Post here questions, problems and suggestions in English language
-
-
- Posts 32
- Joined: Sat Feb 23, 2008 12:24 am
Hi. I read this article
http://diamondz.land.ru/writedrv.htm and try to do the same.
The first problem was that program didn't see console:
i replace
with
Code: Select all
dll_name db '/rd/1/lib/console.obj',0
and now i have console with "can't load driver" message. How can i fix it? i use
http://diamondz.land.ru/distr/kolibri_1 ... az_eng.htm . I copy compiled driver to /rd/1/drivers/myfd.obj .
Some options with which i compile myfd.obj:
Code: Select all
...
OS_BASE equ 0x80000000
new_app_base equ 0x0
...
version dd 0x00040004
my_service db 'fmondrv',0
For compilation i use fasm for Linux. Also i attach archive with all files i experiment.
-
Attachments
-
-
Downloaded 317 times
-
- Posts 32
- Joined: Sat Feb 23, 2008 12:24 am
Ok. I loot to dll.inc and see there
Code: Select all
proc load_driver stdcall, driver_name:dword
. And have next question: Is filename in with i compile driver important?
-
- Posts 32
- Joined: Sat Feb 23, 2008 12:24 am
I found problem
first - in fmon drivername must be only in uppercase
second - in fmondrv 'version' must be 00050005
third - in fmondrv in hook proc - replace
Code: Select all
cmp<--->byte [edx], 0xFF^M
<------>jnz<--->.cont^M
<------>cmp<--->byte [edx+1], 0x14^M
<------>jnz<--->.cont^M
<------>cmp<--->byte [edx+2], 0xBD
<------>jz<---->.found^M
[code]
with
[code]
cmp<--->byte [edx], 0xFF^M
<------>jnz<--->.cont^M
<------>cmp<--->byte [edx+1], 0x14^M
<------>jnz<--->.cont^M
<------>cmp<--->byte [edx+2], 0x85
<------>jz<---->.found^M
Users browsing this forum: No registered users and 4 guests