Project Description
Look at the contents of the system registry, ignoring the restrictions on the permission to access, and looking at very restrictions. Give you such opportunity is the mission of the target driver.

Load the driver into a kernel by sc.exe or drvload.exe, and don't forget to verify this fact by type the command:
> sc.exe query [driver name (wygiwys.sys)]
if you have found a line: STATE ... RUNNING that is right.
Then for example, you can launch regedit.exe and pointing to following keys:
Their contents are usually inaccessible and now you will be in unusual situation, but you can examine permissions of some subkeys they will have not changed and will continue to be strict.
Driver creates device: "\Device\wygiwys", we would hope this place yet free.

Last edited Nov 1, 2011 at 9:01 PM by kannoner, version 36