Location:
Search - delphi ring0
Search list
Description: Hook Api Library 0.2 [Ring0&3] By Anskya
Email:Anskya@Gmail.com
ring3 inline hook For Api
Thank:
前29A高手也一直都是我的偶像...z0mbie大牛...这里膜拜一下
使用的LDE32引擎是翻译他老人家的...C->Delphi...
说明:
1.利用堆栈跳转
没有使用传统的jmp xxxx 长跳转,使用容易理解的push xxxx+ret
仔细看代码容易理解...封装完好.
2.内存补丁结构:
补丁1:|push xxx--钩子处理过程|ret|
补丁2:|保存原始补丁地址|保存原始地址代码长度|原始地址的代码|push xxxxxx|ret|
更新说明:
0.2:
支持Ring0 Inline Hook
0.1:
Ring3 Inline Hook
Platform: |
Size: 6347 |
Author: david |
Hits:
Description: 直接进Ring0运行的DELPHI代码.不需要任何特权
Platform: |
Size: 2012 |
Author: 李句 |
Hits:
Description: 在delphi中实现让ring3的程序运行在ring0
Platform: |
Size: 18774 |
Author: pp |
Hits:
Description: 该程序可以防止网站主页被篡改,主体是使用ddk编写的驱动,由sysinternals.com上的filemon修改而来,是一个毕业设计。-procedures can prevent the website home page had been tampered with, the main use is the driving ddk prepared, sysinternals.com by the filemon amend the bill, a graduate design.
Platform: |
Size: 251904 |
Author: 林风 |
Hits:
Description: Hook Api Library 0.2 [Ring0&3] By Anskya
Email:Anskya@Gmail.com
ring3 inline hook For Api
Thank:
前29A高手也一直都是我的偶像...z0mbie大牛...这里膜拜一下
使用的LDE32引擎是翻译他老人家的...C->Delphi...
说明:
1.利用堆栈跳转
没有使用传统的jmp xxxx 长跳转,使用容易理解的push xxxx+ret
仔细看代码容易理解...封装完好.
2.内存补丁结构:
补丁1:|push xxx--钩子处理过程|ret|
补丁2:|保存原始补丁地址|保存原始地址代码长度|原始地址的代码|push xxxxxx|ret|
更新说明:
0.2:
支持Ring0 Inline Hook
0.1:
Ring3 Inline Hook
-Hook Api Library 0.2 [Ring0
Platform: |
Size: 6144 |
Author: david |
Hits:
Description: 直接进Ring0运行的DELPHI代码.不需要任何特权-Ring0 run directly into the DELPHI code. Does not require any special privileges
Platform: |
Size: 2048 |
Author: 李句 |
Hits:
Description: 在delphi中实现让ring3的程序运行在ring0-In delphi to achieve so that the program runs ring3 in ring0
Platform: |
Size: 18432 |
Author: pp |
Hits:
Description: What IS TRing0?
TRing0 is a system level component that gives Delphi program access to system ressources like IO ports, Model Specific Registers (MSR) etc. Normally these ressources cannot be accessed directly by applications, just IO drivers. TRing0 reveals this functionality providing a simple Delphi component.
Platform: |
Size: 14336 |
Author: YOUGLE |
Hits:
Description: DELPHI 无驱动进入RING0层
DELPHI-free drive into the layer RING0-DELPHI-free drive into the layer RING0
Platform: |
Size: 21504 |
Author: SEOUSEO |
Hits:
Description: Example of Ring0 hook with uAll Hook Pack-Example of Ring0 hook with uAll Hook Pack...
Platform: |
Size: 250880 |
Author: Cipee |
Hits:
Description: Library Delphi Ring0 Library.
Execution of code in ring zero, the manipulation of the process input-output.
Platform: |
Size: 26624 |
Author: softik |
Hits:
Description: 获得ring0权限-Access permissions ring0
Platform: |
Size: 19456 |
Author: moroko |
Hits:
Description: 本书是一本介绍Windows核心技术及高级技巧的专著。从系统内核编程出发,使用大量的例子帮助读者理解这些编程技术,讲述了线程同步及隐藏、系统钩子深入分析、读写物理磁盘的关键技术、读写物理内存和其他进程内存的核心技术、Windows 9x下调用16位实模式和保护模式代码的核心技术、直接读写端口技术、可执行文件加壳的技巧、PE结构分析、Ring0的实现、Windows API截取技术、屏幕取词技术等方面的内容。全书对热点源代码进行了深入剖析和讲解,同时本书汇聚了作者利用Soft-ICE跟踪调试经验,作者多年的编程心得和技巧一览无遗。随书附送的光盘提供了书中涉及的程序源代码。-This book is an introduction Windows core technology and advanced techniques monographs. Starting from the system kernel programming, using a large number of examples to help readers understand the programming techniques described thread synchronization and hidden, system hooks in-depth analysis of the physical disk read and write the key technology, reading and writing physical memory and other processes memory the core technology, Windows 9x next call 16-bit real mode and protected-mode code, the core technology, direct read and write port technology, executable packers skills, PE structural analysis, Ring0 realization, Windows API interception technology, Capture Characters from Screen Technology and other aspects. The book on the hot source code in-depth analysis and explanation, while the book brings together authors tracked the use of Soft-ICE debugging experience, the author many years of programming experience and skills at a glance. CD-ROM supplied with the book provides the p
Platform: |
Size: 49120256 |
Author: 龙文 |
Hits:
Description: delphi版内核调用PspTerminateProcess杀进程源码,在ring3下搜索PspTerminateProcess地址,传给ring0,然后在ring0下调用。-delphi kernel call PspTerminateProcess kill the process, source code, in the next ring3 search PspTerminateProcess address, passed ring0, and then ring0 invoked.
Platform: |
Size: 13312 |
Author: 9908006 |
Hits:
Description: delphi usando Ring0 Code.
Platform: |
Size: 16384 |
Author: munizf |
Hits:
Description: Agony ring0 rootkit 一款国外RING0下的远程控制代码 稳定性很好-Agony ring0 rootkit under a foreign RING0 good stability of the remote control code
Platform: |
Size: 36864 |
Author: 历史家 |
Hits:
Description: delphi 内嵌汇编,使代码运行在Ring0
所需要的驱动文件一并放在压缩包里了。-delphi embedded assembly, make the code run in Ring0 driver files needed have been placed in the compression file.
Platform: |
Size: 181248 |
Author: 施坤 |
Hits:
Description: 用驱动进入Ring0扫描所有进程Delphi代码,XP Sp3测试成功-With a drive into the Ring0 Delphi code to scan all processes, XP Sp3 tested successfully
Platform: |
Size: 7168 |
Author: 池超奇 |
Hits:
Description: 这个是一个西班牙的家伙用DELPHI开发的远控,已经测试编译通过。
包内有madCollection,控件。
此远控没有过免杀,为学习用途,为ring3级别的,较为专业的远控是ring0层级别的.
欢迎大家一起学习交流远控的知识。-This is a Spanish guy DELPHI developed remote control has been tested compile. Package madCollection, control. Never had this remote control to avoid killing more professional far the control layer ring0 level of learning purposes, for ring3 level, with learning the exchange remote control knowledge.
Platform: |
Size: 1199104 |
Author: 牛小波 |
Hits:
Description: 直接进Ring0运行的DELPHI代码.不需要任何特权-Ring0 run directly into the DELPHI code. Does not require any special privileges
Platform: |
Size: 3072 |
Author: vvczc872bei |
Hits: