无痕HOOK方式=硬断+VEH

最新推荐文章于 2020-02-10 16:30:44 发布
最新推荐文章于 2020-02-10 16:30:44 发布
阅读量1.1w 收藏 19
点赞数
分类专栏: DLL注入

无痕HOOK方式=硬断+VEH

BOOL APIENTRY DllMain( HMODULE hModule,
                       DWORD  ul_reason_for_call,
                       LPVOID lpReserved
                     )
{
    switch (ul_reason_for_call)
    {
    case DLL_PROCESS_ATTACH:
        {
            AddVectoredExceptionHandler(1, (PVECTORED_EXCEPTION_HANDLER)ExceptionHandler);
            SetHwBreakpoint();
        }
    case DLL_THREAD_ATTACH:
        {
            SetHwBreakpoint();
        }
    case DLL_THREAD_DETACH:
    case DLL_PROCESS_DETACH:
        break;
    }
    return TRUE;
}

void SetHwBreakpoint()
{
    CONTEXT ctx;
    ctx.ContextFlags = CONTEXT_ALL;
    GetThreadContext(GetCurrentThread(), &ctx);
    ctx.Dr0 = 0x6f3a20dd;
    ctx.Dr1 = 0x6f361f7b;
    ctx.Dr7 = 0x405;
    SetThreadContext(GetCurrentThread(), &ctx);
}

DWORD NTAPI ExceptionHandler(EXCEPTION_POINTERS * ExceptionInfo)
{
    if ((DWORD)ExceptionInfo->ExceptionRecord->ExceptionAddress == 0x6f3a20dd)
    {
        //直接改eip模拟jmp
        ExceptionInfo->ContextRecord->Eip += 0x34;
        return EXCEPTION_CONTINUE_EXECUTION;
    }
    else if ((DWORD)ExceptionInfo->ExceptionRecord->ExceptionAddress == 0x6f361f7b)
    {
        //直接设eax为零模拟mov eax,0
        ExceptionInfo->ContextRecord->Eax = 0;
        ExceptionInfo->ContextRecord->Eip += 5;
        return EXCEPTION_CONTINUE_EXECUTION;
    }
    else
    {
        //在异常handler里重设drx防止断点被意外清除
        ExceptionInfo->ContextRecord->Dr0 = 0x6f3a20dd;
        ExceptionInfo->ContextRecord->Dr1 = 0x6f361f7b;
        ExceptionInfo->ContextRecord->Dr7 = 0x405;
        return EXCEPTION_CONTINUE_SEARCH;
    }
}


YuHengZuo
关注
专栏目录
js-leetcode题解之169-majority-element.js
11-07
javascript js_leetcode题解之169-majority-element.js
算法设计技巧与分析(二):几种递归算法
m0_52935007的博客
11-26 730
文章目录几种递归算法一、 几种递归算法 一、 选择排序过程:
爬虫进阶:CrawlSpider爬取169ee全站美女图片
热门推荐
绕行的专栏
01-29 2万+
CrawlSpider前面,我们用了scrapy中的CrawlSpider爬取了糗事百科中大量段子数据。但是,qiubai这个爬虫没有充分利用CrawlSpider的优点。其实,在qiubai这个爬虫里面我们只是把CrawlSpider当做普通的Spider用而已。CrawlSpider继承自Spider,提供了Rule和LinkExtractor,使得爬虫框架能够自动按照规则提取Response中
169. Majority Element 分治解法
qq_31743291的博客
09-12 1014
169. Majority Element 解法问题论述Given an array of size n, find the majority element. The majority element is the element that appears more than ⌊ n/2 ⌋ times. You may assume that the array is non-empty an
169. Majority Element(采用分治算法)
qq_35939362的博客
09-15 342
题目 Given an array of size n, find the majority element. The majority element is the element that appears more than ⌊ n/2 ⌋ times. You may assume that the array is non-empty and the majority element ...
[LeetCode] 分治法学习之 Majority Element
qq_34035179的博客
09-08 692
由于分治法的学习刚开头,就选择了分治法中最简单的题,其实这题中我并不能体会到分治法,因为就是简单的遍历了。但是虽然我的算法是O(n)但是考虑到用了unordered_map,调用库函数会消耗大量的时间,其实算是很慢了。 这题没有什么技术含量,我的做法就更没技术含量了,看了discuss中一位的算法,时间复杂度O(n),空间复杂度O(1),而且非常的优雅易懂,切入的角度也非常好,相比之下我的算法就
java-leetcode题解之Online Majority Element In Subarray.java
最新发布
11-08
javajava_leetcode题解之Online Majority Element In Subarray.java
KNN.rar_Majority rule
09-24
4. **处理类别不平衡问题**:在多数投票规则(Majority Rule)下,如果类别分布不均,可能会导致少数类别的样本被误分类。为解决这一问题,可以采取加权投票,将少数类的样本赋予更高的权重。 **2. Python实现KNN**...
Leetcode Majority Element python 多种思路求集合中出现最多次数的值 提升计算机思维
01-20
Leetcode 169Majority Element Given an array of size n, find the majority element. The majority element is the element that appears more than ⌊ n/2 ⌋ times. You may assume that the array is non-...
?不是很理解的分治Majority Element
fenfenmiao的博客
12-23 868
class Solution { public: int majorityElement(vector& nums) { return majority(nums, 0, nums.size() - 1); } private: int majority(vector& nums, int left, int right) { if (lef
LeetCode 169.Majority Element--Divide and Conquer(分治法)
monkey_rose的博客
09-11 610
分治法的设计思想是:将一个难以直接解决的大问题,分割成一些规模较小的相同问题,以便各个击破,分而治之。 题目: 169.Majority Element(题目链接) Given an array of size n, find the majority element. The majority element is the element that appears more than ⌊ n/2 ⌋ times.
LeetCode169——Majority Element
代码菌的blog
01-15 7105
Given an array of size n, find the majority element. The majority element is the element that appears more than ⌊ n/2 ⌋ times. You may assume that the array is non-empty and the majority element al
LeetCode169. Majority Element分治
甜橙的专栏
09-21 1785
题意:求一个序列中出现次数多于一半的元素。 方法很多,可以排序、哈希表、分治等等。
LeetCode 169 Majority Element分治法求众数
皮皮虾的日记
01-20 466
LeetCode 169分治法和其他几种简单解法 题意 给定一个大小为 n 的数组,找到其中的众数。众数是指在数组中出现次数大于 ⌊ n/2 ⌋ 的元素。你可以假设数组是非空的,并且给定的数组总是存在众数。 样例 示例 1: 输入: [3,2,3] 输出: 3 示例 2: 输入: [2,2,1,1,1,2,2] 输出: 2 这道题有很多做法,比如直接用库函数排序,三行就能做出来。但毕竟是算...
算法题-分治法解决majority element
qq_35455503的博客
02-10 385
题目: Given an array of size n, find the majority element. The majority element is the element that appears more than b n 2 c times.You may assume that the array is non-empty and the majority element a...
169. Majority Element [easy] (Python)
Coder_Orz的博客
05-14 5373
题目链接https://leetcode.com/problems/majority-element/题目原文 Given an array of size n, find the majority element. The majority element is the element that appears more than ⌊ n/2 ⌋ times. You may ass
Majority Element 查找出现一半的数字
小人物的草稿本
03-30 560
Majority Element   Given an array of size n, find the majority element. The majority element is the element that appears more than ⌊ n/2 ⌋ times. You may assume that the array is non-empty
[ 算法 ] Majority Element
杨有梦的博客
09-20 414
Majority ElementGiven an array of size n, find the majority element. The majority element is the element that appears more than ⌊ n/2 ⌋ times.You may assume that the array is non-empty and the majority
C语言解题:LeetCode 0229 Majority Element II 题目
资源摘要信息:"C语言实现LeetCode题解之0229题 - Majority Element II" 在本题解中,我们将探讨如何使用C语言来解决LeetCode上的一道经典算法题目:“0229题 - Majority Element II”。该题属于数组类问题,要求找...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值