Location:
Search - Object Hook
Search list
Description: Most good object, DirectShow Filter modify from transform filter can spy all media type by hook KSEevent .
Platform: |
Size: 46080 |
Author: Rabit |
Hits:
Description: 如何安装钩子过程,如何编写全局钩子,动态连接库里的全局变量数据共享问题分析。ADO数据库编程。在VB中利用ADO控件和ADO对象访问数据库,在VC中利用ADO技术访问数据库。-process of how to install the hook, how to compile the overall hook. Dynamic Link 13-17 global variable data sharing analysis. ADO database programming. In VB using ADO and ADO Object Access database, the use of the VC ADO access to the database.
Platform: |
Size: 159744 |
Author: zhou |
Hits:
Description: Hook编程。如何安装钩子过程,如何编写全局钩子,动态连接库里的全局变量数据共享问题分析。ADO数据库编程。在VB中利用ADO控件和ADO对象访问数据库,在VC中利用ADO技术访问数据库。-Hook programming. How to install the hook process, how to write global hooks, dynamic link library data sharing global variables analysis. ADO database programming. The use of ADO in the VB controls and ADO Object Access database, the use of ADO in VC technology access database.
Platform: |
Size: 159744 |
Author: 秋水飘零 |
Hits:
Description: IDT Hook 检测及恢复
此程序在 Ring3 下打开物理内存对象取得当前内存中的 IDT,再用打开对应的原始内核文件进行比较。带恢复功能。
此程序适用于 XP/2003。采用特征码搜索方式查找。注释详细,代码规范-IDT Hook detection and recovery procedures in this Ring3 to open the physical memory object to obtain the current memory of IDT, and then open the corresponding document to compare original kernel. With recovery. This procedure applies to XP/2003. Using signature search search. Notes detailed specification code
Platform: |
Size: 6144 |
Author: 张京 |
Hits:
Description: 本例子介绍如何用 IURLSearchHook 接口来定义自己的URL协议。当浏览器企图去打开一个未知协议的URL地址时,浏览器首先尝试从这个地址得到当前的协议,如果不成功,浏览器将创建在系统中注册的URL Search Hook对象并调用每一个对象的Translate方法,直到地址被转换或所有的URL Search Hook都尝试过。-This example describes how to interface with IURLSearchHook define your own URL protocol. When a browser attempts to open a URL address unknown protocol, the browser first of all try to get this address from the current agreement, if unsuccessful, the browser will create in the system register the URL Search Hook objects and call each object Translate method, until the address is converted or all of the URL Search Hook were tried.
Platform: |
Size: 34816 |
Author: pudncom12 |
Hits:
Description: 本例子介绍如何用 IURLSearchHook 接口来定义自己的URL协议。当浏览器企图去打开一个未知协议的URL地址时,浏览器首先尝试从这个地址得到当前的协议,如果不成功,浏览器将创建在系统中注册的URL Search Hook对象并调用每一个对象的Translate方法,直到地址被转换或所有的URL Search Hook都尝试过。
-This example describes how to interface with IURLSearchHook to define your own URL protocol. When a browser attempts to open a URL address unknown protocol, the browser first of all try to get this address from the current agreement, if unsuccessful, the browser will create in the system register the URL Search Hook objects and call each object Translate method, until the address is converted or all of the URL Search Hook were tried.
Platform: |
Size: 48128 |
Author: 李彬 |
Hits:
Description: api挂接的一段源代码,通过c++类来实现,你只要通过对象调用函数即可-api articulated section of the source code through c++ category to achieve, you need only call the function through the object can be
Platform: |
Size: 7168 |
Author: wangwei |
Hits:
Description: OLE DB,对象链接与嵌入数据库。 OLE DB在两个方面对ODBC进行了扩展。首先, OLE DB提供了一个数据库编程的COM接口;第二, OLE DB提供了一个可用于关系型和非关系型数据源的接口。 OLE DB的两个基本结构是OLE DB提供程序(Provider)和OLE DB用户程序(Consumer)。-OLE DB, Object Linking and Embedding Database. OLE DB for ODBC in the two areas have been extended. First of all, OLE DB provides a database programming COM interfaces second, OLE DB can be used to provide a relational and non-relational data source interface. OLE DB is the basic structure of the two OLE DB Provider (Provider) and OLE DB user program (Consumer).
Platform: |
Size: 6144 |
Author: 王大勇 |
Hits:
Description: Hook程序中.dll文件的编写,可以实现注入,修改一下也可以对QQ等注入操作,只要修改需要注入的对象就可以了-Hook proceedings. Dll file prepared, you can achieve implantation, can also be changed a bit into the operation of the QQ, etc., as long as necessary to amend the object can be injected into the
Platform: |
Size: 57344 |
Author: haokks |
Hits:
Description: Hook编程。如何安装钩子过程,如何编写全局钩子,动态连接库里的全局变量数据共享问题分析。ADO数据库编程。在VB中利用ADO控件和ADO对象访问数据库,在VC中利用ADO技术访问数据库-Hook programming. How to install the hook process, how to write global hooks, dynamic link library' s global variable analysis of data sharing problem. ADO database programming. The use of ADO in the VB controls and ADO Object Access database, the use of ADO in VC technology access to the database
Platform: |
Size: 159744 |
Author: 西嘻 |
Hits:
Description: 内核OBJECT HOOK代码-大家可以-OBJECT HOOK kernel code- everyone can see
Platform: |
Size: 14336 |
Author: 马振强 |
Hits:
Description: 对于hook,从ring3有很多,ring3到ring0也有很多,根据api调用环节递进的顺序,在每一个环节都有hook的机会,可以有int 2e或者sysenter hook,ssdt hook,inline hook ,irp hook,object hook,idt hook-The hook, from ring3 there are many, ring3 to ring0 there are many, according to api call progressive sequence of links, each link in the opportunity to have a hook, you can have int 2e or sysenter hook, ssdt hook, inline hook, irp hook, object hook, idt hook, etc.
Platform: |
Size: 1869824 |
Author: 王小明 |
Hits:
Description: 如何安装钩子过程,如何编写全局钩子,动态连接库里的全局变量数据共享问题分析。ADO数据库编程。在VB中利用ADO控件和ADO对象访问数据库,在VC中利用ADO技术访问数据库-How to install the hook procedure, how to write global hooks, dynamic link library to the global variable data sharing problem analysis. ADO database programming. In the VB using ADO control and the ADO object access the database using ADO in VC technology to access the database
Platform: |
Size: 13312 |
Author: my |
Hits:
Description: Use DataGridView
First, you should use DataGridView when you need to display information that is easily broken up into columns. This will include numbers, names, IDs, and other attributes stored in a database. You can use the DataSource property to hook your DataGridView up to a database, or even an object collection.
Platform: |
Size: 36864 |
Author: kader125 |
Hits:
Description: 信息隐藏亮点之一: 将rootkit作为资源隐藏于用户模式程序之中
亮点之二: 将这个用户程序代码作为生成密钥的引子,可以有效地防止逆向后,隐藏信息被纰漏,因为只有逆向后生成的
代码,跟原作者的代码丝毫不差,将来才能打开其隐藏至深的下载者链接及代码。
亮点之三:用一个固定的KEY,通过某种运算,产生出1024个密钥组成的数组。
然后用这个密钥组与用户代码进行运算,最终生成一个4字节的解码KEY。
利用解码KEY,在从加载到内存的驱动中,找出隐藏在其资源中的那份肮脏的
下载者代码及名单解析出来,返回用户程序,用户程序用它来做坏事,并且最后
还要把痕迹擦得一干二净。
亮点之四:修改idt 0e号中断,让他指向一个无效地址,从而在调试的时候让你蓝屏,起到
反调试的功能。-nformation hiding one of the highlights: the rootkit as a resource hidden in the user program into
Highlights of the two: the user code will be generated key as a primer, can effectively prevent the reverse, the hidden information is flawed, because only generated after reverse
Code, the code with the original author no less, to open its hidden deep in the future who download link and code.
Highlight three: with a fixed KEY, by some calculations, to produce an array of keys 1024.
Then use this key group and the user code operation, and ultimately generate a 4-byte decoding KEY.
By decoding KEY, loaded into memory from the drive, find hidden in their share of dirty resources
The list of those who download the code and parse out and return the user program, the user program to do bad things with it, and finally
But also to trace polished completely.
Highlights of the four: No change idt 0e interrupted, so that he points to an invalid address, so when debugging your blue s
Platform: |
Size: 11264 |
Author: wu |
Hits:
Description: Inline HOOK API V1.1
thanks to 海风月影, xIkUg ,sucsor
by solosky <solosky772@qq.com>
created at 2011.06.29, updated at 2011.06.30
----------------------------------
Inline HOOK API V1.1 2011.06.30
----------------------------------
1. 修复没有判断申请空间是否成功的BUG;
2. 修复释放内存的参数错误的BUG;
----------------------------------
Inline HOOK API V1.0 2011.06.29
----------------------------------
1. HOOK任何函数,仅需知道原型和调用方式即可(可以HOOK对象方法,但需要保存和恢复this指针)
2. UnHOOK已经HOOK的函数
感谢海风月影提供的反汇编长度引擎-Inline HOOK API V1.1 thanks to the sea love affair film, xIkUg, sucsor by solosky <solosky772@qq.com> created at 2011.06.29, updated at 2011.06.30---------------------------------- Inline HOOK API V1. 1 2011.06.30---------------------------------- 1 repair application space does not determine the success of BUG 2 fixed parameters of free memory error BUG ---------------------------------- Inline HOOK API V1. 0 2011.06.29---------------------------------- 1. HOOK any function, just know that the prototype and call way you can (you can HOOK object methods, but need to save and restore this pointer) 2. UnHOOK has a function to thank the sea HOOK film Temptress Moon provided the length of the engine disassembly! !
Platform: |
Size: 5120 |
Author: money |
Hits:
Description: 看雪学院Rootkit学习,1.内核Hook:对于hook,从ring3有很多,ring3到ring0也有很多,根据api调用环节递进的顺序,在每一个环节都有hook的机会,可以有int 2e或者sysenter hook,ssdt hook,inline hook ,irp hook,object hook,idt hook-See snow Institute Rootkit learning, kernel Hook: hook from ring3 many, ring3 to ring0 also the api call progressive order, every link has the opportunity to hook int 2e or sysenter. hook, ssdt hook, inline hook, irp hook, object hook, idt hook, etc.
Platform: |
Size: 1652736 |
Author: stars |
Hits:
Description: 这是一份OBJECT HOOK的示例代码,讲解了对象钩子的使用-This is a sample code OBJECT HOOK to explain the use of the object hook
Platform: |
Size: 34816 |
Author: magicdmer |
Hits:
Description: 如何安装钩子过程,如何编写全局钩子,动态连接库里的全局变量数据共享问题分析。ADO数据库编程。在VB中利用ADO控件和ADO对象访问数据库,在VC中利用ADO技术访问
数据库-How to install the hook process, how to write global hooks, dynamic link library global variable analysis of data sharing. ADO database programming. Controls in VB using ADO and ADO Object Access database using ADO in VC technology to access the database
Platform: |
Size: 202752 |
Author: 王子燚 |
Hits:
Description: wr960204武稀松.2012.2
主页 http://www.raysoftware.cn
通用Hook库.
支持X86和X64. Get
使用了开源的BeaEngine反汇编引擎.BeaEngine的好处是可以用BCB编译成OMF格式的Obj,
被链接进Delphi的DCU和目标文件中.不需要额外带DLL.
BeaEngin引擎
http://www.beaengine.org/
限制:
1.不能Hook代码大小小于5个字节的函数.
2.不能Hook前五个字节中有跳转指令的函数.
希望使用的朋友们自己也具有一定的汇编或者逆向知识.
Hook函数前请确定该函数不属于上面两种情况.
另外钩COM对象有一个技巧,如果你想在最早时机勾住某个COM对象,
可以在你要钩的COM对象创建前自己先创建一个该对象,Hook住,然后释放你自己的对象.
这样这个函数已经被下钩子了,而且是钩在这个COM对象创建前的.-Wr960204 Wu not.2012.2
Home http://www.raysoftware.cn
General Hook library.
Support X86 and Get X64.
The use of open source BeaEngine anti compilation engine.BeaEngine the benefits of BCB can be compiled into OMF format Obj,
Be linked into DCU s Delphi and target files. No extra tape DLL.
BeaEngin engine
Http://www.beaengine.org/
Limited:
1 can not Hook code size is less than 5 bytes of function.
2 can t Hook the first five bytes in a jump instruction function.
Friends who want to use their own also has a certain assembly or reverse knowledge.
Hook function before you determine that the function does not belong to the above two cases.
In addition to hook COM object has a skill, if you want to hook in the first time a COM object,
You can create a COM object that you want to hook before you create an object, Hook live, and then release your own objects.
This function has been under the hook, and the hook in the COM object before the creation of the.
Platform: |
Size: 929792 |
Author: YyQ |
Hits: