Results 1 to 8 of 8

Thread: Creating services in XP

  1. #1
    My Name is.... TZ Veteran Stripe's Avatar
    Join Date
    Oct 2002
    Location
    live?
    Posts
    892

    Creating services in XP

    Does anyone know how to manually add services in Windows XP Pro?

    I want to add some applications so that they start automatically.

  2. #2
    Techzonez Governor Super Moderator Conan's Avatar
    Join Date
    Apr 2002
    Location
    Philippines
    Posts
    4,343
    I haven't heard of "adding services" before, is it possible to do this?

  3. #3
    Triple Platinum Member Thor's Avatar
    Join Date
    Sep 2002
    Location
    US
    Posts
    917
    That is a very good question. Have to ask around.

  4. #4
    Titanium Member
    Join Date
    Jul 2002
    Location
    blk helo target, WA
    Posts
    3,536
    Scheduled tasks?

  5. #5
    Super Moderator Super Moderator Big Booger's Avatar
    Join Date
    Apr 2002
    Location
    JAPAN
    Posts
    10,941
    If you want to add an application to startup on boot:
    There are four areas from which applications can be launched when Windows XP starts:
    StartUp folder: Contains shortcuts to applications that launch immediately after Windows has started
    Windows registry: Contains application modules that launch during Windows startup
    Win.ini file: Contains Windows drivers for devices such as printers or modems
    System.ini file: Contains virtual drivers for applications

    If you just want an app to startup when you boot your machine, drag that app to the startup folder:
    F:\Documents and Settings\Big Booger\Start Menu\Programs\Startup

    Edit bigbooger with your own user name. I believe that will add it to the startup list so that it loads directly after booting your machine.

    As for system services, what specifically do you want to add?

    ADDING NEW SYSTEM SERVICES

    Adding new system services involve the following steps:


    Allocate a block of memory large enough to hold existing SSDT and SSPT and the extensions to each of the table.
    Copy the existing SSDT and SSPT into this block of memory.
    Append the new entries to the new copies of the two tables as shown in Figure 7-2.
    Update KeServiceDescriptorTable and KeServiceDescriptorTableShadow to point to the newly allocated SSDT and SSPT.
    In NT 3.51, because the Shadow Table is never used, you could get away without having to update it. In NT 4.0 and Windows 2000, however, the Shadow Table takes a leading role once a GDI32 or a USER32 call has been made. Therefore, it is important that you update both KeServiceDescriptorTable and KeServiceDescriptorTableShadow. If you fail to update KeServiceDescriptorTableShadow in NT 4.0 or Windows 2000, the newly added services will fail to work once a GDI32 or USER32 call is made. We recommend that you update both the tables in all versions of Windows NT so that you can use the same piece of code with all the versions of the operating systems.

    One implementation issue in updating the KeServiceDescriptorTableShadow is that NTOSKRNL does not export this table. However, NTOSKRNL does export KeServiceDescriptorTable. So, how can you get the address of KeServiceDescriptorTableShadow?

    The method we used for this is as follows. There is a function in NTOSKRNL called KeAddSystemServiceTable. This function is used by WIN32K.SYS driver for adding the USER32 and GDI 32 related functions. This function does refer to KeServiceDescriptorTableShadow. The first entry in both KeServiceDescriptorTable and KeServiceDescriptorTableShadow is the same. We iterate through each DWORD in the KeAddSystemServiceTable code, and for all valid addresses found in this function, we compare the 16 bytes (size of one entry in descriptor table) at this address with the first entry in KeServiceDescriptorTable. If we find the match, we consider that as the address of the KeServiceDescriptorTableShadow. This method seems to work in all Windows NT versions.


    EXAMPLE OF ADDING A NEW SYSTEM SERVICE

    This example consists of three modules. One device driver contains the code for new system services and the mechanism of adding new system services to a Windows NT kernel. One DLL represents an interface to new system services (just as NTDLL.DLL provides interface for services called by KERNEL32.DLL). And one application links to this wrapper DLL and calls the newly added services. The newly added services print a debug message saying, gkernel service .... Calledh and print the parameters passed to the services. Each service returns values 0, 1, and 2. The function AddServices() isolates the code for the mechanism of adding new system services.

    Assuming first that the sample binaries are copied in C:\SAMPLES directory, here are the steps to try out the sample:


    Run ginstdrv extndsys c:\samples\extndsys.sys.h This will install the extndsys.sys driver. The driver will add three new system services to Windows NT Kernel.
    Run MYAPP.EXE. This will call wrapper functions in MYNTDLL.DLL to call newly added system services in EXTNDSYS.SYS.

    Read the entire page:
    http://www.windowsitlibrary.com/Content/356/07/1.html#2
    Last edited by Big Booger; June 28th, 2003 at 01:27 AM.

  6. #6
    My Name is.... TZ Veteran Stripe's Avatar
    Join Date
    Oct 2002
    Location
    live?
    Posts
    892
    OK!!! Startup folder it is

    Thanks Big Booger...Unfortunately I was hoping it would be a little easier than that.

  7. #7
    Super Moderator Super Moderator Big Booger's Avatar
    Join Date
    Apr 2002
    Location
    JAPAN
    Posts
    10,941
    glad to have helped.

  8. #8
    all bets are off... TZ Veteran SupaStar's Avatar
    Join Date
    Jul 2002
    Location
    Australia
    Posts
    1,680
    Check out FireDaemon. I've used it before. Easy as

    FireDaemon is a utility that allows you to install and run virtually any native Win32 application or script (eg. BAT/CMD, Perl, Java, Python, TCL/TK) as a Windows NT/2K/XP/2K3 service. FireDaemon features easy configuration (via GUI or XML), a low memory/CPU overhead, subprocess prioritisation, custom environments, CPU binding plus monitoring and logging to the event log and on-disk log files.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •