Location:
Search - hook process
Search list
Description: Hook编程。如何安装钩子过程,如何编写全局钩子,动态连接库里的全局变量数据共享问题分析。-Hook programming. How to install the hook process, how to compile the overall hook, 13-17 Dynamic Link global variable data sharing analysis.
Platform: |
Size: 32017 |
Author: huangzhifeng |
Hits:
Description: api hook process的教程,需要的可以下载看看,非常简单
Platform: |
Size: 21834 |
Author: yiler |
Hits:
Description: 可截获windows下各进程的各类消息,可作消息查看之用-windows can be intercepted under the process of the various news sources for use View
Platform: |
Size: 271678 |
Author: wxs715 |
Hits:
Description: 工作需要,想控制进程的创建,于是HOOK了ZwCreateProcess,后来发现xp和2003中创建进程的都用NtCreateProcessEx-work needs to control the process of creation, then the ZwCreateProcess HOOK, later found xp 2003 and the process of creating both NtCreateProcessEx
Platform: |
Size: 9048 |
Author: 龙 |
Hits:
Description: const WM_UNSUBCLASS = WM_USER + 2001 //卸载子类化消息 WM_SENDDATA = WM_USER + 2003 //收到要发送新数据包的消息 type PMyDLLVar = ^TMyDLLVar //用来共享的内存数据结构 TMyDLLVar = record SubClass: Boolean //是否已经子类化 HookWindow, SpyWindow: LongWORD //要安装HOOK的窗口及用于接收消息的窗口 hHook: LongWORD //HOOK句柄 OldWndProc: pointer //旧的窗口过程 end-const WM_UNSUBCLASS = WM_USER 2001 / / Uninstall subclass of news WM_SENDDATA = WM_USER 2003 / / received new data to be sent information packets type PMyDLLVar = ^ TMyDLLVar / / used to share memory data structure TMyDLLVar = record SubClass : Boolean / / if the child class of HookWindow, SpyWindow : LongWORD / / HOOK to install a window for receiving news and the window hHook : LongWORD / / handle OldWndProc HOOK : pointer / / old process end window
Platform: |
Size: 199137 |
Author: 黄春标 |
Hits:
Description: windowsNT下的通过截获OpenProcess函数来禁止终止本进程的程序-Through intercepting windowsNT under the OpenProcess function to prohibit the procedure to terminate the process
Platform: |
Size: 48128 |
Author: 站长 |
Hits:
Description: 进程管理系统,消息钩子-Process management systems, the news hook
Platform: |
Size: 493568 |
Author: 站长 |
Hits:
Description: hide processes, elevate process privileges, fake out the Windows Event Viewer so that forensics is impossible, and even hide device drivers (NEW!) All this without any hooking.
Platform: |
Size: 142336 |
Author: |
Hits:
Description: 近日由于需求问题,需要写一个 API Hook 相关的东西,温习了一下牛写的《Windows 核心编程》,做了一个小工具,用来将自定义的 Dll 注入进程空间,并钩住指定 API 函数,关于注入和钩 API 的代码,牛的书里和配套光盘中已经有了,这里主要介绍如何使用这个小工具方便实现截获 API 的功能。(补充代码)-recent demand, the need to write an API Hook related things, a study was made about the cattle "Windows core programming" and made a small tool, used to customize the process Dll into space and hooked designated API function, and on the hook into the API code, cattle book and matching discs have here mainly on how to use this tool to facilitate the achievement of small intercepted API functions. (Supplementary code)
Platform: |
Size: 106496 |
Author: 京用 |
Hits:
Description: 全局钩子,监视所有键盘消息,并且保存到文本文件.详细全面的过程.全部源代码.VC6下编译通过-overall hook, keyboard monitor all news and save text files. Detailed and comprehensive process. All source code. Under compile VC6
Platform: |
Size: 18432 |
Author: 学习 |
Hits:
Description: 利用Hook在Explorer进程插入一个线程实例-use Explorer Hook in the process of inserting a threaded example
Platform: |
Size: 26624 |
Author: 王任 |
Hits:
Description: There are numerous codes in the www to explain how to hook API functions inside a remote process. So, why creating another one ? This article is the first (I) part of a tool I m working on. This tools won t be too complex, so there is no need for a huge class hierarchy like in almost all other code, nor a hard coded assembly code. This tool is just a technical preview of what is possible to achieve, with QUICK and DIRTY "put your functions here" blocks.-There are numerous codes in the www to explain how to hook API functions inside a remote process. So, why creating another one This article is the first (I) part of a tool I m working on. This tools won t be too complex, so there is no need for a huge class hierarchy like in almost all other code, nor a hard coded assembly code. This tool is just a technical preview of what is possible to achieve, with QUICK and DIRTY "put your functions here" blocks.
Platform: |
Size: 8192 |
Author: |
Hits:
Description: apihook程序例子,简单的实现过程,学习用。-apihook procedures example, the simple realization process, to learn from.
Platform: |
Size: 12288 |
Author: 邱 |
Hits:
Description: 使用vs.net,c#开发的外挂程序, 利用全局键盘钩子激活外挂, 通过进程内存读写技术,实现扫雷和连连看3的外挂功能。-use vs.net, c# development of the external procedure, and use the keyboard hook overall external activation, through the process of reading and writing memory technology, and the 1000 block of Terry Avenue mine three of the external function.
Platform: |
Size: 83968 |
Author: 稷下剑圣 |
Hits:
Description: SYSENETER是一条汇编指令,它是在Pentium® II 处理器及以上处理器中提供的,是快速系统调用的一部分。SYSENTER/SYSEXIT这对指令专门
用于实现快速调用。在这之前是采用INT 0x2E来实现的。INT 0x2E在系统调用的时候,需要进行栈切换的工作。由于Interrupt/Exception Handler的
调用都是通过 call/trap/task这一类的gate来实现的,这种方式会进行栈切换,并且系统栈的地址等信息由TSS提供。这种方式可能会引起多次内存访
问(来获取这些切换信息),因此,从PentiumII开始,IA-32引入了新指令:SYSENTER/SYSEXIT。有了这两条指令,
从用户级到特权级的堆栈以及指令指针的转换,可以通过这一条指令来实现,并且,需要切换到的新堆栈的地址,以及相应过程的第一条指令的位
置,都有一组特殊寄存器来实现,这类特殊寄存器在IA-32中称为MSR(Model Specific Register)。这里牵涉到3个特殊寄存器-SYSENETER is a compilation of instructions, it is in the Pentium ® II processor or above processor provided as part of a fast system calls. SYSENTER/SYSEXIT This specialized instruction
For fast calls. Before this is achieved using INT 0x2E. INT 0x2E in the system call when the work required to switch the stack. The Interrupt/Exception Handler s
Calls through call/trap/task to implement this type of gate, and in this way would be to switch the stack and system stack address and other information provided by the TSS. This approach may lead to memory access times
Q (to obtain the switching information), therefore, start from the PentiumII, IA-32 introduces a new command: SYSENTER/SYSEXIT. With these two instructions,
From the user level to privilege level of the stack and instruction pointer conversion, achieved through the instructions, and the need to switch to the new stack address, and the corresponding bits in the first instruction of the process
Home, there is a spec
Platform: |
Size: 30720 |
Author: wu |
Hits:
Description: 无驱动 无hook 纯API编写的保护自身进程源码 防止自身进程,防止被恶意关闭,此源码进程保护强度一般、-No drive no hook pure API code written to protect its own process to prevent its own process, to prevent malicious closed, the source protection process, general strength,
Platform: |
Size: 5120 |
Author: 王兰娟 |
Hits:
Description: 如何安装钩子过程,如何编写全局钩子,动态连接库里的全局变量数据共享问题分析。ADO数据库编程。在VB中利用ADO控件和ADO对象访问数据库,在VC中利用ADO技术访问
数据库-How to install the hook process, how to write global hooks, dynamic link library global variable analysis of data sharing. ADO database programming. Controls in VB using ADO and ADO Object Access database using ADO in VC technology to access the database
Platform: |
Size: 202752 |
Author: 王子燚 |
Hits:
Description: 注入钩子过程,获取相关的进程信息,and all information-Injection hook process, the process of obtaining relevant information
Platform: |
Size: 1024 |
Author: Gof |
Hits:
Description: delphi hook dll案例,
论坛里有关于HOOK API的贴子, 但其实现在方式显示得麻烦, 其实现在拦截API一般不用那种方式, 大都采用inline Hook API方式。其实也就是直接修改了要拦截的API源码的头部,让它无条件跳转到我们自己的处理过程。(There are HOOK API posts on the forum, but in fact, the way it is showing is troublesome. In fact, interception of API is usually not in that way. Most of them are inline Hook API. In fact, it is directly to modify the API source to intercept the head, let it unconditionally jump to our own processing process.)
Platform: |
Size: 278528 |
Author: lj123456_ |
Hits:
Description: 易语言HOOK api 实现创建进程,很不错的易语言源码,适合易语言爱好者学习。(Easy language HOOK API to achieve the creation process, very good easy language source code, suitable for easy language enthusiasts to learn)
Platform: |
Size: 423936 |
Author: 风格化电热管 |
Hits:
«
1
23
4
5
6
7
8
9
10
...
26
»