文件名称:SSDT--11
- 所属分类:
- 钩子与API截获
- 资源属性:
- [Windows] [Visual C] [源码]
- 上传时间:
- 2012-11-26
- 文件大小:
- 328kb
- 下载次数:
- 0次
- 提 供 者:
- 小*
- 相关连接:
- 无
- 下载说明:
- 别用迅雷下载,失败请重下,重下不扣分!
介绍说明--下载内容均来自于网络,请自行研究使用
SSDT的全稱是System Services Descr iptor Table,系統服務描述符表。這個表就是一個把ring3的Win32 API和ring0的內核API聯繫起來。SSDT並不僅僅只包含一個龐大的位址索引表,它還包含著一些其他有用的資訊,諸如位址索引的基底位址、服務函數個數等。
通過修改此表的函數位址可以對常用windows函數及API進行hook,從而實現對一些關心的系統動作進行過濾、監控的目的。一些HIPS、防毒軟體、系統監控、註冊表監控軟體往往會採用此介面來實現自己的監控模組,
目前極個別病毒確實會採用這種方法來保護自己或者破壞防毒軟體,但在這種病毒進入系統前如果防毒軟體能夠識別並清除它將沒有機會發作.
-SSDT s full name is System Services Descr iptor Table, the system service descr iptor table. This is a table of the Win32 API and ring0 ring3 kernel API link. SSDT is not only a huge address contains only the index table, it also contains some other useful information, such as the address of the index base address, the number of functions and other services.
Function by modifying the address of this table can be used for windows functions and API hook, in order to achieve the action of some concern to filter systems, surveillance purpose. Some HIPS, antivirus software, system monitoring, registry monitoring software often uses this interface to implement its own monitoring module,
At present very few virus does use this method to protect themselves or to destroy anti-virus software, but if the virus before the antivirus software into the system and clear it will not be able to identify opportunities to attack.
通過修改此表的函數位址可以對常用windows函數及API進行hook,從而實現對一些關心的系統動作進行過濾、監控的目的。一些HIPS、防毒軟體、系統監控、註冊表監控軟體往往會採用此介面來實現自己的監控模組,
目前極個別病毒確實會採用這種方法來保護自己或者破壞防毒軟體,但在這種病毒進入系統前如果防毒軟體能夠識別並清除它將沒有機會發作.
-SSDT s full name is System Services Descr iptor Table, the system service descr iptor table. This is a table of the Win32 API and ring0 ring3 kernel API link. SSDT is not only a huge address contains only the index table, it also contains some other useful information, such as the address of the index base address, the number of functions and other services.
Function by modifying the address of this table can be used for windows functions and API hook, in order to achieve the action of some concern to filter systems, surveillance purpose. Some HIPS, antivirus software, system monitoring, registry monitoring software often uses this interface to implement its own monitoring module,
At present very few virus does use this method to protect themselves or to destroy anti-virus software, but if the virus before the antivirus software into the system and clear it will not be able to identify opportunities to attack.
(系统自动生成,下载前可以参看下载内容)
下载文件列表
SSDT
....\BIN
....\...\SSDT.sys
....\EXE
....\...\SSDT.cpp.bak
....\...\SSDT.h
....\...\SSDTLIB.cpp
....\IOCTL.h
....\SSDT
....\....\#prepack.bat
....\....\bin
....\....\...\SSDT.exe
....\....\...\SSDT.sys
....\....\...\SSDT2560.sys
....\....\...\SSDT4352.sys
....\....\Debug
....\....\Release
....\....\res
....\....\...\SSDT.ico
....\....\...\SSDT.rc2
....\....\resource.h
....\....\SSDT.APS
....\....\SSDT.clw
....\....\SSDT.cpp
....\....\SSDT.dsp
....\....\SSDT.dsw
....\....\SSDT.h
....\....\SSDT.opt
....\....\SSDT.rc
....\....\SSDT.rc.bak
....\....\SSDT.sys
....\....\SSDT2560.sys
....\....\SSDT4352.sys
....\....\SSDTDlg.cpp
....\....\SSDTDlg.cpp.bak
....\....\SSDTDlg.h
....\....\StdAfx.cpp
....\....\StdAfx.h
....\SSDT2
....\.....\BIN
....\.....\...\SSDT.sys
....\.....\...\SSDT查看恢复工具.exe
....\.....\EXE
....\.....\...\SSDT.cpp
....\.....\...\SSDT.h
....\.....\IOCTL.h
....\.....\SSDT查看恢复工具
....\.....\................\res
....\.....\................\...\SSDT查看恢复工具.ico
....\.....\................\...\SSDT查看恢复工具.rc2
....\.....\................\resource.h
....\.....\................\SSDT查看恢复工具.cpp
....\.....\................\SSDT查看恢复工具.dsp
....\.....\................\SSDT查看恢复工具.dsw
....\.....\................\SSDT查看恢复工具.h
....\.....\................\SSDT查看恢复工具.rc
....\.....\................\SSDT查看恢复工具Dlg.cpp
....\.....\................\SSDT查看恢复工具Dlg.h
....\.....\................\StdAfx.cpp
....\.....\................\StdAfx.h
....\.....\SYS
....\.....\...\MAKEFILE
....\.....\...\SOURCES
....\.....\...\SSDT.c
....\SYS
....\...\buildfre_wxp_x86.log
....\...\MAKEFILE
....\...\objfre_wxp_x86
....\...\..............\i386
....\...\..............\....\ssdt.obj
....\...\..............\....\ssdt.obj.oacr.root.x86fre.pft.xml
....\...\..............\....\_objects.mac
....\...\SOURCES
....\...\SSDT.c
....\...\SSDT.c.bak
....\...\sys
....\...\...\i386
....\...\...\....\SSDT.pdb
....\...\...\....\SSDT.sys
....\...\...\....\SSDT4352.sys
....\BIN
....\...\SSDT.sys
....\EXE
....\...\SSDT.cpp.bak
....\...\SSDT.h
....\...\SSDTLIB.cpp
....\IOCTL.h
....\SSDT
....\....\#prepack.bat
....\....\bin
....\....\...\SSDT.exe
....\....\...\SSDT.sys
....\....\...\SSDT2560.sys
....\....\...\SSDT4352.sys
....\....\Debug
....\....\Release
....\....\res
....\....\...\SSDT.ico
....\....\...\SSDT.rc2
....\....\resource.h
....\....\SSDT.APS
....\....\SSDT.clw
....\....\SSDT.cpp
....\....\SSDT.dsp
....\....\SSDT.dsw
....\....\SSDT.h
....\....\SSDT.opt
....\....\SSDT.rc
....\....\SSDT.rc.bak
....\....\SSDT.sys
....\....\SSDT2560.sys
....\....\SSDT4352.sys
....\....\SSDTDlg.cpp
....\....\SSDTDlg.cpp.bak
....\....\SSDTDlg.h
....\....\StdAfx.cpp
....\....\StdAfx.h
....\SSDT2
....\.....\BIN
....\.....\...\SSDT.sys
....\.....\...\SSDT查看恢复工具.exe
....\.....\EXE
....\.....\...\SSDT.cpp
....\.....\...\SSDT.h
....\.....\IOCTL.h
....\.....\SSDT查看恢复工具
....\.....\................\res
....\.....\................\...\SSDT查看恢复工具.ico
....\.....\................\...\SSDT查看恢复工具.rc2
....\.....\................\resource.h
....\.....\................\SSDT查看恢复工具.cpp
....\.....\................\SSDT查看恢复工具.dsp
....\.....\................\SSDT查看恢复工具.dsw
....\.....\................\SSDT查看恢复工具.h
....\.....\................\SSDT查看恢复工具.rc
....\.....\................\SSDT查看恢复工具Dlg.cpp
....\.....\................\SSDT查看恢复工具Dlg.h
....\.....\................\StdAfx.cpp
....\.....\................\StdAfx.h
....\.....\SYS
....\.....\...\MAKEFILE
....\.....\...\SOURCES
....\.....\...\SSDT.c
....\SYS
....\...\buildfre_wxp_x86.log
....\...\MAKEFILE
....\...\objfre_wxp_x86
....\...\..............\i386
....\...\..............\....\ssdt.obj
....\...\..............\....\ssdt.obj.oacr.root.x86fre.pft.xml
....\...\..............\....\_objects.mac
....\...\SOURCES
....\...\SSDT.c
....\...\SSDT.c.bak
....\...\sys
....\...\...\i386
....\...\...\....\SSDT.pdb
....\...\...\....\SSDT.sys
....\...\...\....\SSDT4352.sys