Add project files.

ioncodes · Nov 28, 2024 · 3e5b9d5 · 3e5b9d5
1 parent c46012d
commit 3e5b9d5
Show file tree

Hide file tree

Showing 4 changed files with 355 additions and 0 deletions.
diff --git a/SilentLoad.sln b/SilentLoad.sln
@@ -0,0 +1,31 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.11.35327.3
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SilentLoad", "SilentLoad\SilentLoad.vcxproj", "{A5D2F9C8-0DC2-4A2D-B72F-2FD5FF740043}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|x64 = Debug|x64
+		Debug|x86 = Debug|x86
+		Release|x64 = Release|x64
+		Release|x86 = Release|x86
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{A5D2F9C8-0DC2-4A2D-B72F-2FD5FF740043}.Debug|x64.ActiveCfg = Debug|x64
+		{A5D2F9C8-0DC2-4A2D-B72F-2FD5FF740043}.Debug|x64.Build.0 = Debug|x64
+		{A5D2F9C8-0DC2-4A2D-B72F-2FD5FF740043}.Debug|x86.ActiveCfg = Debug|Win32
+		{A5D2F9C8-0DC2-4A2D-B72F-2FD5FF740043}.Debug|x86.Build.0 = Debug|Win32
+		{A5D2F9C8-0DC2-4A2D-B72F-2FD5FF740043}.Release|x64.ActiveCfg = Release|x64
+		{A5D2F9C8-0DC2-4A2D-B72F-2FD5FF740043}.Release|x64.Build.0 = Release|x64
+		{A5D2F9C8-0DC2-4A2D-B72F-2FD5FF740043}.Release|x86.ActiveCfg = Release|Win32
+		{A5D2F9C8-0DC2-4A2D-B72F-2FD5FF740043}.Release|x86.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {FB2054AB-CC9E-4B15-B438-B4E89375DCD1}
+	EndGlobalSection
+EndGlobal
diff --git a/SilentLoad/SilentLoad.vcxproj b/SilentLoad/SilentLoad.vcxproj
@@ -0,0 +1,140 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|x64">
+      <Configuration>Debug</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <VCProjectVersion>17.0</VCProjectVersion>
+    <Keyword>Win32Proj</Keyword>
+    <ProjectGuid>{a5d2f9c8-0dc2-4a2d-b72f-2fd5ff740043}</ProjectGuid>
+    <RootNamespace>SilentLoad</RootNamespace>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v143</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v143</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v143</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v143</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="Shared">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <AdditionalDependencies>ntdll.lib;%(AdditionalDependencies)</AdditionalDependencies>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <AdditionalDependencies>ntdll.lib;%(AdditionalDependencies)</AdditionalDependencies>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+      <LanguageStandard_C>stdc17</LanguageStandard_C>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <AdditionalDependencies>ntdll.lib;%(AdditionalDependencies)</AdditionalDependencies>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <AdditionalDependencies>ntdll.lib;%(AdditionalDependencies)</AdditionalDependencies>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemGroup>
+    <ClCompile Include="main.cpp" />
+  </ItemGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>
diff --git a/SilentLoad/SilentLoad.vcxproj.filters b/SilentLoad/SilentLoad.vcxproj.filters
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup>
+    <Filter Include="Source Files">
+      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+      <Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+    </Filter>
+    <Filter Include="Header Files">
+      <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+      <Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
+    </Filter>
+    <Filter Include="Resource Files">
+      <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
+      <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
+    </Filter>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="main.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+  </ItemGroup>
+</Project>
diff --git a/SilentLoad/main.cpp b/SilentLoad/main.cpp
@@ -0,0 +1,162 @@
+#include <Windows.h>
+#include <stdio.h>
+#include <winternl.h>
+#include <strsafe.h>
+
+#define SERVICE_NAME L"SilentLoad"
+#define DRIVER_PATH L"\\??\\C:\\Windows\\System32\\drivers\\SilentLoad.sys"
+
+typedef NTSTATUS(NTAPI* _NtLoadDriver)(PUNICODE_STRING DriverServiceName);
+
+static _NtLoadDriver NtLoadDriver = NULL;
+
+static bool GrantPrivilege(LPCTSTR privilege)
+{
+	HANDLE Token;
+	TOKEN_PRIVILEGES TokenPrivileges;
+	LUID Luid;
+
+	if (!LookupPrivilegeValueW(NULL, SE_LOAD_DRIVER_NAME, &Luid))
+		return false;
+
+	if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &Token))
+		return false;
+
+	TokenPrivileges = { 0 };
+	TokenPrivileges.PrivilegeCount = 1;
+	TokenPrivileges.Privileges[0].Luid = Luid;
+	TokenPrivileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
+
+	if (!AdjustTokenPrivileges(Token, FALSE, &TokenPrivileges, sizeof(TOKEN_PRIVILEGES), NULL, NULL) 
+		|| GetLastError() == ERROR_NOT_ALL_ASSIGNED)
+	{
+		CloseHandle(Token);
+		return false;
+	}
+
+	CloseHandle(Token);
+
+	return true;
+}
+
+static _NtLoadDriver ResolveNtLoadDriver()
+{
+	HMODULE Handle;
+
+	Handle = GetModuleHandleW(L"ntdll.dll");
+	if (!Handle)
+		return NULL;
+
+	return (_NtLoadDriver)GetProcAddress(Handle, "NtLoadDriver");
+}
+
+static bool AddService(LPCWSTR ServiceName, LPCWSTR DriverPath)
+{
+	HKEY ServicesKey;
+	DWORD ImagePathLength;
+	DWORD ServiceType;
+	DWORD ServiceStartType;
+	DWORD ServiceErrorControl;
+	DWORD ServiceNameLength;
+
+	if (!NT_SUCCESS(RegOpenKeyExW(HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Services", 0, KEY_ALL_ACCESS, &ServicesKey)))
+		goto Error;
+
+	if (!NT_SUCCESS(RegCreateKeyW(ServicesKey, ServiceName, &ServicesKey)))
+		goto Error;
+
+	ImagePathLength = (wcslen(DriverPath) + 1) * sizeof(WCHAR);
+	if (!NT_SUCCESS(RegSetValueExW(ServicesKey, L"ImagePath", 0, REG_EXPAND_SZ, (LPBYTE)DriverPath, ImagePathLength)))
+		goto Error;
+
+	ServiceType = SERVICE_KERNEL_DRIVER;
+	if (!NT_SUCCESS(RegSetValueExW(ServicesKey, L"Type", 0, REG_DWORD, (LPBYTE)&ServiceType, sizeof(ServiceType))))
+		goto Error;
+
+	ServiceStartType = SERVICE_DEMAND_START;
+	if (!NT_SUCCESS(RegSetValueExW(ServicesKey, L"Start", 0, REG_DWORD, (LPBYTE)&ServiceStartType, sizeof(ServiceStartType))))
+		goto Error;
+
+	ServiceErrorControl = SERVICE_ERROR_NORMAL;
+	if (!NT_SUCCESS(RegSetValueExW(ServicesKey, L"ErrorControl", 0, REG_DWORD, (LPBYTE)&ServiceErrorControl, sizeof(ServiceErrorControl))))
+		goto Error;
+
+	ServiceNameLength = (wcslen(ServiceName) + 1) * sizeof(WCHAR);
+	if (!NT_SUCCESS(RegSetValueExW(ServicesKey, L"DisplayName", 0, REG_SZ, (LPBYTE)ServiceName, ServiceNameLength)))
+		goto Error;
+
+	RegCloseKey(ServicesKey);
+
+	return true;
+
+Error:
+	RegCloseKey(ServicesKey);
+
+	return false;
+}
+
+static bool RemoveService(LPCWSTR ServiceName)
+{
+	WCHAR RegistryPath[MAX_PATH];
+
+	StringCchPrintfW(RegistryPath, ARRAYSIZE(RegistryPath), L"SYSTEM\\CurrentControlSet\\Services\\%s", ServiceName);
+
+	return NT_SUCCESS(RegDeleteTreeW(HKEY_LOCAL_MACHINE, RegistryPath));
+}
+
+static bool LoadDriver(LPCWSTR ServiceName)
+{
+	UNICODE_STRING DriverServiceName;
+	WCHAR Buffer[MAX_PATH];
+	NTSTATUS Status;
+
+    StringCchPrintfW(Buffer, ARRAYSIZE(Buffer), L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\%s", ServiceName);
+	RtlInitUnicodeString(&DriverServiceName, Buffer);
+
+	Status = NtLoadDriver(&DriverServiceName);
+	if (Status == 0xC000010E)
+	{
+		printf("Driver already loaded\n");
+		return true;
+	}
+
+	return NT_SUCCESS(Status);
+
+}
+
+int main(int argc, char* argv[])
+{
+	if (!GrantPrivilege(SE_LOAD_DRIVER_NAME))
+	{
+		printf("Failed to grant privilege\n");
+		goto End;
+	}
+
+	NtLoadDriver = ResolveNtLoadDriver();
+	if (!NtLoadDriver)
+	{
+		printf("Failed to resolve NtLoadDriver\n");
+		goto End;
+	}
+
+	printf("NtLoadDriver: 0x%p\n", NtLoadDriver);
+
+	if (!AddService(SERVICE_NAME, DRIVER_PATH))
+	{
+		printf("Failed to add service\n");
+		goto End;
+	}
+
+	if (!LoadDriver(SERVICE_NAME))
+	{
+		printf("Failed to load driver\n");
+		goto End;
+	}
+
+
+End:
+	if (!RemoveService(SERVICE_NAME))
+		printf("Failed to remove service\n");
+
+	return 0;
+}