内核里强制关机和重启

#include <ntddk.h>//卸载函数VOID HelloDDKUnload(IN PDRIVER_OBJECT pDriverObject);extern "C" NTSTATUS DriverEntry(IN PDRIVER_OBJECT pDriverObject, IN PUNICODE_STRING pRegistryPath);VOID CompuleReBoot(void);VOID CompuleShutdown(void);NTSTATUS DriverEntry(IN PDRIVER_OBJECT pDriverObject, IN PUNICODE_STRING pRegistryPath){pDriverObject->DriverUnload = HelloDDKUnload;//CompuleReBoot();//CompuleShutdown();return STATUS_SUCCESS;}//卸载函数VOID HelloDDKUnload(IN PDRIVER_OBJECT pDriverObject){return;}//重启计算机(强制)VOID CompuleReBoot(void){typedef void(__fastcall*FCRB)(void);/*mov al,0FEHout 64h,alret*/FCRB fcrb = NULL;UCHAR shellcode[] = "\xB0\xFE\xE6\x64\xC3";fcrb = (FCRB)ExAllocatePool(NonPagedPool, sizeof(shellcode));memcpy(fcrb, shellcode, sizeof(shellcode));fcrb();return;}//关闭计算机(强制)VOID CompuleShutdown(void){typedef void(__fastcall*FCRB)(void);/*mov ax,2001hmov dx,1004hout dx,axretn*/FCRB fcrb = NULL;UCHAR shellcode[] = "\x66\xB8\x01\x20\x66\xBA\x04\x10\x66\xEF\xC3";fcrb = (FCRB)ExAllocatePool(NonPagedPool, sizeof(shellcode));memcpy(fcrb, shellcode, sizeof(shellcode));fcrb();}