Looking for the latest version? Download Kernel Sockets Module (97.5 kB)
Name Modified Size Downloads / Week Status
Totals: 3 Items   184.3 kB 10
ReadMe.txt 2010-04-10 3.7 kB 11 weekly downloads
KSM.2010.03.14.rar 2010-04-10 83.2 kB 11 weekly downloads
KSM.2010.03.22.rar 2010-04-10 97.5 kB 88 weekly downloads
/* ** This code is published under the GNU GENERAL PUBLIC LICENSE without any warranties. */ //*************************************************************************************************** Kernel Sockets Module is designed to provide a simple, common WinSock-like interface for network programming in kernel mode without depending on the target operating system. On Windows XP and Windows Server 2003, it uses the Transport Driver Interface (TDI) implementation, on Windows Vista, Windows Server 2008 and Windows 7 - Windows Sockets Kernel (WSK) implementation. The two parts of code are separated by conditional compilation directives. Interface is common. A simple SMTP-client is provided as a demonstration of client functions. BackDoor module demonstrates server functions. The proposed solution - a fully working example, which sends e-mail to a specific mailbox on the server "mail.ru". Account Settings you can find inside the solution. Driver was tested on WDK 7.0.0 on all proposed by these WDK operating systems on x86 and x64 platforms. The functionality of IPv6 is implemented but not tested. Sending and receiving UDP packets have not been fully tested too. Therefore, these parts of the code may contain bugs. TDI implementation now interacts with top devices "\Device\Tcp", "\Device\Udp", "\Device\Tcp6", "\Device\Udp6" in the stack of devices, so the module is no longer able to bypass any filters that work at the TDI-level. This is done to increase the modularity of the project from which this module is taken. Code is published in order to get bug reports and reviews, tips, reproaches, promises and stuff :) . So do not be shy. Preference is given to constructive criticism. For it special thank you. Most of the comments in the source code translated from Russian into English (automatically by the GOOGLE service). These files are located in the folder "english". The translation is not perfect, so I apologize. You can just paste these files in the root folder of the solution. Thank you for your advice. Please, if you find errors in the code, let me know. //**************************************************************************************************************** mailto:bardano@gmail.com //**************************************************************************************************************** P.S. Driver Verifier during a test parameters "Checking Deadlock" has reported an error in the module in the following case. The module uses NPAGED_LOOKASIDE_LIST / ExAllocateFromNPagedLookasideList / ExFreeToNPagedLookasideList to allocate and release blocks of memory for the structures. These structures contain synchronization primitives - KMUTEX, SpinLock, which are used to synchronize access. When initialized mutex is used - is captured, released - after the end of the structure of the mutex is released and the memory returns to the memory-list by calling ExFreeToNPagedLookasideList. When you get from the memory-list the same block of memory for the structure and try to initialize the mutex arises BSOD with the message "Re-initializing active lock". It seems that this IS NOT a problem of code. This is a flaw of Driver Verifier, which could keep track of function calls ExAllocateFromNPagedLookasideList and ExFreeToNPagedLookasideList, thus obtaining information about allocating and freeing memory blocks. The problem can be eliminated by removing the check mark this option, testing in Driver Verifier. Or, replacing the code of memory allocation and freeing with lists of common ExAllocatePoolWithTag and ExFreePool. Your views on this issue would be welcome.
Source: ReadMe.txt, updated 2010-04-10