whats new ¦  programming tips ¦  indy articles ¦  intraweb articles ¦  informations ¦  links ¦  interviews
 misc ¦  tutorials ¦  Add&Win Game

Tips (1541)

Database (90)
Files (137)
Forms (107)
Graphic (114)
IDE (21)
Indy (5)
Internet / LAN (130)
IntraWeb (0)
Math (76)
Misc (126)
Multimedia (45)
Objects/
ActiveX (51)

OpenTools API (3)
Printing (35)
Strings (83)
System (266)
VCL (242)

Top15

Tips sort by
component


Search Tip

Add new Tip

Add&Win Game

Advertising

33 Visitors Online


 
...obtain a list of loaded drivers under Windows NT?
Autor: Thomas Stutz
[ Print tip ]  

Tip Rating (7):  
     


{
  This code takes advantage of the undocumented NtQuerySystemInformation
  API to obtain a list of loaded drivers under Windows NT.

  Dieser Code verwendet die undokumentiere NtQuerySystemInformation API Funktion
  um eine Liste aller geladenen Treiber unter Windows NT zu ermitteln.
}

const
  
DRIVER_INFORMATION = 11;

type
  
TPDWord = ^DWORD;

  TDriverInfo = packed record
    
Address: Pointer;
    Unknown1: DWORD;
    Unknown2: DWORD;
    EntryIndex: DWORD;
    Unknown4: DWORD;
    Name: array [0..MAX_PATH + 3] of Char;
  end;

var
  
NtQuerySystemInformation: function (infoClass: DWORD;
  buffer: Pointer;
  bufSize: DWORD;
  returnSize: TPDword): DWORD; stdcall nil;

  function GetDriverInfo: string;
  var 
    
temp, Index, numBytes, numEntries: DWORD;
    buf: TPDword;
    driverInfo: ^TDriverInfo;
  begin
    if 
@NtQuerySystemInformation = nil then
      
NtQuerySystemInformation := GetProcAddress(GetModuleHandle('ntdll.dll'),
        'NtQuerySystemInformation');

    // Obtain required buffer size
    
NtQuerySystemInformation(DRIVER_INFORMATION, @temp, 0, @numBytes);
    // Allocate buffer
    
buf := AllocMem(numBytes * 2);

    NtQuerySystemInformation(DRIVER_INFORMATION, buf, numBytes * 2, @numBytes);
    numEntries := buf^;
    driverInfo := Pointer(DWORD(buf) + 12);
    Result     := '';
    for Index := 1 to numEntries do 
    begin
      
Result := Result + #$D#$A + 'Address: $' + IntToHex(DWORD(driverInfo^.Address), 8) +
        'Name: "' + (driverInfo^.Name) + '"';
      Inc(driverInfo);
    end;
    Delete(Result, 1, 2);
    FreeMem(buf);
  end;

  procedure TForm1.Button1Click(Sender: TObject);
  begin
    
ListBox1.Items.Add(GetDriverInfo)
  end;


  // Thanks to Madshi for helping me translate from C++ Code
  // Original Code (C++) :
  //                             NtDriverList v1.0
  //                      Copyright 1998, 1999 Yariv Kaplan
  //                             WWW.INTERNALS.COM


 

Rate this tip:

poor
very good


Copyright © by SwissDelphiCenter.ch
All trademarks are the sole property of their respective owners