Locked [VB6] Load Driver Native Version

[dEEpEst]

Hey guys can you with this code a driver (.sys) via VB6 code laden.Noch to this snippet uses Native Apis

 

[LENGUAJE=vb]Option Explicit

Private Declare Sub RtlInitUnicodeString Lib "NTDLL.DLL" (DestinationString As Any, ByVal SourceString As Long)

Private Declare Function NtLoadDriver Lib "NTDLL.DLL" (ByVal DriverServiceName As Long) As Long

Private Declare Function NtUnloadDriver Lib "NTDLL.DLL" (ByVal DriverServiceName As Long) As Long

Private Declare Function RegCreateKeyEx Lib "advapi32.dll" Alias "RegCreateKeyExA" (ByVal hKey As Long, ByVal lpSubKey As String, ByVal Reserved As Long, ByVal lpClass As String, ByVal dwOptions As Long, ByVal samDesired As Long, lpSecurityAttributes As Any, phkResult As Long, lpdwDisposition As Long) As Long

Private Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, lpData As Any, ByVal cbData As Long) As Long

Private Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long

Private Declare Function RegDeleteKey Lib "advapi32.dll" Alias "RegDeleteKeyA" (ByVal hKey As Long, ByVal lpSubKey As String) As Long

Private Declare Function lstrlen Lib "kernel32" Alias "lstrlenA" (ByVal lpString As String) As Long

Private Const TheDrivername As String = "dBlaze"

 

Private Const STATUS_IMAGE_ALREADY_LOADED = &HC000010E

Private Const HKEY_LOCAL_MACHINE = &H80000002

Private Const REG_EXPAND_SZ = 2

Private Const REG_DWORD = 4

Private Const READ_CONTROL = &H20000

Private Const KEY_QUERY_VALUE = &H1

Private Const KEY_SET_VALUE = &H2

Private Const KEY_CREATE_SUB_KEY = &H4

Private Const KEY_ENUMERATE_SUB_KEYS = &H8

Private Const KEY_NOTIFY = &H10

Private Const KEY_CREATE_LINK = &H20

Private Const KEY_ALL_ACCESS = KEY_QUERY_VALUE + KEY_SET_VALUE + KEY_CREATE_SUB_KEY + KEY_ENUMERATE_SUB_KEYS + KEY_NOTIFY + KEY_CREATE_LINK + READ_CONTROL

Private Type UNICODE_STRING

uLength As Integer

uMaximumLength As Integer

pBuffer As Long

End Type

Public Function CHLoadDriver(ByVal lpDriverPath As String, mstrDriverName As String) As Boolean

Dim lngSuccess As Long

Dim hKey As Long

Dim DriverPath As UNICODE_STRING

lpDriverPath = "\??\" & lpDriverPath

lngSuccess = RegCreateKeyEx(HKEY_LOCAL_MACHINE, "System\CurrentControlSet\Services\" & mstrDriverName, 0, vbNullString, 0, KEY_ALL_ACCESS, ByVal 0&, hKey, ByVal 0&)

If lngSuccess 0 Then

Exit Function

End If

lngSuccess = RegSetValueEx(hKey, "Type", 0, REG_DWORD, 1, 4)

If lngSuccess 0 Then

RegCloseKey hKey

Exit Function

End If

lngSuccess = RegSetValueEx(hKey, "ErrorControl", 0, REG_DWORD, 1, 4)

If lngSuccess 0 Then

RegCloseKey hKey

Exit Function

End If

lngSuccess = RegSetValueEx(hKey, "Start", 0, REG_DWORD, 3, 4)

If lngSuccess 0 Then

RegCloseKey hKey

Exit Function

End If

lngSuccess = RegSetValueEx(hKey, "ImagePath", 0, REG_EXPAND_SZ, ByVal lpDriverPath, lstrlen(lpDriverPath)) 'Len(lpDriverPath) '?????len????lenb???????????

If lngSuccess 0 Then

RegCloseKey hKey

Exit Function

End If

 

RtlInitUnicodeString DriverPath, StrPtr("\Registry\Machine\System\CurrentControlSet\Services\" & mstrDriverName)

lngSuccess = NtLoadDriver(VarPtr(DriverPath))

If lngSuccess = STATUS_IMAGE_ALREADY_LOADED Or lngSuccess = 0 Then

CHLoadDriver = True

End If

RegCloseKey hKey

End Function

Public Function CHUnLoadDriver(TheDrivername As String) As Boolean

Dim lngSuccess As Long

Dim DriverPath As UNICODE_STRING

RtlInitUnicodeString DriverPath, StrPtr("\Registry\Machine\System\CurrentControlSet\Services\" & TheDrivername)

lngSuccess = NtUnloadDriver(VarPtr(DriverPath))

lngSuccess = RegDeleteKey(HKEY_LOCAL_MACHINE, "System\CurrentControlSet\Services\" & TheDrivername & "\Enum")

If lngSuccess 0 Then

Exit Function

End If

lngSuccess = RegDeleteKey(HKEY_LOCAL_MACHINE, "System\CurrentControlSet\Services\" & TheDrivername)

CHUnLoadDriver = lngSuccess = 0

End Function[/LENGUAJE]