hi all !
i want to write a kernel driver - it will read disk direct (as use INT on dos) but i don't know to do this on Windows NT(2k & XP), please help me  :lol: . thanks
Posted on 2005-08-03 06:28:17 by secmask
Maybe you can use the win32 api function CreateFile to open \\.\PHYSICALDRIVE0.
You will be able to read/write disk directly.

Writting a kernel mode driver to read disk direct is a very difficult and dangerous task.
But if you really need, try to get the Windows 2k DDK and read the manuals.

The best reference is definitly:
http://www.oreilly.com/catalog/wininternals/

Regards,
Opc0de
Posted on 2005-08-03 07:06:39 by Opcode
You must use in and out instruction. You will not able to made it if you use WinXP, if you have an old computer you will able to made it. Check www.programmersheaven.com for tutorial and code. Opcode is rigth it is dangerous.
Posted on 2005-08-05 07:35:38 by realvampire
Not only if is it difficult to get the code right, but you'll have to remember that you're running in a protected mode OS - that already has a driver that accesses the disk. This gives opportunity for a world full of pain if you try to do direct disk access.

Much better to use the documented and well-working CreateFile method.
Posted on 2005-08-05 07:56:47 by f0dder
So if readfile direct is difficult, but what about read some sectors of the disk , i think there are some instructions do this ??? .
Posted on 2005-08-06 06:04:30 by secmask
secmask, http://msdn.microsoft.com/library/default.asp?url=/library/en-us/fileio/fs/createfile.asp - notice the \\.\PHYSICALDRIVEx and \\.\x: filename parameters, and do read the documentation there.
Posted on 2005-08-06 07:14:33 by f0dder
hi all .
i did as f0dder said but when i try to read first 512 bytes of drive C ,it doesn't like as i view in Hex Editor . So where i were wrong ?
thanks .
Posted on 2005-08-16 07:40:11 by secmask
secmask, perhaps it's the difference between \\.\C: and \\.\PHYSICALDRIVE0 that gives you different results?
Posted on 2005-08-16 10:10:34 by f0dder
oh , yeh . that's exact my problem , thank f0dder .
Posted on 2005-08-17 06:24:48 by secmask
no problem, glad to help :)
Posted on 2005-08-17 06:29:15 by f0dder