Search - microsoft detours 1.5

Search - microsoft detours 1.5 - List

[Hook api] shuziqianming_D7 DL : 0: 开始，运行输入 sigverif 通过检查数字签名就知道是不是ms的了。主要使用Win32API实现验证应用或驱动程 WinVerifyTrust API。如果该API被Hook有没有其他方法验证应用或驱动程序是否通过微软签名？如果仅仅是被挂钩了IAT，那么可以直接通过函数指针调用。如果是像Detours那样用jmp改写了函数头，可以通过读取WinTrust.dll中WinVerifyTrust的实现位置，恢复函数头的机器码。不知道使用CryptoAPI，再使用指定的Microsoft证书是不是更好一点，不容易被欺骗怕调api被hook的话，自己将验证的代码写出来，用openssl应该容易点。
Update : 2008-10-13 Size : 196.5kb Publisher : 下雨天
[Hook api] detours-1.5 DL : 1: 微软提供的截取Win32 API函数的开发包和例子1.5版本-SDK and example in 1.5 version of hooking Win32 API which are provided by Microsoft
Update : 2025-02-17 Size : 591kb Publisher : 站长
[Hook api] Detours Src DL : 0: Microsoft的Detours 1.5v-Microsoft Detours 1.5V
Update : 2025-02-17 Size : 518kb Publisher : 春
[OS program] Detours1.5 DL : 0: 微软API截获库，该代码也包含在MSDN的例子中。-intercepted the Microsoft API, the code also included in the MSDN examples.
Update : 2025-02-17 Size : 595kb Publisher : fishxz
[Hook api] Detours1.5 DL : 0: 微软提供的截取Win32 API函数的开发包和例子 1.5版-Microsoft Win32 API function interception Development Kit version 1.5 and examples
Update : 2025-02-17 Size : 517kb Publisher : rivershan
[Hook api] shuziqianming_D7 DL : 0: 开始，运行输入 sigverif 通过检查数字签名就知道是不是ms的了。主要使用Win32API实现验证应用或驱动程 WinVerifyTrust API。如果该API被Hook有没有其他方法验证应用或驱动程序是否通过微软签名？如果仅仅是被挂钩了IAT，那么可以直接通过函数指针调用。如果是像Detours那样用jmp改写了函数头，可以通过读取WinTrust.dll中WinVerifyTrust的实现位置，恢复函数头的机器码。不知道使用CryptoAPI，再使用指定的Microsoft证书是不是更好一点，不容易被欺骗怕调api被hook的话，自己将验证的代码写出来，用openssl应该容易点。-Start, Run enter sigverif by checking the digital signature is not on the know of the ms. Win32API realize the main use of the application or driver to verify WinVerifyTrust API. If the API was Hook has no other way to verify whether the application or driver through Microsoft Signed? If merely being linked to the IAT, you can call directly through the function pointer. If it is used as the Detours as to alter the function jmp head, can be read in WinVerifyTrust Wintrust.dll realize the location, the restoration of function of the binary header. Do not know the use of CryptoAPI, and then use the specified certificate is not Microsoft a little better, not easy to be deceived by fear api tune hook, then he would write the code to verify, using openssl should be easy points.
Update : 2025-02-17 Size : 196kb Publisher : 齐欢乐
[Internet-Network] rule-eqena DL : 0: detours-1,5 微软提供的截取Win32 API函数的开发包和例子1,5版本-Detours- 1, 5 intercept Win32 API function provided by the Microsoft development kit and example 1, 5 version
Update : 2025-02-17 Size : 584kb Publisher : eatch
[Internet-Network] Win32__devzaopment DL : 0: detours-1,5 微软提供的截取Win32 API函数的开发包和例子1,5版本-Detours- 1, 5 intercept Win32 API function provided by the Microsoft development kit and example 1, 5 version
Update : 2025-02-17 Size : 452kb Publisher : eatch
[Other] 04191254 DL : 0: detours-1,5 微软提供的截取Win32 API函数的开发包和例子1,5版本-Detours- 1, 5 intercept Win32 API function provided by the Microsoft development kit and example 1, 5 version
Update : 2025-02-17 Size : 452kb Publisher : Pqter
[Process-Thread] functikljit DL : 0: detours-1,5 微软提供的截取Win32 API函数的开发包和例子1,5版本-Detours- 1, 5 intercept Win32 API function provided by the Microsoft development kit and example 1, 5 version
Update : 2025-02-17 Size : 452kb Publisher : doqyyv
[GUI Develop] 7205609 DL : 0: detours-1,5 微软提供的截取Win32 API函数的开发包和例子1,5版本(Detours - 1, 5 intercept Win32 API function provided by the Microsoft development kit and example 1, 5 version)
Update : 2025-02-17 Size : 451kb Publisher : contraot