代码全贴太长了,就贴一下操作的地方
3环代码
#define CTL_READ_PATH IRP_IOCTRL_CODE(3)
....
case'3':
{
RetNumber = 0;
memset(InputBuffer, 0, sizeof(InputBuffer));
memset(OutputBuffer, 0, sizeof(OutputBuffer));
printf("请输入需要读取数据的文件路径:\n");
scanf("%s", InputBuffer);
DeviceIoControl(hDriver, CTL_READ_PATH, InputBuffer, sizeof(InputBuffer), OutputBuffer, sizeof(OutputBuffer), &RetNumber, NULL);
printf("读取数据:%s\n", OutputBuffer);
system("pause");
break;
}
0环代码
#define CTL_READ_PATH IRP_IOCTRL_CODE(3)
//缓冲区
char g_Buffer[0x1024] = { 0 };
NTSTATUS ReadFileIoCall(char* filePath) {
//1.打开文件,获取文件句柄
//2.获取文件长度
//3.全部读入
//状态码
NTSTATUS ntSTATUS = STATUS_SUCCESS;
//文件句柄
HANDLE hFile = NULL;
//文件属性结构体,集合文件的信息
FILE_STANDARD_INFORMATION fsi = { 0 };
//完成状态
IO_STATUS_BLOCK Iostatus = { 0 };
//对象属性
OBJECT_ATTRIBUTES ObjectAtt = { 0 };
//三环c:\a.txt
//0环:\\??\\c:\a.txt
//将三环路径转换成驱动使用的路径
ANSI_STRING asFilePath = { 0 };
UNICODE_STRING usFilePath = { 0 };
UNICODE_STRING usDriverFilePath = { 0 };
UNICODE_STRING usDrvPath = { 0 };
WCHAR wcBuffer[256];
ULONG wcbufferLen = 256 * sizeof(WCHAR);
RtlInitEmptyUnicodeString(&usDrvPath, &wcBuffer, wcbufferLen);
RtlInitUnicodeString(&usDriverFilePath, L"\\??\\");
RtlInitAnsiString(&asFilePath, filePath);
RtlAnsiStringToUnicodeString(&usFilePath, &asFilePath, TRUE);
RtlAppendUnicodeStringToString(&usDrvPath, &usDriverFilePath);
RtlAppendUnicodeStringToString(&usDrvPath, &usFilePath);
RtlFreeUnicodeString(&usFilePath);
//初始化对象
InitializeObjectAttributes(&ObjectAtt, &usDrvPath, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL);
//打开文件并判断
ntSTATUS = ZwCreateFile(&hFile, GENERIC_WRITE, &ObjectAtt, &Iostatus, NULL, FILE_ATTRIBUTE_NORMAL, FILE_SHARE_WRITE, FILE_OPEN_IF, FILE_SYNCHRONOUS_IO_NONALERT, NULL, 0);
if (!NT_SUCCESS(ntSTATUS))
{
return ntSTATUS;
}
//返回各种有关文件对象的信息
ntSTATUS = ZwQueryInformationFile(hFile, &Iostatus, &fsi, sizeof(FILE_STANDARD_INFORMATION), FileStandardInformation);
if (!NT_SUCCESS(ntSTATUS))
{
return ntSTATUS;
}
memset(g_Buffer, 0, sizeof(g_Buffer));
//读取文件
ntSTATUS = ZwReadFile(hFile, NULL, NULL, NULL, &Iostatus, g_Buffer, fsi.EndOfFile.QuadPart, NULL, NULL);
ZwClose(hFile);
return ntSTATUS;
}
...
...
case CTL_READ_PATH:
{
ntStatus = ReadFileIoCall(pInputBuffer);
if (NT_SUCCESS(ntStatus))
{
RtlZeroMemory(pOutputBuffer, 1024);
ULONG uRetlength = strlen(g_Buffer);
RtlCopyMemory(pOutputBuffer, g_Buffer, uRetlength);
pIrp->IoStatus.Status = STATUS_SUCCESS;
pIrp->IoStatus.Information = uRetlength;
IoCompleteRequest(pIrp, IO_NO_INCREMENT);
}
else {
RtlZeroMemory(pOutputBuffer, 1024);
ULONG uRetlength = strlen("Read Failed!");
RtlCopyMemory(pOutputBuffer, "Read Failed!", uRetlength);
pIrp->IoStatus.Status = STATUS_SUCCESS;
pIrp->IoStatus.Information = uRetlength;
IoCompleteRequest(pIrp, IO_NO_INCREMENT);
}
return STATUS_SUCCESS;
}
雷达卡
发表于 
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶