[已解决]一个关于驱动程序签名的问题,与散列值有关,au3求解。
本帖最后由 haijie1223 于 2011-8-17 11:35 编辑原帖地址:
关于忽略驱动签名的方法研究
http://sky123.org/thread-116801-1-1.html
其中有一句:其实原理是根据注册表
HKEY_LOCAL_MACHINE\SYSTEM\WPA\PnP 键值下的 seed的数据的哈希闪列算法算出的数据然后在写入到另外一个注册表
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup下PrivateHash里的。
这个HKEY_LOCAL_MACHINE\SYSTEM\WPA\PnP 键值下的 seed的数据的哈希闪列算法用AU3怎么实现呢,怎么计算出来呢? 哈希算法可以参考P版的UDF
另修改驱动签名有API可以实现.
蛋蛋从官方转了过来的。
搜索下. 回复 2# ceoguang
超版确实厉害 这个udf我有下载 只是一直没有打开好好看过. 答案补充
#include-once
; #FUNCTION# ====================================================================================================================
;
; Name...........: _SetDriverSigning
; Description ...: Sets driver signing policy on Microsoft Windows operating systems
; Syntax.........: _SetDriverSigning([$iLM, $iCU, $sComputer])
; Parameters ....: $iLM - Set at the machine level
; 0 - Ignore
; 1 - Warn
; 2 - Block
; 3 - Ignore only for current user
; Default is Ignore
; $iCU - Set at the user level
; 0 - $iLM setting takes precedence
; 1 - Warn only for current user if greater than $iLM setting
; 2 - Block only for current user if greater than $iLM setting
; $sComputer - Computer name
; The local computer is default
; Return values .: Success - Returns 1
; Failure - Returns 0 and sets @error to:
; -1 - Failure to read the registry
; -2 - Failure to compute the cryptographic hash
; -3 - Failure to write to the registry
; Author ........: engine
; Modified.......:
; Remarks .......:
; Related .......:
; Link ..........;
; Example .......;
;
; ===============================================================================================================================
Func _SetDriverSigning($iLM = 0, $iCU = 0, $sComputer = @ComputerName)
Local Const $PROV_RSA_FULL = 0x00000001
Local Const $CRYPT_VERIFYCONTEXT = 0xf0000000
Local Const $ALG_CLASS_HASH = 0x00008000
Local Const $ALG_TYPE_ANY = 0x00000000
Local Const $ALG_SID_MD5 = 0x00000003
Local Const $CALG_MD5 = BitOR($ALG_CLASS_HASH, $ALG_TYPE_ANY, $ALG_SID_MD5)
Local Const $HP_HASHVAL = 0x00000002
Local $iSeed = RegRead("\" & $sComputer & "\HKLM\SYSTEM\WPA\PnP", "seed")
If @error Then Return SetError(-1, 0, 0)
Local $hAdvapi32 = DllOpen("Advapi32.dll")
; Acquire the CSP
Local $avProv = DllCall( $hAdvapi32, "int", "CryptAcquireContext", _
"hwnd*", 0, _
"ptr", 0, _
"ptr", 0, _
"dword", $PROV_RSA_FULL, _
"dword", $CRYPT_VERIFYCONTEXT )
; Create a hash object
Local $avHash = DllCall( $hAdvapi32, "int", "CryptCreateHash", _
"hwnd", $avProv, _
"dword", $CALG_MD5, _
"hwnd", 0, _
"dword", 0, _
"hwnd*", 0 )
; Compute the cryptographic hash on the data
Local $tIMPUT = DllStructCreate("char")
DllStructSetData($tIMPUT, 1, $iLM, 2)
DllCall( $hAdvapi32, "int", "CryptHashData", _
"hwnd", $avHash, _
"ptr", DllStructGetPtr($tIMPUT), _
"dword", DllStructGetSize($tIMPUT), _
"dword", 0 )
DllCall( $hAdvapi32, "int", "CryptHashData", _
"hwnd", $avHash, _
"dword*", $iSEED, _
"dword", 4, _
"dword", 0 )
Local $tDATA = DllStructCreate("byte")
DllCall( $hAdvapi32, "int", "CryptGetHashParam", _
"hwnd", $avHash, _
"dword", $HP_HASHVAL, _
"ptr", DllStructGetPtr($tDATA), _
"dword*", DllStructGetSize($tDATA), _
"dword", 0 )
; Destroy the hash object
DllCall( $hAdvapi32, "int", "CryptDestroyHash", _
"hwnd", $avHash )
; Release the CSP
DllCall( $hAdvapi32, "int", "CryptReleaseContext", _
"hwnd", $avProv, _
"dword", 0 )
DllClose($hAdvapi32)
; Get last error
Local $aiGLE = DllCall("Kernel32.dll", "dword", "GetLastError")
If $aiGLE <> 0 Then Return SetError(-2, 0, 0)
If Not RegWrite( "\" & $sComputer & "\HKLM\Software\Microsoft\Windows\CurrentVersion\Setup", "PrivateHash", "REG_BINARY", DllStructGetData($tDATA, 1) ) _
Or Not RegWrite( "\" & $sComputer & "\HKLM\SOFTWARE\Microsoft\Driver Signing", "Policy", "REG_BINARY", Binary($iLM) ) _
Or Not RegWrite("\" & $sComputer & "\HKCU\Software\Policies\Microsoft\Windows NT\Driver Signing", "BehaviorOnFailedVerify", "REG_DWORD", $iCU) _
Then Return SetError(-3, 0, 0)
Return 1
EndFunc ;==> _SetDriverSigning
页:
[1]