- 博客(7)
- 资源 (9)
- 收藏
- 关注
RSS订阅原创 IoRegisterDriverReinitialization Demo
#include <ntddk.h>VOID OnUnload(IN PDRIVER_OBJECT DriverObject){ DbgPrint("Enter OnUnload\n");}DRIVER_REINITIALIZE Reinitialize;VOID Reinitialize( _In_ struct _DRIVER_OBJECT *Drive...
2020-03-31 22:29:47
485
原创 PPL 相关控制属性
0: kd> vertargetWindows 10 Kernel Version 18362 MP (2 procs) Free x64Built by: 18362.1.amd64fre.19h1_release.190318-1202Machine Name:Kernel base = 0xfffff801`11400000 PsLoadedModuleList = 0xfff...
2020-03-31 22:27:57
769
原创 禁用 其他程序的 DEP & ASLR
上 Code:#include <Windows.h>#include <ImageHlp.h>#include <iostream>using namespace std;#pragma comment(lib, "ImageHlp.lib")bool Flag(LPCSTR path, bool ASLR, bool DEP){ L...
2020-03-31 22:23:43
359
原创 Wow64 环境检测
1、使用 IsWow64Process2说明Determines whether the specified process is running under WOW64; also returns additional machine process and architecture information.语法BOOL IsWow64Process2( HANDLE hProcess...
2020-03-31 22:20:48
1458
原创 关于 驱动 初始化内存块标记("INIT") 的说明
代码:#pragma once#ifdef __cplusplusextern "C"{#endif#include <NTDDK.h>#ifdef __cplusplus}#endif #define PAGEDCODE code_seg("PAGE")#define LOCKEDCODE code_seg()#define INITCODE code...
2020-03-31 22:18:27
377
原创 Windows 系统版本 总结
0、导引详细介绍 了 Windows 系统 相关 API 的使用 等内容。1、操作系统版本Operating systemVersion numberWindows 1010.0*Windows Server 201910.0*Windows Server 201610.0*Windows 8.16.3*Windows Server 201...
2020-03-31 22:14:27
1607
原创 获得所在系统的处理器的体系结构
GetSystemInfo provides the basic system information and processor architecture of the underlying platform. This API can be used successfully in both x64 and x86 platform. But, under 64-bit WIndows, we...
2020-03-31 22:12:35
201
空空如也
TA创建的收藏夹 TA关注的收藏夹
TA关注的人