搜索资源列表
BiosHook.rar
- 方正畅听的3.0版可以通过Hook Bios信息破解,Xuanyue大侠发布了一个破解补丁,但是这个补丁在XP上会蓝屏,原因是SSDT Hook的时候没有关闭中断就直接修改系统SSDT表导致的。很多人反映了,大虾没有时间修正。于是小弟代劳一下。 没有源代码,IDA逆了下驱动,自己写一个,然后替换原来补丁的驱动资源。在此膜拜一下IDA F5的强大。原理很简单,就是Hook ZwMapViewOfSection函数,判断是读Bios信息的,就把伪造的方正Bios信息返回。,Founder Cheo
DelphiRESSDT.rar
- 就是delphi还原SSDT,效果还不错,Delphi is to restore the SSDT, the results were good
biostelnet
- 向BIOS中植入模块,HOOK中断向量表,HOOK NTLDR加载过程以及HOOK内核函数,SSDT hook。-Add module into bios,HOOK IVT,HOOK NTLDR loder process and hook knrnel function,just as SSDT HOOK
Hook
- 本文从难易程度上主要分三块详细介绍:一.用户模式Hook:IAT-hook,Dll-inject 二.内核模式Hook:ssdt-hook,idt-hook,int 2e/sysenter-hook 三.Inline Function Hook -In this paper, Difficulty Level 3 detail the main points: 1. User Mode Hook: IAT-hook, Dll-inject 2. Kernel-mode Hook: ssdt-ho
Draft
- SSDT Hook snippet - so i can download some source code off this site
DELPHI_SSDT_HOOK
- this is an example on How to make a rootkit using Delphi
ZwOpenProcessHook
- ZwOpenProcess SSDT Hook test to catch open process information. Compile it with Meerkat Advanced kernel mode driver GUI for KmdKit4D. Link: http://www.mediafire.com/?hbhjorv8797k2-ZwOpenProcess SSDT Hook test to catch open process information.
ssdt
- 里面有 SSDTHOOK Shadow SSDT HOOK 内存读写 等等自己看去 -SSDTHOOK Shadow SSDT HOOK
zhuoran
- 主要通过hook ssdt api 进行驱动保护 -Mainly driven by hook ssdt api protection