static LPVOID GetDriverImageBase(PCHAR BaseName) { LPVOID* BaseAddresses; LPVOID lpDriverAddr = NULL; DWORD cbNeeded; ULONG i; // How many drivers are there ? EnumDeviceDrivers(NULL, 0, &cbNeeded); // Alloc memory BaseAddresses = (LPVOID*)malloc(sizeof(LPVOID)*cbNeeded / sizeof(LPVOID)); // Get drivers! if(!EnumDeviceDrivers(BaseAddresses,cbNeeded,&cbNeeded)) return NULL; // Check names for(i = 0; i < cbNeeded / sizeof(LPVOID); i++) { CHAR FileName[MAX_PATH]; GetDeviceDriverBaseNameA(BaseAddresses[i], FileName, sizeof(FileName)); // Is this it? if(!_stricmp(FileName, BaseName)) { // Yep! lpDriverAddr = BaseAddresses[i]; break; } } // Free and return free(BaseAddresses); return lpDriverAddr; }
DWORD WINAPI GetDeviceDriverBaseNameW( LPVOID ImageBase, LPWSTR lpFilename, DWORD nSize ) /*++ Routine Description: This function retrieves the full pathname of the executable file from which the specified module was loaded. The function copies the null-terminated filename into the buffer pointed to by the lpFilename parameter. Routine Description: ImageBase - Identifies the driver whose executable file name is being requested. lpFilename - Points to the buffer that is to receive the filename. nSize - Specifies the maximum number of characters to copy. If the filename is longer than the maximum number of characters specified by the nSize parameter, it is truncated. Return Value: The return value specifies the actual length of the string copied to the buffer. A return value of zero indicates an error and extended error status is available using the GetLastError function. Arguments: --*/ { LPSTR lpstr; DWORD cch; DWORD cchT; lpstr = (LPSTR) LocalAlloc(LMEM_FIXED, nSize); if (lpstr == NULL) { return(0); } cchT = cch = GetDeviceDriverBaseNameA(ImageBase, lpstr, nSize); if (cchT < nSize) { // // Include NULL terminator // cchT++; } if (!MultiByteToWideChar(CP_ACP, 0, lpstr, cchT, lpFilename, nSize)) { cch = 0; } LocalFree((HLOCAL) lpstr); return(cch); }
void InfoDrivers() { HMODULE hPSAPI = LoadLibraryA("psapi.dll"); if (NULL != hPSAPI) { pfnEnumDeviceDrivers EnumDeviceDrivers = (pfnEnumDeviceDrivers) GetProcAddress(hPSAPI, "EnumDeviceDrivers"); pfnGetDeviceDriverNameA GetDeviceDriverBaseNameA = (pfnGetDeviceDriverNameA) GetProcAddress(hPSAPI, "GetDeviceDriverBaseNameA"); pfnGetDeviceDriverNameA GetDeviceDriverFileNameA = (pfnGetDeviceDriverNameA) GetProcAddress(hPSAPI, "GetDeviceDriverFileNameA"); if (NULL != EnumDeviceDrivers && NULL != GetDeviceDriverBaseNameA && NULL != GetDeviceDriverFileNameA) { LPVOID * drivers = NULL; DWORD needed = 0; EnumDeviceDrivers(NULL, 0, &needed); drivers = (LPVOID*) malloc(needed); if (EnumDeviceDrivers(drivers, needed, &needed)) { DWORD i; char windir[NtfsMaxPath] = {0}; if (!GetWindowsDirectoryA(windir, NtfsMaxPath)) { xstrcat(windir, NtfsMaxPath, "C:\\Windows"); } ConsoleIOPrint("Drivers : \n"); for (i = 0; i < needed / sizeof(LPVOID); ++i) { char name[NtfsMaxPath] = {0}; if (GetDeviceDriverFileNameA(drivers[i], name, NtfsMaxPath) || GetDeviceDriverBaseNameA(drivers[i], name, NtfsMaxPath)) { VersionInfo info; char full[NtfsMaxPath] = {0}; char * path = name; if (0 == memcmp(path, "\\??\\", 4)) { path += 4; } if (0 == memcmp(path, "\\SystemRoot\\", xstrlen("\\SystemRoot\\"))) { xstrcat(full, NtfsMaxPath, windir); xstrcat(full, NtfsMaxPath, path + xstrlen("\\SystemRoot\\") - 1); } else if (0 == memcmp(path, "\\WINDOWS\\", xstrlen("\\WINDOWS\\")) || 0 == memcmp(path, "\\Windows\\", xstrlen("\\Windows\\"))) { xstrcat(full, NtfsMaxPath, windir); xstrcat(full, NtfsMaxPath, path + xstrlen("\\WINDOWS\\") - 1); } else { if (NULL == xstrchr(path, '\\')) { xstrcat(full, NtfsMaxPath, windir); xstrcat(full, NtfsMaxPath, "\\system32\\drivers\\"); xstrcat(full, NtfsMaxPath, path); } else { xstrcat(full, NtfsMaxPath, path); } } GetVersionInfo(full, &info); ConsoleIOPrintFormatted("%s, %s, %s, %s\n", full, info.FileDescription, info.CompanyName, info.ProductVersion); } } } } FreeLibrary(hPSAPI); } }