#I failed to learn how to create a Windows Driver Kernel...

11 messages · Page 1 of 1 (latest)

night egret
#

Hello, I'm learning C/C++ as part of an internship. I've been asked to create a Windows Driver Kernel which has to communicate with a Python application using IOCTL (I'm much better at Python than C/C++). The first step is to carry out a very simple communication where the Python application asks the WDK for a ping and the driver answers "pong" (To carry out a very simple heartbeat).

For my part, I concentrated on C, which should be easier to learn/understand.

Based on what I can see here: https://github.com/microsoft/Windows-driver-samples I set up this little solution:

GitHub
GitHub - microsoft/Windows-driver-samples: This repo contains drive...

This repo contains driver samples prepared for use with Microsoft Visual Studio and the Windows Driver Kit (WDK). It contains both Universal Windows Driver and desktop-only driver samples. - micros...

sharp gyroBOT
#

When your question is answered use !solved to mark the question as resolved.

Remember to ask specific questions, provide necessary details, and reduce your question to its simplest form. For tips on how to ask a good question use !howto ask.

night egret
# 
NTSTATUS DeviceControlDispatch(PDEVICE_OBJECT DeviceObject, PIRP Irp)
{
    UNREFERENCED_PARAMETER(DeviceObject);
    PIO_STACK_LOCATION irpStack = IoGetCurrentIrpStackLocation(Irp);
    NTSTATUS status = STATUS_SUCCESS;

    switch (irpStack->Parameters.DeviceIoControl.IoControlCode)
    {
    case IOCTL_PING:
        PWCHAR message = L"ping";
        SIZE_T stringLength = wcslen(message);

        RtlCopyMemory(Irp->AssociatedIrp.SystemBuffer, message, (stringLength * sizeof(WCHAR)));
        Irp->IoStatus.Information = (stringLength * sizeof(WCHAR));
        break;
    default:
        status = STATUS_INVALID_PARAMETER;
        break;
    }

    Irp->IoStatus.Status = status;
    IoCompleteRequest(Irp, IO_NO_INCREMENT);
    return status;
}```

In python I do something like this:

```py
driver_path = r"\\.\test"
 
driver_handle = ctypes.windll.kernel32.CreateFileW(
    ctypes.c_wchar_p(driver_path),
    ctypes.c_uint32(0xC0000000),  # GENERIC_READ | GENERIC_WRITE
    ctypes.c_uint32(0),
    None,
    ctypes.c_uint32(3),  # OPEN_EXISTING
    ctypes.c_uint32(0),
    None
)
 
if driver_handle != -1:
    ping_response = ctypes.create_unicode_buffer(256)
    bytes_returned = ctypes.c_ulong(0)
 
    result = ctypes.windll.kernel32.DeviceIoControl(
        driver_handle,
        IOCTL_PING,
        None,
        ctypes.c_ulong(0),
        ping_response,
        ctypes.sizeof(ping_response),
        ctypes.byref(bytes_returned),
        None
    )
    if result != 0:
        print("Ping response:", ping_response.value)```



My problem comes from RtlCopyMemory, that generates me a BSOD, as if my driver was not able to inject in the buffer allocated by python...I would really like to understand my error and I have already posted my problem on several servers / forums (grouping different types of discussion) but nobody knows how to help me ...I would like to understand, for that I made many test but without results.
#

(I know that learning C/C++ by starting with this kind of project is not a good method but I have no choice, I haven't decided)

night egret
#

bump

jade halo
#

if you have a bsod you could check the crash dump to see what happens

#

I wouldn't know though

#

is the pointer address passed into the C "Irp" correct ?

#

verify that the address allocated in python and C are identical

#

@night egret

night egret
#

For the moment i can't check it (i will be able in 3 hours, but i will