Hot Search : Source embeded web remote control p2p game More...
Location : Home Search - ntopenprocess
Search - ntopenprocess - List
[OS program] SSDTHook
DL : 0
对付ring0 inline hook的基本思路是这样的,自己写一个替换的内核函数,以NtOpenProcess为例,就是 MyNtOpenProcess。然后修改SSDT表,让系统服务进入自己的函数MyNtOpenProcess。而MyNtOpenProcess要做的事就是,实现NtOpenProcess前10字节指令,然后再JMP到原来的NtOpenProcess的十字节后。这样NtOpenProcess 函数头写的JMP都失效了,在ring3直接调用OpenProcess再也毫无影响。
Update : 2008-10-13 Size : 3.55kb Publisher : sdlylz
[Hook api] NtOpenProcess[SSDT+Hook]
DL : 1
可用于恢复SSDT绝对的经典值得收藏 可以让卡巴失效。好哦好哦好好哦好
Update : 2008-10-13 Size : 9.49kb Publisher : xch
[Other] 可过阿波罗apollo,露娜,梦幻古龙,TX的驱动源码!!!含调用例子
DL : 0
可过阿波罗apollo,露娜,梦幻古龙,TX的驱动源码!!!含调用例子 1]xmOx[mb 恢复NtOpenProcess成功,恢复NtOpenThread成功,恢复NtReadVirtualMemory成功,恢复NtWriteVirtualMemory成功 . 没什么好说的,做外挂的应该都知道.
Update : 2010-05-08 Size : 84.41kb Publisher : 102442
[OS program] SSDTHook
DL : 0
对付ring0 inline hook的基本思路是这样的,自己写一个替换的内核函数,以NtOpenProcess为例,就是 MyNtOpenProcess。然后修改SSDT表,让系统服务进入自己的函数MyNtOpenProcess。而MyNtOpenProcess要做的事就是,实现NtOpenProcess前10字节指令,然后再JMP到原来的NtOpenProcess的十字节后。这样NtOpenProcess 函数头写的JMP都失效了,在ring3直接调用OpenProcess再也毫无影响。-Ring0 inline hook to deal with the basic idea is that the replacement of their own to write a kernel function to NtOpenProcess for example, is MyNtOpenProcess. And then amend the SSDT table, so that system services into its own function MyNtOpenProcess. And MyNtOpenProcess to do is realize NtOpenProcess the first 10-byte instruction, and then JMP to the original NtOpenProcess the Cross Festival. This NtOpenProcess function of the JMP are the first to write a lapse in ring3 no longer directly call OpenProcess no impact.
Update : 2025-03-15 Size : 3kb Publisher : sdlylz
[Hook api] hook_openprocess
DL : 0
hook openprocess的例子,delphi的源码-hook openprocess example, delphi source
Update : 2025-03-15 Size : 333kb Publisher : baicker
[Hook api] NtOpenProcess[InlineHook]
DL : 0
r0 inline hook sample.
Update : 2025-03-15 Size : 37kb Publisher : xiaohuangran
[Driver Develop] antiTX
DL : 1
1.恢复shadow ssdt 2.恢复 NtReadVirtualMemory NtWriteVirtualMemory NtOpenProcess NtOpenThread KiAttachProce-1.恢复shadow ssdt 2.恢复 NtReadVirtualMemory NtWriteVirtualMemory NtOpenProcess NtOpenThread KiAttachProcess
Update : 2025-03-15 Size : 293kb Publisher : 傅碧波
[Hook api] hookdll
DL : 0
一個用delphi hook住 ntopenprocess 的dll 示列-Delphi hook with a live show ntopenprocess out of the dll
Update : 2025-03-15 Size : 7kb Publisher : 火車
[Hook api] Inline-Hook_NtOpenProcess
DL : 0
一段INLINE-HOOK的代码,以及一个循环检测是否改写,可在直接调用。【给HookOn传入一个PID即可】。-INLINE-HOOK section of the code, as well as a cycle of test re-evaluated, in direct call. 【HookOn into a PID to be】.
Update : 2025-03-15 Size : 2kb Publisher : MagicCrow
[OS program] DNFWG_1
DL : 0
此驱动可以绕过DNF等网游对NtOpenProcess函数的InlineHook,从而可以获取进程句柄并且修改内存。声明:本作品仅为学习交流之用,若有人将其用于不法用途本人不负任何责任!
Update : 2025-03-15 Size : 10kb Publisher : xing
[OS program] KernelHook
DL : 0
Example of kernel hook (MS Visual Studio 2005) of system call NtOpenProcess to prevent opening process from user mode
Update : 2025-03-15 Size : 5kb Publisher : Spec8472
[Hook api] HookSSDT
DL : 0
HOOK NtOpenProcess 保护指定进程-HOOK NtOpenProcess the protection of designated process
Update : 2025-03-15 Size : 33kb Publisher : zzage
[Windows Develop] HookSSDT
DL : 0
HOOK NtOpenProcess 保护指定进程-HOOK NtOpenProcess the protection of designated process
Update : 2025-03-15 Size : 4kb Publisher : zzage
[Windows Develop] NtOpenProcess
DL : 0
Hook legal para aprender NtOpenProcess[Inline Hook]
Update : 2025-03-15 Size : 16kb Publisher : munizf
[Game Hook Crack] ntop
DL : 0
VB WRITE NTOPENPROCE-VB NTOPENPROCESS
Update : 2025-03-15 Size : 2kb Publisher : 简维鸿
[Driver Develop] ProtectMon
DL : 0
驱动开发,根据PID保护进程,HOOK了 SSDT NtOpenProcess函数,至少可以抵御一切R3病毒终结你的进程!!适合新手学习HOOK ssdt的入门研究-Driven development, the protection under the PID process, HOOK the SSDT NtOpenProcess function, at least the end of you against all the process of virus R3!! Suitable for beginners to learn HOOK ssdt entry of
Update : 2025-03-15 Size : 2kb Publisher : coorell
[Hook api] NtOpenProcessSSDTHook
DL : 0
驱动级SSDT 钩子 打造完美不死程序 挂接NtOpenProcess 函数,防护进程不被关闭-SSDT hooks create the perfect drive-level program articulated NtOpenProcess die function, the process of being shut down protection
Update : 2025-03-15 Size : 9kb Publisher : 洋洋
[Hook api] NtOpenProcess[Inline-Hook]
DL : 0
NtOpenProcess[Inline Hook].rar-
Update : 2025-03-15 Size : 73kb Publisher :
[Hook api] NtOpenProcess[SSDT-Hook]
DL : 0
NtOpenProcess[SSDT Hook].rar-
Update : 2025-03-15 Size : 25kb Publisher :
[Driver Develop] Tp-NtOpenProcess
DL : 0
用于初学者学习过驱动保护实例 过某p之NtOpenProce-For beginners to learn drive protection case NtOpenProcess a P a p
Update : 2025-03-15 Size : 96kb Publisher : 凌扬
« 12 »
CodeBus is one of the largest source code repositories on the Internet!
Contact us :
1999-2046 CodeBus All Rights Reserved.