loading driver in program

Post here questions, problems and suggestions in English language
  • Ok. I loot to dll.inc and see there

    Code: Select all

    proc load_driver stdcall, driver_name:dword
    . And have next question: Is filename in with i compile driver important?
  • I found problem
    first - in fmon drivername must be only in uppercase
    second - in fmondrv 'version' must be 00050005
    third - in fmondrv in hook proc - replace

    Code: Select all

    cmp<--->byte [edx], 0xFF^M
    <------>jnz<--->.cont^M
    <------>cmp<--->byte [edx+1], 0x14^M
    <------>jnz<--->.cont^M
    <------>cmp<--->byte [edx+2], 0xBD
    <------>jz<---->.found^M
    [code]
    with 
    [code]
    cmp<--->byte [edx], 0xFF^M
    <------>jnz<--->.cont^M
    <------>cmp<--->byte [edx+1], 0x14^M
    <------>jnz<--->.cont^M
    <------>cmp<--->byte [edx+2], 0x85
    <------>jz<---->.found^M
    
  • Who is online

    Users browsing this forum: No registered users and 4 guests