搜索资源列表
NT下进程隐藏
- 在NT环境下隐藏进程,也就是说在用户不知情的条件下,执行自己的代码的方法有很多种,比如说使用注 册表插入DLL,使用Windows挂钩等等。其中比较有代表性的是Jeffrey Richer在《Windows核心编程》中 介绍的LoadLibrary方法和罗云彬在《Windows环境下32位汇编语言程序设计》中介绍的方法。两种方法的 共同特点是:都采用远程线程,让自己的代码作为宿主进程的线程在宿主进程的地址空间中执行,从而达 到隐藏的目的。相比较而言,Richer的方法由于可以使用c/c++等高级
NT环境下进程隐藏的实现
- NT环境下进程隐藏的实现 补充:把ThreadMain的代码给丢了,在这补上: DWORD ThreadMain(HINSTANCE hInst) { TCHAR szModule[256], szText[512], szFormat[256] LoadString(hInst, IDS_FORMAT, szFormat, sizeof(szFormat) / sizeof(TCHAR)) GetModuleFileName(NULL, szModule, 256) _stprintf(szT
TRRemote
- 很强的远程管理源码, 包括远程关机、重启, 远程*进程,远程停止服务-strong source of remote management, including remote shutdown and restart, remote kill the process, long-range stop service
WinSpy_src
- Winspy源码。复制代码到远程进程并用CreatRemoteThread执行之-Winspy source. Remote replication code to the process used to implement the CreatRemoteThread
RemoteThread1
- 不需要用DLL的在其他进程里插入远程线程-do not need to use the DLL in the process of inserting the remote threads
cmdbind
- cmdbind利用远程线程和管道在LSASS.EXE中建立远程线程把 cmd.exe绑定到7597端口-cmdbind remote threads in the pipeline and establish remote email thread binds to put cmd.exe 7597 port
postkill
- system权限下,创建远程线程将dll注入用户进程,以用户身份发送消息。此例对指定程序发送一个WM_QUIT消息。专用来使防火墙类程序正常退出。传递参数使用注册表实现。-system authority, the creation of dll threaded remote users into the process, to send user information. Such cases to send a designated WM_QUIT news. Dedicated to e
Computing
- JAVA的SOCKET的应用,实现远程计算,运用了多线程的方式实现-JAVA applications, remote computing, the use of multithreading in a way
NTjincheng-VC
- 枚举本地-远程NT系统进程-实例分析-VC 希望能给你参考-enumeration local-remote NT system process-Analysis-VC wanted to give you reference
RmExec
- 远程注入的令一种方法: 本例子是利用远程注入让EXPLORER.exe加载CMD.EXE。注意,只能用RELEASE版本,如果想用DEBUG版本,可以把远程函数注入部分(remote.cpp)写成LIB连接接入即可。-leading to the remote injection method : This example is the use of telemedicine for EXPLORER.exe loaded into CMD.EXE. Attention, which can
SelfInjectCode
- 一个不用CreateRemoteThread进行远程线程注入的例子 防止某些防火墙拦截 不是我写的,为了下个代码只好出卖一下作者了-not CreateRemoteThread a remote thread injection to prevent a certain examples intercept some firewall is not my writing, to the next code can only sell what the author
Win2k下进程不死术
- 此段程序采用公开的 Win2k注射远程线程,来保护指定进程始终处于运行状态。 生成wap32.exe拷贝到c:\\下运行,则Wap32进程不死。-During the proceedings open Win2k injection remote threads, to protect the designation process has always been running. Generation wap32.exe copy of the c : \\ run, Wap32 proces
开远程telnet服务代码
- 打开远程telnet服务代码,在远程机器上运行,可打开对方机器的telent服务。-open remote telnet service code, the remote machines, machines can be opened to the plc services.
remote_thread
- Remote Run Library是一个为部分代码提供完整的远程(这里的远程指不同于本进程的其他进程空间)运行环境(包括在代码中使用隐式API调用、字符串常量、全局/静态变量、异常保护)的工具。它允许你在任意进程(只要你有足够的权限)运行一段代码甚至一个exe,从而可以让两个或多个可执行文件在同一个进程空间运行。-Remote Run Library is a part of the code provides a complete remote (remote here refers to
remcom-src-2.1
- This a remote communication application. source code included.-This is a remote communication application. source code included.
hidevc
- 通过远程线程注入的方法实现的隐藏进程,简单易懂,注释详细-Remote thread into the hidden process
CreateRemoteThread-win7
- win7下面创建远程线程的解决方案 国外大牛写的-win7 the following solution to create a remote thread to write large foreign cattle
Injectorv620
- this is source code of my visual basic dll injector its using virtual alloc ex and create remote thread to execute dll, you wil love me for this xP-this is source code of my visual basic dll injector its using virtual alloc ex and create remote thre
Complete-remote-injection
- 完整的远程注入演示代码,相信需要的你有帮助-Complete remote injection
remote
- 用VC++写的远程线程插入代码 很有参考和学习价值-Written with VC++ code into the remote thread useful reference and learning the value ...