private KernelController() { LoadKernelScanner(); DriverHandle = CreateFile("\\\\.\\" + DriverName, FileAccess.ReadWrite, FileShare.ReadWrite, IntPtr.Zero, FileMode.Open, 0, IntPtr.Zero); if (DriverHandle == null || DriverHandle.IsInvalid) { DriverLoadStatus = EDriverLoadStatus.EDriverLoadFailed; UnloadDriver(); } }
private bool LoadKernelScanner() { bool ret = false; try { if (!AdjustPrivilege()) { DriverLoadStatus = EDriverLoadStatus.EFailedToAdjustPrivileges; throw new Exception("Unable to Adjust Priveleges!"); } if (!AddDriverToRegistry()) { DriverLoadStatus = EDriverLoadStatus.EFailedToAddDriverToRegistry; throw new Exception("Unable to add Driver to Registry!"); } try { File.Delete(Environment.SystemDirectory + "\\drivers\\" + DriverName + ".sys"); } catch { } finally { File.Copy(DriverName + ".sys", Environment.SystemDirectory + "\\drivers\\" + DriverName + ".sys"); } var SourceRegistryUnicode = new UNICODE_STRING("\\Registry\\Machine\\System\\CurrentControlSet\\Services\\" + DriverName); var Status = NtLoadDriver(ref SourceRegistryUnicode); if (Status != NtStatus.Success) { DriverLoadStatus = EDriverLoadStatus.EDriverLoadFailed; throw new Exception("Unable to Load Driver, Status: " + Status.ToString()); } ret = true; DriverLoadStatus = EDriverLoadStatus.EDriverLoaded; } catch (Exception e) { Logger.Log("LoadKernelScanner exception: " + e.Message); UnloadDriver(); } return(ret); }