如何创建一个进程将运行在Windows的内核级别？ [英] how to create a process which will run in kernel level in windows?

问题描述

我想为Windows（Ring 0）创建一个内核级别的进程，但我不知道从哪里开始。我想知道需要哪个 SDK ，任何显示其实现的教程都是有帮助的。

I want to create a kernel level of process for windows (Ring 0) but i don't know where to start from. I want to know which SDK is required and any tutorial showing its implementation would be helpful.

推荐答案

SDK是 Windows驱动程序工具包和文档在这里。作为对您的问题的更正，在内核模式下，您不能使用进程，因为内核模式驱动程序作为操作系统的执行程序的一部分运行。你可以创建内核线程。

The SDK is the Windows Driver Kit and documentation here. As a correction to your question, at kernel mode you can't use processes, since kernel-mode drivers run as part of the operating system's executive. You can create kernel threads though.

这篇关于如何创建一个进程将运行在Windows的内核级别？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！