Location:
Search - hook process
Search list
Description: | |
| 实现原理: |
| 锁定 Ctrl+Alt+Del 使用远程线程、代码注入及子类化技术 |
| 其它键盘消息使用普通钩子技术 |
| |
| 本模块向 VB 程序员展示远程线程、代码注入等似乎被列入 |
| 只有Delphi、VC程序员才可能使用的技术,同时目前诸多木马 |
| 也同样大量使用这些技术。注入的方式比 Dll 钩入更加隐蔽。 |
| 注入后无进程、无文件
-| | | Principle: | | lock Ctrl+ Alt+ Del the use of remote threads, code injection and sub-class technology | | other information using an ordinary keyboard hook technology | | | | of the module to the VB programmer to display the remote thread, code seem to be included into the | | only Delphi, VC programmers could use the technology, while at present many Trojan | | is also large-scale use of these technologies. Dll injection than hook into the more hidden. | | Inject no process, no file
Platform: |
Size: 14336 |
Author: kidy |
Hits:
Description: 注入技术简述:
本实例其实是一个查看工具。完成以下的几个功能:
1、查看系统当前的运行进程;
2、查看系统当前的运行线程;
3、查看系统中运行某个进程中包含的DLL列表;
4、通过创建远程线程的方法将DLL注入到目标进程中:
5、通过Hook方法将DLL注入到目标进程中:
-A brief injection technique: This example is actually a view tool. Completion of the following functions: 1, view the system is currently running process 2, Show system is currently running thread 3, view the system is running a process that contains a list of the DLL 4, by creating a remote thread method the DLL is injected into the target process: 5, through Hook Methods DLL into the target process:
Platform: |
Size: 12288 |
Author: 赵积元 |
Hits:
Description: C# 利用钩子原理实现游戏外挂,本程序仅供学习使用,请勿其他用途-C# Use the principle of the realization of the game plug-hook, the process for learning to use, not for other purposes
Platform: |
Size: 1374208 |
Author: xiesan |
Hits:
Description: 创建进程提醒,挂起恢复进程,是一个不错的程序,-Create a process to remind, hang recovery process, it is a good procedure,
Platform: |
Size: 19456 |
Author: 禁止进程创建 |
Hits:
Description: Hook Hidden Process.
Using ZwQuerySystemInfomation Api.
Platform: |
Size: 50176 |
Author: Kevin Smith |
Hits:
Description: 使用钩子实现的自绘CButton类,网上的同类代码虽然很多,但是使用钩子来实现的很少。钩子过程可以使导出的CButton类脱离对话框窗口-Since the implementation of the use of hook-type CButton painted, on-line although a lot of similar code, but the use of hooks to achieve very little. Hook process can type CButton derived from the dialog window
Platform: |
Size: 223232 |
Author: ssss |
Hits:
Description: 内核hook KiInsertQueueApc apc级保护进程-Kernel-level hook KiInsertQueueApc apc protection process
Platform: |
Size: 96256 |
Author: 马振强 |
Hits:
Description: 一个小程序,hook windows api, 让不能结束掉本程序,希望对你有帮助-Procedures for a small, hook windows api, so that the end can not be out of the process, would like to help you
Platform: |
Size: 20480 |
Author: plfyt |
Hits:
Description: 通过HOOK注册表相关的API,来限制注册表的访问.并可以设置指定进程为可信进程,不受限制.-HOOK associated through the registry API, to restrict access to the registry. And can be set up for the credibility of the process of the specified process, unrestricted.
Platform: |
Size: 89088 |
Author: wsw |
Hits:
Description: RING0下检测用HOOK SSDT隐藏进程的代码,直接build,适用于XP,2000系统。短小实用。-RING0 detect hidden process by HOOK SSDT code directly build, apply to XP, 2000 systems. Short and practical.
Platform: |
Size: 4096 |
Author: ldf |
Hits:
Description: 是一个简单的跨进程的APIHOOK,目标程序是NOTEPAD.EXE很有学习意义,代码部分是网上学习,部分是自己原作。原大家一起学习,另,由于作者也是刚学习,有什么错误请指出,谢谢,邮箱dake1024@163.com-Is a simple process of cross-APIHOOK, the target procedure is very NOTEPAD.EXE learning the meaning of the code is e-learning part of their own original work. The original learning together, and the other, because the author is just learning, please point out what is wrong, Thank you, mail dake1024@163.com
Platform: |
Size: 78848 |
Author: firememory |
Hits:
Description: XPoker Bot AI analysis. Hook / dll inject into process and send fake keyboard / mouse messages.-XPoker Bot AI analysis. Hook/dll inject into process and send fake keyboard/mouse messages.
Platform: |
Size: 211968 |
Author: Daemn |
Hits:
Description: 本书精选了300多个在Visual C++程序设计中经常遇到的问题和典型的功能需求,以专家解答的方式展现给读者。本书内容涵盖开发工具与调试、Visual C++ 6.0编程基础、对话框及控件的使用、一般窗口及界面设计、SDI和MDI窗口、消息系统钩子函数及DLL、磁盘路径与文件操作、数据库、网络与通信、图形图像及打印控制、操作系统、线程及进程控制、时间控制、数学算法、发布程序等Visual C++开发的各个方面,重点突出程序设计实用性。每个问答或者需求都根据技术难度不同加以标识,并给出在实际开发中的人气指数(经常涉及频繁程度)。-This book has been selected more than 300 in the Visual C++ programming problem often encountered in a typical functional requirements and to demonstrate the way the experts to answer readers. This book covers the development and debugging tools, Visual C++ 6.0 programming foundation for the use of dialog boxes and controls, the general window and interface design, SDI and MDI windows, information systems function and the hook DLL, disk path and file operations, database, network and communications, graphic images and print control, operating system, thread and process control, time control, mathematical algorithms, publish procedures Visual C++ development of all aspects of program design focused practicality. Or the demand for each question and answer are based on different technical difficulty be identified and given in the actual development of the popular index (often related to the frequency of).
Platform: |
Size: 14733312 |
Author: john winsome |
Hits:
Description: 向BIOS中植入模块,HOOK中断向量表,HOOK NTLDR加载过程以及HOOK内核函数,SSDT hook。-Add module into bios,HOOK IVT,HOOK NTLDR loder process and hook knrnel function,just as SSDT HOOK
Platform: |
Size: 10240 |
Author: 俊豪 |
Hits:
Description: VC++6.0实现的利用IP过滤钩子驱动创建的一个Windows防火工具,支持TCP,UDP,ICMP协议,基本呈现了Windows防火墙开发的过程-VC++6.0 to achieve the use of IP filter hook driver to create a Windows fire prevention tools, support for TCP, UDP, ICMP protocol, the basic Windows firewall shows the process of development.
Platform: |
Size: 2997248 |
Author: 周东尧 |
Hits:
Description: Example of kernel hook (MS Visual Studio 2005) of system call NtOpenProcess to prevent opening process from user mode
Platform: |
Size: 5120 |
Author: Spec8472 |
Hits:
Description: Miss920程序行为监视器,运用SSDT HOOK技术,可以简单有效的监控程序行为,现在已经实现了进程监控,文件监控,注册表监控,并且可以有效快捷地进行二次开发。-Miss920 monitor program behavior, the use of SSDT HOOK technology, can be simple and effective monitoring of program behavior, the process has already been realized to monitor, document monitor, registry monitor, and can be carried out effectively and expeditiously to the second development.
Platform: |
Size: 365568 |
Author: 李俊 |
Hits:
Description: 勾了系统函数,可以修改API函数返回值以隐藏进程-Hook a system function, you can modify the return value of API functions to hide the process of
Platform: |
Size: 3072 |
Author: tzwsoho |
Hits:
Description: 收集几款VC++代码注入程序,不同时期的都有,通过这些示例你会明白如何将代码注入不同的进程地址空间,随后在该进程的上下文中执行注入的代码。这里主要是三种方法:
1、Windows 钩子
2、CreateRemoteThread 和 LoadLibrary 技术 ——进程间通信
3、CreateRemoteThread 和WriteProcessMemory 技术
——如何用该技术子类化远程控件
——何时使用该技术-Collection of several VC++ code into the process, have different periods, through these examples you will understand how to code the process into a different address space, and then in the process into the context of the implementation of the code. Here are mainly three methods: 1, Windows hook 2, CreateRemoteThread and LoadLibrary technology- the process of communication 3, CreateRemoteThread and WriteProcessMemory technology- how to use the technology sub-class of remote control- when to use the technology
Platform: |
Size: 48128 |
Author: 300 |
Hits:
Description: VC++写的APIHook实例源代码,大致翻了一下,只挂引入表的函数,注入有SetWindowHookEx和CreateRemoteThread两种方式,进程枚举也区分了不同系统下使用的psai和toolhelp,另外为了获得Process的创建消息,做了一个驱动来注册回调函数,总的来说,在注入部分做得相当棒,如果想挂各种函数,可以结合detour使用。-VC++ to write the source code examples APIHook generally turned a bit, only linked to the introduction of the function table, there SetWindowHookEx and CreateRemoteThread into two ways, the process of enumeration to distinguish between the different systems are used psai and toolhelp, the other in order to obtain Process the creation of news, so a drive to register a callback function, in general, has done quite a part in the injection rod, if you want to hang a variety of functions can be combined with the use of detour.
Platform: |
Size: 71680 |
Author: Massachusetts |
Hits:
«
1
2
3
4
5
6
78
9
10
11
12
...
26
»