Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How do I "install" a custom-windows driver?

Tags:

c

windows

registry

kernel

driver

I am planning to write a basic windows registry filter in C. The purpose of the filter is to hook all (user and kernel privileged) registry calls so that I can use them in my program. I am basically copying regmon/process monitor by Mark Rusinovich but more basic.

My question is, once the filter is written in C, how do you get the system to implement the custom behaviour and to not implement the original intended behaviour of the registry calls?

I am using windows 7

EDIT: I am trying to do this as part of a hobby c++ project which can hook all registry calls.

like image 983
user997112 Avatar asked Oct 19 '11 21:10

user997112

People also ask

How do I manually install Windows Drivers?

In the search box on the taskbar, enter device manager, then select Device Manager. Right-click (or press and hold) the name of the device, and then select Uninstall. Restart your PC. Windows will attempt to reinstall the driver.

How do I install my own driver?

Manual Driver Install through Device ManagerRight-click the Start Menu and select Device Manager. Find the device that requires a driver update and right-click it, then select Update Driver. If you need details on the current driver, select Properties instead. From there, you can also update the driver.

How do you add drivers to Windows install?

You can add drivers to Windows Setup by using an answer file that specifies the path to the driver files. To do this in new installations, you add the Microsoft-Windows-PnpCustomizationWinPE component during the windowsPE configuration pass, add the driver paths, and then specify the answer file.

2 Answers

There are special functions for that. See CmRegisterCallback(), CmRegisterCallbackEx() and Filtering Registry Calls on MSDN.

As for just installing a kernel mode driver, you may use the Service Controller (sc.exe). Use sc create [service name] binPath= [path to your .sys file] type= kernel to create a kernel-mode service and sc start [service name] to start it. Don't forget to sc stop and sc delete it before making changes to the driver.

like image 81
Alexey Frunze Avatar answered Sep 23 '22 00:09

Alexey Frunze

Basically drivers are considered as Services as such you can utilize the Service COntrol manager Using the aforementioned APIs what you basically achieve is the appropriate entries in the registry under the Services key. For a sample of how to achieve this check this article, scroll to the bottom to the section named "Dynamically Loading and Unloading the Driver". Furthermore if you want to achieve easy debugging/development and are using VS2k10 I'd suggest you use the free VisualDDK I believe this should be enough to get you going.

like image 21
LordDoskias Avatar answered Sep 26 '22 00:09

LordDoskias
Sign in to Comment

Related questions

Adding 64 bit support to existing 32 bit code, is it difficult?
how to declare an unsigned int in a C program
How do I compile and link C++ code with compiled C code?
Is this the most optimal way? C bitfields
C++ fixed size arrays vs multiple objects of same type
static struct in C/C++
Accept multiple subsequent connections to socket
GCC, linking libraries, not found?
Error in a Wikipedia Article on memory leaks [closed]
Why is sequentially reading a large file row by row with mmap and madvise sequential slower than fgets?
get the value of a c constant
Windows Socket Programming in C
terminating a thread in C
Is it bad practice to have a macro definition return a value for a function?
py-bcrypt installing on win 7 64bit python
Using C Headers in C++
Difference between array[n] and array[]?
JIT optimizer for C/C++
c stdout print without new line?
printf displays something weird

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!