*** VISTA RTM *** Writing to raw disk sectors.  
  Index Software Development for Windows Vista General Windows Vista Development Issues
Author Message
JimBim76
PostPosted: General Windows Vista Development Issues, *** VISTA RTM *** Writing to raw disk sectors. Top

Hi,

I have an application that is accessing the physical drive to read and write directly to the sectors.
Recently I've used the new Vista RTM, and unfortunately my application is not working anymore. I get write access denied error when trying to write to sectors in the physical drive. I use CREATEFILE to get the handle to the physical drive (ie: \\.\c:), then the WRITEFILE to write directly to the sectors. I use SETFILEPOINTER to point to which sector I want to write. The WRITEFILE always fails with ERROR: 5 Access Denied.
I run the app in user mode, but I elevate my app to administrator level. The problem still there.
I have found the following discussion in a blog by Joanna Rutkowska:
http://theinvisiblethings.blogspot.com/2006/10/vista-rc2-vs-pagefile-attack-and-some.html

It seems that the only solution if I want to WRITEFILE directly to raw sectors during normal windows running in user mode, is to write a KERNEL MODE DRIVER. As Im not familiar with windows driver development I would like to know how do I go about writing a KERNEL MODE DRIVER
What I need to do is to write a simple KERNEL MODE DRIVER for WRITEFILE that will give me the alternative operation of the WRITEFILE API that fails in normal windows running mode.
What do I need to develop a KERNEL MODE DRIVER, and how can I build it What DDK/WDK will I need to use, and where can I find information that will point me out where to start from

Is there an alternative solution that someone knows about out there
Please let me know of any suggestions solutions, Im completely lost...

Thank you,
Jim

Software Development for Windows Vista1  
 
 
shaunhw
PostPosted: General Windows Vista Development Issues, *** VISTA RTM *** Writing to raw disk sectors. Top

I asked about this here as well, and was met with a STONEY SILENCE, even though I am SURE that someone at Microsoft knows about this one. It seems to apply to the system disk from the bootsector onwards.

Please be aware that even writing a Kernel Mode driver, will not work, if you intend to use ZwCreateFile/ZwOpenFile or something like that. The writes to the system disk are still blocked even at this level. So much for having control of the machine in a KMD.

Again there seems to be no documentation on this issue.

Is the function properly enabled when the KMD or application is signed for example

Note that in some cases this kind of autocratic nonsense by Microsoft causes more trouble than it might solve......
 
 
 
Index Software Development for Windows Vista General Windows Vista Development Issues