老手网

U盘写保护驱动源码

授权形式: 免费版
更新时间: 2013-04-23 21:11:17
软件语言: 英文
软件平台: Win2000/WinXP/Win2003
软件类别:
文件大小: δ֪
评论等级:
浏览次数: (今日:,本周:,本月:
软件简介
C++的调用工具

diskperf.c 修改的USB 访问过滤

安装DDK就能编译,调试完全没有问题

解释几个关键代码
U盘写保护关键点
	PDEVICE_EXTENSION StorExtension = ( PDEVICE_EXTENSION )	DeviceObject->DeviceExtension;

	irpStack = IoGetCurrentIrpStackLocation( Irp );

	CurSrb = (PSCSI_REQUEST_BLOCK)ExAllocatePoolWithTag(NonPagedPool,
		sizeof(SCSI_REQUEST_BLOCK),
		'brs');
	if (CurSrb == NULL) 
	{
		//DbgPrint("观察:CurSrb==NULL\n");
	}
	else
	{
		//DbgPrint("观察:CurSrb!=NULL\n");
	}

	RtlZeroMemory(CurSrb, SCSI_REQUEST_BLOCK_SIZE); 

	if (irpStack->MajorFunction==IRP_MJ_INTERNAL_DEVICE_CONTROL)
	{
		CurSrb=irpStack->Parameters.Scsi.Srb; 
		cdb = (PCDB)CurSrb->Cdb; 
		opCode=cdb->CDB6GENERIC.OperationCode; 
		if (opCode==SCSIOP_MODE_SENSE)
		{
			DbgPrint("观察:进入U盘写保护\n");
			modeData = (PMODE_PARAMETER_HEADER)CurSrb->DataBuffer;
			if( IsReadOnly == 1 || IsReadOnly == 2 )
			{
				DbgPrint("U盘写保护\n");
				modeData->DeviceSpecificParameter |= MODE_DSP_WRITE_PROTECT;
			}
		} 
	}

	if ( Irp->PendingReturned )
	{
		IoMarkIrpPending( Irp );
	} 


根据注册表的值,来判断是否保护

RtlInitUnicodeString( &strKeyName, KeyName );
	RtlInitUnicodeString( &strvalueName, valueName );
	InitializeObjectAttributes(&tmp,&strKeyName, OBJ_KERNEL_HANDLE | OBJ_CASE_INSENSITIVE,NULL,NULL);

	status1 = ZwOpenKey(&hKeyHandle,KEY_READ,	&tmp);
	if (NT_SUCCESS(status1))
	{
		DbgPrint(("ZwOpenKey success \n"));

		bufferlen = sizeof( KEY_VALUE_PARTIAL_INFORMATION ) + sizeof(ULONG);
		buffer1 = (PKEY_VALUE_PARTIAL_INFORMATION)ExAllocatePool( NonPagedPool,bufferlen );


		status1 = ZwQueryValueKey( hKeyHandle,&strvalueName,
			KeyValuePartialInformation,
			buffer1,
			bufferlen,
			&resultLength );
		if (NT_SUCCESS(status1))
		{
			if( buffer1->Data[0] == 1)
			{
				IsReadOnly = 1;
				DbgPrint(("ZwOpenKey 只读\n"));
			}
			else if( buffer1->Data[0] == 2)
			{
				IsReadOnly = 2;
				DbgPrint(("ZwOpenKey 完全禁止 \n"));
			}
			else if( buffer1->Data[0] == 3)
			{
				IsReadOnly = 3;
				DbgPrint(("ZwOpenKey 完全开放 \n"));
			}
			else
			{
				IsReadOnly = 1;
				DbgPrint(("ZwOpenKey 只读 \n"));
			}

		}
		else
		{
			IsReadOnly = 1;
			DbgPrint(("ZwQueryValueKey fail \n"));
		}

		ZwClose(hKeyHandle);
		ExFreePool(buffer1);
	}
	else
	{
		DbgPrint(("ZwOpenKey success fail \n"));
	}

下载地址
-

Copyright © 2012 - 2014 oldhand.cn All Rights Reserved. 粤ICP备13025864号