网站首页

登录

有时候，我们遇到的情况时，我们需要一些内核函数钩子…

于 2022-08-15 发布文件大小:9.59 kB

 0  132

下载积分: 2 下载次数: 1

我要下载

代码说明：

Sometimes, we run into a situation when we badly need to hook some kernel function, but are unable to do it via conventional PE-based hooking. This article explains how kernel functions can be directly hooked. As a sample project, we are going to present a removable USB storage device as a basic disk to the system, so that we can create and manage multiple partitions on it (for this or that reason, Windows does not either allow or recognize multiple partitions on removable storage devices, so we are going to cheat the system). On this particular occasion, we will hook only one function, but the approach described in this article can be extended to handle multiple functions (for example, one of my projects required direct hooking of quite a few functions from the NDIS library). You should clearly realize that this article is about direct hooking and not about dealing with USB storage, so please don t tell me that the sample problem may have been solved differently.

下载说明：请别用迅雷下载，失败请重下，重下不扣分！

发表评论

0 个回复

This is a card that contains checks whether the physical network card (see card...
这是一个包含检查网卡是否为物理网卡（查看网卡是否使用irq或设备名是否包含pci,有些hp服务器没有irq但也是物理设备），查看网卡物理mac和当前使用的mac(有些网卡可以修改mac)使用xpddk头文件和库文件就可以，检查网卡是否为无线网卡（通过deviceiocontrol让网卡搜寻无线网络，支持的是无线网卡，不支持的不是），以上程序部分使用vc编写，可以说比现在网络上介绍的方法都要准确，唯一缺点是对禁用网络设备不支持，必须启用才可以。-This is a card that contains checks whether the physical network card (see card whether or not to use IRQ or device name contains pci, some no IRQ hp server but it is also a physical device), check the physical network adapter mac and currently use mac (Some network card can modify the mac) the use of xpddk document headers and libraries can check whether the network adapter for wireless network card (through DeviceIoControl allow LAN Search wireless network, supported by the wireless network card, do not support is not), the procedure is part of the preparation of the use of vc can be said that the network than it is now introduce the method to be accurate, the only drawback is to disable the network device does not support, must be enabled before they can.

2022-03-02 07:20:07下载

积分：1
Kai traversal in the list box is currently running process. And lists out the lo...
在列表框中启遍历当前正在运行的进程.并罗列出每个进程所加载的模块.-Kai traversal in the list box is currently running process. And lists out the load of each process module.

2023-03-01 06:40:04下载

积分：1
在数学建模中具有重要的作用，寻找最优路径，帮助…
在数学建模中有重要作用,搜索最优路径,帮组我们解答题目-In mathematical modeling has an important role in, search the optimal path, help us to answer the topic group

2022-12-15 11:20:03下载

积分：1
通过操作注册表，可以设置windows默认打印机
通过操作注册表，可以设置windows默认打印机-Through the operation of the registry, you can set the windows default printer

2023-07-23 02:05:04下载

积分：1
在win2000中添加一个windows服务的源程序。请大家指点
在win2000中添加一个windows服务的源程序。请大家指点-add a windows service of the source. Please guidance

2023-04-29 23:10:03下载

积分：1
用vc写的自动关机程序，包含托盘，只允许运行一个实例，写注册表等技术...
用vc写的自动关机程序，包含托盘，只允许运行一个实例，写注册表等技术-vc used to write the automatic shutdown procedures, including trays, allowing only one run examples of technical writing registry

2022-03-17 22:12:28下载

积分：1
检测所有的驱动器类型
检测所有的驱动器类型 -detection of all types of drives

2023-06-26 23:25:03下载

积分：1
本程序是应用最小二乘法对一参考模型进行系统阶次辨识。
本程序是应用最小二乘法对一参考模型进行系统阶次辨识。-this procedure is the least squares method to a reference model for system order literacy.

2022-03-24 19:47:38下载

积分：1
windows下多媒体定时器编程,时间分辨率可以达到1ms,开发平台delphi...
windows下多媒体定时器编程,时间分辨率可以达到1ms,开发平台delphi-windows multimedia timer programming, time resolution can be achieved 1ms, development platforms delphi

2023-08-09 00:10:03下载

积分：1
高brionwordsearch英文单词搜索，模糊匹配的样本
BrionWordSearch高级英文单词查找、模糊匹配示例 -High BrionWordSearch English word search, fuzzy matching sample

2022-04-22 19:02:18下载

积分：1

696516资源总数
106409会员总数
8今日下载