发表新帖
发表新帖

Create a process from a driver

后端 未结
关注
3 1322
被撕碎了的回忆
被撕碎了的回忆 2021-01-13 09:11

Is there a way to create a user-mode process from kernel-mode on Windows NT platform (XP-W7)?

EDIT: I must install only the driver. This is a specific of the project

相关标签:
3条回答
  • 旧时难觅i
    2021-01-13 09:21

    I don't know an easier way to achieve this. But what about having a Windows service running which makes an overlapped DeviceIoControl into your driver? On return the service could examine the data it has received from the driver and start the according application.

    0 讨论(0)
  • 感情败类
    2021-01-13 09:33

    To create a valid win32 process the driver must communicate with CSRSS (what is completely undocumented). So I ended up by queuing a user-mode APC and allocating virtual memory for the APC code in the context of the existing win32 process (that code will call CreateProcess and do the job).

    It is a tricky way but it works.

    0 讨论(0)
  • 无人及你
    2021-01-13 09:41

    This can't be directly done - Creating a win32 process requires some set up by the user mode part of CreateProcess, not just creating the process object in kernel mode.

    You need some user mode code here - either a service, a desktop app, or so on, to launch the your user mode application.

    0 讨论(0)
 看不清?
提交回复
热议问题