Can someone point me to any link on asm driver building? I also think that we need this topic. It'd be great if someone could share their knowledge on this.
http://website.masm32.com/
Same thing Bogdan posted, but I think the KmdKit is later version (1.8 instead of 1.2): http://www.freewebs.com/four-f/index.htm
Ty bogdan and box.
best regards
So,... hey. I'm getting around the driver tutes and i'm starting to understand a little. Somethings however are a bit confusing. If i'm using the PsSetCreateProcessNotify function how do i get it to comunicate which processes are about to be executed to the Application? I tried using the usual includes but everything went confilicting.
Someone give some hints please.
Thanks a lot and bye
xandaz writing drivers in any language is an artform,that's abit more dangerous than regular programs because it's so lowlevel, also I highly doubt many here have done it beyond the basics. My advice to you is to google 'PsSetCreateProcessNotify' and copy a c/c++ example to ASM, which shouldn't be that hard. also note that on Vista+ microsoft introduced driver signing, to where you need to pay to have your driver signed inorder for it to run(couple hundred bucks), that or disable driver signing in the OS, which is kinda dangerous. Also in terms of hooking in x64, Patchguard goes out of its way to prevent a lot of that.
What a disappointement! But hey! i tried out the beeper.sys and it worked. Is there a service signing gismo as well? I could use PsSetCreate... in a service rather than a driver couldnt i? well... i feel very very ....no words. This microsoft dudes should all go to hell.
Ty e cube. i'll check in later to see what goes on.
Ty and bye all :(