The DDK installation wizard is as straightforward as any Microsoft installation; just double-click setup.exe and answer a few questions. However, you can do a few things to make rootkit development much easier. The single most time-saving installation recommendation is to use the default installation directory; and if you absolutely must use another directory, keep the path simple, with no spaces or long directory names. This will be especially important if you are using the older XP DDK. The second recommendation is to select every possible download option. Skipping a few samples or skipping documentation to save a few megabytes of disk space will not make your life easier. You can, however, skip the debuggers offered with the 2003 SP1 DDK if you’ve already installed “Debugging Tools for Windows,” as these are the exact same debuggers.
Once you have installed the DDK, you can create two shortcuts to help with development. The shortcut examples that follow were developed for the Windows XP DDK, build number 2600; your target path may need to be altered depending upon your version of the DDK. The first shortcut should use the following target:
%windir%\SYSTEM32\CMD.EXE /k C:\WINDDK\2600\bin\setenv.bat C:\WINDDK\2600 chk
For newer DDKs, use the following:
%windir%\SYSTEM32\CMD.EXE /k C:\NTDDK\bin\setenv.bat C:\NTDDK checked
For the 2003 SP1 DDK, use
%windir%\SYSTEM32\CMD.EXE /k C:\WINDDK\3790.1830\bin\setenv.bat C:\WINDDK\3790.1830 checked
and start in the %windir% directory.
This will be your “Checked DDK” icon.
The second shortcut should use this target:
%windir%\SYSTEM32\CMD.EXE /k C:\WINDDK\2600\bin\setenv.bat C:\WINDDK\2600 fre
For newer DDKs, use the following:
%windir%\SYSTEM32\CMD.EXE /k C:\NTDDK\bin\setenv.bat C:\NTDDK free
For the 2003 SP1 DDK, use
%windir%\SYSTEM32\CMD.EXE /k C:\WINDDK\3790.1830\bin\setenv.bat C:\WINDDK\3790.1830 free
and start in the same %windir% directory.
This will be your “Free DDK” icon.
The DDK uses the concept of Checked and Free driver development to differentiate between preliminary debug development and final release builds. The preceding shortcuts will set up the shells required for these two development environments. The projects covered in this book only use the Checked DDK shell, but you will eventually want to build a release version of one or all of the rootkits you will be creating.