crash-dump-write-to-disk how to bypass the Operati

Title: crash-dump-write-to-disk

Category:
Windows Develop
Tags:
[Windows] [Visual.Net] [源码]
File Size:
39kb
Update:
2014-07-09
Downloads:
0 Times
Uploaded by:
maysam

Description: how to bypass the Operating System’s normal input/output (I/O) disk driver path and use the crash dump driver stack (i.e., “crash dump I/O path”) to read the master boot record (MBR). This technique subverted the TDL4 rootkit and would be effective against any traditional I/O hooking rootkit/malware.

Downloaders recently: [More information of uploader maysam]

To Search:

File list (Check if you may need any files):

 

dmpflt-8c2f6fb9f548\DmpFlt.cpp
...................\PostCrash.cpp
...................\Helper.cpp
...................\DmpFlt.vcxproj
...................\DmpFlt.sln
...................\PreCrashStaging.hpp
...................\Common.hpp
...................\DmpFlt.hpp
...................\Helper.hpp
...................\Timer.hpp
...................\Dump.hpp
...................\PreCrashStaging.cpp
...................\PostCrash.hpp
...................\Timer.cpp

Main Category

SourceCode

Web Code

Develop Tools

Document

Other resource

Category

GUI Develop

Windows Kernel

WinSock-NDIS

Driver Develop

ADO-ODBC

GDI-Bitmap

CSharp

.net

Multimedia Develop

Communication

Shell api

ActiveX/DCOM/ATL

IME Develop

ISAPI-IE

Hook api

Screen saver

DirextX

Process-Thread

Console

File Operate

Printing program

Multi Monitor

DNA

Other

About site

CodeBus www.codebus.net