Location:
Search - unhook
Search list
Description: 输入HHOOK的handle,unhook相应的钩子-importation HHOOK the handle, unhook the corresponding hook
Platform: |
Size: 21519 |
Author: 陈大兴 |
Hits:
Description: 恢复SSDT,干什么用的自己想吧
Platform: |
Size: 17555 |
Author: vuqy@sohu.com |
Hits:
Description: 输入HHOOK的handle,unhook相应的钩子-importation HHOOK the handle, unhook the corresponding hook
Platform: |
Size: 21504 |
Author: 陈大兴 |
Hits:
Description: 一个恢复r0态SSDT挂钩的小程序,包括exe文件和驱动文件的源码-R0 a restoration of state SSDT linking small procedures, including exe files and driver source files
Platform: |
Size: 1841152 |
Author: MTrickster |
Hits:
Description: DELPHI恢复SSDT源码
有搞这方面的人可以学习一下-DELPHI source SSDT has engaged in the restoration of this area can learn about
Platform: |
Size: 439296 |
Author: lianx |
Hits:
Description: 一个用来锁定和解锁鼠标键盘的钩子.编译为动态库,SetHook()为加锁,UnHook()解锁.-A mouse used to lock and unlock the keyboard hook. Compilers for dynamic libraries, SetHook () for locking, UnHook () to unlock.
Platform: |
Size: 3072 |
Author: wj |
Hits:
Description: SSDT UNHOOK DELPHI CODE
Platform: |
Size: 8192 |
Author: b803369 |
Hits:
Description: SSDT恢复源代码,恢复被挂钩的SSDT(系统服务调用函数表)-SSDT unhook sourcecode
Platform: |
Size: 4096 |
Author: fd |
Hits:
Description: SSDTmon - view os kernel SST and win32k SST, unhook, syntax base for NT API. Console client. C++, Use driver for kernel memory acce-SSDTmon- view os kernel SST and win32k SST, unhook, syntax base for NT API. Console client. C++, Use driver for kernel memory access
Platform: |
Size: 35840 |
Author: Andrey |
Hits:
Description: 通过搜索 SSDT 并和 ZwSystemDebugControl 获取的内容相比较
* 找出不同的SSDT项-通过搜索 SSDT 并和 ZwSystemDebugControl 获取的内容相比较
* 找出不同的SSDT项
Platform: |
Size: 6144 |
Author: flyangel |
Hits:
Description: SSDT_UnHook_C
ssdt 绕过杀毒软件主动防御-SSDT_UnHook_C ssdt to bypass anti-virus software, Active Defense
Platform: |
Size: 4096 |
Author: wujun |
Hits:
Description: Purpose: - Implement remote code injection
- Usermode hook (Ntdll->NtQueryDirectoryFile)
Note: This is only POC that will hide file explorer.exe
Hidding file via usermode code injection to explorer.exe
You can restart explorer.exe to unhook-Purpose: - Implement remote code injection
- Usermode hook (Ntdll->NtQueryDirectoryFile)
Note: This is only POC that will hide file explorer.exe
Hidding file via usermode code injection to explorer.exe
You can restart explorer.exe to unhook
Platform: |
Size: 7168 |
Author: nofear0720 |
Hits:
Description: 这是DLL文件,引用到工程就可以了,
主要修改的地方我说明下
key kk = new key()
int pid = kk.pid("CQ.EXE") //获取进程PID
kk.getread(pid, "", 0x298, 4).ToString() //返回INT值的内存读取
kk.getread(pid, 0x04, 4) //返回STRING的内存读取,少了一个参数.
自己写了个全局键盘钩子,
kk.UnHook() //加载钩子
kk.UnHook() //卸载钩子
kk.SetHookKey(key1,key2) //修改键盘
key1,被改变的键盘码,key2改变后的键盘码
没什么用,比方:就是能把键盘1个键,改成别的键
这是读取内存地址的方法
getread("进程名称","","内存基址",0)
这个类,封装了2个方式,一种是系统api[user32.dll]文件,调用方式
key kk = new key()
kk.send(key.VirtualKeys.VK_F1,GetState(key.VirtualKeys.VK_F1))
这是模拟键盘的F1.
这是模拟键盘的winio调用方式
key kk = new key()
// IntPtr a = new IntPtr()
kk.sendwinio()
kk.MykeyDown((int)key.VirtualKeys.VK_F1)
System.Threading.Thread.Sleep(2000)
kk.MykeyUp((int)key.VirtualKeys.VK_F1)
也是模拟f1,之间的差别就是,winio调用方式能穿透一部分游戏,达到一部分外挂的效果.-key kk = new key()
// IntPtr a = new IntPtr()
kk.sendwinio()
kk.MykeyDown((int)key.VirtualKeys.VK_F1)
System.Threading.Thread.Sleep(2000)
kk.MykeyUp((int)key.VirtualKeys.VK_F1)
Platform: |
Size: 10240 |
Author: qwery |
Hits:
Description: SSDT HOOK VB实现源码,调用底层函数,实现的SSDT HOOK.适合VB研究驱动。-SSDT HOOK VB to achieve source, call the underlying function, to achieve the SSDT HOOK. For VB research-driven.
Platform: |
Size: 49152 |
Author: 林繁 |
Hits:
Description: Unhook api protect it is a protect for hack in all games -Unhook api protect it is a protect for hack in all games ....
Platform: |
Size: 113664 |
Author: Pita |
Hits:
Description: 1。获取ssdt函数个数
2。获取ssdt函数表中的所有函数
3。hook ZwQuerySystemInformation
4。unhook ZwQuerySystemInformation
5。根据用户给定的函数地址和ssdt表中的索引,修改ssdt表。-1. Get ssdt number of functions 2. Get ssdt all functions in the function table 3. hook ZwQuerySystemInformation 4. unhook ZwQuerySystemInformation 5. Given function according to the user address and ssdt table index, modify ssdt table.
Platform: |
Size: 10240 |
Author: wu |
Hits:
Description: Inline HOOK API V1.1
thanks to 海风月影, xIkUg ,sucsor
by solosky <solosky772@qq.com>
created at 2011.06.29, updated at 2011.06.30
----------------------------------
Inline HOOK API V1.1 2011.06.30
----------------------------------
1. 修复没有判断申请空间是否成功的BUG;
2. 修复释放内存的参数错误的BUG;
----------------------------------
Inline HOOK API V1.0 2011.06.29
----------------------------------
1. HOOK任何函数,仅需知道原型和调用方式即可(可以HOOK对象方法,但需要保存和恢复this指针)
2. UnHOOK已经HOOK的函数
感谢海风月影提供的反汇编长度引擎-Inline HOOK API V1.1 thanks to the sea love affair film, xIkUg, sucsor by solosky <solosky772@qq.com> created at 2011.06.29, updated at 2011.06.30---------------------------------- Inline HOOK API V1. 1 2011.06.30---------------------------------- 1 repair application space does not determine the success of BUG 2 fixed parameters of free memory error BUG ---------------------------------- Inline HOOK API V1. 0 2011.06.29---------------------------------- 1. HOOK any function, just know that the prototype and call way you can (you can HOOK object methods, but need to save and restore this pointer) 2. UnHOOK has a function to thank the sea HOOK film Temptress Moon provided the length of the engine disassembly! !
Platform: |
Size: 5120 |
Author: money |
Hits:
Description: 介绍hook 和unhook的函数,对全面了解hook技术有很好的借鉴作用。-hook and unhook
Platform: |
Size: 3072 |
Author: fancy |
Hits:
Description: USER MODE HOOKING/UNHOOK
Platform: |
Size: 7168 |
Author: Sector009 |
Hits:
Description: This one fo those neede to use to unhook process in apps.-This is one fo those neede to use to unhook process in apps.
Platform: |
Size: 1024 |
Author: SHB |
Hits: