- 博客(2)
- 资源 (4)
- 收藏
- 关注
原创 madcHook的dll逆向简说
madchook的技术比较成熟和稳定,但是却被木马等程序利用,以至于被许多杀毒软件直接报木马,所以修改madchook内特有字符名称,可以逃脱杀毒软件报毒,与查杀,主要的特殊的字符窜是他的内存映射名称和他的文件名称,但是不能直接修改驱动文件名,否则dll文件无法加载驱动,所以本人经过多次的反复动态调试与逆向分析,发现dll中的特有字符串都被加密了,包括驱动的名称,分析发现加密的方式很简单,就是
2010-11-11 21:41:00 1398
The.Developers.Guide.to.Debugging.rar
Of all activities in software development, debugging is probably the one that is
hated most. It is guilt-ridden because a technical failure suggests personal failure;
because it points the finger at us showing us that we have been wrong. It is
time-consuming because we have to rethink every single assumption, every single
step from requirements to implementation. Its worst feature though may be that it
is unpredictable: You never know how much time it will take you to fix a bug - and
whether you’ll be able to fix it at all.
Ask a developer for the worst moments in life, and many of them will be related
to debugging. It may be 11pm, you’re still working on it, you are just stepping
through the program, and that’s when your spouse calls you and asks you when
you’ll finally, finally get home, and you try to end the call as soon as possible as
you’re losing grip on the carefully memorized observations and deductions. In such
moments, you may eventually be choosing between restarting your debugging task
or restarting your relationship. My personal estimate is that debugging is the number
one cause for programmer’s divorces.
And yet, debugging can be a joy, as much thrill as solving puzzles, riddles, or
murder mysteries – if you proceed in a systematic way and if you are equipped with
the right tools for the job. This is where The Developer’s Guide to Debugging comes
into play. Thorsten Gr¨otker, Ulrich Holtmann, Holger Keding, and Markus Wloka
speak directly to the entrenched developer, give straight-forward advice on solving
debugging problems and come up with solutions real fast. Whether it is solving
memory problems, debugging parallel programs, or dealing with problems induced
by your very tool chain - this book offers first aid that is tried and proven.
I would have loved to have such a book at the beginning of my debugging career
– I would have gazed at it in amazement of what these debugging tools can do
for me, and by following its advice, I could have saved countless hours of manual
debugging – time I could have spent on other activities. For instance, I could have
made my code more reliable such that in the end, I would not have had to do any
debugging at all.
2010-02-09
空空如也
TA创建的收藏夹 TA关注的收藏夹
TA关注的人