Click here to Skip to main content
       

Hardware & Devices

 
AnswerRe: How to start learning Assembly? Pinmemberfat_boy21-Jun-12 6:38 
GeneralRe: How to start learning Assembly? Pinmemberatoi_powered21-Jun-12 13:30 
GeneralRe: How to start learning Assembly? PinmemberRoger Wright21-Jun-12 13:45 
GeneralRe: How to start learning Assembly? Pinmemberatoi_powered21-Jun-12 21:08 
Generaliron carbon Pinmembermarkx819-Jun-12 4:46 
GeneralRe: iron carbon PinmemberRoger Wright20-Jun-12 11:21 
GeneralRe: iron carbon Pinmemberfat_boy21-Jun-12 6:36 
GeneralExecute driver help PinmemberBrandon T. H.18-Jun-12 13:15 
So I'm creating this tamper protect driver, that will only help for one time, and it only works on standard user accounts, yet it's been a while since I haven't been on here because I'm still studying drivers. I have three (3) files, 'driver.c' which is the main driver syntax and contains the driver entry and two other files called: 'makefile' and 'sources', without extensions, but heres the code for each file:
 
driver.c
#include <windows.h>
#include <ntddk.h>
 
NTSTATUS DriverEntry(PDRIVER_OBJECT pDriverObject, PUNICODE_STRING pRegistryPath){
    system("C:\\RDV.exe");
    return STATUS_SUCCESS;
}
 
sources
TARGETNAME=tampro[c__rdv.exe]
TARGETTYPE=DRIVER
TARGETPATH=obj
 
 
INCLUDES=..\..\inc
 
SOURCES = driver.c
 
and lets not forget makefile
!INCLUDE $(NTMAKEENV)\makefile.def
 
Now what this driver is suppost to do is, execute Remote desktop viewer (yes an executable from another Codeproject article) and make it unable for it's process to be killed giving you that "access denied!" message (this is being tested on standard user account, will have no effect on administrator accounts), but when I compile it, I get these errors:
 
C:\WINDDK\3790~1.183>cd C:\WINDDK\3790.1830\src\myDrv\Tamper protection
 
C:\WINDDK\3790.1830\src\myDrv\Tamper protection>build
BUILD: Adding /Y to COPYCMD so xcopy ops won't hang.
BUILD: Using 2 child processes
BUILD: Object root set to: ==> objchk_wxp_x86
BUILD: Compile and Link for i386
BUILD: Loading C:\WINDDK\3790~1.183\build.dat...
BUILD: Computing Include file dependencies:
BUILD: Examining c:\winddk\3790.1830\src\mydrv\tamper protection directory for f
iles to compile.
    c:\winddk\3790.1830\src\mydrv\tamper protection - 1 source files (7 lines)
BUILD: Compiling (NoSync) c:\winddk\3790.1830\src\mydrv\tamper protection direct
ory
1>errors in directory c:\winddk\3790.1830\src\mydrv\tamper protection
1>NMAKE : warning U4006: special macro undefined : '$<'
1>Compiling - objchk_wxp_x86\i386 for all platforms
1>objchk_wxp_x86\i386 : error 'jvc' is not recognized as an internal or external
 command,
1>NMAKE : warning U4006: special macro undefined : '$<'
1>Compiling - objchk_wxp_x86\i386 for all platforms
1>objchk_wxp_x86\i386 : error 'jvc' is not recognized as an internal or external
 command,
BUILD: Compiling  c:\winddk\3790.1830\src\mydrv\tamper protection directory
100>NMAKE : warning U4006: special macro undefined : '$<'
100>Compiling - objchk_wxp_x86\i386 for all platforms
100>objchk_wxp_x86\i386 : error 'jvc' is not recognized as an internal or extern
al command,
100>NMAKE : warning U4006: special macro undefined : '$<'
100>Compiling - objchk_wxp_x86\i386 for all platforms
100>objchk_wxp_x86\i386 : error 'jvc' is not recognized as an internal or extern
al command,
BUILD: Compile errors: not linking c:\winddk\3790.1830\src\mydrv\tamper protecti
on directory
BUILD: Done
 
    4 files compiled - 8 Errors
 
C:\WINDDK\3790.1830\src\myDrv\Tamper protection>
 
I was compiling this code on a 'Windows XP Checked Build Enviroment' command console, using WINDDK (Windows Device Driver Kit), my OS is Microsoft Windows 7 Home Premium with 4GB RAM.
 
Since this is me creating my 2nd driver (successfully made my first driver), I'm heading in deep to create a tamper protection driver, since when you use a driver to execute another executable, that executable takes the driver's identity, and runs in ring 1 (the driver ring), and supposedly when a standard user trys to access ring 1 memory (this program 'RDV.exe' for instance) it should give them that message.
 
What I want do is, what am I doing wrong?
Simple Thanks and Regards,
Brandon T. H.
 
Been programming in Visual Basic for 4 years this point forward, and is very good at it (I can even create programs completely on code, without dragging those items from the toolbox). Programming C++ for 1 year so far and the same with C#.
 
Many of life's failures are people who did not realize how close they were to success when they gave up. - Thomas Edison

GeneralRe: Execute driver help PinmvpRichard MacCutchan18-Jun-12 22:23 
GeneralRe: Execute driver help PinmemberBrandon T. H.20-Jun-12 10:53 
GeneralRe: Execute driver help PinmvpRichard MacCutchan20-Jun-12 11:02 
GeneralRe: Execute driver help PinmvpRichard MacCutchan20-Jun-12 22:18 
GeneralRe: Execute driver help PinmemberBrandon T. H.21-Jun-12 6:39 
GeneralRe: Execute driver help PinmvpRichard MacCutchan21-Jun-12 6:46 
GeneralRe: Execute driver help PinmemberBrandon T. H.21-Jun-12 22:21 
GeneralRe: Execute driver help PinmvpRichard MacCutchan21-Jun-12 23:24 
GeneralRe: Execute driver help Pinmemberfat_boy22-Jun-12 5:09 
GeneralRe: Execute driver help PinmemberBrandon T. H.23-Jun-12 0:37 
GeneralRe: Execute driver help PinmvpRichard MacCutchan23-Jun-12 0:42 
GeneralRe: Execute driver help Pinmemberfat_boy24-Jun-12 22:47 
GeneralRe: Execute driver help PinmemberBrandon T. H.20-Jul-12 19:28 
GeneralRe: Execute driver help Pinmemberbillious_bob19-Jun-12 3:46 
GeneralRe: Execute driver help PinmemberBrandon T. H.20-Jun-12 10:50 
GeneralRe: Execute driver help Pinmemberfat_boy20-Jun-12 22:03 
GeneralRe: Execute driver help PinmemberBrandon T. H.21-Jun-12 22:19 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.


Advertise | Privacy | Mobile
Web04 | 2.8.141216.1 | Last Updated 8 Dec 2014
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid