Welcome![Sign In][Sign Up]
Front-page it | Collect it | [中国-简体中文]
FAQ Fav
Location:
Search - ntopenprocess

Search list

[OS programSSDTHook

Description: 对付ring0 inline hook的基本思路是这样的,自己写一个替换的内核函数,以NtOpenProcess为例,就是 MyNtOpenProcess。然后修改SSDT表,让系统服务进入自己的函数MyNtOpenProcess。而MyNtOpenProcess要做的事就是,实现NtOpenProcess前10字节指令,然后再JMP到原来的NtOpenProcess的十字节后。这样NtOpenProcess 函数头写的JMP都失效了,在ring3直接调用OpenProcess再也毫无影响。
Platform: | Size: 3631 | Author: sdlylz | Hits:

[Hook apiNtOpenProcess[SSDT+Hook]

Description: 可用于恢复SSDT绝对的经典值得收藏 可以让卡巴失效。好哦好哦好好哦好
Platform: | Size: 9716 | Author: xch | Hits:

[Other可过阿波罗apollo,露娜,梦幻古龙,TX的驱动源码!!!含调用例子

Description: 可过阿波罗apollo,露娜,梦幻古龙,TX的驱动源码!!!含调用例子 1]xmOx[mb 恢复NtOpenProcess成功,恢复NtOpenThread成功,恢复NtReadVirtualMemory成功,恢复NtWriteVirtualMemory成功 . 没什么好说的,做外挂的应该都知道.
Platform: | Size: 86439 | Author: 102442 | Hits:

[OS programSSDTHook

Description: 对付ring0 inline hook的基本思路是这样的,自己写一个替换的内核函数,以NtOpenProcess为例,就是 MyNtOpenProcess。然后修改SSDT表,让系统服务进入自己的函数MyNtOpenProcess。而MyNtOpenProcess要做的事就是,实现NtOpenProcess前10字节指令,然后再JMP到原来的NtOpenProcess的十字节后。这样NtOpenProcess 函数头写的JMP都失效了,在ring3直接调用OpenProcess再也毫无影响。-Ring0 inline hook to deal with the basic idea is that the replacement of their own to write a kernel function to NtOpenProcess for example, is MyNtOpenProcess. And then amend the SSDT table, so that system services into its own function MyNtOpenProcess. And MyNtOpenProcess to do is realize NtOpenProcess the first 10-byte instruction, and then JMP to the original NtOpenProcess the Cross Festival. This NtOpenProcess function of the JMP are the first to write a lapse in ring3 no longer directly call OpenProcess no impact.
Platform: | Size: 3072 | Author: sdlylz | Hits:

[Hook apihook_openprocess

Description: hook openprocess的例子,delphi的源码-hook openprocess example, delphi source
Platform: | Size: 340992 | Author: baicker | Hits:

[Hook apiNtOpenProcess[InlineHook]

Description: r0 inline hook sample.
Platform: | Size: 37888 | Author: xiaohuangran | Hits:

[Driver DevelopantiTX

Description: 1.恢复shadow ssdt 2.恢复 NtReadVirtualMemory NtWriteVirtualMemory NtOpenProcess NtOpenThread KiAttachProce-1.恢复shadow ssdt 2.恢复 NtReadVirtualMemory NtWriteVirtualMemory NtOpenProcess NtOpenThread KiAttachProcess
Platform: | Size: 300032 | Author: 傅碧波 | Hits:

[Hook apihookdll

Description: 一個用delphi hook住 ntopenprocess 的dll 示列-Delphi hook with a live show ntopenprocess out of the dll
Platform: | Size: 7168 | Author: 火車 | Hits:

[Hook apiInline-Hook_NtOpenProcess

Description: 一段INLINE-HOOK的代码,以及一个循环检测是否改写,可在直接调用。【给HookOn传入一个PID即可】。-INLINE-HOOK section of the code, as well as a cycle of test re-evaluated, in direct call. 【HookOn into a PID to be】.
Platform: | Size: 2048 | Author: MagicCrow | Hits:

[OS programDNFWG_1

Description: 此驱动可以绕过DNF等网游对NtOpenProcess函数的InlineHook,从而可以获取进程句柄并且修改内存。声明:本作品仅为学习交流之用,若有人将其用于不法用途本人不负任何责任!
Platform: | Size: 10240 | Author: xing | Hits:

[OS programKernelHook

Description: Example of kernel hook (MS Visual Studio 2005) of system call NtOpenProcess to prevent opening process from user mode
Platform: | Size: 5120 | Author: Spec8472 | Hits:

[Hook apiHookSSDT

Description: HOOK NtOpenProcess 保护指定进程-HOOK NtOpenProcess the protection of designated process
Platform: | Size: 33792 | Author: zzage | Hits:

[Windows DevelopHookSSDT

Description: HOOK NtOpenProcess 保护指定进程-HOOK NtOpenProcess the protection of designated process
Platform: | Size: 4096 | Author: zzage | Hits:

[Windows DevelopNtOpenProcess

Description: Hook legal para aprender NtOpenProcess[Inline Hook]
Platform: | Size: 16384 | Author: munizf | Hits:

[Game Hook Crackntop

Description: VB WRITE NTOPENPROCE-VB NTOPENPROCESS
Platform: | Size: 2048 | Author: 简维鸿 | Hits:

[Driver DevelopProtectMon

Description: 驱动开发,根据PID保护进程,HOOK了 SSDT NtOpenProcess函数,至少可以抵御一切R3病毒终结你的进程!!适合新手学习HOOK ssdt的入门研究-Driven development, the protection under the PID process, HOOK the SSDT NtOpenProcess function, at least the end of you against all the process of virus R3!! Suitable for beginners to learn HOOK ssdt entry of
Platform: | Size: 2048 | Author: coorell | Hits:

[Hook apiNtOpenProcessSSDTHook

Description: 驱动级SSDT 钩子 打造完美不死程序 挂接NtOpenProcess 函数,防护进程不被关闭-SSDT hooks create the perfect drive-level program articulated NtOpenProcess die function, the process of being shut down protection
Platform: | Size: 9216 | Author: 洋洋 | Hits:

[Hook apiNtOpenProcess[Inline-Hook]

Description: NtOpenProcess[Inline Hook].rar-
Platform: | Size: 74752 | Author: | Hits:

[Hook apiNtOpenProcess[SSDT-Hook]

Description: NtOpenProcess[SSDT Hook].rar-
Platform: | Size: 25600 | Author: | Hits:

[Driver DevelopTp-NtOpenProcess

Description: 用于初学者学习过驱动保护实例 过某p之NtOpenProce-For beginners to learn drive protection case NtOpenProcess a P a p
Platform: | Size: 98304 | Author: 凌扬 | Hits:
« 12 »

CodeBus www.codebus.net