Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
722 views
in Technique[技术] by (71.8m points)

kernel module - Run Native Application on Windows 10

I'm trying to run Windows native application (i.e subsystem: NATIVE) on Windows 10. The application signed with a test certificate and test sign mode was set on Windows. The executable of the application is placed in C:WindowsSystem32 directory and the approipriate value (application name) is added to the registry value HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerBootExecute. So, the application must be executed on boot time. But the BSOD is occured with the error code 0xC0000145. This NTSTATUS value has a name STATUS_APP_INIT_FAILURE. But when I try to start this application on Windows 7 application is correctly executed.

The code of the application:

#include <ntifs.h>
#include <ntdef.h>

NTSYSCALLAPI NTSTATUS NTAPI NtDisplayString(PUNICODE_STRING DisplayString);
NTSYSAPI NTSTATUS NTAPI NtTerminateProcess(HANDLE ProcessHandle, NTSTATUS ExitStatus);

VOID NtProcessStartup(PVOID StartupArgument)
{
    UNICODE_STRING str;
    RtlInitUnicodeString(&str, L"Hello, world!
");
    NtDisplayString(&str);
    NtTerminateProcess((HANDLE)(-1), 0);
}

Does anybody know, what should I do to start this application on Windows 10?


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)
等待大神答复

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...