- Forum
- Windows Programming
- I/O requests
I/O requests
Does anyone want to discuss and implement code for accessing windows drivers and the information being sent to and from them? I have interest in that.
closed account (13bSLyTq)
Hi,
To perform such a feat of passing data from ring-3 mode (also known as user-mode) to the
ring-0 mode (also known as kernel-mode) you must open an file descriptor for your target device driver. You will be required to use the standard CreateFile() or ReadFile() to open an file descriptor of the driver.
To open this file descriptor you must pass device name as a parameter unlike the traditionally used file path.
Then you can use the method called IOCTL based communication to exchange information between 2 vastly different software's. IOCTLs are essentially used as a method of communication between the driver and user-mode application. Normally for ease of understanding its appropriate to think of IOCTLs as a windows message that will request the device-driver to execute some function or code.
It is important to know there is no protocol for what a certain IOCTL should execute or not it must be predefined by a programmer and must be carefully be equivalent in definition in both driver and user-mode.
That said, if you plan on trying to "hijack" drivers, then the program will fail because it does not know what that certain IOCTL code should do, but you can hook the user-mode application and hook the necessary functions in order to get what the program is sending to the driver and vice-verse with another function.
I strongly recommend you read the following articles to grasp on to this extremely confusing topic for new programmers:
1. http://msdn.microsoft.com/en-us/library/windows/hardware/ff548059%28v=vs.85%29.aspx
2. http://msdn.microsoft.com/en-gb/library/windows/desktop/aa363219%28v=vs.85%29.aspx
3. http://www.codeproject.com/Articles/9575/Driver-Development-Part-Introduction-to-Implemen
4. http://msdn.microsoft.com/en-gb/library/windows/hardware/ff554678%28v=vs.85%29.aspx (To get better understanding of internals of Windows operating system)
Hope this helps,
OrionMaster
To perform such a feat of passing data from ring-3 mode (also known as user-mode) to the
ring-0 mode (also known as kernel-mode) you must open an file descriptor for your target device driver. You will be required to use the standard CreateFile() or ReadFile() to open an file descriptor of the driver.
To open this file descriptor you must pass device name as a parameter unlike the traditionally used file path.
Then you can use the method called IOCTL based communication to exchange information between 2 vastly different software's. IOCTLs are essentially used as a method of communication between the driver and user-mode application. Normally for ease of understanding its appropriate to think of IOCTLs as a windows message that will request the device-driver to execute some function or code.
It is important to know there is no protocol for what a certain IOCTL should execute or not it must be predefined by a programmer and must be carefully be equivalent in definition in both driver and user-mode.
That said, if you plan on trying to "hijack" drivers, then the program will fail because it does not know what that certain IOCTL code should do, but you can hook the user-mode application and hook the necessary functions in order to get what the program is sending to the driver and vice-verse with another function.
I strongly recommend you read the following articles to grasp on to this extremely confusing topic for new programmers:
1. http://msdn.microsoft.com/en-us/library/windows/hardware/ff548059%28v=vs.85%29.aspx
2. http://msdn.microsoft.com/en-gb/library/windows/desktop/aa363219%28v=vs.85%29.aspx
3. http://www.codeproject.com/Articles/9575/Driver-Development-Part-Introduction-to-Implemen
4. http://msdn.microsoft.com/en-gb/library/windows/hardware/ff554678%28v=vs.85%29.aspx (To get better understanding of internals of Windows operating system)
Hope this helps,
OrionMaster
Last edited on
Topic archived. No new replies allowed.