file input/output Hook for Windows

Dear Viewer,
  I was wondering if anyone has any examples or tutorial or just source code for a program to deal with the windows file input/output hook. I mean I've seen such software that can be controlled by another program to be un-writable or un-readable, and I really want some sort of source code for such. If anyone has anything that is close to wat I described, please respond.

Thank you in advance,
CodeX-V3
CodeX-V3Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

mugman21Commented:
I assume your looking for a WDM file system filter hook driver.... I have the source to a driver burried some where , I'll try and see  if I can locate it.

Mugman
0
sapbucketCommented:
What is your ultimate goal? Are you trying to automate windows?

Can you explain what you want in more detail?

0
CodeX-V3Author Commented:
k I'm writing a program to control the entire windows file IO system, I want to create a hook to windows so that whatever windows tries to write will have to pass my program first. If the desitination folder is a folder under my programs protection, it will stop the process. What I need to know is how to hook my program so it will pass mine code it passes the window's code.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

CodeX-V3Author Commented:
argh bad grammar sorry, lol the it in "If the desitination folder is a folder under my programs protection, it will stop the process." is refering to my program. and the last sentence is "What I need to know is how to hook my program so it will pass my code before it passes the window's code."
0
sapbucketCommented:
Do you mean the actual contents of the Window?

What language are you writing this with?
0
mugman21Commented:
CodeX-V3,

The code I was looking for is eighter at work, or was deleted. If I can find it, I'll send it your way. In the mean time, there is some info about what your looking for here. http://www.microsoft.com/whdc/driver/filterdrv/default.mspx

Mugman
0
mugman21Commented:
Here are some links to a little source code that might help you on this post

http://www.experts-exchange.com/Programming/Programming_Platforms/Win_Prog/Q_21195848.html
0
CodeX-V3Author Commented:
I want a control over any files or folder,whether it's system/hidden/protected. Whatever it is, I want to secure it and be able to deny any permission of any software to read or write. This code ofcourse should be using MFC as it is a windows based application, I'm not looking for OS idenpendancy in anyway.

Thanks for the tips so far, but damn I'm in need
0
sapbucketCommented:
Directory and file permissions are controlled by the OS. This seems like it should be an easy problem!

One question for you: do you know how to set r/w/x permissions on folders and files from the command line in windows?
0
mugman21Commented:
CodeX,

Your going to have to write this in Kernel mode, there is no way around it. Using MFC, yes, you could hook the file system, but the perfomance hit will be so huge your application will be worthless.

Mugman
0
CodeX-V3Author Commented:
Kernel mode huh? Well I guess I could do it if I had some bases to work from, but without it I'm clueless.
 
As matter a fact, I'm so clueless that I don't even know how to set r/w/x permission from command line? Is that possible? If it is, then Sapbucket can you give me some detail as to how that works? Can it control files so that other applications can't override my permission given?

So confused on this topic, I need some major help. Btw Thanks so much Mugman21 for the links, it helped but if you say Kernel, can u give some more links to help?

I thank you both for all your effort again, but damn I'm dead if I don't get something solid for my boss.
0
mugman21Commented:
CodeX,

Download Microsofts DDK (driver development kit). It is free, but I don't believe M$ has it available for download off their site anymore, so try to find it on one of the P2P networks, like bearshare or bittorrent. Due to it's size, bittorrent would probably be a better place to look for it. Or, you can order the CD from M$ for about 10-15 dollars.

It includes documentation on developing WDM drivers, VxD's along with the NT driver architecture. It also has some samples and a special build tool for compiling drivers. This should help you learn the basics of the architecture of drivers and it also documents the kernal API.

Ideally though, Microsoft's IFS kit would be better, but that cost $895 which is too expensive for me. IFS(Installable File System). One of the links I sent you pointed to an old version of FileMon, the diver in that is very very close to what you need, just need to modify the deviceIO routines so you can block certain files from being loaded.

There is a book that was written by mark ruskit (sp) called "Inside Windows 2000" which is an excellent book to start with. The author of the book was the guy that wrote that filemon program and started wininternals.com and sysinternals.com . Definatly knows what he's talking about, excellent book.

I'll look around and see if I can dig out some links for you in a little while.

Mugman
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
CodeX-V3Author Commented:
Thanks so much, whao lol digging through that C code is gonna be quite the while. Thank you ever so much for giving something, and plz see if you can find more, I would like to give you the points right now, but can we still keep contact over email? Yibo_lu@hotmail.com, if you find anything can u plz send it to me?
0
sapbucketCommented:
This may sound silly but would be my try:

1.set all permissions on desired folders, files, etc. to READ ONLY.
2.if ANY process tries to WRITE to these, ERROR is thrown in system variable (STDERR? look up for OS)
3.In a script, wait for error to be thrown.
4.if thrown, (because you are the admin, right?) find out the process that caused the error (I assume this important to your process - maybe not) and then change permissions back to WRITE, and then write whatever it is you want.

In this way you can monitor processes trying to WRITE to a file.

When you catch the WRITE, (the OS stops to process for you), do your process that you want.


I think that what you want is to somehow "take over" the pipe from the BAD process to the write file, and then use that pipe to write to file using the GOOD process. (yours). I'm not sure if Windows can do this. It is sorta like Highway Robbery. LOL


Why not just detect the WRITE from the BAD process, let the OS stop it for you,
change back the permissions back to WRITE for the GOOD process, and allow it to write.
You can do all this using a script language like PERL, or even a batch file (gulp).

Just thought I might throw that out there for ya because what you are about to undertake is next to impossible, both mentally and financially. Leave the internals alone if you do not understand them.

0
mugman21Commented:
I like this link I just found:

http://www.cswl.com/whiteppr/tech/wdm.html
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Programming

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.