Its very simple. You just need to create three files.
sources [No extension please]
TARGETNAME = driver
TARGETPATH = obj
TARGETTYPE = DRIVER
INCLUDES = %BUILD%\inc
LIBS = %BUILD%\lib
SOURCES = driver.c
makefile [No extension please]
!INCLUDE $(NTMAKEENV)\makefile.def
Driver.c [You can choose any name, it should just match with 'sources' file entry]
#include <ntddk.h>
VOID DriverUnload(PDRIVER_OBJECT pDriverObject)
{
DbgPrint("Driver unloading\n");
}
NTSTATUS DriverEntry(PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath)
{
DbgPrint("Hello, World\n");
DriverObject->DriverUnload = DriverUnload;
return STATUS_SUCCESS;
}
How to compile ??
Just install DDK
use Build env and choose the specific platform
go to directory where you have all these above 3 files.
run build command. That's It. You must get your SYS. Look around :)
Now, how to Load/Test ?
Simple, we will use Windows Service manager for it (as of now)
open command prompt (i am doing this on Windows XP)
run sc create driver binPath= c:\driver.sys type= kernel
[here the driver is the driver name (you can choose any name) and i have pasted my SYS file in C driver. Choose the path where your SYS file is]
That's it Done. ;)
How to Load this driver?
Now open the command prompt and run command net start driver
[here driver is my driver name, you can choose your name]
That's it. If you are running DebugView, you can see "hello, world" in your view.
How to unload this driver?
Just run net stop driver
[here, driver is my driver name, you can choose any name]
That;s it. If you are running DebugView, you can see 'driver unloading' statement in your view.
Is not that simple !! :)
