Location:
Search - hook kernel
Search list
Description: 国外收集的多个hook代码
Let s talk about kernel and drivers
--- --- --- --- --- -----
Author: Holy_Father <holy_father@phreaker.net>
/ When you see the shadow,
think about the light that causes it /
Version: 1.0 english
Birthday: 27.08.2005
Home: http://www.hxdef.org, http://hxdef.net.ru,
http://hxdef.czweb.org, http://rootkit.host.sk-foreign collected more than hook code Let's talk about kernel and d rivers----------------------------------- Author : Holy_Father
Platform: |
Size: 263168 |
Author: 校风 |
Hits:
Description: 一个截取网络包的驱动。它与DDK文档正是NDIS中间驱动不同,是通过HOOK内核NDIS API来实现的。听说诺顿也是使用此方法来实现。-an interception network packet driver. It DDK documentation is NDIS Intermediate Driver, through HOOK kernel NDIS API to achieve. Norton also heard that the use of this method is to be achieved.
Platform: |
Size: 279552 |
Author: helwjh |
Hits:
Description: 这是一篇详细讲解Windows NT内核操作系统的内核Hook编程原理其实实现,并以监控注册为例讲解了Windows的Hook过程!-This is an elaborate in detail the core Windows NT operating system kernel programming Hook In fact, the realization of the principle, and to monitor the registration of the Windows as an example to explain the process of the Hook!
Platform: |
Size: 27648 |
Author: srain |
Hits:
Description: Linux 2.6 内核下劫持系统调用,代码比较简单,还是可以参考参考的。-Linux 2.6 kernel system call hijacking, the code is relatively simple, or can refer to as a reference.
Platform: |
Size: 37888 |
Author: dengke |
Hits:
Description: Windows内核态SSDT-hook实现进程隐藏和文件隐藏,代码很规整,学习内核编程的好例子 -a good example of studying kernel programing or driver developing,
SSDT hook
Platform: |
Size: 5120 |
Author: goodone |
Hits:
Description: 创建一个内核驱动,伪造一个ssdt表,使得ssdt钩子失效。-Create a kernel driver, forged a ssdt table, making failure ssdt hook.
Platform: |
Size: 72704 |
Author: john smith |
Hits:
Description: DiskMon运行在NT4上才加载驱动,在W2k以上平台其使用kernel event tracing实现磁盘活动的监视,
但其驱动可以跑在W2k/XP/2K3/Vista上
该驱动Hook了disk的driver dispatch例程,不仅可以监视磁盘活动,稍微改下还能拦截、修改上层对磁盘的读写,
很容易就可以搞个什么 基于Disk的 -DiskMon only run on NT4 load on the drive, more than W2k platform in its use of kernel event tracing activities to monitor the achievement of the disk, but the drive can run in W2k/XP/2K3/Vista on the Hook of the disk drive of the driver dispatch routine, not only can monitor disk activity, but also under a slight change to intercept, modify the top of the disk read and write, it is easy to Disk-based搞个what the xxx
Platform: |
Size: 8192 |
Author: sldfl |
Hits:
Description: Example of kernel hook (MS Visual Studio 2005) of system call NtOpenProcess to prevent opening process from user mode
Platform: |
Size: 5120 |
Author: Spec8472 |
Hits:
Description: Sometimes, we run into a situation when we badly need to hook some kernel function, but are unable to do it via conventional PE-based hooking. This article explains how kernel functions can be directly hooked. As a sample project, we are going to present a removable USB storage device as a basic disk to the system, so that we can create and manage multiple partitions on it (for this or that reason, Windows does not either allow or recognize multiple partitions on removable storage devices, so we are going to cheat the system). On this particular occasion, we will hook only one function, but the approach described in this article can be extended to handle multiple functions (for example, one of my projects required direct hooking of quite a few functions from the NDIS library). You should clearly realize that this article is about direct hooking and not about dealing with USB storage, so please don t tell me that the sample problem may have been solved differently.
Platform: |
Size: 10240 |
Author: gto |
Hits:
Description: 本文从难易程度上主要分三块详细介绍:一.用户模式Hook:IAT-hook,Dll-inject 二.内核模式Hook:ssdt-hook,idt-hook,int 2e/sysenter-hook 三.Inline Function Hook -In this paper, Difficulty Level 3 detail the main points: 1. User Mode Hook: IAT-hook, Dll-inject 2. Kernel-mode Hook: ssdt-hook, idt-hook, int 2e/sysenter-hook 3. Inline Function Hook
Platform: |
Size: 14336 |
Author: lee |
Hits:
Description: 驱动层搜索内连HOOK,查看SSDT中的内核函数的开头是否被内连HOOK-Search within driving layer with HOOK, see SSDT in the beginning of the kernel function is to be in with HOOK
Platform: |
Size: 345088 |
Author: 王海 |
Hits:
Description: kernel Inline Hook word doc
详谈内核三步走Inline Hook实现-kernel Inline Hook word doc go into the details to achieve core three-step Inline Hook
Platform: |
Size: 25600 |
Author: jpinglove |
Hits:
Description: VB恢复内核钩子的一个示例工程文件。可以调试。-VB restore a core sample project file hook. For debugging.
Platform: |
Size: 13312 |
Author: 蓝云 |
Hits:
Description: Linux网络核心堆栈。本文讨论模块编写者如何利用Netfilter hook 来实现任意目的以及如何将将网络通信在基于Libpcap 的应用程序中隐藏。-Linux core of the network stack. This article discusses how to use Netfilter hook module writers to achieve any purpose and how the network communications applications based Libpcap hidden.
Platform: |
Size: 225280 |
Author: wk |
Hits:
Description: VC++ 驱动层Hook系统内核调用 VC++ driver Hook kernel system call VC++ driver Hook kernel system ca-VC++ driver Hook kernel system call
Platform: |
Size: 77824 |
Author: 刘杰 |
Hits:
Description: hook kernel tut 1, code in c++, build with wdk
Platform: |
Size: 8192 |
Author: nguyen thiet |
Hits:
Description: hook kernel tut 2, code in c++, build with wdk
Platform: |
Size: 11264 |
Author: nguyen thiet |
Hits:
Description: hook kernel tut 4, code in c++, build with wdk
Platform: |
Size: 17408 |
Author: nguyen thiet |
Hits:
Description: hook kernel tut 5, code in c++, build with wdk
Platform: |
Size: 21504 |
Author: nguyen thiet |
Hits:
Description: hook kernel tut 3, code in c++, build with wdk
Platform: |
Size: 16384 |
Author: nguyen thiet |
Hits: