Suppose you want to program yourself to load the driver with the suffix of .sys under Windows; first, you must use the OpenSCManager function to open the Windows Service Control Manager;
Let's call this function first to see if it will open successfully; the code is as follows;
#include <windows.h>
#include <winsvc.h>
#include <conio.h>
#include <stdio.h>
#define DRIVER_NAME "HelloDriver"
#define DRIVER_PATH "..//MyDriver//HelloDriver.sys"
int APIENTRY WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
/* TODO: Place code here.*/
PVOID lpMsgBuf;
char szBuffer[100];
char szDriverImagePath[256];
//得到完整的驱动路径
//GetFullPathName(lpszDriverPath, 256, szDriverImagePath, NULL);
BOOL bRet = FALSE;
SC_HANDLE hServiceMgr=NULL;//SCM管理器的句柄
SC_HANDLE hServiceDDK=NULL;//NT驱动程序的服务句柄
//打开服务控制管理器
//hServiceMgr = OpenSCManager( NULL, NULL, SC_MANAGER_ALL_ACCESS );
hServiceMgr = OpenSCManager( NULL, "abc", SC_MANAGER_ALL_ACCESS);
if( hServiceMgr == NULL )
{
//OpenSCManager失败
if (FormatMessage(
FORMAT_MESSAGE_ALLOCATE_BUFFER |
FORMAT_MESSAGE_FROM_SYSTEM |
FORMAT_MESSAGE_IGNORE_INSERTS,
NULL,
GetLastError(), // 错误代码
MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
(LPTSTR)&lpMsgBuf,
0,
NULL))
{
MessageBox(NULL, (LPCTSTR)lpMsgBuf, TEXT("打开服务控制管理器失败"), MB_OK);
}
}
else
{
wsprintf(szBuffer, "0x%08x",hServiceMgr);
MessageBox(NULL,szBuffer,TEXT("开服务控制管理器,句柄:"),0);
}
LocalFree(lpMsgBuf);
return 0;
}
If the opening is successful, the opened handle is displayed; if the opening fails, the formatting error message is displayed; Dev C++ is used;
The successful opening is as follows;
The OpenSCManager function is described as follows;
SC_HANDLE WINAPI OpenSCManager(
_In_opt_ LPCTSTR lpMachineName,
_In_opt_ LPCTSTR lpDatabaseName,
_In_ DWORD dwDesiredAccess
);
Function: Open the specified SCM database on the specified computer with certain permissions;
Parameters:
1. lpMachineName: target computer name NULL means the local computer
2. lpDatabaseName: The service management program system component database, which can be set to SERVICES_ACTIVE_DATABASE, if it is NULL, it means that the Services_ACTIVE_DATABASE database is opened by default
3. dwDesiredAccess: The permissions for SCM can be the following:
Access right Description
SC_MANAGER_ALL_ACCESS (0xF003F) Includes Includes STANDARD_RIGHTS_REQUIRED, in addition to all access rights in this table.
SC_MANAGER_CREATE_SERVICE (0x0002) Required to call the CreateService function to create a service object and add it to the database.
SC_MANAGER_CONNECT (0x0001) Required to connect to the service control manager.
SC_MANAGER_ENUMERATE_SERVICE (0x0004) SC_MANAGER_LOCK (0x0008) Required to call the LockServiceDatabase function to acquire a lock on the database.
SC_MANAGER_MODIFY_BOOT_CONFIG (0x0020) Required to call the NotifyBootConfigStatus function.
SC_MANAGER_QUERY_LOCK_STATUS (0x0010) Required to call the QueryServiceLockStatus function to retrieve the lock status information for the database.
The second parameter is the database name; if you give "abc" casually, the opening will fail as follows;