Location:
Search - ntdll
Search list
Description: 使用ntdll.dll中未公布的函数实现的资源读写加锁的例子
Platform: |
Size: 2995 |
Author: |
Hits:
Description: 图形显示CPU内存利用率
1.本程序分两种情况来获取CPU的利用率,NT下利用ntdll.dll中没有公开的API: NtQuerySystemInformation, 9x下利用注册表来获取CPU的利用率
2.通过 GlobalMemoryStatus来获取内存的使用情况
3.程序中封装了两个类 CcpuUsgesCtl和CmemUsgesCtl,使用这两这个类可以实现CPU,内存利用率的定时读取,并以图形化的形式显示出来-graphics CPU utilization of a memory. The procedure to obtain two of the CPU utilization, NT not use Base open API : NtQuerySystemInformation. 9x use the registry to obtain two CPU utilization. through GlobalMemoryStatu s access memory to the use of the three. proceedings of the two types of packages and CmemU CcpuUsgesCtl sgesCtl, the use of these two categories can achieve the CPU, memory utilization regularly read, and in graphical form displayed
Platform: |
Size: 144853 |
Author: 王勃 |
Hits:
Description: NT进程查看,使用NTDLL的NtQuerySystemInformation函数,vc6.0编译通过-NT process, NTDLL NtQuerySystemInformation use the function, vc6.0 compile
Platform: |
Size: 30295 |
Author: Athena1713 |
Hits:
Description: ms07017漏洞利用源码,其中ntdll.lib可以在DDK中找到
Platform: |
Size: 3720 |
Author: 东方羽 |
Hits:
Description: ring0--hook NtContinue+source_code
ring0下面hookNtContinue 使用drx7寄存器实现的hook
this code hooks ntoskrnl!NtContinue to set dr7 to 0 (no updating of dr7)
so NtContinue called from ring3 cannot alter drX registers...
This hook will only PREVENT drX clearing from SEH (kiuser->ntcontinue)
and will not alter debugging using ring3 debuggers (olly->SetThreadContext)
mainly developed for personal reasearch and as anti-bpm...
Hook NtContinue (not exported from ntoskrnl.exe but exported in ntdll.dll with service number) to set dr7 to 0 prior to calling original NtContinue so debug registers won t be changed from seh and ring3 code =)
Its use for some targets such as armadillo... but never posted code...
by deroko
Platform: |
Size: 6421 |
Author: 张京 |
Hits:
Description: 在这部分,我们将涉及一点汇编的知识,学习创建使用最基本的连接脚本。最后,我们将学习如何使用批处理文件自动进行汇编、编译和连接这个最最基本的保护模式内核。请注意,我将假设你已经安装了NASM和DJGPP在你的操作系统上,并且你已经掌握了最基本的X86汇编语言知识。
Platform: |
Size: 4801 |
Author: 注册和开 |
Hits:
Description: 用Ntdll中的函数写文件,用了几个函数,第一次写
Platform: |
Size: 1169 |
Author: 李白 |
Hits:
Description: 从所周知,NT环境中API的黑洞之一便是NTDLL.DLL,这个DLL包含了许多有用的函数,这些函数都是未公开的。此代码拟使用NTDLL.DLL中的NtQueryInformationProcess函数来获取任何指定进程之父进程的ID。-from known, NT environment API is one of the black hole NTDLL.DLL, the DLL contains many useful functions, these functions are not open to the public. This code to be used in NTDLL.DLL NtQueryInformationProcess function to obtain any specified process ID of the parent process.
Platform: |
Size: 17983 |
Author: www |
Hits:
Description: 使用ntdll.dll中未公布的函数实现的资源读写加锁的例子-An example of realising resource lock of reading and writing by using unpublished function in ntdll.d
Platform: |
Size: 3072 |
Author: 站长 |
Hits:
Description: 从所周知,NT环境中API的黑洞之一便是NTDLL.DLL,这个DLL包含了许多有用的函数,这些函数都是未公开的。此代码拟使用NTDLL.DLL中的NtQueryInformationProcess函数来获取任何指定进程之父进程的ID。-from known, NT environment API is one of the black hole NTDLL.DLL, the DLL contains many useful functions, these functions are not open to the public. This code to be used in NTDLL.DLL NtQueryInformationProcess function to obtain any specified process ID of the parent process.
Platform: |
Size: 17408 |
Author: www |
Hits:
Description: 图形显示CPU内存利用率
1.本程序分两种情况来获取CPU的利用率,NT下利用ntdll.dll中没有公开的API: NtQuerySystemInformation, 9x下利用注册表来获取CPU的利用率
2.通过 GlobalMemoryStatus来获取内存的使用情况
3.程序中封装了两个类 CcpuUsgesCtl和CmemUsgesCtl,使用这两这个类可以实现CPU,内存利用率的定时读取,并以图形化的形式显示出来-graphics CPU utilization of a memory. The procedure to obtain two of the CPU utilization, NT not use Base open API : NtQuerySystemInformation. 9x use the registry to obtain two CPU utilization. through GlobalMemoryStatu s access memory to the use of the three. proceedings of the two types of packages and CmemU CcpuUsgesCtl sgesCtl, the use of these two categories can achieve the CPU, memory utilization regularly read, and in graphical form displayed
Platform: |
Size: 144384 |
Author: 王勃 |
Hits:
Description: NT进程查看,使用NTDLL的NtQuerySystemInformation函数,vc6.0编译通过-NT process, NTDLL NtQuerySystemInformation use the function, vc6.0 compile
Platform: |
Size: 29696 |
Author: huangXX |
Hits:
Description: ms07017漏洞利用源码,其中ntdll.lib可以在DDK中找到-ms07017 exploit source, which ntdll.lib can be found in the DDK
Platform: |
Size: 3072 |
Author: 东方羽 |
Hits:
Description: 在这部分,我们将涉及一点汇编的知识,学习创建使用最基本的连接脚本。最后,我们将学习如何使用批处理文件自动进行汇编、编译和连接这个最最基本的保护模式内核。请注意,我将假设你已经安装了NASM和DJGPP在你的操作系统上,并且你已经掌握了最基本的X86汇编语言知识。-In this part, we will involve a little compilation of knowledge, learning to create scripts to connect using the most basic. Finally, we will learn how to use the batch file automatically compile, compile and link the most basic protected mode kernel. Please note that I will assume that you have installed NASM and DJGPP in your operating system, and you have mastered the most basic knowledge of X86 assembly language.
Platform: |
Size: 4096 |
Author: 注册和开 |
Hits:
Description: NTDLL.DLL NTDLL.D
Platform: |
Size: 278528 |
Author: |
Hits:
Description: NtDll Compression using Windows APi, Compress Memory or file
Platform: |
Size: 2048 |
Author: 132 |
Hits:
Description: ntdll os class, from a project being worked on
Platform: |
Size: 73728 |
Author: MD6 |
Hits:
Description: Documentation of many NTDLL Functions,
you will not find it any where else.
Platform: |
Size: 735232 |
Author: spsdth79 |
Hits:
Description: Last ntdll.lib with all definitions in one header.
Platform: |
Size: 79872 |
Author: Pudn4everFF |
Hits:
Description: this example shows how to compress a file using undocumented ntdll API calls
Platform: |
Size: 2048 |
Author: OverThink |
Hits: