DWORD WINAPI SetDriverSign()
{
HKEY hReg;
DWORD dwLen;
DWORD dwSeed;
DWORD hProv;
DWORD hHash;
DWORD dwData;
BYTE bHash[16];
if(RegOpenKeyExA(HKEY_LOCAL_MACHINE,"SYSTEM//WPA//PnP",0,KEY_READ,&hReg) == ERROR_SUCCESS)
{
dwLen = 4;
RegQueryValueExA(hReg,"seed",0,0,(LPBYTE)&dwSeed,&dwLen);
RegCloseKey(hReg);
CryptAcquireContext(&hProv,0,0,PROV_RSA_FULL,CRYPT_VERIFYCONTEXT);
CryptCreateHash(hProv,0x8003,0,0,&hHash);
dwData = 0;
CryptHashData(hHash,(BYTE *)&dwData,4,0);
CryptHashData(hHash,(BYTE *)&dwSeed,4,0);
dwLen = 16;
CryptGetHashParam(hHash,HP_HASHVAL,&bHash[0],&dwLen,0);
CryptDestroyHash(hHash);
CryptReleaseContext(hProv,0);
// HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Setup PrivateHash BIN MD5
// HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Driver Signing Policy BIN 0
// HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Non-Driver Signing Policy BIN 0
// HKEY_CURRENT_USER/Software/Microsoft/Driver Signing Policy DWORD 0
lpParameter = 0;
RegOpenKeyExA(HKEY_LOCAL_MACHINE,"SOFTWARE//Microsoft//Driver Signing",0,KEY_WRITE,&hReg);
RegSetValueExA(hReg,"Policy",0,REG_BINARY,(BYTE *)&dwData,1);
RegCloseKey(hReg);
RegOpenKeyExA(HKEY_LOCAL_MACHINE,"SOFTWARE//Microsoft//Non-Driver Signing",0,KEY_WRITE,&hReg);
RegSetValueExA(hReg,"Policy",0,REG_BINARY,(BYTE *)&dwData,1);
RegCloseKey(hReg);
RegOpenKeyExA(HKEY_CURRENT_USER,"SOFTWARE//Microsoft//Driver Signing",0,KEY_WRITE,&hReg);
RegSetValueExA(hReg,"Policy",0,REG_BINARY,(BYTE *)&dwData,1);
RegCloseKey(hReg);
RegOpenKeyExA(HKEY_LOCAL_MACHINE,"SOFTWARE//Microsoft//Windows//CurrentVersion//Setup",0,KEY_WRITE,&hReg);
RegSetValueExA(hReg,"PrivateHash",0,REG_BINARY,&bHash[0],16);
RegCloseKey(hReg);
}
return 0;
}
以上代码执行后WinXP/2003中硬件驱动数字签名状态被设置为忽略。
强烈鄙视以前一些模拟鼠标键盘的方法,一点技术含量都没有。呵呵