canary\source\repos\myarkdriver\debug\myarkdriver.cer
11 | c:\users\canary\source\repos\myarkdriver\debug\myarkdriver.inf
12 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\cl.command.1.tlog
13 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\cl.read.1.tlog
14 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\cl.write.1.tlog
15 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\inf2cat-expand.28092.read.1.tlog
16 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\inf2cat-expand.28092.write.1.tlog
17 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\inf2cat-expand.read.1.tlog
18 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\inf2cat-expand.write.1.tlog
19 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\inf2cat.command.1.tlog
20 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\inf2cat.read.1.tlog
21 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\inf2cat.write.1.tlog
22 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\link.command.1.tlog
23 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\link.read.1.tlog
24 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\link.write.1.tlog
25 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\signtool.command.1.tlog
26 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\signtool.read.1.tlog
27 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\signtool.timestamp.1.tlog
28 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\signtool.write.1.tlog
29 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\stampinf.command.1.tlog
30 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\stampinf.read.1.tlog
31 | c:\users\canary\source\repos\myarkdriver\myarkdriver\debug\myarkdriver.tlog\stampinf.write.1.tlog
32 |
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.29613.14
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "MyARKDriver", "MyARKDriver\MyARKDriver.vcxproj", "{E3B8CECA-D8E5-4DF0-9B01-8F290447A829}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|ARM = Debug|ARM
11 | Debug|ARM64 = Debug|ARM64
12 | Debug|x64 = Debug|x64
13 | Debug|x86 = Debug|x86
14 | Release|ARM = Release|ARM
15 | Release|ARM64 = Release|ARM64
16 | Release|x64 = Release|x64
17 | Release|x86 = Release|x86
18 | EndGlobalSection
19 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
20 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Debug|ARM.ActiveCfg = Debug|ARM
21 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Debug|ARM.Build.0 = Debug|ARM
22 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Debug|ARM.Deploy.0 = Debug|ARM
23 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Debug|ARM64.ActiveCfg = Debug|ARM64
24 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Debug|ARM64.Build.0 = Debug|ARM64
25 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Debug|ARM64.Deploy.0 = Debug|ARM64
26 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Debug|x64.ActiveCfg = Debug|x64
27 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Debug|x64.Build.0 = Debug|x64
28 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Debug|x64.Deploy.0 = Debug|x64
29 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Debug|x86.ActiveCfg = Debug|Win32
30 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Debug|x86.Build.0 = Debug|Win32
31 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Debug|x86.Deploy.0 = Debug|Win32
32 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Release|ARM.ActiveCfg = Release|ARM
33 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Release|ARM.Build.0 = Release|ARM
34 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Release|ARM.Deploy.0 = Release|ARM
35 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Release|ARM64.ActiveCfg = Release|ARM64
36 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Release|ARM64.Build.0 = Release|ARM64
37 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Release|ARM64.Deploy.0 = Release|ARM64
38 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Release|x64.ActiveCfg = Release|x64
39 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Release|x64.Build.0 = Release|x64
40 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Release|x64.Deploy.0 = Release|x64
41 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Release|x86.ActiveCfg = Release|Win32
42 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Release|x86.Build.0 = Release|Win32
43 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}.Release|x86.Deploy.0 = Release|Win32
44 | EndGlobalSection
45 | GlobalSection(SolutionProperties) = preSolution
46 | HideSolutionNode = FALSE
47 | EndGlobalSection
48 | GlobalSection(ExtensibilityGlobals) = postSolution
49 | SolutionGuid = {D1A2E5EC-7B4D-4ADC-8C45-DB54D78DE729}
50 | EndGlobalSection
51 | EndGlobal
52 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CIDT.cpp:
--------------------------------------------------------------------------------
1 | // CIDT.cpp: 实现文件
2 | //
3 |
4 | #include "pch.h"
5 | #include "MyARK.h"
6 | #include "CIDT.h"
7 | #include "afxdialogex.h"
8 | #include "Data.h"
9 |
10 |
11 | // CIDT 对话框
12 |
13 | IMPLEMENT_DYNAMIC(CIDT, CDialogEx)
14 |
15 | CIDT::CIDT(CWnd* pParent /*=nullptr*/)
16 | : CDialogEx(IDD_IDT, pParent)
17 | {
18 |
19 | }
20 |
21 | CIDT::~CIDT()
22 | {
23 | }
24 |
25 | void CIDT::DoDataExchange(CDataExchange* pDX)
26 | {
27 | CDialogEx::DoDataExchange(pDX);
28 | DDX_Control(pDX, IDC_LIST1, m_ListCtrl);
29 | }
30 |
31 |
32 | BEGIN_MESSAGE_MAP(CIDT, CDialogEx)
33 | ON_MESSAGE(WM_FLUSHIDT, &CIDT::OnFlushIDT)
34 | ON_COMMAND(ID_IDT_32779, &CIDT::OnFlush)
35 | ON_NOTIFY(NM_RCLICK, IDC_LIST1, &CIDT::OnRclickList1)
36 | END_MESSAGE_MAP()
37 |
38 |
39 | // CIDT 消息处理程序
40 |
41 | DWORD WINAPI ThreadProc2(_In_ LPVOID lpParameter)
42 | {
43 | Sleep(300);
44 | HWND hWnd = (HWND)lpParameter;
45 | SendMessage(hWnd, WM_FLUSHIDT, 0, 0);
46 | return 0;
47 | }
48 |
49 | BOOL CIDT::OnInitDialog()
50 | {
51 | CDialogEx::OnInitDialog();
52 |
53 | DWORD dwOldStyle = m_ListCtrl.GetExtendedStyle();
54 | m_ListCtrl.SetExtendedStyle(dwOldStyle | LVS_EX_GRIDLINES | LVS_EX_FULLROWSELECT);
55 | CRect cRect;
56 | m_ListCtrl.GetClientRect(cRect);
57 | m_ListCtrl.InsertColumn(0, L"中断地址", 0, cRect.Width() / 5);
58 | m_ListCtrl.InsertColumn(1, L"中断号", 0, cRect.Width() / 5);
59 | m_ListCtrl.InsertColumn(2, L"段选择子", 0, cRect.Width() / 5);
60 | m_ListCtrl.InsertColumn(3, L"类型", 0, cRect.Width() / 5);
61 | m_ListCtrl.InsertColumn(4, L"特权等级", 0, cRect.Width() / 5);
62 | m_Menu.LoadMenuW(IDR_MENU4);
63 | CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)ThreadProc2, this->m_hWnd, 0, 0);
64 | return TRUE; // return TRUE unless you set the focus to a control
65 | // 异常: OCX 属性页应返回 FALSE
66 | }
67 |
68 |
69 | afx_msg LRESULT CIDT::OnFlushIDT(WPARAM wParam, LPARAM lParam)
70 | {
71 | m_ListCtrl.DeleteAllItems();
72 | PIDT_ENTRY pIdt = new IDT_ENTRY[0x100]();
73 | DWORD dwSize = 0;
74 | DeviceIoControl(g_hDev, ENUMIDT, NULL, NULL, pIdt, 0x100 * sizeof(IDT_ENTRY), &dwSize, NULL);
75 | for (int i = 0; i < 0x100; ++i)
76 | {
77 | m_ListCtrl.InsertItem(i, _T(""));
78 | CString Temp;
79 | ULONG Idt_address = MAKELONG(pIdt[i].uOffsetLow, pIdt[i].uOffsetHigh);
80 | Temp.Format(L"0x%08x", Idt_address);
81 | m_ListCtrl.SetItemText(i, 0, Temp); // 中断地址
82 | Temp.Format(L"%d", i);
83 | m_ListCtrl.SetItemText(i, 1, Temp); // 中断号
84 | Temp.Format(L"%d", pIdt[i].uSelector);
85 | m_ListCtrl.SetItemText(i, 2, Temp); // 段选择子
86 | Temp.Format(L"%d", pIdt[i].uType);
87 | m_ListCtrl.SetItemText(i, 3, Temp); // 类型
88 | Temp.Format(L"%d", pIdt[i].uDpl);
89 | m_ListCtrl.SetItemText(i, 4, Temp); // 特权等级
90 | }
91 | return 0;
92 | }
93 |
94 |
95 | void CIDT::OnFlush()
96 | {
97 | SendMessage(WM_FLUSHIDT, 0, 0);
98 | }
99 |
100 |
101 | void CIDT::OnRclickList1(NMHDR* pNMHDR, LRESULT* pResult)
102 | {
103 | LPNMITEMACTIVATE pNMItemActivate = reinterpret_cast(pNMHDR);
104 | // 获取当前鼠标相对于屏幕的位置
105 | POINT Point = { 0 };
106 | GetCursorPos(&Point);
107 | // 获取菜单的子菜单
108 | CMenu* SubMenu = m_Menu.GetSubMenu(0);
109 | // 弹出窗口
110 | SubMenu->TrackPopupMenu(TPM_LEFTALIGN, Point.x, Point.y, this);
111 | *pResult = 0;
112 | }
113 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CThread.cpp:
--------------------------------------------------------------------------------
1 | // CThread.cpp: 实现文件
2 | //
3 |
4 | #include "pch.h"
5 | #include "MyARK.h"
6 | #include "CThread.h"
7 | #include "afxdialogex.h"
8 | #include "Data.h"
9 |
10 |
11 | // CThread 对话框
12 |
13 | IMPLEMENT_DYNAMIC(CThread, CDialogEx)
14 |
15 | CThread::CThread(CWnd* pParent /*=nullptr*/)
16 | : CDialogEx(IDD_THREAD, pParent)
17 | {
18 |
19 | }
20 |
21 | CThread::~CThread()
22 | {
23 | }
24 |
25 | void CThread::DoDataExchange(CDataExchange* pDX)
26 | {
27 | CDialogEx::DoDataExchange(pDX);
28 | DDX_Control(pDX, IDC_LIST1, m_ListCtrl);
29 | }
30 |
31 |
32 | BEGIN_MESSAGE_MAP(CThread, CDialogEx)
33 | END_MESSAGE_MAP()
34 |
35 |
36 | // CThread 消息处理程序
37 |
38 |
39 | BOOL CThread::OnInitDialog()
40 | {
41 | CDialogEx::OnInitDialog();
42 |
43 | DWORD dwOldStyle = 0;
44 | dwOldStyle = m_ListCtrl.GetExtendedStyle();
45 | m_ListCtrl.SetExtendedStyle(dwOldStyle | LVS_EX_FULLROWSELECT | LVS_EX_GRIDLINES);
46 | CRect cRect;
47 | m_ListCtrl.GetClientRect(cRect);
48 | m_ListCtrl.InsertColumn(0, L"序号", 0, cRect.Width() / 5);
49 | m_ListCtrl.InsertColumn(1, L"TID", 0, cRect.Width() / 5);
50 | m_ListCtrl.InsertColumn(2, L"优先级", 0, cRect.Width() / 5);
51 | m_ListCtrl.InsertColumn(3, L"线程起始地址", 0, cRect.Width() / 5);
52 | m_ListCtrl.InsertColumn(4, L"状态", 0, cRect.Width() / 5);
53 | GetThread();
54 | return TRUE; // return TRUE unless you set the focus to a control
55 | // 异常: OCX 属性页应返回 FALSE
56 | }
57 |
58 | WCHAR* NumToStatus(INT nNum)
59 | {
60 | WCHAR* Buffer = L"NULL";
61 | switch (nNum)
62 | {
63 | case 0:
64 | Buffer = L"已初始化";
65 | break;
66 | case 1:
67 | Buffer = L"准备";
68 | break;
69 | case 2:
70 | Buffer = L"运行中";
71 | break;
72 | case 3:
73 | Buffer = L"Standby";
74 | break;
75 | case 4:
76 | Buffer = L"终止";
77 | break;
78 | case 5:
79 | Buffer = L"等待";
80 | break;
81 | case 6:
82 | Buffer = L"Transition";
83 | break;
84 | case 7:
85 | Buffer = L"DeferredReady";
86 | break;
87 | case 8:
88 | Buffer = L"GateWait";
89 | break;
90 | default:
91 | break;
92 | }
93 | return Buffer;
94 | }
95 |
96 | VOID CThread::GetThread()
97 | {
98 | m_ListCtrl.DeleteAllItems();
99 | PTHREAD test;
100 | DWORD dwSize = 0;
101 | // 先发出一次请求,返回所需要的大小。
102 | DeviceIoControl(g_hDev, ENUMTHREAD, &m_dwPID, sizeof(DWORD), &test, sizeof(THREAD), &dwSize, NULL);
103 | // 根据返回来的大小重新申请空间
104 | PTHREAD pThread = new THREAD[dwSize]();
105 | DeviceIoControl(g_hDev, ENUMTHREAD, &m_dwPID, dwSize, pThread, dwSize, &dwSize, NULL);
106 | // 所有项数
107 | int nCount = dwSize / sizeof(THREAD);
108 | int i = 0;
109 | int nIndex = 0;
110 | while (nCount)
111 | {
112 | --nCount;
113 | m_ListCtrl.InsertItem(nIndex, _T(""));
114 | CString Temp;
115 | Temp.Format(L"%d", nIndex + 1);
116 | m_ListCtrl.SetItemText(nIndex, 0, Temp); // 序号
117 | Temp.Format(L"%d", pThread[i].dwTID);
118 | m_ListCtrl.SetItemText(nIndex, 1, Temp); // TID
119 | Temp.Format(L"%d", pThread[i].dwBasePriority);
120 | m_ListCtrl.SetItemText(nIndex, 2, Temp); // BasePriority
121 | Temp.Format(L"0x%08x", pThread[i].dwStartAddress);
122 | m_ListCtrl.SetItemText(nIndex, 3, Temp); // 起始地址
123 | m_ListCtrl.SetItemText(nIndex, 4, NumToStatus(pThread[i].dwStatus)); // 状态
124 | ++i;
125 | ++nIndex;
126 | }
127 | delete[] pThread;
128 | }
129 |
130 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CGDT.cpp:
--------------------------------------------------------------------------------
1 | // CGDT.cpp: 实现文件
2 | //
3 |
4 | #include "pch.h"
5 | #include "MyARK.h"
6 | #include "CGDT.h"
7 | #include "afxdialogex.h"
8 | #include "Data.h"
9 |
10 |
11 | // CGDT 对话框
12 |
13 | IMPLEMENT_DYNAMIC(CGDT, CDialogEx)
14 |
15 | CGDT::CGDT(CWnd* pParent /*=nullptr*/)
16 | : CDialogEx(IDD_GDT, pParent)
17 | {
18 |
19 | }
20 |
21 | CGDT::~CGDT()
22 | {
23 | }
24 |
25 | void CGDT::DoDataExchange(CDataExchange* pDX)
26 | {
27 | CDialogEx::DoDataExchange(pDX);
28 | DDX_Control(pDX, IDC_LIST1, m_ListCtrl);
29 | }
30 |
31 |
32 | BEGIN_MESSAGE_MAP(CGDT, CDialogEx)
33 | ON_MESSAGE(WM_FLUSHGDT, &CGDT::OnFlushgdt)
34 | ON_COMMAND(ID_GDT_32780, &CGDT::OnFlush)
35 | ON_NOTIFY(NM_RCLICK, IDC_LIST1, &CGDT::OnRclickList1)
36 | END_MESSAGE_MAP()
37 |
38 |
39 | // CGDT 消息处理程序
40 | DWORD WINAPI ThreadProc3(_In_ LPVOID lpParameter)
41 | {
42 | Sleep(300);
43 | HWND hWnd = (HWND)lpParameter;
44 | SendMessage(hWnd, WM_FLUSHGDT, 0, 0);
45 | return 0;
46 | }
47 |
48 | BOOL CGDT::OnInitDialog()
49 | {
50 | CDialogEx::OnInitDialog();
51 | DWORD dwOldStyle = m_ListCtrl.GetExtendedStyle();
52 | m_ListCtrl.SetExtendedStyle(dwOldStyle | LVS_EX_GRIDLINES | LVS_EX_FULLROWSELECT);
53 | CRect cRect;
54 | m_ListCtrl.GetClientRect(cRect);
55 | m_ListCtrl.InsertColumn(0, L"基址", 0, cRect.Width() / 5);
56 | m_ListCtrl.InsertColumn(1, L"界限", 0, cRect.Width() / 5);
57 | m_ListCtrl.InsertColumn(2, L"段粒度", 0, cRect.Width() / 5);
58 | m_ListCtrl.InsertColumn(3, L"段特权", 0, cRect.Width() / 5);
59 | m_ListCtrl.InsertColumn(4, L"类型", 0, cRect.Width() / 5);
60 | m_Menu.LoadMenuW(IDR_MENU5);
61 | CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)ThreadProc3, this->m_hWnd, 0, 0);
62 |
63 | return TRUE; // return TRUE unless you set the focus to a control
64 | // 异常: OCX 属性页应返回 FALSE
65 | }
66 |
67 |
68 | afx_msg LRESULT CGDT::OnFlushgdt(WPARAM wParam, LPARAM lParam)
69 | {
70 | m_ListCtrl.DeleteAllItems();
71 | GDT_ENTRY test;
72 | DWORD dwSize = 0;
73 | DeviceIoControl(g_hDev, ENUMGDT, NULL, NULL, &test, sizeof(GDT_ENTRY), &dwSize, NULL);
74 | int nCount = dwSize / sizeof(GDT_ENTRY);
75 | PGDT_ENTRY pGdt = new GDT_ENTRY[nCount]();
76 | DeviceIoControl(g_hDev, ENUMGDT, NULL, NULL, pGdt, dwSize, &dwSize, NULL);
77 | int i = 0;
78 | while (nCount)
79 | {
80 | --nCount;
81 | m_ListCtrl.InsertItem(i, _T(""));
82 | CString Buffer;
83 | LONG Base = (pGdt[i].Base24_31 << 24) + pGdt[i].base0_23;
84 | Buffer.Format(L"0x%08x", Base);
85 | m_ListCtrl.SetItemText(i, 0, Buffer); // 基址
86 | LONG Limit = (pGdt[i].Limit16_19 << 16) + pGdt[i].Limit0_15;
87 | Buffer.Format(L"0x%08x", Limit);
88 | m_ListCtrl.SetItemText(i, 1, Buffer); // 限长
89 | if (pGdt[i].G == 0)
90 | Buffer = L"Byte";
91 | else if (pGdt[i].G == 1)
92 | Buffer = L"Page";
93 | m_ListCtrl.SetItemText(i, 2, Buffer); // 粒度
94 | Buffer.Format(L"%d", pGdt[i].DPL);
95 | m_ListCtrl.SetItemText(i, 3, Buffer); // DPL
96 | // 首先判断类型
97 | if (pGdt[i].S == 0) // 系统段
98 | {
99 | switch (pGdt[i].TYPE)
100 | {
101 | case 12:
102 | Buffer = L"调用门";
103 | case 14:
104 | Buffer = L"中断门";
105 | case 15:
106 | Buffer = L"陷阱门";
107 | case 5:
108 | Buffer = L"任务门";
109 | default:
110 | Buffer = L"系统段";
111 | break;
112 | }
113 | }
114 | else if (pGdt[i].S == 1) // 数据段或者代码段
115 | {
116 | if (pGdt[i].TYPE >= 8)
117 | Buffer = L"代码段";
118 | else if (pGdt[i].TYPE < 8)
119 | Buffer = L"数据段";
120 | }
121 | m_ListCtrl.SetItemText(i, 4, Buffer); // 粒度
122 | ++i;
123 | }
124 | delete[] pGdt;
125 | return 0;
126 | }
127 |
128 |
129 | void CGDT::OnFlush()
130 | {
131 | SendMessage(WM_FLUSHGDT, 0, 0);
132 | }
133 |
134 |
135 | void CGDT::OnRclickList1(NMHDR* pNMHDR, LRESULT* pResult)
136 | {
137 | LPNMITEMACTIVATE pNMItemActivate = reinterpret_cast(pNMHDR);
138 | // 获取当前鼠标相对于屏幕的位置
139 | POINT Point = { 0 };
140 | GetCursorPos(&Point);
141 | // 获取菜单的子菜单
142 | CMenu* SubMenu = m_Menu.GetSubMenu(0);
143 | // 弹出窗口
144 | SubMenu->TrackPopupMenu(TPM_LEFTALIGN, Point.x, Point.y, this);
145 | *pResult = 0;
146 | }
147 |
--------------------------------------------------------------------------------
/MyARK/MyARK/MyARK.vcxproj.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
7 |
8 |
9 | {93995380-89BD-4b04-88EB-625FBE52EBFB}
10 | h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
11 |
12 |
13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
15 |
16 |
17 |
18 |
19 | 头文件
20 |
21 |
22 | 头文件
23 |
24 |
25 | 头文件
26 |
27 |
28 | 头文件
29 |
30 |
31 | 头文件
32 |
33 |
34 | 头文件
35 |
36 |
37 | 头文件
38 |
39 |
40 | 头文件
41 |
42 |
43 | 头文件
44 |
45 |
46 | 头文件
47 |
48 |
49 | 头文件
50 |
51 |
52 | 头文件
53 |
54 |
55 | 头文件
56 |
57 |
58 | 头文件
59 |
60 |
61 | 头文件
62 |
63 |
64 | 头文件
65 |
66 |
67 | 头文件
68 |
69 |
70 | 头文件
71 |
72 |
73 |
74 |
75 | 源文件
76 |
77 |
78 | 源文件
79 |
80 |
81 | 源文件
82 |
83 |
84 | 源文件
85 |
86 |
87 | 源文件
88 |
89 |
90 | 源文件
91 |
92 |
93 | 源文件
94 |
95 |
96 | 源文件
97 |
98 |
99 | 源文件
100 |
101 |
102 | 源文件
103 |
104 |
105 | 源文件
106 |
107 |
108 | 源文件
109 |
110 |
111 | 源文件
112 |
113 |
114 | 源文件
115 |
116 |
117 | 源文件
118 |
119 |
120 |
121 |
122 | 资源文件
123 |
124 |
125 |
126 |
127 | 资源文件
128 |
129 |
130 |
131 |
132 | 资源文件
133 |
134 |
135 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CDriver.cpp:
--------------------------------------------------------------------------------
1 | // CDriver.cpp: 实现文件
2 | //
3 |
4 | #include "pch.h"
5 | #include "MyARK.h"
6 | #include "CDriver.h"
7 | #include "afxdialogex.h"
8 | #include "Data.h"
9 |
10 |
11 | // CDriver 对话框
12 |
13 | IMPLEMENT_DYNAMIC(CDriver, CDialogEx)
14 |
15 | CDriver::CDriver(CWnd* pParent /*=nullptr*/)
16 | : CDialogEx(IDD_DRIVER, pParent)
17 | {
18 |
19 | }
20 |
21 | CDriver::~CDriver()
22 | {
23 | }
24 |
25 | void CDriver::DoDataExchange(CDataExchange* pDX)
26 | {
27 | CDialogEx::DoDataExchange(pDX);
28 | DDX_Control(pDX, IDC_LIST1, m_ListCtrl);
29 | }
30 |
31 | BEGIN_MESSAGE_MAP(CDriver, CDialogEx)
32 | ON_MESSAGE(WM_FLUSHDRIVER, &CDriver::OnFlushDriver)
33 | ON_NOTIFY(NM_RCLICK, IDC_LIST1, &CDriver::OnRclickList1)
34 | ON_COMMAND(ID_32771, &CDriver::OnFLUSHLIST)
35 | ON_COMMAND(ID_32772, &CDriver::OnHideDriver)
36 | END_MESSAGE_MAP()
37 |
38 |
39 | // CDriver 消息处理程序
40 |
41 | afx_msg LRESULT CDriver::OnFlushDriver(WPARAM wParam, LPARAM lParam)
42 | {
43 | m_ListCtrl.DeleteAllItems();
44 | DRIVER test;
45 | DWORD dwSize = 0;
46 | // 先发出一次请求,返回所需要的大小。
47 | DeviceIoControl(g_hDev, ENUMDRIVER, NULL, NULL, &test, sizeof(DRIVER), &dwSize, NULL);
48 | // 根据返回来的大小重新申请空间
49 | PDRIVER pDriver = new DRIVER[dwSize]();
50 | DeviceIoControl(g_hDev, ENUMDRIVER, pDriver, dwSize, pDriver, dwSize, &dwSize, NULL);
51 | // 所有项数
52 | int nCount = dwSize / sizeof(DRIVER);
53 | int i = 0;
54 | int nIndex = 0;
55 | while (nCount)
56 | {
57 | --nCount;
58 | CString Buffer = pDriver[i].Name;
59 | if (Buffer.IsEmpty())
60 | {
61 | ++i;
62 | continue;
63 | }
64 | m_ListCtrl.InsertItem(nIndex, _T(""));
65 | CString Temp;
66 | Temp.Format(L"%d", nIndex + 1);
67 | m_ListCtrl.SetItemText(nIndex, 0, Temp);
68 | m_ListCtrl.SetItemText(nIndex, 1, Buffer);
69 | Temp.Format(L"0x%08x", pDriver[i].dwDllBase);
70 | m_ListCtrl.SetItemText(nIndex, 2, Temp);
71 | Temp.Format(L"0x%08x", pDriver[i].dwSize);
72 | m_ListCtrl.SetItemText(nIndex, 3, Temp);
73 | m_ListCtrl.SetItemText(nIndex, 4, pDriver[i].FullDllName);
74 | ++i;
75 | ++nIndex;
76 | }
77 | delete[] pDriver;
78 | return 0;
79 | }
80 | DWORD WINAPI ThreadProc(_In_ LPVOID lpParameter)
81 | {
82 | Sleep(300);
83 | HWND hWnd = (HWND)lpParameter;
84 | SendMessage(hWnd,WM_FLUSHDRIVER, 0, 0);
85 | return 0;
86 | }
87 |
88 | BOOL CDriver::OnInitDialog()
89 | {
90 | CDialogEx::OnInitDialog();
91 | // 初始化列表控件
92 | DWORD dwOldStyle = m_ListCtrl.GetExtendedStyle();
93 | m_ListCtrl.SetExtendedStyle(dwOldStyle| LVS_EX_FULLROWSELECT | LVS_EX_GRIDLINES);
94 | CRect cRect;
95 | m_ListCtrl.GetClientRect(cRect);
96 | m_ListCtrl.InsertColumn(0, L"序号", 0, 50);
97 | m_ListCtrl.InsertColumn(1, L"驱动名", 0, cRect.Width() / 5);
98 | m_ListCtrl.InsertColumn(2, L"基址", 0, cRect.Width() / 5);
99 | m_ListCtrl.InsertColumn(3, L"大小", 0, cRect.Width() / 5);
100 | m_ListCtrl.InsertColumn(4, L"路径", 0, 400);
101 | CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)ThreadProc, this->m_hWnd, 0, 0);
102 | m_Menu.LoadMenuW(IDR_MENU1);
103 | return TRUE; // return TRUE unless you set the focus to a control
104 | // 异常: OCX 属性页应返回 FALSE
105 | }
106 |
107 |
108 |
109 |
110 | void CDriver::OnRclickList1(NMHDR* pNMHDR, LRESULT* pResult)
111 | {
112 | LPNMITEMACTIVATE pNMItemActivate = reinterpret_cast(pNMHDR);
113 | CString Buffer = m_ListCtrl.GetItemText(pNMItemActivate->iItem, pNMItemActivate->iSubItem);
114 | wcscpy_s(m_HideDriverName, 256, Buffer.GetBuffer());
115 | // 获取当前鼠标相对于屏幕的位置
116 | POINT Point = { 0 };
117 | GetCursorPos(&Point);
118 | // 获取菜单的子菜单
119 | CMenu* SubMenu = m_Menu.GetSubMenu(0);
120 | // 弹出窗口
121 | SubMenu->TrackPopupMenu(TPM_LEFTALIGN, Point.x, Point.y, this);
122 | *pResult = 0;
123 | }
124 |
125 |
126 | //*****************************************************************************************
127 | // 函数名称: OnFLUSHLIST
128 | // 函数说明: 右键刷新
129 | // 作 者: lracker
130 | // 时 间: 2019/12/24
131 | // 返 回 值: void
132 | //*****************************************************************************************
133 | void CDriver::OnFLUSHLIST()
134 | {
135 | SendMessage(WM_FLUSHDRIVER, 0, 0);
136 | }
137 |
138 |
139 | //*****************************************************************************************
140 | // 函数名称: OnHide
141 | // 函数说明: 隐藏驱动
142 | // 作 者: lracker
143 | // 时 间: 2019/12/24
144 | // 返 回 值: void
145 | //*****************************************************************************************
146 | void CDriver::OnHideDriver()
147 | {
148 | DWORD dwSize = 0;
149 | DeviceIoControl(g_hDev, HIDEDRIVER, m_HideDriverName, 256, NULL, NULL, &dwSize, NULL);
150 | }
151 |
152 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CEnumFile.cpp:
--------------------------------------------------------------------------------
1 | // CEnumFile.cpp: 实现文件
2 | //
3 |
4 | #include "pch.h"
5 | #include "MyARK.h"
6 | #include "CEnumFile.h"
7 | #include "afxdialogex.h"
8 | #include "Data.h"
9 | #include
10 |
11 |
12 | // CEnumFile 对话框
13 |
14 | IMPLEMENT_DYNAMIC(CEnumFile, CDialogEx)
15 |
16 | CEnumFile::CEnumFile(CWnd* pParent /*=nullptr*/)
17 | : CDialogEx(IDD_ENUMFILE, pParent)
18 | {
19 |
20 | }
21 |
22 | CEnumFile::~CEnumFile()
23 | {
24 | }
25 |
26 | void CEnumFile::DoDataExchange(CDataExchange* pDX)
27 | {
28 | CDialogEx::DoDataExchange(pDX);
29 | DDX_Control(pDX, IDC_TREE1, m_Tree);
30 | DDX_Control(pDX, IDC_LIST1, m_ListCtrl);
31 | }
32 |
33 |
34 | BEGIN_MESSAGE_MAP(CEnumFile, CDialogEx)
35 | ON_NOTIFY(NM_CLICK, IDC_TREE1, &CEnumFile::OnClickTree1)
36 | ON_COMMAND(ID_32778, &CEnumFile::OnDeleteFile)
37 | ON_NOTIFY(NM_RCLICK, IDC_LIST1, &CEnumFile::OnRclickList1)
38 | END_MESSAGE_MAP()
39 |
40 |
41 | // CEnumFile 消息处理程序
42 |
43 |
44 | BOOL CEnumFile::OnInitDialog()
45 | {
46 | CDialogEx::OnInitDialog();
47 | //
48 | WCHAR szName[MAX_PATH] = { 0 };
49 | GetLogicalDriveStrings(MAX_PATH, szName);
50 | WCHAR rootPath[10] = { 0 };
51 | WCHAR driveType[21] = { 0 };
52 | DWORD nType = 0;
53 | for (char ch = 'A'; ch <= 'Z'; ch++)
54 | {
55 | wsprintf(rootPath, L"%c:\\", ch);
56 | nType = GetDriveType(rootPath);
57 | if (nType == DRIVE_FIXED)//硬盘
58 | {
59 | CString buff;
60 | buff.Format(L"%c:", ch);
61 | //将所有系统盘符设置到树中
62 | HTREEITEM hItem = m_Tree.InsertItem(buff, NULL);
63 | wchar_t* pBuff = _wcsdup(buff.GetBuffer());
64 | m_Tree.SetItemData(hItem, (DWORD_PTR)pBuff);
65 | }
66 | }
67 | DWORD dwStyle = 0;
68 | m_ListCtrl.GetExtendedStyle();
69 | m_ListCtrl.SetExtendedStyle(dwStyle | LVS_EX_FULLROWSELECT | LVS_EX_GRIDLINES);
70 | CRect cRect;
71 | m_ListCtrl.GetClientRect(cRect);
72 | m_ListCtrl.InsertColumn(0, L"文件名", 0, cRect.Width() / 4);
73 | m_ListCtrl.InsertColumn(1, L"文件大小", 0, cRect.Width() / 4);
74 | m_ListCtrl.InsertColumn(2, L"创建时间", 0, cRect.Width() / 4);
75 | m_ListCtrl.InsertColumn(3, L"最后修改时间", 0, cRect.Width() / 4);
76 | m_Menu.LoadMenuW(IDR_MENU3);
77 |
78 | return TRUE; // return TRUE unless you set the focus to a control
79 | // 异常: OCX 属性页应返回 FALSE
80 | }
81 |
82 |
83 | //*****************************************************************************************
84 | // 函数名称: OnClickTree1
85 | // 函数说明: 点击一下树来获取到目录
86 | // 作 者: lracker
87 | // 时 间: 2019/12/25
88 | // 参 数: NMHDR *
89 | // 参 数: LRESULT *
90 | // 返 回 值: void
91 | //*****************************************************************************************
92 | void CEnumFile::OnClickTree1(NMHDR* pNMHDR, LRESULT* pResult)
93 | {
94 | DWORD dwChild = 0;
95 | CPoint pos = {};
96 | GetCursorPos(&pos);
97 | ScreenToClient(&pos);
98 | HTREEITEM hItem = m_Tree.HitTest(pos);
99 | // 判断是否有值
100 | if (!hItem)
101 | return;
102 | HTREEITEM hChild = m_Tree.GetNextItem(hItem, TVGN_CHILD);
103 | // 判断是否有子节点
104 | if (hChild)
105 | dwChild = 1;
106 | CString Path = (wchar_t*)m_Tree.GetItemData(hItem);
107 | if (Path.IsEmpty())
108 | return;
109 | // 遍历文件了
110 | m_ListCtrl.DeleteAllItems();
111 | ENUMFILES test;
112 | DWORD dwSize = 0;
113 | // 先发出一次请求,返回所需要的大小。
114 | WCHAR wPath[256] = { 0 };
115 | memset(wPath, 0, 256);
116 | m_Dir = Path;
117 | CString LastPath;
118 | LastPath = L"\\??\\" + Path + L"\\";
119 | wcscpy_s(wPath, LastPath.GetLength() * 2, LastPath.GetBuffer());
120 | int len = wcslen(wPath) * 2 + 2;
121 | DeviceIoControl(g_hDev, ENUMFILE, wPath, len, &test, sizeof(ENUMFILES), &dwSize, NULL);
122 | PENUMFILES pFile = new ENUMFILES[dwSize]();
123 | // 发送盘符过去
124 | DeviceIoControl(g_hDev, ENUMFILE, wPath, len, pFile, dwSize, &dwSize, NULL);
125 | // 所有项数
126 | int nCount = dwSize / sizeof(ENUMFILES);
127 | int i = 0;
128 | int nIndex = 0;
129 | FILETIME CreateFt;
130 | FILETIME ChangeFt;
131 | while (nCount)
132 | {
133 | --nCount;
134 | // 判断是目录还是文件
135 | BYTE Flag = pFile[i].FileOrDirectory;
136 | CString Buffer = pFile[i].FileName;
137 | if (Flag == 0 && !dwChild) // 目录
138 | {
139 | HTREEITEM hItem2 = m_Tree.InsertItem(Buffer, hItem);
140 | WCHAR* szFullPath = new WCHAR[MAX_PATH];
141 | StringCbPrintf(szFullPath, MAX_PATH, L"%s\\%s", Path, Buffer); //拼接起来
142 | m_Tree.SetItemData(hItem2, (DWORD_PTR)szFullPath);
143 | }
144 | else if (Flag == 1) // 文件
145 | {
146 | m_ListCtrl.InsertItem(nIndex, _T(""));
147 | m_ListCtrl.SetItemText(nIndex, 0, Buffer); // 文件名
148 | CString Temp;
149 | Temp.Format(L"%uB", pFile[i].Size);
150 | m_ListCtrl.SetItemText(nIndex, 1, Temp); // 大小
151 | memcpy(&CreateFt, &pFile[i].CreateTime, sizeof(CreateFt));
152 | memcpy(&ChangeFt, &pFile[i].ChangeTime, sizeof(ChangeFt));
153 | SYSTEMTIME st = { 0 };
154 | FILETIME ft = { 0 };
155 | FileTimeToLocalFileTime(&CreateFt, &ft);
156 | FileTimeToSystemTime(&ft, &st);
157 | Temp.Format(L"%4d-%02d-%02d %02d:%02d:%02d", st.wYear, st.wMonth, st.wDay, st.wHour, st.wMinute, st.wSecond);
158 | m_ListCtrl.SetItemText(nIndex, 2, Temp); // 创建时间
159 | FileTimeToLocalFileTime(&ChangeFt, &ft);
160 | FileTimeToSystemTime(&ft, &st);
161 | Temp.Format(L"%4d-%02d-%02d %02d:%02d:%02d", st.wYear, st.wMonth, st.wDay, st.wHour, st.wMinute, st.wSecond);
162 | m_ListCtrl.SetItemText(nIndex, 3, Temp); // 修改时间
163 | ++nIndex;
164 | }
165 | ++i;
166 | }
167 | delete[] pFile;
168 | *pResult = 0;
169 | }
170 |
171 |
172 | //*****************************************************************************************
173 | // 函数名称: OnDeleteFile
174 | // 函数说明: 删除文件
175 | // 作 者: lracker
176 | // 时 间: 2019/12/26
177 | // 返 回 值: void
178 | //*****************************************************************************************
179 | void CEnumFile::OnDeleteFile()
180 | {
181 | // 拼接
182 | // 获取到列表名字
183 | CString LastPath;
184 | LastPath = L"\\??\\" + m_Dir + L"\\" + m_FileName;
185 | WCHAR wPath[256] = { 0 };
186 | memset(wPath, 0, 256);
187 | wcscpy_s(wPath, LastPath.GetLength() * 2, LastPath.GetBuffer());
188 | int len = wcslen(wPath) * 2 + 2;
189 | DWORD dwSize = 0;
190 | DeviceIoControl(g_hDev, DELETEFILE, wPath, len, NULL, NULL, &dwSize, NULL);
191 | }
192 |
193 |
194 | //*****************************************************************************************
195 | // 函数名称: OnRclickList1
196 | // 函数说明: 右键弹窗
197 | // 作 者: lracker
198 | // 时 间: 2019/12/26
199 | // 参 数: NMHDR *
200 | // 参 数: LRESULT *
201 | // 返 回 值: void
202 | //*****************************************************************************************
203 | void CEnumFile::OnRclickList1(NMHDR* pNMHDR, LRESULT* pResult)
204 | {
205 | LPNMITEMACTIVATE pNMItemActivate = reinterpret_cast(pNMHDR);
206 | CString Buffer = m_ListCtrl.GetItemText(pNMItemActivate->iItem, 0);
207 | m_FileName = Buffer;
208 | // 获取当前鼠标相对于屏幕的位置
209 | POINT Point = { 0 };
210 | GetCursorPos(&Point);
211 | // 获取菜单的子菜单
212 | CMenu* SubMenu = m_Menu.GetSubMenu(0);
213 | // 弹出窗口
214 | SubMenu->TrackPopupMenu(TPM_LEFTALIGN, Point.x, Point.y, this);
215 | *pResult = 0;
216 | }
217 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CProcess.cpp:
--------------------------------------------------------------------------------
1 | // CProcess.cpp: 实现文件
2 | //
3 |
4 | #include "pch.h"
5 | #include "MyARK.h"
6 | #include "CProcess.h"
7 | #include "afxdialogex.h"
8 | #include "Data.h"
9 | #include "CThread.h"
10 | #include "CModule.h"
11 |
12 | // CProcess 对话框
13 |
14 | IMPLEMENT_DYNAMIC(CProcess, CDialogEx)
15 |
16 | CProcess::CProcess(CWnd* pParent /*=nullptr*/)
17 | : CDialogEx(IDD_PROCESS, pParent)
18 | {
19 |
20 | }
21 |
22 | CProcess::~CProcess()
23 | {
24 | }
25 |
26 | void CProcess::DoDataExchange(CDataExchange* pDX)
27 | {
28 | CDialogEx::DoDataExchange(pDX);
29 | DDX_Control(pDX, IDC_LIST1, m_ListCtrl);
30 | }
31 |
32 |
33 | BEGIN_MESSAGE_MAP(CProcess, CDialogEx)
34 | ON_MESSAGE(WM_FLUSHPROCESS, &CProcess::OnFlushProcess)
35 | ON_NOTIFY(NM_RCLICK, IDC_LIST1, &CProcess::OnRclickList1)
36 | ON_COMMAND(ID_32773, &CProcess::OnFlushList)
37 | ON_COMMAND(ID_32774, &CProcess::OnThread)
38 | ON_COMMAND(ID_32775, &CProcess::OnModule)
39 | ON_COMMAND(ID_32776, &CProcess::OnHideProcess)
40 | ON_COMMAND(ID_32777, &CProcess::OnTerminateProcess)
41 | END_MESSAGE_MAP()
42 |
43 |
44 | DWORD WINAPI ThreadProc1(_In_ LPVOID lpParameter)
45 | {
46 | Sleep(300);
47 | HWND hWnd = (HWND)lpParameter;
48 | SendMessage(hWnd, WM_FLUSHPROCESS, 0, 0);
49 | return 0;
50 | }
51 |
52 | // CProcess 消息处理程序
53 |
54 |
55 | BOOL CProcess::OnInitDialog()
56 | {
57 | CDialogEx::OnInitDialog();
58 | m_Menu.LoadMenuW(IDR_MENU2);
59 | DWORD dwOldProtect = 0;
60 | dwOldProtect = m_ListCtrl.GetExtendedStyle();
61 | m_ListCtrl.SetExtendedStyle(dwOldProtect | LVS_EX_GRIDLINES | LVS_EX_FULLROWSELECT);
62 | CRect cRect;
63 | m_ListCtrl.GetClientRect(cRect);
64 | m_ListCtrl.InsertColumn(0, L"序号", 0, 50);
65 | m_ListCtrl.InsertColumn(1, L"映像名称", 0, cRect.Width() / 5);
66 | m_ListCtrl.InsertColumn(2, L"进程ID", 0, cRect.Width() / 5);
67 | m_ListCtrl.InsertColumn(3, L"父进程ID", 0, cRect.Width() / 5);
68 | m_ListCtrl.InsertColumn(4, L"映像路径", 0, 400);
69 | CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)ThreadProc1, this->m_hWnd, 0, 0);
70 | return TRUE; // return TRUE unless you set the focus to a control
71 | // 异常: OCX 属性页应返回 FALSE
72 | }
73 |
74 |
75 | //*****************************************************************************************
76 | // 函数名称: OnFlush
77 | // 函数说明: 刷新列表
78 | // 作 者: lracker
79 | // 时 间: 2019/12/24
80 | // 参 数: WPARAM
81 | // 参 数: LPARAM
82 | // 返 回 值: LRESULT
83 | //*****************************************************************************************
84 | afx_msg LRESULT CProcess::OnFlushProcess(WPARAM wParam, LPARAM lParam)
85 | {
86 | m_ListCtrl.DeleteAllItems();
87 | PROCESS test;
88 | DWORD dwSize = 0;
89 | // 先发出一次请求,返回所需要的大小。
90 | DeviceIoControl(g_hDev, ENUMPROCESS, NULL, NULL, &test, sizeof(PROCESS), &dwSize, NULL);
91 | // 根据返回来的大小重新申请空间
92 | PPROCESS pProcess = new PROCESS[dwSize]();
93 | DeviceIoControl(g_hDev, ENUMPROCESS, pProcess, dwSize, pProcess, dwSize, &dwSize, NULL);
94 | // 所有项数
95 | int nCount = dwSize / sizeof(PROCESS);
96 | int i = 0;
97 | int nIndex = 0;
98 | while (nCount)
99 | {
100 | --nCount;
101 | USES_CONVERSION;
102 | CString Buffer = A2W(pProcess[i].Name);
103 | if (Buffer.IsEmpty())
104 | {
105 | ++i;
106 | continue;
107 | }
108 | m_ListCtrl.InsertItem(nIndex, _T(""));
109 | CString Temp;
110 | Temp.Format(L"%d", nIndex + 1);
111 | m_ListCtrl.SetItemText(nIndex, 0, Temp);
112 | m_ListCtrl.SetItemText(nIndex, 1, Buffer);
113 | Temp.Format(L"%d", pProcess[i].dwPID);
114 | m_ListCtrl.SetItemText(nIndex, 2, Temp);
115 | Temp.Format(L"%d", pProcess[i].dwPPID);
116 | m_ListCtrl.SetItemText(nIndex, 3, Temp);
117 | if(Buffer == L"System")
118 | m_ListCtrl.SetItemText(nIndex, 4, L"System");
119 | else
120 | m_ListCtrl.SetItemText(nIndex, 4, pProcess[i].FullDllName);
121 | ++i;
122 | ++nIndex;
123 | }
124 | delete[] pProcess;
125 | return 0;
126 | }
127 |
128 |
129 | //*****************************************************************************************
130 | // 函数名称: OnRclickList1
131 | // 函数说明: 右键弹窗
132 | // 作 者: lracker
133 | // 时 间: 2019/12/24
134 | // 参 数: NMHDR *
135 | // 参 数: LRESULT *
136 | // 返 回 值: void
137 | //*****************************************************************************************
138 | void CProcess::OnRclickList1(NMHDR* pNMHDR, LRESULT* pResult)
139 | {
140 | LPNMITEMACTIVATE pNMItemActivate = reinterpret_cast(pNMHDR);
141 | CString Buffer = m_ListCtrl.GetItemText(pNMItemActivate->iItem, 2);
142 | m_dwPID = _wtoi(Buffer.GetBuffer());
143 | // 获取当前鼠标相对于屏幕的位置
144 | POINT Point = { 0 };
145 | GetCursorPos(&Point);
146 | // 获取菜单的子菜单
147 | CMenu* SubMenu = m_Menu.GetSubMenu(0);
148 | // 弹出窗口
149 | SubMenu->TrackPopupMenu(TPM_LEFTALIGN, Point.x, Point.y, this);
150 | *pResult = 0;
151 | }
152 |
153 |
154 | //*****************************************************************************************
155 | // 函数名称: OnFlushList
156 | // 函数说明: 刷新列表
157 | // 作 者: lracker
158 | // 时 间: 2019/12/24
159 | // 返 回 值: void
160 | //*****************************************************************************************
161 | void CProcess::OnFlushList()
162 | {
163 | SendMessage(WM_FLUSHPROCESS, 0, 0);
164 | }
165 |
166 |
167 | //*****************************************************************************************
168 | // 函数名称: OnThread
169 | // 函数说明: 查看进程
170 | // 作 者: lracker
171 | // 时 间: 2019/12/24
172 | // 返 回 值: void
173 | //*****************************************************************************************
174 | void CProcess::OnThread()
175 | {
176 | CThread obj;
177 | obj.m_dwPID = m_dwPID;
178 | obj.DoModal();
179 | }
180 |
181 |
182 | //*****************************************************************************************
183 | // 函数名称: OnModule
184 | // 函数说明: 查看模块
185 | // 作 者: lracker
186 | // 时 间: 2019/12/25
187 | // 返 回 值: void
188 | //*****************************************************************************************
189 | void CProcess::OnModule()
190 | {
191 | CModule obj;
192 | obj.m_dwPID = m_dwPID;
193 | obj.DoModal();
194 | }
195 |
196 |
197 |
198 | //*****************************************************************************************
199 | // 函数名称: OnHideProcess
200 | // 函数说明: 隐藏进程
201 | // 作 者: lracker
202 | // 时 间: 2019/12/25
203 | // 返 回 值: void
204 | //*****************************************************************************************
205 | void CProcess::OnHideProcess()
206 | {
207 | // 发出隐藏进程的命令
208 | DWORD dwSize = 0;
209 | DeviceIoControl(g_hDev, HIDEPROCESS, &m_dwPID, sizeof(DWORD), NULL, NULL, &dwSize, NULL);
210 | }
211 |
212 |
213 | //*****************************************************************************************
214 | // 函数名称: OnTerminateProcess
215 | // 函数说明: 结束进程
216 | // 作 者: lracker
217 | // 时 间: 2019/12/25
218 | // 返 回 值: void
219 | //*****************************************************************************************
220 | void CProcess::OnTerminateProcess()
221 | {
222 | // 发出结束进程的命令
223 | DWORD dwSize = 0;
224 | DeviceIoControl(g_hDev, TERMINATEPROCESS, &m_dwPID, sizeof(DWORD), NULL, NULL, &dwSize, NULL);
225 | }
226 |
--------------------------------------------------------------------------------
/MyARK/MyARK/CRegister.cpp:
--------------------------------------------------------------------------------
1 | // CRegister.cpp: 实现文件
2 | //
3 |
4 | #include "pch.h"
5 | #include "MyARK.h"
6 | #include "CRegister.h"
7 | #include "afxdialogex.h"
8 | #include "Data.h"
9 | #include
10 |
11 |
12 | // CRegister 对话框
13 |
14 | IMPLEMENT_DYNAMIC(CRegister, CDialogEx)
15 |
16 | CRegister::CRegister(CWnd* pParent /*=nullptr*/)
17 | : CDialogEx(IDD_REGISTER, pParent)
18 | {
19 |
20 | }
21 |
22 | CRegister::~CRegister()
23 | {
24 | }
25 |
26 | void CRegister::DoDataExchange(CDataExchange* pDX)
27 | {
28 | CDialogEx::DoDataExchange(pDX);
29 | DDX_Control(pDX, IDC_LIST1, m_ListCtrl);
30 | DDX_Control(pDX, IDC_TREE1, m_Tree);
31 | }
32 |
33 |
34 | BEGIN_MESSAGE_MAP(CRegister, CDialogEx)
35 | ON_NOTIFY(NM_CLICK, IDC_TREE1, &CRegister::OnClickTree1)
36 | ON_NOTIFY(NM_RCLICK, IDC_TREE1, &CRegister::OnRclickTree1)
37 | ON_COMMAND(ID_32782, &CRegister::OnNew)
38 | ON_COMMAND(ID_32783, &CRegister::OnDelete)
39 | END_MESSAGE_MAP()
40 |
41 |
42 | // CRegister 消息处理程序
43 |
44 |
45 | BOOL CRegister::OnInitDialog()
46 | {
47 | CDialogEx::OnInitDialog();
48 |
49 | m_Menu.LoadMenuW(IDR_MENU7);
50 |
51 | DWORD dwStyle = 0;
52 | m_ListCtrl.GetExtendedStyle();
53 | m_ListCtrl.SetExtendedStyle(dwStyle | LVS_EX_FULLROWSELECT | LVS_EX_GRIDLINES);
54 | CRect cRect;
55 | m_ListCtrl.GetClientRect(cRect);
56 | m_ListCtrl.InsertColumn(0, L"名称", 0, cRect.Width() / 3);
57 | m_ListCtrl.InsertColumn(1, L"类型", 0, cRect.Width() / 3);
58 | m_ListCtrl.InsertColumn(2, L"数据", 0, cRect.Width() / 3);
59 | WCHAR Buffer[256] = {};
60 | memset(Buffer, 0, 256);
61 | CString Root = L"\\Registry";
62 | memcpy(Buffer, Root, Root.GetLength() * 2);
63 | DWORD dwSize = 0;
64 | DeviceIoControl(g_hDev, ENUMREGISTER, Buffer, wcslen(Root.GetBuffer()) * 2 + 2, NULL, NULL, &dwSize, NULL);
65 | int nCount = dwSize / sizeof(REGISTER);
66 | PREGISTER pReg = new REGISTER[nCount]();
67 | DeviceIoControl(g_hDev, ENUMREGISTER, Buffer, wcslen(Root.GetBuffer()) * 2 + 2, pReg, dwSize, &dwSize, NULL);
68 | for (int i = 0; i < nCount; ++i)
69 | {
70 | // 根据TYPE来给空间分配
71 | if (pReg[i].Type == 0) // 子项
72 | {
73 | CString buff = pReg[i].KeyName;
74 | CString Path;
75 | if (buff == L"MACHINE")
76 | {
77 | Path = L"\\Registry\\Machine";
78 | buff = L"HKEY_LOCAL_MACHINE";
79 | }
80 | else if (buff == L"USER")
81 | {
82 | Path = L"\\Registry\\user";
83 | buff = L"HKEY_USERS";
84 | }
85 | else if (buff == L"A")
86 | {
87 | Path = L"\\Registry\\user"; // 有问题
88 | buff = L"A";
89 | }
90 | //将所有系统盘符设置到树中
91 | HTREEITEM hItem = m_Tree.InsertItem(buff, NULL);
92 | wchar_t* pBuff = _wcsdup(Path.GetBuffer());
93 | m_Tree.SetItemData(hItem, (DWORD_PTR)pBuff);
94 | }
95 | }
96 | return TRUE; // return TRUE unless you set the focus to a control
97 | // 异常: OCX 属性页应返回 FALSE
98 | }
99 |
100 |
101 | void CRegister::OnClickTree1(NMHDR* pNMHDR, LRESULT* pResult)
102 | {
103 |
104 | DWORD dwChild = 0;
105 | CPoint pos = {};
106 | GetCursorPos(&pos);
107 | ScreenToClient(&pos);
108 | HTREEITEM hItem = m_Tree.HitTest(pos);
109 | // 判断是否有值
110 | if (!hItem)
111 | return;
112 | HTREEITEM hChild = m_Tree.GetNextItem(hItem, TVGN_CHILD);
113 | // 判断是否有子节点
114 | if (hChild)
115 | dwChild = 1;
116 | CString Path = (wchar_t*)m_Tree.GetItemData(hItem);
117 | if (Path.IsEmpty())
118 | return;
119 | m_ListCtrl.DeleteAllItems();
120 |
121 | REGISTER test;
122 | DWORD dwSize = 0;
123 | // 先发出一次请求,返回所需要的大小。
124 | WCHAR wPath[256] = { 0 };
125 | memset(wPath, 0, 256);
126 | CString LastPath;
127 | LastPath = Path;
128 | wcscpy_s(wPath, LastPath.GetLength() * 2, LastPath.GetBuffer());
129 | int len = wcslen(wPath) * 2 + 2;
130 | DeviceIoControl(g_hDev, ENUMREGISTER, wPath, len, &test, sizeof(REGISTER), &dwSize, NULL);
131 | PREGISTER pReg = new REGISTER[dwSize]();
132 | // 发送盘符过去
133 | DeviceIoControl(g_hDev, ENUMREGISTER, wPath, len, pReg, dwSize, &dwSize, NULL);
134 | int nNum = dwSize / sizeof(REGISTER);
135 | int nIndex = 0;
136 | for (int i = 0; i < nNum; ++i)
137 | {
138 | // 判断类型
139 | if (pReg[i].Type == 0 && !dwChild) // 子项
140 | {
141 | CString buff = pReg[i].KeyName;
142 | HTREEITEM hItem2 = m_Tree.InsertItem(buff, hItem);
143 | WCHAR* szFullPath = new WCHAR[MAX_PATH];
144 | StringCbPrintf(szFullPath, MAX_PATH, L"%s\\%s", Path, buff); //拼接起来
145 | m_Tree.SetItemData(hItem2, (DWORD_PTR)szFullPath);
146 | }
147 | else if (pReg[i].Type == 1) // 键
148 | {
149 | CString buff2;
150 | CString buff = pReg[i].ValueName;
151 | m_ListCtrl.InsertItem(nIndex, _T(""));
152 | m_ListCtrl.SetItemText(nIndex, 0, buff); // 文件名
153 | if (pReg[i].ValueType == REG_SZ)
154 | {
155 | buff = L"REG_SZ";
156 | buff2.Format(L"%s", pReg[i].Value);
157 | }
158 | else if (pReg[i].ValueType == REG_MULTI_SZ)
159 | {
160 | buff = L"REG_MULTI_SZ";
161 | buff2.Format(L"%s", pReg[i].Value);
162 | }
163 | else if (pReg[i].ValueType == REG_DWORD)
164 | {
165 | buff = L"REG_DWORD";
166 | buff2.Format(L"0x%08x", pReg[i].Value);
167 | }
168 | else if (pReg[i].ValueType == REG_BINARY)
169 | {
170 | buff = L"REG_BINARY";
171 | int nSize = strlen((char*)pReg[i].Value);
172 | buff2 = L"";
173 | CString temp;
174 | for (int j = 0; j < nSize; ++j)
175 | {
176 | buff2 += L" ";
177 | temp.Format(L"%02X", (unsigned char)pReg[i].Value[j]);
178 | buff2 += temp;
179 | }
180 | }
181 | m_ListCtrl.SetItemText(nIndex, 1, buff); // 文件名
182 |
183 | m_ListCtrl.SetItemText(nIndex, 2, buff2); // 数据
184 | nIndex++;
185 | }
186 | }
187 | *pResult = 0;
188 | }
189 |
190 |
191 |
192 | void CRegister::OnRclickTree1(NMHDR* pNMHDR, LRESULT* pResult)
193 | {
194 | CPoint pos = {};
195 | GetCursorPos(&pos);
196 | ScreenToClient(&pos);
197 | HTREEITEM hItem = m_Tree.HitTest(pos);
198 | // 判断是否有值
199 | if (!hItem)
200 | return;
201 | CString Path = (wchar_t*)m_Tree.GetItemData(hItem);
202 | if (Path.IsEmpty())
203 | return;
204 | m_FileName = Path;
205 | // 获取当前鼠标相对于屏幕的位置
206 | POINT Point = { 0 };
207 | GetCursorPos(&Point);
208 | // 获取菜单的子菜单
209 | CMenu* SubMenu = m_Menu.GetSubMenu(0);
210 | // 弹出窗口
211 | SubMenu->TrackPopupMenu(TPM_LEFTALIGN, Point.x, Point.y, this);
212 | *pResult = 0;
213 | }
214 |
215 |
216 | //*****************************************************************************************
217 | // 函数名称: OnNew
218 | // 函数说明: 创建子项
219 | // 作 者: lracker
220 | // 时 间: 2019/12/28
221 | // 返 回 值: void
222 | //*****************************************************************************************
223 | void CRegister::OnNew()
224 | {
225 | WCHAR wPath[256] = { 0 };
226 | CString LastPath;
227 | LastPath = m_FileName + L"\\15PB";
228 | wcscpy_s(wPath, LastPath.GetLength() * 2, LastPath.GetBuffer());
229 | int len = wcslen(wPath) * 2 + 2;
230 | DWORD dwSize = 0;
231 | DeviceIoControl(g_hDev, NEWREG, wPath, len, NULL, NULL, &dwSize, NULL);
232 | }
233 |
234 |
235 | //*****************************************************************************************
236 | // 函数名称: OnDelete
237 | // 函数说明: 删除子项
238 | // 作 者: lracker
239 | // 时 间: 2019/12/28
240 | // 返 回 值: void
241 | //*****************************************************************************************
242 | void CRegister::OnDelete()
243 | {
244 | WCHAR wPath[256] = { 0 };
245 | CString LastPath;
246 | LastPath = m_FileName;
247 | wcscpy_s(wPath, LastPath.GetLength() * 2, LastPath.GetBuffer());
248 | int len = wcslen(wPath) * 2 + 2;
249 | DWORD dwSize = 0;
250 | DeviceIoControl(g_hDev, DELETEREG, wPath, len, NULL, NULL, &dwSize, NULL);
251 | }
252 |
--------------------------------------------------------------------------------
/MyARKDriver/MyARKDriver/MyARKDriver.vcxproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | Win32
7 |
8 |
9 | Release
10 | Win32
11 |
12 |
13 | Debug
14 | x64
15 |
16 |
17 | Release
18 | x64
19 |
20 |
21 | Debug
22 | ARM
23 |
24 |
25 | Release
26 | ARM
27 |
28 |
29 | Debug
30 | ARM64
31 |
32 |
33 | Release
34 | ARM64
35 |
36 |
37 |
38 | {E3B8CECA-D8E5-4DF0-9B01-8F290447A829}
39 | {dd38f7fc-d7bd-488b-9242-7d8754cde80d}
40 | v4.5
41 | 12.0
42 | Debug
43 | Win32
44 | MyARKDriver
45 |
46 |
47 |
48 | Windows7
49 | true
50 | WindowsKernelModeDriver10.0
51 | Driver
52 | WDM
53 | false
54 | Unicode
55 |
56 |
57 | Windows10
58 | false
59 | WindowsKernelModeDriver10.0
60 | Driver
61 | WDM
62 |
63 |
64 | Windows10
65 | true
66 | WindowsKernelModeDriver10.0
67 | Driver
68 | WDM
69 |
70 |
71 | Windows10
72 | false
73 | WindowsKernelModeDriver10.0
74 | Driver
75 | WDM
76 |
77 |
78 | Windows10
79 | true
80 | WindowsKernelModeDriver10.0
81 | Driver
82 | WDM
83 |
84 |
85 | Windows10
86 | false
87 | WindowsKernelModeDriver10.0
88 | Driver
89 | WDM
90 |
91 |
92 | Windows10
93 | true
94 | WindowsKernelModeDriver10.0
95 | Driver
96 | WDM
97 |
98 |
99 | Windows10
100 | false
101 | WindowsKernelModeDriver10.0
102 | Driver
103 | WDM
104 |
105 |
106 |
107 |
108 |
109 |
110 |
111 |
112 |
113 |
114 | DbgengKernelDebugger
115 |
116 |
117 | DbgengKernelDebugger
118 |
119 |
120 | DbgengKernelDebugger
121 |
122 |
123 | DbgengKernelDebugger
124 |
125 |
126 | DbgengKernelDebugger
127 |
128 |
129 | DbgengKernelDebugger
130 |
131 |
132 | DbgengKernelDebugger
133 |
134 |
135 | DbgengKernelDebugger
136 |
137 |
138 |
139 | true
140 | MultiThreadedDebug
141 | TurnOffAllWarnings
142 |
143 |
144 |
145 |
146 |
147 |
148 |
149 |
150 |
151 |
152 |
153 |
154 |
155 |
156 |
157 |
158 |
159 |
160 |
161 |
162 |
163 |
164 |
--------------------------------------------------------------------------------
/MyARK/MyARK/MyARKDlg.cpp:
--------------------------------------------------------------------------------
1 |
2 | // MyARKDlg.cpp: 实现文件
3 | //
4 |
5 | #include "pch.h"
6 | #include "framework.h"
7 | #include "MyARK.h"
8 | #include "MyARKDlg.h"
9 | #include "afxdialogex.h"
10 | #include "CDriver.h"
11 | #include "CProcess.h"
12 | #include "CEnumFile.h"
13 | #include "CIDT.h"
14 | #include "CGDT.h"
15 | #include "Data.h"
16 | #include "CSSDT.h"
17 | #include
18 | #include "CRegister.h"
19 |
20 | #ifdef _DEBUG
21 | #define new DEBUG_NEW
22 | #endif
23 |
24 |
25 | // CMyARKDlg 对话框
26 |
27 |
28 |
29 | CMyARKDlg::CMyARKDlg(CWnd* pParent /*=nullptr*/)
30 | : CDialogEx(IDD_MYARK_DIALOG, pParent)
31 | {
32 | m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME);
33 | }
34 |
35 | void CMyARKDlg::DoDataExchange(CDataExchange* pDX)
36 | {
37 | CDialogEx::DoDataExchange(pDX);
38 | DDX_Control(pDX, IDC_TAB1, m_TabCtrl);
39 | }
40 |
41 | BEGIN_MESSAGE_MAP(CMyARKDlg, CDialogEx)
42 | ON_WM_PAINT()
43 | ON_WM_QUERYDRAGICON()
44 | ON_NOTIFY(TCN_SELCHANGE, IDC_TAB1, &CMyARKDlg::OnSelchangeTab1)
45 | END_MESSAGE_MAP()
46 |
47 |
48 | // CMyARKDlg 消息处理程序
49 |
50 | BOOL CMyARKDlg::OnInitDialog()
51 | {
52 | CDialogEx::OnInitDialog();
53 |
54 | // 设置此对话框的图标。 当应用程序主窗口不是对话框时,框架将自动
55 | // 执行此操作
56 | SetIcon(m_hIcon, TRUE); // 设置大图标
57 | SetIcon(m_hIcon, FALSE); // 设置小图标
58 | // 加载驱动
59 | LoadDriver();
60 | // 加载
61 | StartDriver();
62 | // 打开设备对象
63 | g_hDev = CreateFile(L"\\??\\Device_001", GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
64 | if (g_hDev == INVALID_HANDLE_VALUE)
65 | {
66 | CString Buffer;
67 | Buffer.Format(L"[3环程序]打开设备失败: %d\n", GetLastError());
68 | MessageBox(Buffer);
69 | }
70 | // 发送PID
71 | int PID = _getpid();
72 | DWORD dwSize = 0;
73 | DeviceIoControl(g_hDev, GETPID, &PID, sizeof(int), NULL, NULL, &dwSize, NULL);
74 |
75 | // 初始化Tab控件
76 | m_TabCtrl.InsertItem(0, L"驱动");
77 | m_TabCtrl.InsertItem(1, L"进程");
78 | m_TabCtrl.InsertItem(2, L"文件");
79 | m_TabCtrl.InsertItem(3, L"IDT");
80 | m_TabCtrl.InsertItem(4, L"GDT");
81 | m_TabCtrl.InsertItem(5, L"SSDT");
82 | m_TabCtrl.InsertItem(6, L"注册表");
83 | m_TabCtrl.m_Dia[0] = new CDriver();
84 | m_TabCtrl.m_Dia[1] = new CProcess();
85 | m_TabCtrl.m_Dia[2] = new CEnumFile();
86 | m_TabCtrl.m_Dia[3] = new CIDT();
87 | m_TabCtrl.m_Dia[4] = new CGDT();
88 | m_TabCtrl.m_Dia[5] = new CSSDT();
89 | m_TabCtrl.m_Dia[6] = new CRegister();
90 | m_TabCtrl.m_Dia[0]->Create(IDD_DRIVER, &m_TabCtrl);
91 | m_TabCtrl.m_Dia[1]->Create(IDD_PROCESS, &m_TabCtrl);
92 | m_TabCtrl.m_Dia[2]->Create(IDD_ENUMFILE, &m_TabCtrl);
93 | m_TabCtrl.m_Dia[3]->Create(IDD_IDT, &m_TabCtrl);
94 | m_TabCtrl.m_Dia[4]->Create(IDD_GDT, &m_TabCtrl);
95 | m_TabCtrl.m_Dia[5]->Create(IDD_SSDT, &m_TabCtrl);
96 | m_TabCtrl.m_Dia[6]->Create(IDD_REGISTER, &m_TabCtrl);
97 | CRect pos = {};
98 | m_TabCtrl.GetClientRect(pos); //转换为客户端坐标
99 | pos.DeflateRect(2, 30, 3, 2); // 移动坐标,免得盖住菜单了
100 | // 移动窗口
101 | m_TabCtrl.m_Dia[0]->MoveWindow(pos);
102 | m_TabCtrl.m_Dia[0]->ShowWindow(SW_SHOW);
103 | m_TabCtrl.m_Dia[1]->ShowWindow(SW_HIDE);
104 | m_TabCtrl.m_Dia[2]->ShowWindow(SW_HIDE);
105 | m_TabCtrl.m_Dia[3]->ShowWindow(SW_HIDE);
106 | m_TabCtrl.m_Dia[4]->ShowWindow(SW_HIDE);
107 | m_TabCtrl.m_Dia[5]->ShowWindow(SW_HIDE);
108 | m_TabCtrl.m_Dia[6]->ShowWindow(SW_HIDE);
109 | return TRUE; // 除非将焦点设置到控件,否则返回 TRUE
110 | }
111 |
112 | // 如果向对话框添加最小化按钮,则需要下面的代码
113 | // 来绘制该图标。 对于使用文档/视图模型的 MFC 应用程序,
114 | // 这将由框架自动完成。
115 |
116 | void CMyARKDlg::OnPaint()
117 | {
118 | if (IsIconic())
119 | {
120 | CPaintDC dc(this); // 用于绘制的设备上下文
121 |
122 | SendMessage(WM_ICONERASEBKGND, reinterpret_cast(dc.GetSafeHdc()), 0);
123 |
124 | // 使图标在工作区矩形中居中
125 | int cxIcon = GetSystemMetrics(SM_CXICON);
126 | int cyIcon = GetSystemMetrics(SM_CYICON);
127 | CRect rect;
128 | GetClientRect(&rect);
129 | int x = (rect.Width() - cxIcon + 1) / 2;
130 | int y = (rect.Height() - cyIcon + 1) / 2;
131 |
132 | // 绘制图标
133 | dc.DrawIcon(x, y, m_hIcon);
134 | }
135 | else
136 | {
137 | CDialogEx::OnPaint();
138 | }
139 | }
140 |
141 | //当用户拖动最小化窗口时系统调用此函数取得光标
142 | //显示。
143 | HCURSOR CMyARKDlg::OnQueryDragIcon()
144 | {
145 | return static_cast(m_hIcon);
146 | }
147 |
148 |
149 |
150 | //*****************************************************************************************
151 | // 函数名称: OnSelchangeTab1
152 | // 函数说明: TAB控件
153 | // 作 者: lracker
154 | // 时 间: 2019/12/25
155 | // 参 数: NMHDR *
156 | // 参 数: LRESULT *
157 | // 返 回 值: void
158 | //*****************************************************************************************
159 | void CMyARKDlg::OnSelchangeTab1(NMHDR* pNMHDR, LRESULT* pResult)
160 | {
161 | CRect cRect;
162 | GetClientRect(cRect);
163 | cRect.DeflateRect(2, 30, 3, 2);
164 | // 获取所选TAB项
165 | DWORD dwSel = m_TabCtrl.GetCurSel();
166 | for (DWORD i = 0; i < m_TabCtrl.m_dwTabNum; ++i)
167 | {
168 | if (dwSel == i)
169 | {
170 | m_TabCtrl.m_Dia[i]->MoveWindow(cRect);
171 | m_TabCtrl.m_Dia[i]->ShowWindow(SW_SHOW);
172 | }
173 | else
174 | {
175 | m_TabCtrl.m_Dia[i]->ShowWindow(SW_HIDE);
176 | }
177 | }
178 | *pResult = 0;
179 | }
180 |
181 | //*****************************************************************************************
182 | // 函数名称: LoadDriver
183 | // 函数说明: 加载驱动
184 | // 作 者: lracker
185 | // 时 间: 2019/12/27
186 | // 返 回 值: VOID
187 | //*****************************************************************************************
188 | VOID CMyARKDlg::LoadDriver()
189 | {
190 | TCHAR FilePath[MAX_PATH] = L"C:\\Users\\15pb-win7\\Desktop\\MyARKDriver.sys";
191 | // 打开服务管理器
192 | m_hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
193 | // 创建服务
194 | m_hService = CreateService(m_hSCManager, L"MyDriver1", L"MyDriver1", SERVICE_ALL_ACCESS, SERVICE_KERNEL_DRIVER, SERVICE_DEMAND_START, SERVICE_ERROR_IGNORE, FilePath, NULL, NULL, NULL, NULL, NULL);
195 | m_dwLastError = GetLastError();
196 | }
197 |
198 | //*****************************************************************************************
199 | // 函数名称: StartDriver
200 | // 函数说明: 启动驱动
201 | // 作 者: lracker
202 | // 时 间: 2019/12/27
203 | // 返 回 值: VOID
204 | //*****************************************************************************************
205 | VOID CMyARKDlg::StartDriver()
206 | {
207 | // 如果服务存在,只要打开就好了
208 | if (m_dwLastError == ERROR_SERVICE_EXISTS)
209 | {
210 | m_hService = OpenService(m_hService, L"MyDriver", SERVICE_ALL_ACCESS);
211 | }
212 | // 创建服务是否成功
213 | if (!m_hService)
214 | {
215 | CloseServiceHandle(m_hSCManager);
216 | return;
217 | }
218 | // 启动服务
219 | SERVICE_STATUS status;
220 | // 查询服务状态
221 | QueryServiceStatus(m_hService, &status);
222 | // 服务处于暂停状态
223 | if (status.dwCurrentState == SERVICE_STOPPED)
224 | {
225 | // 启动服务
226 | StartService(m_hService, NULL, NULL);
227 | Sleep(1000);
228 | // 再检查服务状态
229 | QueryServiceStatus(m_hService, &status);
230 | // 服务是否处于运行状态
231 | if (status.dwCurrentState != SERVICE_RUNNING)
232 | {
233 | MessageBox(L"启动失败");
234 | CloseServiceHandle(m_hSCManager);
235 | CloseServiceHandle(m_hService);
236 | }
237 | }
238 | }
239 |
240 |
241 | //*****************************************************************************************
242 | // 函数名称: StopDriver
243 | // 函数说明: 停止驱动
244 | // 作 者: lracker
245 | // 时 间: 2019/12/27
246 | // 返 回 值: VOID
247 | //*****************************************************************************************
248 | VOID CMyARKDlg::StopDriver()
249 | {
250 | CloseHandle(g_hDev);
251 | // 停止服务
252 | SERVICE_STATUS status;
253 | // 检查服务状态
254 | BOOL bRet = QueryServiceStatus(m_hService, &status);
255 | // 如果不处于暂停状态
256 | if (status.dwCurrentState != SERVICE_STOPPED)
257 | {
258 | // 停止服务
259 | ControlService(m_hService, SERVICE_CONTROL_STOP, &status);
260 | // 直到服务停止
261 | while (QueryServiceStatus(m_hService, &status) == TRUE)
262 | {
263 | Sleep(status.dwWaitHint);
264 | break;
265 | }
266 | }
267 | }
268 |
269 | //*****************************************************************************************
270 | // 函数名称: UnLoadDriver
271 | // 函数说明: 卸载驱动
272 | // 作 者: lracker
273 | // 时 间: 2019/12/27
274 | // 返 回 值: VOID
275 | //*****************************************************************************************
276 | VOID CMyARKDlg::UnLoadDriver()
277 | {
278 | if (!DeleteService(m_hService))
279 | {
280 | CString cs;
281 | cs.Format(_T("%d"), GetLastError());
282 | MessageBox(L"DeleteService Failed", cs);
283 | }
284 | // 关闭服务管理器句柄
285 | CloseServiceHandle(m_hService);
286 | CloseServiceHandle(m_hSCManager);
287 | }
288 |
289 | //*****************************************************************************************
290 | // 函数名称: DestroyWindow
291 | // 函数说明: 关闭窗口的时候调用
292 | // 作 者: lracker
293 | // 时 间: 2019/12/27
294 | // 返 回 值: BOOL
295 | //*****************************************************************************************
296 | BOOL CMyARKDlg::DestroyWindow()
297 | {
298 | // 停止服务
299 | StopDriver();
300 | // 卸载驱动
301 | UnLoadDriver();
302 | return CDialogEx::DestroyWindow();
303 | }
304 |
--------------------------------------------------------------------------------
/MyARK/MyARK/MyARK.vcxproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | Win32
7 |
8 |
9 | Release
10 | Win32
11 |
12 |
13 | Debug
14 | x64
15 |
16 |
17 | Release
18 | x64
19 |
20 |
21 |
22 | 16.0
23 | {9E525D7E-73FF-4B2E-AEB9-822A71C9B48E}
24 | MFCProj
25 | MyARK
26 | 10.0
27 |
28 |
29 |
30 | Application
31 | true
32 | v142
33 | Unicode
34 | Static
35 | false
36 |
37 |
38 | Application
39 | false
40 | v142
41 | true
42 | Unicode
43 | Dynamic
44 |
45 |
46 | Application
47 | true
48 | v142
49 | Unicode
50 | Static
51 | false
52 |
53 |
54 | Application
55 | false
56 | v142
57 | true
58 | Unicode
59 | Dynamic
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 |
76 |
77 |
78 |
79 |
80 | true
81 |
82 |
83 | true
84 |
85 |
86 | false
87 |
88 |
89 | false
90 |
91 |
92 |
93 | Use
94 | Level3
95 | true
96 | WIN32;_WINDOWS;_DEBUG;%(PreprocessorDefinitions)
97 | pch.h
98 |
99 |
100 | Windows
101 |
102 |
103 | false
104 | true
105 | _DEBUG;%(PreprocessorDefinitions)
106 |
107 |
108 | 0x0804
109 | _DEBUG;%(PreprocessorDefinitions)
110 | $(IntDir);%(AdditionalIncludeDirectories)
111 |
112 |
113 |
114 |
115 | Use
116 | Level3
117 | true
118 | _WINDOWS;_DEBUG;%(PreprocessorDefinitions)
119 | pch.h
120 |
121 |
122 | Windows
123 |
124 |
125 | false
126 | true
127 | _DEBUG;%(PreprocessorDefinitions)
128 |
129 |
130 | 0x0804
131 | _DEBUG;%(PreprocessorDefinitions)
132 | $(IntDir);%(AdditionalIncludeDirectories)
133 |
134 |
135 |
136 |
137 | Use
138 | Level3
139 | true
140 | true
141 | true
142 | WIN32;_WINDOWS;NDEBUG;%(PreprocessorDefinitions)
143 | pch.h
144 |
145 |
146 | Windows
147 | true
148 | true
149 |
150 |
151 | false
152 | true
153 | NDEBUG;%(PreprocessorDefinitions)
154 |
155 |
156 | 0x0804
157 | NDEBUG;%(PreprocessorDefinitions)
158 | $(IntDir);%(AdditionalIncludeDirectories)
159 |
160 |
161 |
162 |
163 | Use
164 | Level3
165 | true
166 | true
167 | true
168 | _WINDOWS;NDEBUG;%(PreprocessorDefinitions)
169 | pch.h
170 |
171 |
172 | Windows
173 | true
174 | true
175 |
176 |
177 | false
178 | true
179 | NDEBUG;%(PreprocessorDefinitions)
180 |
181 |
182 | 0x0804
183 | NDEBUG;%(PreprocessorDefinitions)
184 | $(IntDir);%(AdditionalIncludeDirectories)
185 |
186 |
187 |
188 |
189 |
190 |
191 |
192 |
193 |
194 |
195 |
196 |
197 |
198 |
199 |
200 |
201 |
202 |
203 |
204 |
205 |
206 |
207 |
208 |
209 |
210 |
211 |
212 |
213 |
214 |
215 |
216 |
217 |
218 |
219 |
220 |
221 |
222 | Create
223 | Create
224 | Create
225 | Create
226 |
227 |
228 |
229 |
230 |
231 |
232 |
233 |
234 |
235 |
236 |
237 |
238 |
239 |
240 |
241 |
--------------------------------------------------------------------------------