搜索资源列表
inline hook zwcreatesection
- 原创 天书夜读上 Inline Hook ZwCreateSection 源码
FsdInlineHook.rar
- FSD INLINE HOOK的几乎达到实用级的代码。代码大部分是炉子[0GiNr]提供的,在此感谢。 增加了一段获取通过NTFS驱动对象获取分发函数地址的代码,如果已经被人hook过,可能造成蓝屏。最好的方法还是解析NTFS文件获取原始分发函数地址。Xp sp2测试通过。,FSD INLINE HOOK almost reached the practical level of the code. Most stoves code [0GiNr] provided, would like t
InlineHOOK2.rar
- DDK inline hook 钩子钩子啊懂的就下吧,DDK inline hook hook hook ah understand it on the next
inlinehook
- inline hook原理,有关保护方面的知识,实现了内联HOOK-inline hook principle, the protection of knowledge, to achieve an inline HOOK
Inline-Hook_NtOpenProcess
- 一段INLINE-HOOK的代码,以及一个循环检测是否改写,可在直接调用。【给HookOn传入一个PID即可】。-INLINE-HOOK section of the code, as well as a cycle of test re-evaluated, in direct call. 【HookOn into a PID to be】.
NtOpenProcess[InlineHook]
- r0 inline hook sample.
bingleinline-hookGetWindowText
- inline hook,这是最新写的,虽然网上也有,但我是找了很久的哟-inlinehook, this is the latest write, although there are also online, but I was looking for a long time yo .....
ObReferenceObjectByHandle
- Inline HOOK ObReferenceObjectByHandle 保护进程-Inline HOOK ObReferenceObjectByHandle
inlinehookAndADE32
- inline hook & ADE 32(反汇编引擎),可用于动态的inline hook到任何内核函数。-inline hook and ADE 32
InlineHookKeyboardClassServiceCallback
- Inline hook KeyboardClassServiceCallback 实现键盘记录-Inline hook KeyboardClassServiceCallback the achievement of keyloggers
Kehook
- 对于hook,从ring3有很多,ring3到ring0也有很多,根据api调用环节递进的顺序,在每一个环节都有hook的机会,可以有int 2e或者sysenter hook,ssdt hook,inline hook ,irp hook,object hook,idt hook-The hook, from ring3 there are many, ring3 to ring0 there are many, according to api call progressive sequen
antinpinline
- anti np inline hook,可以过游戏保护np的inline hook,目前还是可以使用,asm源码-anti np inline hook, can lead the game to protect np the inline hook, or you can use the current, asm source
InlineReHOOK
- ring0下恢复inline hook 还有点bug-inline hook resume ring0
InlineHook
- Inline Hook NtOpenFile 简单实现保护指定路径文件-Inline Hook NtOpenFile a simple path to achieve the protection of designated documents
keyboardlogger
- inline hook 可以实现兼容PS/2键盘和USB键盘的Logge 源代码 键盘Logger是Hook 键盘类驱动Kbdclass的分发函数,在类驱动的下面是端口驱动。用DeviceTree 可以看到PS/2键盘的端口驱动是i8042prt,USB键盘的端口驱动是Kbdhid。无论是PS/2 键盘还是USB键盘,在端口驱动处理完IRP之后都会调用上层处理的回调函数,即KbdClass 处理输入数据的函数。Hook 这个回调函数,不但可以实现兼容PS/2 键盘和USB 键盘的Log
inline
- inline hook NtSetInformationFile 保护目录或文件-inline hook NtSetInformationFile
HookKey
- Inline hook KeyboardClassServiceCallback实现键盘记录-Inline hook KeyboardClassServiceCallback achieved keylogger
Hook
- 本文从难易程度上主要分三块详细介绍:一.用户模式Hook:IAT-hook,Dll-inject 二.内核模式Hook:ssdt-hook,idt-hook,int 2e/sysenter-hook 三.Inline Function Hook -In this paper, Difficulty Level 3 detail the main points: 1. User Mode Hook: IAT-hook, Dll-inject 2. Kernel-mode Hook: ssdt-ho
kernel-Inline-Hook-word-doc
- kernel Inline Hook word doc 详谈内核三步走Inline Hook实现-kernel Inline Hook word doc go into the details to achieve core three-step Inline Hook
Kernel Inline Hook
- 目前流行和成熟的kernel inline hook技术就是修改内核函数的opcode,通过写入jmp或 push ret等指令跳转到新的内核函数中,从而达到修改或过滤的功能。这些技术的共同点 就是都会覆盖原有的指令,这样很容易在函数中通过查找jmp,push ret等指令来查出来, 因此这种inline hook方式不够隐蔽。本文将使用一种高级inline hook技术来实现更隐蔽的 inline hoo技术(Currently popular and mature kernel in