-
-
[原创]使用代码关闭XP没有经过WHQL认证的ndis驱动安装警告
-
发表于:
2016-8-17 16:21
5693
-
[原创]使用代码关闭XP没有经过WHQL认证的ndis驱动安装警告
在XP环境安装基于passthru例子编译的ndis驱动安装会弹出警告窗口,通过修改"我的电脑"->"属性“->"硬件"->“驱动程序签名”->“忽略”的方式可以关闭警告,网上查找通过代码方式关闭没有找到,通过逆向分析sigtab.dll模块,整理下面代码可以关闭安装警告。
// 0=忽略,1=警告,2=阻止
DWORD SetDriverSigningPolicy(BYTE value)
{
HMODULE hMod;
FARPROC pfn;
SYSTEMTIME stSystime;
DWORD dwType;
DWORD cbData;
BYTE Data[4];
HKEY phkResult;
LONG lRtn;
DWORD dwDisposition;
lRtn = RegCreateKeyExW(
HKEY_CURRENT_USER,
L"Software\\Microsoft\\Driver Signing",
0,
0,
0,
KEY_ALL_ACCESS,
NULL,
&phkResult,
&dwDisposition);
if (!lRtn)
{
dwType = REG_DWORD;
cbData = 4;
lRtn = RegSetValueExW(phkResult, L"Policy", 0, dwType, Data, cbData);
RegCloseKey(phkResult);
if (!lRtn)
{
phkResult = 0;
*(DWORD*)&Data = 0;
lRtn = RegOpenKeyExW(HKEY_LOCAL_MACHINE, L"System\\WPA\\Pnp", 0, KEY_READ, &phkResult);
if (lRtn == ERROR_FILE_NOT_FOUND)
{
lRtn = RegOpenKeyExW(HKEY_LOCAL_MACHINE, L"System\\CurrentControlSet\\Control\\Session Manager\\WPA\\Pnp",
0,
KEY_READ,
&phkResult);
}
if (!lRtn) // Success
{
cbData = 4;
lRtn = RegQueryValueExW(phkResult, L"seed", 0, &dwType, Data, &cbData);
RegCloseKey(phkResult);
}
if (lRtn != ERROR_SUCCESS)
{
dwType = REG_DWORD;
cbData = 4;
*(DWORD*)&Data = 0;
lRtn = ERROR_SUCCESS;
}
hMod = LoadLibraryW(L"setupapi.dll");
if (hMod != NULL)
{
pfn = GetProcAddress(hMod, "pSetupGetRealSystemTime");
if (pfn != NULL)
{
stSystime.wMinute = *(WORD*)Data;
stSystime.wYear = *(WORD*)&Data[2];
stSystime.wDayOfWeek = (UINT)&phkResult | 4;
stSystime.wMilliseconds = (UINT)&dwType & 0xF3FF | ((value & 3) << 10);
((void (__stdcall *)(SYSTEMTIME *))pfn)(&stSystime);
stSystime.wDayOfWeek = (UINT)&phkResult | 4;
((void (__stdcall *)(SYSTEMTIME *))pfn)(&stSystime);
if (value != ((((BYTE)(LOBYTE(stSystime.wMilliseconds) + 2) >> 2) ^ 0xFE) & 3))
lRtn = ERROR_FUNCTION_FAILED;
}
else
{
lRtn = GetLastError();
}
FreeLibrary(hMod);
}
else
{
lRtn = GetLastError();
}
}
}
return lRtn;
}
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
