[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

file input/output Hook for Windows

Posted on 2004-11-15
16
Medium Priority
?
346 Views
Last Modified: 2010-04-17
Dear Viewer,
  I was wondering if anyone has any examples or tutorial or just source code for a program to deal with the windows file input/output hook. I mean I've seen such software that can be controlled by another program to be un-writable or un-readable, and I really want some sort of source code for such. If anyone has anything that is close to wat I described, please respond.

Thank you in advance,
CodeX-V3
0
Comment
Question by:CodeX-V3
  • 7
  • 5
  • 4
16 Comments
 
LVL 8

Expert Comment

by:mugman21
ID: 12590481
I assume your looking for a WDM file system filter hook driver.... I have the source to a driver burried some where , I'll try and see  if I can locate it.

Mugman
0
 
LVL 3

Expert Comment

by:sapbucket
ID: 12591051
What is your ultimate goal? Are you trying to automate windows?

Can you explain what you want in more detail?

0
 

Author Comment

by:CodeX-V3
ID: 12600522
k I'm writing a program to control the entire windows file IO system, I want to create a hook to windows so that whatever windows tries to write will have to pass my program first. If the desitination folder is a folder under my programs protection, it will stop the process. What I need to know is how to hook my program so it will pass mine code it passes the window's code.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:CodeX-V3
ID: 12600536
argh bad grammar sorry, lol the it in "If the desitination folder is a folder under my programs protection, it will stop the process." is refering to my program. and the last sentence is "What I need to know is how to hook my program so it will pass my code before it passes the window's code."
0
 
LVL 3

Expert Comment

by:sapbucket
ID: 12601275
Do you mean the actual contents of the Window?

What language are you writing this with?
0
 
LVL 8

Expert Comment

by:mugman21
ID: 12601566
CodeX-V3,

The code I was looking for is eighter at work, or was deleted. If I can find it, I'll send it your way. In the mean time, there is some info about what your looking for here. http://www.microsoft.com/whdc/driver/filterdrv/default.mspx

Mugman
0
 
LVL 8

Expert Comment

by:mugman21
ID: 12601578
Here are some links to a little source code that might help you on this post

http://www.experts-exchange.com/Programming/Programming_Platforms/Win_Prog/Q_21195848.html
0
 

Author Comment

by:CodeX-V3
ID: 12639123
I want a control over any files or folder,whether it's system/hidden/protected. Whatever it is, I want to secure it and be able to deny any permission of any software to read or write. This code ofcourse should be using MFC as it is a windows based application, I'm not looking for OS idenpendancy in anyway.

Thanks for the tips so far, but damn I'm in need
0
 
LVL 3

Expert Comment

by:sapbucket
ID: 12640162
Directory and file permissions are controlled by the OS. This seems like it should be an easy problem!

One question for you: do you know how to set r/w/x permissions on folders and files from the command line in windows?
0
 
LVL 8

Expert Comment

by:mugman21
ID: 12642148
CodeX,

Your going to have to write this in Kernel mode, there is no way around it. Using MFC, yes, you could hook the file system, but the perfomance hit will be so huge your application will be worthless.

Mugman
0
 

Author Comment

by:CodeX-V3
ID: 12684123
Kernel mode huh? Well I guess I could do it if I had some bases to work from, but without it I'm clueless.
 
As matter a fact, I'm so clueless that I don't even know how to set r/w/x permission from command line? Is that possible? If it is, then Sapbucket can you give me some detail as to how that works? Can it control files so that other applications can't override my permission given?

So confused on this topic, I need some major help. Btw Thanks so much Mugman21 for the links, it helped but if you say Kernel, can u give some more links to help?

I thank you both for all your effort again, but damn I'm dead if I don't get something solid for my boss.
0
 
LVL 8

Accepted Solution

by:
mugman21 earned 2000 total points
ID: 12684888
CodeX,

Download Microsofts DDK (driver development kit). It is free, but I don't believe M$ has it available for download off their site anymore, so try to find it on one of the P2P networks, like bearshare or bittorrent. Due to it's size, bittorrent would probably be a better place to look for it. Or, you can order the CD from M$ for about 10-15 dollars.

It includes documentation on developing WDM drivers, VxD's along with the NT driver architecture. It also has some samples and a special build tool for compiling drivers. This should help you learn the basics of the architecture of drivers and it also documents the kernal API.

Ideally though, Microsoft's IFS kit would be better, but that cost $895 which is too expensive for me. IFS(Installable File System). One of the links I sent you pointed to an old version of FileMon, the diver in that is very very close to what you need, just need to modify the deviceIO routines so you can block certain files from being loaded.

There is a book that was written by mark ruskit (sp) called "Inside Windows 2000" which is an excellent book to start with. The author of the book was the guy that wrote that filemon program and started wininternals.com and sysinternals.com . Definatly knows what he's talking about, excellent book.

I'll look around and see if I can dig out some links for you in a little while.

Mugman
0
 

Author Comment

by:CodeX-V3
ID: 12686886
Thanks so much, whao lol digging through that C code is gonna be quite the while. Thank you ever so much for giving something, and plz see if you can find more, I would like to give you the points right now, but can we still keep contact over email? Yibo_lu@hotmail.com, if you find anything can u plz send it to me?
0
 
LVL 3

Expert Comment

by:sapbucket
ID: 12687772
This may sound silly but would be my try:

1.set all permissions on desired folders, files, etc. to READ ONLY.
2.if ANY process tries to WRITE to these, ERROR is thrown in system variable (STDERR? look up for OS)
3.In a script, wait for error to be thrown.
4.if thrown, (because you are the admin, right?) find out the process that caused the error (I assume this important to your process - maybe not) and then change permissions back to WRITE, and then write whatever it is you want.

In this way you can monitor processes trying to WRITE to a file.

When you catch the WRITE, (the OS stops to process for you), do your process that you want.


I think that what you want is to somehow "take over" the pipe from the BAD process to the write file, and then use that pipe to write to file using the GOOD process. (yours). I'm not sure if Windows can do this. It is sorta like Highway Robbery. LOL


Why not just detect the WRITE from the BAD process, let the OS stop it for you,
change back the permissions back to WRITE for the GOOD process, and allow it to write.
You can do all this using a script language like PERL, or even a batch file (gulp).

Just thought I might throw that out there for ya because what you are about to undertake is next to impossible, both mentally and financially. Leave the internals alone if you do not understand them.

0
 
LVL 8

Expert Comment

by:mugman21
ID: 12689634
0
 
LVL 8

Expert Comment

by:mugman21
ID: 12689644
I like this link I just found:

http://www.cswl.com/whiteppr/tech/wdm.html
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Although it can be difficult to imagine, someday your child will have a career of his or her own. He or she will likely start a family, buy a home and start having their own children. So, while being a kid is still extremely important, it’s also …
When you discover the power of the R programming language, you are going to wonder how you ever lived without it! Learn why the language merits a place in your programming arsenal.
In this fourth video of the Xpdf series, we discuss and demonstrate the PDFinfo utility, which retrieves the contents of a PDF's Info Dictionary, as well as some other information, including the page count. We show how to isolate the page count in a…
Loops Section Overview

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question