Description: windowsNT下的通过截获OpenProcess函数来禁止终止本进程的程序-Through intercepting windowsNT under the OpenProcess function to prohibit the procedure to terminate the process Platform: |
Size: 48128 |
Author:站长 |
Hits:
Description: 一个利用dll注入拦截OpenProcess,禁止强行关闭程序的例子-Dll into the interception of a use OpenProcess, prohibition of forced closure procedure example Platform: |
Size: 358400 |
Author:天一 |
Hits:
Description: HookAPIProcessGuard是一个使用API函数实现进程保护的简单例子,我们Hook了OpenProcess函数,就能够实现保护了!-HookAPIProcessGuard is a realization of the process of using the API function to protect the simple example, we Hook the OpenProcess function can be achieved to protect! Platform: |
Size: 482304 |
Author:yeqing |
Hits:
Description: 对付ring0 inline hook的基本思路是这样的,自己写一个替换的内核函数,以NtOpenProcess为例,就是 MyNtOpenProcess。然后修改SSDT表,让系统服务进入自己的函数MyNtOpenProcess。而MyNtOpenProcess要做的事就是,实现NtOpenProcess前10字节指令,然后再JMP到原来的NtOpenProcess的十字节后。这样NtOpenProcess 函数头写的JMP都失效了,在ring3直接调用OpenProcess再也毫无影响。-Ring0 inline hook to deal with the basic idea is that the replacement of their own to write a kernel function to NtOpenProcess for example, is MyNtOpenProcess. And then amend the SSDT table, so that system services into its own function MyNtOpenProcess. And MyNtOpenProcess to do is realize NtOpenProcess the first 10-byte instruction, and then JMP to the original NtOpenProcess the Cross Festival. This NtOpenProcess function of the JMP are the first to write a lapse in ring3 no longer directly call OpenProcess no impact. Platform: |
Size: 3072 |
Author:sdlylz |
Hits:
Description: 利用hook openprocess实现防止任务管理器结束的方法,但是只能实现防止任务管理器,其他的防不住-Hook openprocess use Task Manager to prevent the realization of the end of the method, but can only achieve the Task Manager to prevent other防不住 Platform: |
Size: 340992 |
Author:木头 |
Hits:
Description: hook nextfile and openprocess, it blocks notepad and hides files
its a mix of diferent codes their autors are:E0N and internals (StickyApp32) Platform: |
Size: 2493440 |
Author:hytom |
Hits:
Description: 通过拦截TerminateProcess和OpenProcess两个API,防止进程被结束-Two by interception TerminateProcess and OpenProcess API, to prevent the process is concluded Platform: |
Size: 344064 |
Author:bingo |
Hits:
Description: 原创的进程防杀最终版 Hook OpenProcess 支持xp,server2003,不支持NT2-Original anti-death process, the final version of Hook OpenProcess support xp, server2003, does not support NT2000 Platform: |
Size: 7520256 |
Author:王三 |
Hits:
Description: OPENPROCESS消息截获处理的代码例子,几年前折腾的-Code examples OPENPROCESS intercepted messages processed, a few years ago to toss Platform: |
Size: 196608 |
Author:艾俊涛 |
Hits:
Search - hook openprocess