Results 1 to 2 of 2

Thread: writing a new driver for a certain protection

  1. #1
    ::[ Reverse Engineer ]:: OHPen's Avatar
    Join Date
    Nov 2002
    Location
    .text
    Posts
    399
    Blog Entries
    5

    writing a new driver for a certain protection

    Hoi,

    actually im messing aroung with themdia. As most of you guys know Themida is using oreans.sys or oreans32.sys as device driver to hook some API's and doing some antidebug stuff, etc.

    I'm interested in recode this *.sys completly.

    Actually im reading "THE FUCK A LOT" in windows driver development kit docu.
    First i will try to determine what kind of driver i need.
    As written in ddk docu:

    There are three kinds of WDM drivers:

    Bus drivers, which drive an I/O bus and provide per-slot functionality that is device-independent.

    Function drivers, which drive an individual device.

    Filter drivers, which filter I/O requests for a device, a class of devices, or a bus.


    These three driver types are seperated.
    If i follow myself i would swear i have to code a function driver, but im not sure atm. Can someone cover my assumption ?

    Thanks for your help,

    OHPen aka PAPiLLiON

  2. #2
    ::[ Reverse Engineer ]:: OHPen's Avatar
    Join Date
    Nov 2002
    Location
    .text
    Posts
    399
    Blog Entries
    5
    Hi,

    you can close the thread. I have found what i need.
    These driver types are logical one.
    They are using all the same coding skeleton.

    Thx anyway,

    OHPen.

Similar Threads

  1. Reversing a Win driver and writing one for Linux
    By Darkelf in forum Advanced Reversing and Programming
    Replies: 7
    Last Post: April 24th, 2012, 23:33
  2. writing own plugins/tools
    By blank in forum Advanced Reversing and Programming
    Replies: 11
    Last Post: May 13th, 2005, 20:26
  3. An unusual driver based Time-trial protection
    By Kayaker in forum Advanced Reversing and Programming
    Replies: 4
    Last Post: March 12th, 2005, 01:50
  4. IDA IDC/plugin writing
    By crassy in forum Tools of Our Trade (TOT) Messageboard
    Replies: 0
    Last Post: January 13th, 2003, 09:14
  5. SOFTICE is writing to my disk!!!!
    By Bratsch in forum Malware Analysis and Unpacking Forum
    Replies: 2
    Last Post: December 10th, 2000, 12:05

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •