none
How to use WDK header files in My project ? RRS feed

  • Question

  • Hi,

    I am learning about creating Drivers and i downloaded WDK form Mircosoft's Official Website and now i have it but i do not know how to add the header files of WDK to my Project like 'ntddk.h' and other headers. Do i need to make any changes to the Project Properties if so what are they. 

    Warm Regards,
    Cyberwarfare
    Wednesday, January 2, 2013 8:26 AM

Answers

  • so what other possibility is there so we can make sure the user cannot take or stop the program.

    Users won't be able to stop your program if it won't be running on their machines _at all_.

    Just install a web proxy and do all your spying, filtering and reporting there. Set up the client machines to auto-detect the proxy.

    -- pa


    • Edited by Pavel A Wednesday, January 2, 2013 9:54 PM
    • Marked as answer by Doron Holan [MSFT] Wednesday, January 2, 2013 10:08 PM
    Wednesday, January 2, 2013 9:53 PM

All replies

  • Hello,

    It depends on your IDE...
    Each IDE has properties to add "generic" include dirs to the IDE.

    Thanks,

    Alon

    Wednesday, January 2, 2013 9:25 AM
  • I use Visual Studio 2012 Ultimate. What do i need to do to use those header files
    Wednesday, January 2, 2013 10:47 AM
  • Did you install the WDK and if so is there a drivers menu in Visual Studio?  If the previous statements are true create a new project with one of the driver types.  If the drivers menu is not present reinstall the WDK.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com Blog: http://msmvps.com/blogs/WinDrvr

    Wednesday, January 2, 2013 12:19 PM
  • Hi,

    You can simply right click on a project-->Configuration Properties-->VC++ Directories and add it to "Include Directories"

    http://msdn.microsoft.com/en-us/library/vstudio/ee855621.aspx

    Alon

    Wednesday, January 2, 2013 12:35 PM
  • But what do i need to put to add those headers
    Wednesday, January 2, 2013 1:16 PM
  • The reason I said use the driver project is getting the various #defines and settings needed for the kernel includes is not something you want to try yourself.  So setup a driver project of the type you need, then add the includes as needed, trying to do this by project settings without using the assists of the driver projects is asking for trouble.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com Blog: http://msmvps.com/blogs/WinDrvr

    Wednesday, January 2, 2013 1:41 PM
  • Don is right. The best route to take is to start with a new driver project from file | new | project and choose a driver project (kmdf, umdf, etc) and go from there.


    d -- This posting is provided "AS IS" with no warranties, and confers no rights.

    Wednesday, January 2, 2013 3:30 PM
  • But can i include standard C++ codes and stuff. Like Networking and Windows GUI

    EDIT : I started a New Project now i can use ntddk.h but not Windows.h and Winsock.h 


    • Edited by Sunder Hamu Wednesday, January 2, 2013 3:58 PM
    Wednesday, January 2, 2013 3:37 PM
  • Well things like ntddk.h are for the kernel, you can use a limited set of C++ in the kernel and that is it.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com Blog: http://msmvps.com/blogs/WinDrvr

    Wednesday, January 2, 2013 3:40 PM
  • Oh okay thanks about that i will try find a different Path
    Wednesday, January 2, 2013 4:53 PM
  • What is it you are trying to do that makes you think you need C++ for a driver?


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com Blog: http://msmvps.com/blogs/WinDrvr

    Wednesday, January 2, 2013 4:56 PM
  • Thanks for taking Interest in my Project : ,

    I am trying to Hook a Process ZwQuerySystemInformation() to hide a Program from the Standard User but not the Admin since  i am developing a Children's Application. Sorry but, I just realized i could have used a DLL instead of creating a Driver for it. 

    I was going to make a Safe level Ring0 Root-kit (Lowest Level Root-kit that can be made). This Root-Kit is not going to be malicious since the Administrator may close the Root-Kit system when ever he or She wants too. 

    We need to hide the Application is because it is used to monitor what the child is doing and the details (IT WILL NOT COLLECT LOG IN DATA BUT THE WEBSITES THE STUDENT HAS VISITED ) will be logged in a File and will be remotely downloaded into the Administrators Computer so that they can analyze the thing which the Children are going.

    Regards,

    Cyberwarfare

    Wednesday, January 2, 2013 7:02 PM
  • Sorry but if you hook in the kernel you are going to be malicious.  There are a number of problems with the kernel scheme:

    1.  Once you set the hook you cannot unset it

    2. For 64-bit system you cannot set the hook without hacking the system and most of the examples out there just open the kernel for everyone

    3. The documentation for ZwQuerySystemInformation that you find on the web is very wrong, there are options that are not documented and options that are documented that no longer do what was described.

    So when you claim a safe level Ring0 root-kit, there is no such thing. 

    You should be able to do this as you note in user space, just be aware that trying to manage ZwQuerySystemInformation (versus the calls that are documented that use it) will give you problems.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com Blog: http://msmvps.com/blogs/WinDrvr

    Wednesday, January 2, 2013 7:11 PM
  • Yes you may be right.

    Thanks for the info so what other possibility is there so we can make sure the user cannot take or stop the program.

    Also When i mean Safe Root-kit i mean by allowing a Remover for our Root-kit but again since you said You said the hook cannot be taken out we need to find a different way LOL. BTW is there any other possible way to make a safe thing like our program if so please tell me.

    EDIT : I am having Problems Running my Hello World Driver Application in Visual Studio 2012 Ultimate ( I am not used to using 2012 nor 2010 since i use Qt ) How to Compile and Run my Hello world app please help Code :

    #include<ntddk.h>
    
    NTSTATUS DriverEntry( IN PDRIVER_OBJECT theDriverObject,
    IN PUNICODE_STRING theRegistryPath )
    {
    	DbgPrint("Hello World!");
    	return STATUS_SUCCESS;
    }

    • Edited by Sunder Hamu Wednesday, January 2, 2013 7:36 PM
    Wednesday, January 2, 2013 7:31 PM