;本文改编自网上的c/c++代码。
.386
.model flat, stdcall
option casemap:none
include ntddk.inc
include ntoskrnl.inc
includelib ntoskrnl.lib
.code
x dd 1
align 2
szcorrey dw 'W','e','l','l','c','o','m','e',' ','t','o',' ','H','t','t','p',':','/','/','c','o','r','r','e','y','.','w','e','b','s','.','c','o','m',0
align 4
szbody dw sizeof szcorrey -2
dw sizeof szcorrey
dd offset szcorrey
align 2
correy dw 'm','a','d','e',' ','b','y',' ','c','o','r','r','e','y',0
align 4
sztitle dw sizeof correy -2
dw sizeof correy
dd offset correy
p dd offset szbody,offset sztitle,10040h,0
DriverEntry proc pDriverObject:PDRIVER_OBJECT, pusRegistryPath:PUNICODE_STRING
invoke ExRaiseHardError,50000018h,3,3,addr p,1,addr x;把1改为7是在托盘中显示的。两个三可以改为两个1,改为2蓝屏。50000018h改为10000000h的效果你就自己看吧!
mov eax, 0
ret
DriverEntry endp
end DriverEntry
;made at 2011.05.25
没有评论:
发表评论