IsInjectionDriverRunning returns always FALSE on win7 32bit
IsInjectionDriverRunning returns always FALSE on win7 32bit
Hi,
I've tried to check driver is running or not by calling IsInjectionDriverRunning
That API works well on win 7 64bit, win 8 64bit. But return always FALSE(whether driver is running perfectly or not) on win7 32bit
Is there any constraints to using the API? (something like madconfig option, etc...)
I'm currently using ver 3.1.10
Sorry for my bad english
Sincerely,
I've tried to check driver is running or not by calling IsInjectionDriverRunning
That API works well on win 7 64bit, win 8 64bit. But return always FALSE(whether driver is running perfectly or not) on win7 32bit
Is there any constraints to using the API? (something like madconfig option, etc...)
I'm currently using ver 3.1.10
Sorry for my bad english
Sincerely,
Re: IsInjectionDriverRunning returns always FALSE on win7 32
Hi there,
you may need to be admin. Are you? The code is very simple. Here's the Delphi code:
you may need to be admin. Are you? The code is very simple. Here's the Delphi code:
Code: Select all
function IsInjectionDriverRunning(driverName: PWideChar) : bool; stdcall;
var fh : THandle;
begin
EnableAllPrivileges;
fh := CreateFileW(PWideChar('\\.\' + UnicodeString(driverName)), GENERIC_READ, FILE_SHARE_READ or FILE_SHARE_WRITE, nil, OPEN_EXISTING, 0, 0);
result := fh <> INVALID_HANDLE_VALUE;
if result then
CloseHandle(fh);
end;
Re: IsInjectionDriverRunning returns always FALSE on win7 32
Sure, my program requires admin execution level and I have run with admin
There is no issues when call LoadInjectionDriver, InjectLibraryW and works well,
IsInjectionDriverRunning returns right result on 64bit OS.
But, Only Win7 32bit returns always FALSE whether driver is running or not
(I didn't tested Win 8 or higher 32bit. neither XP)
Here is my driver loading code,
And my cheking code
There is no issues when call LoadInjectionDriver, InjectLibraryW and works well,
IsInjectionDriverRunning returns right result on 64bit OS.
But, Only Win7 32bit returns always FALSE whether driver is running or not
(I didn't tested Win 8 or higher 32bit. neither XP)
Here is my driver loading code,
Code: Select all
InitializeMadCHook();
if(LoadInjectionDriver(DEF_MWPGHK_NAME, DEF_MWPGHK_DRV32_FILENAME, DEF_MWPGHK_DRV64_FILENAME))
{
if(!InjectLibraryW(DEF_MWPGHK_NAME, DEF_MWPGHK_DLL32_FILENAME, ALL_SESSIONS, true, hookWhiteList))
{
DWORD dwError = GetLastError();
g_LM.WriteLogW(L"Failed to load x86 DLL: %s : %d, 0x%X\n", DEF_MWPGHK_DLL32_FILENAME, dwError, dwError);
nRet = dwError;
}
if(b64BitOS == TRUE)
{
if(!InjectLibraryW(DEF_MWPGHK_NAME, DEF_MWPGHK_DLL64_FILENAME, ALL_SESSIONS, true, hookWhiteList))
{
DWORD dwError = GetLastError();
g_LM.WriteLogW(L"Failed to load x64 DLL: %s : %d, 0x%X\n", DEF_MWPGHK_DLL64_FILENAME, dwError, dwError);
nRet = dwError;
}
}
}
else
{
DWORD dwError = GetLastError();
g_LM.WriteLogW(L"Failed to Load Driver : %d, 0x%X\n", dwError, dwError);
nRet = dwError;
}
FinalizeMadCHook();
Code: Select all
if(IsInjectionDriverRunning(DEF_MWPGHK_NAME) == TRUE)
{
DWORD dwError = GetLastError();
g_LM.WriteLogW(L"Hooking Driver is working well~: %d, 0x%X\n", dwError, dwError);
}
else
{
DWORD dwError = GetLastError();
g_LM.WriteLogW(L"Hooking Driver is NOT Running : %d, 0x%X\n", dwError, dwError);
nRet = dwError;
}
Re: IsInjectionDriverRunning returns always FALSE on win7 32
Well, you have the source code is IsInjectionDriverRunning. So I suppose CreateFile fails for you? What does GetLastError say after CreateFile fails?
Re: IsInjectionDriverRunning returns always FALSE on win7 32
Oh, Sorry. I didn't get it.
When I've tested with driver file names(DEF_MWPGHK_DRV32_FILENAME, DEF_MWPGHK_DRV64_FILENAME in my code),
It returns valid file handle(not INVALID_HANDLE_VALUE) and GetLastError() value is 0.
And with driver name(DEF_MWPGHK_NAME), It returns INVALID_HANDLE_VALUE) and error value is 2.
Of course, driver name is different from driver file name and not really exists in folder.
When I've tested with driver file names(DEF_MWPGHK_DRV32_FILENAME, DEF_MWPGHK_DRV64_FILENAME in my code),
It returns valid file handle(not INVALID_HANDLE_VALUE) and GetLastError() value is 0.
And with driver name(DEF_MWPGHK_NAME), It returns INVALID_HANDLE_VALUE) and error value is 2.
Of course, driver name is different from driver file name and not really exists in folder.
Re: IsInjectionDriverRunning returns always FALSE on win7 32
Opening with the real file name means you're checking if the file exists on the harddisk.
Opening with the driver name means you're checking if the driver is running.
And error code of 2 means ERROR_FILE_NOT_FOUND, which suggests that your driver was most probably *not* running, or there's an error with the driver name. Other than that, the only thing coming to my mind would be a Windows bug or something.
Opening with the driver name means you're checking if the driver is running.
And error code of 2 means ERROR_FILE_NOT_FOUND, which suggests that your driver was most probably *not* running, or there's an error with the driver name. Other than that, the only thing coming to my mind would be a Windows bug or something.