int main(int argc, char **argv) {
char *name;
DWORD outcb;
int i;
DWORD base = strtoul(argv[1], NULL, 0);
name = (char *) malloc(1024);
vm_mark_buf_in(&base, 4);
vm_mark_buf_in(&name, 4);
outcb = GetDeviceDriverFileName(base, name, 1024);
vm_mark_buf_out(name, 1024);
printf("%s\n", name);
return 0;
}
void GetKernelModulePaths(PVOID* modules, DWORD count, std::vector<ProcessModule>& procModules)
{
for(DWORD i = 0; i < count; ++i)
{
// for each driver get its filename and convert it into a "normal" windows path
WCHAR modPath[MAX_PATH] = {0};
if(GetDeviceDriverFileName(modules[i], modPath, MAX_PATH))
{
std::wstring dosPath = NTPathToDosPath(modPath);
procModules.push_back(ProcessModule(modules[i], dosPath));
}
}
}
void enumLoadedDrivers(std::map<std::string, std::string>& loadedDrivers) {
DWORD bytesNeeded = 0;
int driversCount = 0;
auto ret = EnumDeviceDrivers(nullptr, 0, &bytesNeeded);
auto drvBaseAddr = static_cast<LPVOID*>(malloc(bytesNeeded));
if (drvBaseAddr == nullptr) {
TLOG << "enumLoadedDrivers failed to allocate required memory ("
<< bytesNeeded << ")";
return;
}
ret = EnumDeviceDrivers(drvBaseAddr, bytesNeeded, &bytesNeeded);
driversCount = bytesNeeded / sizeof(drvBaseAddr[0]);
if (ret && (driversCount > 0)) {
auto driverPath = static_cast<LPSTR>(malloc(MAX_PATH + 1));
auto driverName = static_cast<LPSTR>(malloc(MAX_PATH + 1));
ZeroMemory(driverPath, MAX_PATH + 1);
ZeroMemory(driverName, MAX_PATH + 1);
for (size_t i = 0; i < driversCount; i++) {
if (GetDeviceDriverBaseName(drvBaseAddr[i], driverName, MAX_PATH) != 0) {
if (GetDeviceDriverFileName(drvBaseAddr[i], driverPath, MAX_PATH) !=
0) {
// Removing file extension
auto fileExtension = strrchr(driverName, '.');
*fileExtension = '\0';
loadedDrivers[driverName] = driverPath;
} else {
loadedDrivers[driverName] = "";
}
} else {
TLOG << "GetDeviceDriverFileName failed (" << GetLastError() << ")";
}
}
free(driverPath);
free(driverName);
} else {
TLOG << "EnumDeviceDrivers failed; array size needed is" << bytesNeeded;
}
free(drvBaseAddr);
}
