首页
社区
课程
招聘
问答 CTF 排行榜 知识库 工具下载 峰会 看雪商城 证书查询
  1. 社区
  2. 编程技术
    3. 发新帖
[求助]CreateFileW失败 GetLastError错误代码2
发表于: 2016-2-14 13:10 6350

[求助]CreateFileW失败 GetLastError错误代码2

ZXY啪啪啪 活跃值
2016-2-14 13:10
6350
驱动的代码
#include<ntddk.h>
#include<Strsafe.h>
PDEVICE_OBJECT device_object ;
NTSTATUS cwkDispatch(PDEVICE_OBJECT dev, PIRP irp)
{
	irp->IoStatus.Information = 0;
	IoCompleteRequest(irp, IO_NO_INCREMENT);
	return  STATUS_SUCCESS;
}

 VOID  DriverUnload(PDRIVER_OBJECT driver_object)
{
	UNICODE_STRING usLinkName;
	RtlInitUnicodeString(&usLinkName, L"\\??\\wdfabifbuadfba");
	IoDeleteSymbolicLink(&usLinkName);
	IoDeleteDevice(device_object);
}

 NTSTATUS DriverEntry(PDRIVER_OBJECT driver_object, PUNICODE_STRING reg_part)
{
	driver_object->DriverUnload = DriverUnload;
	UNICODE_STRING str;
	RtlInitUnicodeString(&str, L"\\Device\\DeviceName");
	IoCreateDevice(driver_object,0,&str, FILE_DEVICE_UNKNOWN,FILE_DEVICE_SECURE_OPEN,TRUE, &device_object);
	UNICODE_STRING usLinkName;
	RtlInitUnicodeString(&usLinkName, L"\\??\\wdfabifbuadfba");
	IoCreateSymbolicLink(&str, &usLinkName);
	for (int i = 0; i < IRP_MJ_MAXIMUM_FUNCTION; ++i)
	{
		driver_object->MajorFunction[i] = cwkDispatch;
	}
	return  STATUS_SUCCESS;
}


应用代码
	hFile= CreateFileW(L"\\\\.\\wdfabifbuadfba",
				GENERIC_READ | GENERIC_WRITE,
				0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL,
				NULL);


IoCreateSymbolicLink第二个参数传入应该是\??\还是\DosDevices\

谢谢各位

[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!

收藏
免费 0
支持
分享
最新回复 (7)
wang王
雪    币: 4751
活跃值: (1783)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
2
我用的是\DosDevices\
实际上都可以
2016-2-14 13:44
0
ZXY啪啪啪
雪    币: 193
活跃值: (175)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
3
恩  那能帮我看看里面哪里错了么  我找了好久找不出来
2016-2-14 15:42
0
乙酸乙酯
雪    币: 11
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
4
IoCreateDevice和IoCreateSymbolicLink都成功了吗?
2016-2-14 21:32
0
wang王
雪    币: 4751
活跃值: (1783)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
5 
#pragma INITCODE
extern "C" NTSTATUS DriverEntry (IN PDRIVER_OBJECT pDriverObject,IN PUNICODE_STRING RegistryPath)
{
	NTSTATUS status;

	//´´½¨Çý¶¯É豸¶ÔÏó
	status = CreateDevice(pDriverObject);

	pDriverObject->DriverUnload=UnloadDriver;		//жÔØÇý¶¯

	return status ;
}

//´´½¨É豸
#pragma INITCODE
NTSTATUS CreateDevice(IN PDRIVER_OBJECT	pDriverObject) 
{
	NTSTATUS status;
	PDEVICE_OBJECT   deviceObject;	

	RtlInitUnicodeString( &DeviceNameString,    L"\\Device\\HideProcess" );
	RtlInitUnicodeString( &LinkDeviceNameString,L"\\DosDevices\\HideProcess" );

	KdPrint(("pDriverEntry Enter............................\n"));

	status = IoCreateDevice(
		pDriverObject,
		0,                      
		&DeviceNameString,
		FILE_DEVICE_DISK_FILE_SYSTEM,
		FILE_DEVICE_SECURE_OPEN,
		FALSE,
		& deviceObject );

	if (!NT_SUCCESS( status )) 
	{

		KdPrint(( "pDriverEntry: Error creating control device object, status=%08x\n", status ));
		return status;
	}

	status = IoCreateSymbolicLink(
		(PUNICODE_STRING) &LinkDeviceNameString,
		(PUNICODE_STRING) &DeviceNameString
		);

	if (!NT_SUCCESS(status))
	{
		IoDeleteDevice(deviceObject);
		return status;
	}

	return status;
}


#pragma PAGEDCODE
VOID UnloadDriver(IN PDRIVER_OBJECT pDriverObject)//жÔØÇý¶¯³ÌÐòºÍ¹³×Ó
{
	PDEVICE_OBJECT deviceObject;

	deviceObject= pDriverObject->DeviceObject;
	IoDeleteSymbolicLink(&LinkDeviceNameString);
	ASSERT(!deviceObject->AttachedDevice);
	if ( deviceObject != NULL )
	{
		IoDeleteDevice( deviceObject );
	}
	KdPrint(("pDriverObject End............................\n"));
}
2016-2-15 01:56
0
wang王
雪    币: 4751
活跃值: (1783)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
6 
pDriverObject->MajorFunction[IRP_MJ_WRITE] = HelloDDKDispatchRoutine;
pDriverObject->MajorFunction[IRP_MJ_READ] = HelloDDKDispatchRoutine;
读写需要这个




NTSTATUS HelloDDKDispatchRoutine(IN PDEVICE_OBJECT pDevObj,
								 IN PIRP pIrp) 
{
    //得到当前I0_STACK_LOCATION
	PIO_STACK_LOCATION stack = IoGetCurrentIrpStackLocation(pIrp);
	
	//得到输入缓冲区的大小
	ULONG cbin=stack->Parameters.DeviceIoControl.InputBufferLength;
	//得到输出缓冲区的大小
	ULONG cbout=stack->Parameters.DeviceIoControl.OutputBufferLength;
	
	//得到IOCTL码
    ULONG code=stack->Parameters.DeviceIoControl.IoControlCode;
	
    //获取IO请求类型
	ULONG mf=stack->MajorFunction;
	
	//(pIrp->AssociatedIrp.SystemBuffer)输入缓冲区指针
	
		
	
	//	KdPrint(("Enter HelloDDKDispatchRoutine\n"));
	NTSTATUS status = STATUS_SUCCESS;
	// 完成IRP
	pIrp->IoStatus.Status = status;
	pIrp->IoStatus.Information = cbout;	// 设置IRP操作了多少字节
	IoCompleteRequest( pIrp, IO_NO_INCREMENT );
	//	KdPrint(("Leave HelloDDKDispatchRoutine\n"));
	return status;
}
2016-2-15 02:04
0
ZXY啪啪啪
雪    币: 193
活跃值: (175)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
7
你好  你的代码编译后还是没办法通过  getlasterror返回1
我研究了论坛的教程   发现需要
pDriverObj->MajorFunction[IRP_MJ_CREATE] = DispatchCreate;
	pDriverObj->MajorFunction[IRP_MJ_CLOSE] = DispatchClose;

并添加相应的处理才能打开   我的系统是windows10  谢谢
2016-2-16 19:33
0
zhangfresh
雪    币: 0
活跃值: (155)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
8
谢谢楼上,用你的办法,解决了win10下的这个怪异问题。
2021-3-30 13:46
0
游客
登录 | 注册 方可回帖
回帖 表情 雪币赚取及消费
高级回复
返回
//