- 博客(19)
- 收藏
- 关注
RSS订阅转载 BASIC INTERRUPT HOOK part 2
// ---------------------------// BASIC INTERRUPT HOOK part 2// this hooks the timer interrupt// ---------------------------#include "ntddk.h"#include #define MAKELONG(a, b) ((unsigned long) (((uns
2006-08-09 19:26:00
1529
转载 BASIC INTERRUPT 1
// --------------------// BASIC INTERRUPT HOOK// --------------------#include "ntddk.h"#include #define MAKELONG(a, b) ((unsigned long) (((unsigned short) (a)) | ((unsigned long) ((unsigned short)
2006-08-09 19:23:00
718
转载 basic_net_1
include "ntddk.h"// important!! place this before ndis.h#define NDIS40 1#include "ndis.h"#include "stdio.h"//////////////////////////////////////////////// prototypes for all our network callbac
2006-08-09 19:21:00
727
原创 BASIc b
// BASIC ROOTKIT that hides files, directories, and processes// ----------------------------------------------------------// v0.1 - Initial, Greg Hoglund (hoglund@rootkit.com)// v0.2 - DirEntry struct
2006-08-09 19:16:00
679
原创 BASIC 6a
// BASIC ROOTKIT that hides files, directories, and processes// ----------------------------------------------------------// v0.1 - Initial, Greg Hoglund (hoglund@rootkit.com)// v0.2 - DirEntry struct
2006-08-09 19:14:00
663
转载 BASIC 6
// BASIC ROOTKIT that hides files, directories, and processes// ----------------------------------------------------------// v0.1 - Initial, Greg Hoglund (hoglund@rootkit.com)// v0.2 - DirEntry struct
2006-08-09 19:11:00
638
转载 BASIC 5
// BASIC ROOTKIT that hides files, directories, and processes#include "ntddk.h"#include "stdarg.h"#include "stdio.h"#include "ntiologc.h"#define DWORD unsigned long#define WORD unsigned short#defi
2006-08-09 19:09:00
667
转载 BASIC 4
// BASIC DEVICE DRIVER#include "ntddk.h"/* __________________________________________________________________ . This function just completes all IRPs that come its way. . We are ignoring userland
2006-08-09 18:55:00
585
转载 basic 3
#include "ntddk.h"/* __________________________________________________________________ . This function just completes all IRPs that come its way. . We are ignoring userland completely - so this sh
2006-08-09 18:51:00
627
转载 BASIC 1
// BASIC DEVICE DRIVER#include "ntddk.h"VOID OnUnload( IN PDRIVER_OBJECT DriverObject ){ DbgPrint("OnUnload called/n");}NTSTATUS DriverEntry( IN PDRIVER_OBJECT theDriverObject, IN PUNICODE_STRIN
2006-08-09 18:47:00
585
转载 BASIC DEVICE DRIVER
// BASIC DEVICE DRIVER#include "ntddk.h"#include "peheader.h"// Length of process name (rounded up to next DWORD)#define PROCNAMELEN 20// Maximum length of NT process name#define NT_PROCNAMELE
2006-08-09 18:44:00
1168
转载 basic_ndis_1
#include "ntddk.h"// important!! place this before ndis.h#define NDIS40 1#include "ndis.h"#include "stdio.h"//////////////////////////////////////////////// prototypes for all our network callba
2006-08-09 18:37:00
902
转载 basic driver to send/recv raw packets on the network
//////////////////////////////////////////////////////////////////////////////////////// BHWIN_NET2, hoglund Jan 2004// basic driver to send/recv raw packets on the network// /////////////////////////
2006-08-09 18:36:00
1766
转载 BASIC TDI DEVICE DRIVER
/////////////////////////////////////////////////////////////////////////// BASIC TDI DEVICE DRIVER// // (c)2004 Rootkit.com//// June 25, 2004 - Initial cut, Greg Hoglund// // Some components based on
2006-08-09 18:35:00
1474
转载 BASIC TDI DEVICE DRIVER
////////////////////////////////////////////////////////////////////////// BASIC TDI DEVICE DRIVER, version 2// // (c)2004 Rootkit.com//// June 25, 2004 - Initial cut, Greg Hoglund// June 26, 2004 - A
2006-08-09 18:32:00
1679
1
转载 BASIC ROOTKIT that hides files, directories, and processes
// BASIC ROOTKIT that hides files, directories, and processes// ----------------------------------------------------------// v0.1 - Initial, Greg Hoglund (hoglund@rootkit.com)// v0.2 - DirEntry struc
2006-08-09 18:26:00
935
转载 BASIC DEVICE DRIVER
// BASIC DEVICE DRIVER#include "ntddk.h"// Length of process name (rounded up to next DWORD)#define PROCNAMELEN 20// Maximum length of NT process name#define NT_PROCNAMELEN 16ULONG gProcess
2006-08-09 18:23:00
819
转载 隐藏进程
/ BASIC ROOTKIT that hides processes #include "ntddk.h" #define DWORD unsigned long #define WORD unsigned short #define BOOL unsigned long #pragma pack(1) typedef struct ServiceDescriptorEntry { unsig
2006-08-09 18:18:00
766
转载 RootKit的隐藏文件
#include "ntddk.h"#define DWORD unsigned long#define WORD unsigned short#define BOOL unsigned long#pragma pack(1)typedef struct ServiceDescriptorEntry { unsigned int *ServiceTableBase; unsigned in
2006-08-09 17:59:00
1734
3
空空如也
空空如也
TA创建的收藏夹 TA关注的收藏夹
TA关注的人