[rkhunter]

I remember Compuware DriverStudio (RIP) that introduced OOP and C++ as framework for driver development. It has not received wide acceptance.

[Brock]

Writing drivers in c/c++ is fine but any type of OOP in any language for writing a kernel driver is generally frowned upon since other things might be going on behind the scenes without your direct awareness (i.e> Data encapsulation through OO)

I prefer writing drivers in strictly c only, this is just my preference however. Here are Pros and Cons for writing them in c++

http://msdn.microsoft.com/en-us/windows ... e/gg487420

[AmrThabet]

Thanks All for your very valuable comments :)

The Development Framework will be free and open source and ... it has classes inside ... so you can inherit from them easily. The last example is so small .. so it uses the classes directly ... but you can inherit from the classes (without override functions) or you can modify the framework from inside.

If it can be used without OOP? no ... it can't :(

Compuware DriverStudio ... yes I'm with you ... but it's not free and not open source ... that's will be free.

about OOP Pros and Cons? ... it doesn't use the OOP of Microsoft (WDF) ... so don't worry ... The framework is very similar to the normal C code ... but added OOP as much as I can.

---------------------------
The Mission of Development Rootkit is:
-----------------------------------------------
To create, as a community, a suitable OOP environment to create your own rootkit - not for malicious purposes - with full of functions, standard techniques and filters.

and to collect all open source rootkits, tutorials and articles and the create the biggest open source community for rootkit developers

[EP_X0FF]

I have a strong doubts in future of this project exactly in meaning as "rootkit dev framework". It's maybe good for authors self-education purposes, but practically it's completely useless. What you have done with classes can be done with dynamic structure with fields as class members and callbacks as class methods. Every driver developer (we assume exactly developers not script-kiddies who are writing rootkits by copy-pasting) has it's own collection of libraries, driver skeletons etc, how much depends only on writer experience. To make such people start use your framework, this code must be on another level of usability (including transparent cross-platform compatibility) and code quality. So to conclude post - project currently need more work before any presentation.

[Brock]

Automating tasks and creating a "framework" for wrapping common programming concepts for rootkit development would also just make this all that much easier to detect and give your open source library a bad name in the end. I've never seen an ITW RK (at least one which is original) using an open source "framework"

[AmrThabet]

OK ... thanks everyone for your valuale comments