Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Driver loader

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
UnLmtD
Grandmaster Cheater
Reputation: 0

Joined: 13 Mar 2007
Posts: 894
Location: Canada
PostPosted: Fri May 04, 2007 6:28 pm    Post subject: Driver loader Reply with quote
Hey guys, well finally I understood how to hide a process using a driver <3 www.rootkit.com

The thing is when I was testing the driver on my PC, I was using OSR driver loader. Now I want to implant the loader code in my application.

I tried using this
Code:
#include <windows.h>
#include <iostream>


int _cdecl main(void)
{
    HANDLE hSCManager;
    HANDLE hService;
    SERVICE_STATUS ss;

    hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_CREATE_SERVICE);
   
    printf("Load Driver\n");

    if(hSCManager)
    {
        printf("Create Service\n");

        hService = CreateService(hSCManager, "Hider",
                                 "Rootkit exemple",
                                  SERVICE_START | DELETE | SERVICE_STOP,
                                  SERVICE_KERNEL_DRIVER,
                                  SERVICE_DEMAND_START,
                                  SERVICE_ERROR_IGNORE,
                                  "C:\\hideprocess.sys",
                                  NULL, NULL, NULL, NULL, NULL);

        if(!hService)
        {
            hService = OpenService(hSCManager, "Hider",
                       SERVICE_START | DELETE | SERVICE_STOP);
        }

        if(hService)
        {
            printf("Start Service\n");

            StartService(hService, 0, NULL);
            printf("Press Enter to close service\r\n");
            getchar();
            ControlService(hService, SERVICE_CONTROL_STOP, &ss);

            DeleteService(hService);

            CloseServiceHandle(hService);
           
        }

        CloseServiceHandle(hSCManager);
    }
   
    return 0;
}


But for some reason it didn't work Confused. Anyone got a better code?

I know I must use those API's : OpenSCManager, CreateService, StartService, StopService, CloseServiceHandle

But can't figure it out Mad Help pl0x

***EDIT***

O well if anyone wondered I took a look at http://www.catch22.net/tuts/kernel1.asp driver unloader. Seems good, I like the way of putting the driver in the .exe (Didn't know you could do that)

If you know any better way post please <3
_________________
Back to top
View user's profile Send private message
compactwater
I post too much
Reputation: 8

Joined: 02 Aug 2006
Posts: 3923
PostPosted: Sat May 05, 2007 5:26 am    Post subject: Reply with quote
Don't you have to "include" something if you're going to call something from it?
Back to top
View user's profile Send private message
UnLmtD
Grandmaster Cheater
Reputation: 0

Joined: 13 Mar 2007
Posts: 894
Location: Canada
PostPosted: Sat May 05, 2007 10:31 am    Post subject: Reply with quote
Thanks for the reply Compactwater, I did fix the problem... I basically used the code I posted and it worked... Embarassed I probably miss paled the driver name Rolling Eyes

BTW credits for the loader goes to Toby Opferman from CodeProject.
_________________
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites