Making Simple Windows Driver in C

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
before starting to write the actual code of the driver you're going to need a couple of dependencies including visual studio and the Windows driver kit and in this video I'm going to assume you have everything already installed all the information is going to be in the description so you can check it out now after installing the dependencies you're going to have a couple of stuff added to your start menu and one of them is going to be x64 native tools command prompt for visual studio 2022 so let's just go ahead and open this and this is the visual studio console we're going to use this to actually build the driver now I'm going to open Vim to actually write the code of the driver over there so I'm going to create a new file and call it driver. C I'm going to start by defining amd64 that's because the architecture that we're going to use is x64 and after that I'm going to include a header file called wdm Doh wdm actually stands for Windows driver model and this header file includes all kinds of useful stuff for driver development after this I can start writing the entry point so so it's going to return a type called ENT status and I'm going to call my entry point driver entry it's going to get two parameters both of them I'm not going to use I'm going to call them A and B and now I want to actually print something with this driver so I'm going to use a function called dvg print so I open up here the official Microsoft documentation of the dvg print function it comes from the header file wm. and you can see that this function sends a message to the kernel debugger and this is the syntax of the function it's pretty simple just gets a format and additional arguments if you need so we're going to just use this function and call it with hello world so I'm going to call dbg Print afterwards I'm going to return success status success that's it for the code so I'm going to save this and I'm going to go back to the visual studio console that we opened earlier I'm going to navigate to where the driver code is I'm going to use the Microsoft Visual Studio compiler which is called CL I'm going to start by passing the driver C file and the second file I need to pass is the library that contains the dbg print function so for this I'm going to go to the bottom of this page to requirements you can see a table here that includes all kinds of information about this function where it comes from and if we go to the line that says Library we see that we have two places we have user mode that comes from here but we're actually interested in kernel mode which comes from this Library so I'm going to copy this and I'm going to specify the full path to this file so this actually comes from the windows kits folder so I'm going to specify that this comes from program files Windows kits km stands for kernel mode then I'm going to paste the name of the library here notice that this version may be different in your case just adjust it to whatever you have afterward I'm going to use the SL I option for specifying additional include directory I'm going to copy part of this path till lib over here instead of lib I'm going to write include and finish off with KM this will actually give me access to the wdm Doh header file now I'm going to specify slash link so from here on it's going to be options for the Linker first option I'm going to use is subsystem that's going to be native driver is going to be wdm which stands for Windows driver model finally I'm going to specify the entry point which as we call it is going to be driver entry now I can go ahead and run this and you can see that this was successful and it outputed driver. EXE so now let's go ahead and change the name of this file to end with. sis so I'm going to re rename driver. exe to driver. CIS to make Windows actually load the driver we're going to need to restart the computer in a special mode that ignores signatures on the driver so in that case I'm actually going to open the start menu over here I'm going to press on the power button and while pressing on restart I'm going to hold shift it's now going to load a special screen you're going to see soon I'm going to press on troubleshoot afterwards Advanced options and I'm going to choose startup settings it's going to let me restart Windows going to press on restart afterwards it's going to let me choose a special startup option I'm going to use option seven that's going to be disabl driver signature enforcement so I'm going to press seven after doing that your computer will load up Windows and you'll be able to load the driver now I'm going to show you how to do that after restarting the computer with driver signature checking disabled let's go ahead and load the driver so for this I opened a new terminal with administrator rights I'm going to navigate to the driver directory and to load the driver I'm going to actually use the SC command with the create option so I'm going to create a new service I'm going to call it nearest driver I'm going to specify the bin path to be the path to the CIS file of the driver and the type is going to be kernel so you can see that this was created successfully now to start the driver I just run SC start with the driver's name but before doing that let's go ahead and open a program called dbg view you can get dbg view as part of the CIS internal Suite I'll put information in the description on how to install syis internals on your computer but all you got to do is just run this program with administrator rights so run as administrator after opening debug view you'll see something like this you need to go to the capture menu right over here and enable capture kernel and enable verbos kernel output right over here now let's go ahead and clean the output over here with contr X and I can start the driver here so SC start nearest driver and you can see we see the message from the driver right over here after you finish playing around the driver don't forget to delete it so SC delete nearest driver notice that we can't stop the driver so SC stop nearest driver is not going to work because we actually didn't handle the situation of unloading in the code of the driver just going to finish off by saying that the code presented in the video is only for fun and learning purposes and it's definitely not suitable for production also don't forget to restart your computer regularly after you finished playing around the driver so go back to regular driver signature checking subscribe for more programming videos and thanks for watching
Info
Channel: Nir Lichtman
Views: 333,887
Rating: undefined out of 5
Keywords:
Id: GTrekHE8A00
Channel Id: undefined
Length: 7min 25sec (445 seconds)
Published: Sat Dec 02 2023
Related Videos
Diving into Windows Keyboard Driver
Nir Lichtman
80K
Making Minimalist Web Server in C on Linux
Nir Lichtman
232K
i wrote my own memory allocator in C to prove a point
Low Level Learning
354K
5 Signs of an Inexperienced Self-Taught Developer (and how to fix)
Travis Media
614K
UEFI Bootloader: Getting the memory map
Falcon Code
267
Young People Try Windows 98
Linus Tech Tips
5.2M
I made the same game in Assembly, C and C++
Nathan Baggs
670K
Don't remove Windows - do this instead!
Liron Segev
40K
The World Depends on 60-Year-Old Code No One Knows Anymore
Coding with Dee
452K
everything is open source if you can reverse engineer (try it RIGHT NOW!)
Low Level Learning
1.3M
Why You NEED a DRIVER (for hacking games)
cazz
441K
How does an OS boot? //Source Dive// 001
Low Byte Productions
394K
Making a Very Minimal Windows Executable in C
Nir Lichtman
87K
My 2 Year Journey of Learning C, in 9 minutes
VoxelRifts
567K
So You Think You Know Git - FOSDEM 2024
GitButler
1M
how NASA writes space-proof code
Low Level Learning
2.1M
How Does Linux Boot Process Work?
ByteByteGo
569K
Making Simple GUI Window in C on Windows
Nir Lichtman
25K
C++ in 100 Seconds
Fireship
1.8M
I built my own 16-Bit CPU in Excel
Inkbox
1.4M
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.