Location:
Search - Shadow hook
Search list
Description: 利用钩子实现菜单阴影效果
有很多人对Office XP里面的菜单的阴影效果羡慕不已,它不需要在Windows XP 中就可以在菜单后面显示阴影, 当然在Windows XP中, 已经完全支持菜单阴影了。 虽然我们不一定很有必要自己来实现这个较难实现的效果。但是正如有很多人想实现那种IE风格的菜单栏一样,尽管它们并不能为我们带来更多实用的功能, 却可以使我们的程序看起来与众不同。
-use menus hook shadow effect of a lot of people inside the Office XP menu envy of the shadow effect MU performance, it does not need Windows XP on the back of the menu showed shadow, Of course, in Windows XP, which has fully supported the shadow of the menu. Although we do not own it is necessary to achieve this difficult to achieve results. But, as many people would like to achieve the kind of IE style menu bar, Although they do not bring us a more practical function, but we can make the process appear to be different.
Platform: |
Size: 205644 |
Author: xian |
Hits:
Description: 国外收集的多个hook代码
Let s talk about kernel and drivers
--- --- --- --- --- -----
Author: Holy_Father <holy_father@phreaker.net>
/ When you see the shadow,
think about the light that causes it /
Version: 1.0 english
Birthday: 27.08.2005
Home: http://www.hxdef.org, http://hxdef.net.ru,
http://hxdef.czweb.org, http://rootkit.host.sk-foreign collected more than hook code Let's talk about kernel and d rivers ---------------------------------- - Author : Holy_Father
Platform: |
Size: 263875 |
Author: 校风 |
Hits:
Description: Shadow table hook,一种新的Hook方式
Platform: |
Size: 50772 |
Author: alex |
Hits:
Description: 一个演示如何hook shadow ssdt表的例子。
Platform: |
Size: 477658 |
Author: macro |
Hits:
Description: 国外收集的多个hook代码
Let s talk about kernel and drivers
--- --- --- --- --- -----
Author: Holy_Father <holy_father@phreaker.net>
/ When you see the shadow,
think about the light that causes it /
Version: 1.0 english
Birthday: 27.08.2005
Home: http://www.hxdef.org, http://hxdef.net.ru,
http://hxdef.czweb.org, http://rootkit.host.sk-foreign collected more than hook code Let's talk about kernel and d rivers----------------------------------- Author : Holy_Father
Platform: |
Size: 263168 |
Author: 校风 |
Hits:
Description: 利用钩子实现菜单阴影效果
也许有很多人曾和我一样, 对Office XP里面的菜单的阴影效果羡慕不已,它不需要在Windows XP 中就可以在菜单后面显示阴影, 当然在Windows XP中, 已经完全支持菜单阴影了。虽然我们不一定很有必要自己来实现这个较难实现的效果。但是正如有很多人想实现那种IE风格的菜单栏一样,尽管它 们并不能为我们带来更多实用的功能, 却可以使我们的程序看起来与众不同
-Realize the use of hook menu shadow effect may have had a lot of people like me, for Office XP menu inside the shadow of the effect of envy, it does not need in Windows XP can be displayed in the menu behind the shadow, of course, in Windows XP, has been completely support of the shadow of the menu. Although we may not be necessary to achieve their own more difficult to realize this effect. But, as has a lot of people would like to realize the kind of IE-style menu bar as, although they have not been able to bring us more useful features, but the procedure allows us to look different
Platform: |
Size: 49152 |
Author: weiruhui |
Hits:
Description: Shadow table hook,一种新的Hook方式-Shadow table hook, a new way Hook
Platform: |
Size: 50176 |
Author: alex |
Hits:
Description: 一个演示如何hook shadow ssdt表的例子。
Platform: |
Size: 477184 |
Author: macro |
Hits:
Description: 1.恢复shadow ssdt
2.恢复
NtReadVirtualMemory
NtWriteVirtualMemory
NtOpenProcess
NtOpenThread
KiAttachProce-1.恢复shadow ssdt
2.恢复
NtReadVirtualMemory
NtWriteVirtualMemory
NtOpenProcess
NtOpenThread
KiAttachProcess
Platform: |
Size: 300032 |
Author: 傅碧波 |
Hits:
Description: 创建一个内核驱动,伪造一个ssdt表,使得ssdt钩子失效。-Create a kernel driver, forged a ssdt table, making failure ssdt hook.
Platform: |
Size: 72704 |
Author: john smith |
Hits:
Description: 一般网上找到的都是需要Ring3传输需要补丁的地址过去...
002就是直接用最标准的方法进行SSDT定位以及修复的
支持多核系统,当然还有003(加入shadow ssdt hook),004(加入inline hook)
基本上是现在最稳定的恢复方式了,大家可以用KMDLoader测试.加载就脱钩.不需要通讯
-Generally find on the Internet are required Ring3 address transmission needs a patch in the past ... 002 is the direct use of most standard approach to SSDT locate and repair support for multi-core systems, of course, 003 (add shadow ssdt hook), 004 (adding inline hook) is basically the recovery is now the most stable way, and we can use KMDLoader test. loaded on decoupling. does not require communication
Platform: |
Size: 515072 |
Author: 按时飞 |
Hits:
Description: 一个简单ARK源码。包括进线程操作,隐藏进程检测,SSDT,SHADOW SSDT hook查看-An anti-rookit tool
Platform: |
Size: 1452032 |
Author: 韩挚同 |
Hits:
Description: SSDT 及 SSDT Shadow HOOK通用框架及保护模块-SSDT and the SSDT Shadow HOOK common framework and protection module
Platform: |
Size: 10240 |
Author: 小鱼 |
Hits:
Description: 1.进程、线程、进程模块、进程窗口、进程内存信息查看,热键信息查看,杀进程、杀线程、卸载模块等功能 2.内核驱动模块查看,支持内核驱动模块的内存拷贝 3.SSDT、Shadow SSDT、FSD、KBD、TCPIP、IDT信息查看,并能检测和恢复ssdt hook和inline hook 4.CreateProcess、CreateThread、LoadImage、CmpCallback、BugCheckCallback、Shutdown、Lego等Notify Routine信息查看,并支持对这些Notify Routine的删除 5.端口信息查看,目前不支持2000系统 6.查看消息钩子 7.内核模块的iat、eat、inline hook、patches检测和恢复 8.磁盘、卷、键盘、网络层等过滤驱动检测,并支持删除 9.注册表编辑 -1 process, thread, process modules, process window, process memory information viewing, hot information to view, kill the process, kill thread, unload the module and other functions 2 kernel driver module view, to support the kernel driver module memory copy 3.SSDT, Shadow SSDT, FSD, KBD, TCPIP, IDT information view, and can detect and recover ssdt hook and inline hook 4.CreateProcess, CreateThread, LoadImage, CmpCallback, BugCheckCallback, Shutdown, Lego, etc. Notify Routine Information check, and to support their Notify Routine Delete 5 port information view, the current system does not support 2000 6 view news hook 7 kernel module iat, eat, inline hook, patches detection and recovery 8 disk, volume, keyboard, network layer filter driver detect, and support for the deletion 9. Registry Editor
Platform: |
Size: 3696640 |
Author: 接收 |
Hits:
Description: Hook 了以下函数:
NtUserFindWindowEx FindWindow
NtUserGetForegroundWindow GetForegroundWindow
NtUserQueryWindow GetWindowThreadProcessId
NtUserWindowFromPoint WindowFromPoint
NtUserBuildHwndList EnumWindows
NtUserSetWindowLong SetWindowLong
经XP/Win 2003/Vista/Win7测试可用. 获取ShadowTable表的方法是自己调试出来的玩意,不太清楚稳定性.
-Hook the following functions: NtUserFindWindowEx FindWindow NtUserGetForegroundWindow GetForegroundWindow NtUserQueryWindow GetWindowThreadProcessId NtUserWindowFromPoint WindowFromPoint NtUserBuildHwndList EnumWindows NtUserSetWindowLong SetWindowLong after XP/Win 2003/Vista/Win7 test available. Ways to get ShadowTable table out of their own debugging stuff, is not clear stability if the instability can go online to find a way to get ShadowTable.
Platform: |
Size: 384000 |
Author: TianSin |
Hits:
Description: Hook SSDT shadow 示例,首先找到csrss进程然后attach,最后修改ssdt shadow table-Hook SSDT shadow sample, first find the csrss process then attach, last modified ssdt shadow table
Platform: |
Size: 17408 |
Author: 顺口溜 |
Hits:
Description: 采用HOOK界面跟踪达到界面控件随鼠标移动略过个产生随影效果很好看的-The HOOK interface to interface with the tracking control the mouse skip a produce effect is very good with the shadow
Platform: |
Size: 16384 |
Author: hoiker |
Hits:
Description: 易语言 ssdt shadow hook 保护窗口,挂钩多个函数,兼容X86 XP~2008所有32位操作系统。包含调用和驱动源代码,使用sys边源包可编译-The easy language ssdt shadow hook Protection window, linked to more than one function, compatible with X86 XP ~ 2008 all 32-bit operating system. Contains call and driver source code can be compiled to use sys side source package
Platform: |
Size: 384000 |
Author: 学俊 |
Hits:
Description: 遍历shadow ssdt 的代码 会win窗体HOOK 很有帮助-Traverse shadow ssdt code will win form HOOK helpful
Platform: |
Size: 8547328 |
Author: 4444 |
Hits:
Description: ring3与ring0通信,配合之前的Shadow hook!简单明了-ring3 communicate with ring0, with the previous Shadow hook! Foolproof
Platform: |
Size: 1935360 |
Author: xiongx |
Hits: