-
> > > > > > > > > > > > > > > >...
> > > > > > > > > > > > > > > > >
Windows NT 服务程序模板
by 罗云彬, http://asm.yeah.net
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
控制端程序 Ver 1.0
2002.06.20 ----- 第1版
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
- 2022-09-14 19:15:03下载
- 积分:1
-
VC的程序那个源码,适合初学者,高手就不必看了
VC的程序那个源码,适合初学者,高手就不必看了-VC-source process that is suitable for beginners, you do not have to read
- 2022-05-28 14:16:02下载
- 积分:1
-
Please read your Please read your Please read your Please read your Please read...
Please read your Please read your Please read your Please read your Please read your Please read your-Please read yourPlease read yourPlease read yourPlease read yourPlease read yourPlease read yourPlease read yourPlease read yourPlease read yourPlease read yourPlease read your
- 2023-05-31 11:15:03下载
- 积分:1
-
这篇文档是在Windows NT操作系统下隐藏对象、文件、服务、进程等的技术。这种方法是基于Windows API函数的挂钩。 这篇文章中所描述的技术都是从我写...
这篇文档是在Windows NT操作系统下隐藏对象、文件、服务、进程等的技术。这种方法是基于Windows API函数的挂钩。 这篇文章中所描述的技术都是从我写rootkit的研究成果,所以它能写rootkit更有效果并且更简单。这里也同样包括了我的实践。 在这篇文档中隐藏对象意味着改变某些用来命名这些对象的系统函数,使它们将忽略这些对象的名字。这样一来我们改动的那些函数的返回值表示这些对象根本就不存在。 最基本的方法(除去少数不同的)是我们用原始的参数调用原始的函数,然后我们改变它们的输出。 在这篇文章里将描述隐藏文件、进程、注册表键和键值、系统服务和驱动、分配的内存还有句柄。-This document is in the Windows NT operating system hidden objects, documents, services, process technology. This method is based on the Windows API function link. This article describes techniques are, I wrote rootkit from the results of research, so it was rootkit more effective and more simple. Here, too, including my practice. In this document hidden object means certain changes to these objects naming system functions so that they will ignore these objects by name. So we change those functions return values, said these objects simply do not exist. The most basic method (excluding a few different) is that we should call the original parameters of the original function, and then we change their
- 2022-03-07 17:00:50下载
- 积分:1
-
类似Borland公司的Tdump的程序。分析DLL/EXE文件信息
类似Borland公司的Tdump的程序。分析DLL/EXE文件信息-The app of analysising the infomation of DLL or EXE , which is like the TDump of Borland
- 2022-05-30 17:00:16下载
- 积分:1
-
学习MFC中编写计时器
学习MFC中编写计时器-study prepared timer
- 2022-01-26 00:55:32下载
- 积分:1
-
这个代码采用regmon的驱动,可以实现对注册表操作的监视,非常实用...
这个代码采用regmon的驱动,可以实现对注册表操作的监视,非常实用-the code used regmon drive can be realized by the Registry of the surveillance operation, a very practical
- 2022-06-12 05:20:01下载
- 积分:1
-
View system service names and types, running absolute originality
查看系统服务名称和类型,还有运行状态 绝对原创-View system service names and types, running absolute originality
- 2022-01-22 13:19:07下载
- 积分:1
-
通过IO控制,在linux或unix下获得IDE物理序列号。
通过IO控制,在linux或unix下获得IDE物理序列号。-through IO control, the Linux or Unix under IDE physical serial number.
- 2022-03-19 07:52:22下载
- 积分:1
-
通过使用未公开函数RegisterSerivceProcess来隐藏自己进程的程序,只适用于win9x...
通过使用未公开函数RegisterSerivceProcess来隐藏自己进程的程序,只适用于win9x-Through the use of any public function to hide its own process RegisterSerivceProcess procedures apply only to win9x
- 2022-06-03 17:00:41下载
- 积分:1
