Location:
Search - OpenProcess
Search list
Description: 一个利用dll注入拦截OpenProcess,禁止强行关闭程序的例子
Platform: |
Size: 358167 |
Author: 天一 |
Hits:
Description: windowsNT下的通过截获OpenProcess函数来禁止终止本进程的程序-Through intercepting windowsNT under the OpenProcess function to prohibit the procedure to terminate the process
Platform: |
Size: 48128 |
Author: 站长 |
Hits:
Description: 此代码示范了如何利用 CreateToolhelp32Snapshot API函数枚举系统当前进程。以及如何用HANDLE OpenProcess(...),TerminateProcess(...)来打开和关闭活动进程。 -this code demonstrated how to use CreateToolhelp32Snapshot API function except to the current process system. And how HANDLE OpenProcess (...), TerminateProcess (...) to open up the process and the closure of activities.
Platform: |
Size: 28672 |
Author: 帆 |
Hits:
Description: 显示如何找出系统中正在运行的所有进程,如何利用OpenProcess() API函数来获得每一个访问进程的进一步信息。
-show how to identify systems are running all processes, how to use OpenProcess () API function to get a visit every process of further information.
Platform: |
Size: 1024 |
Author: guxiaohui |
Hits:
Description: 截获OpenProcess函数来禁止终止本进-intercepted OpenProcess function to prohibit termination of the Progressive
Platform: |
Size: 41984 |
Author: lzc |
Hits:
Description: 用OpenProcess()函数将进程打开后,再利用EnumProcessModules()函数枚举该进程的模块,最后利用GetModuleFileNameEx()函数就能取得该进程的路径。-with OpenProcess () function to open the process, Reuse EnumProcessModules () function except to the process modules, Finally GetModuleFileNameEx () function can be achieved in the process paths.
Platform: |
Size: 35840 |
Author: 张天 |
Hits:
Description: Terminate Process Project
1. CreateToolShotHelp
2. OpenProcess / TerminateProce-Terminate Process Project
1. CreateToolShotHelp
2. OpenProcess/TerminateProce
Platform: |
Size: 34816 |
Author: minseok |
Hits:
Description: 一个利用dll注入拦截OpenProcess,禁止强行关闭程序的例子-Dll into the interception of a use OpenProcess, prohibition of forced closure procedure example
Platform: |
Size: 358400 |
Author: 天一 |
Hits:
Description: HookAPIProcessGuard是一个使用API函数实现进程保护的简单例子,我们Hook了OpenProcess函数,就能够实现保护了!-HookAPIProcessGuard is a realization of the process of using the API function to protect the simple example, we Hook the OpenProcess function can be achieved to protect!
Platform: |
Size: 482304 |
Author: yeqing |
Hits:
Description: 此代码示范了如何利用 CreateToolhelp32Snapshot API函数枚举系统当前进程。以及如何用
HANDLE OpenProcess(...),TerminateProcess(...)来打开和关闭活动进程。
-This code demonstrates how to use CreateToolhelp32Snapshot API function system is currently the process of enumeration. And how to use HANDLE OpenProcess (...), TerminateProcess (...) to open and close the activities of the process.
Platform: |
Size: 27648 |
Author: kehaiying |
Hits:
Description: 对付ring0 inline hook的基本思路是这样的,自己写一个替换的内核函数,以NtOpenProcess为例,就是 MyNtOpenProcess。然后修改SSDT表,让系统服务进入自己的函数MyNtOpenProcess。而MyNtOpenProcess要做的事就是,实现NtOpenProcess前10字节指令,然后再JMP到原来的NtOpenProcess的十字节后。这样NtOpenProcess 函数头写的JMP都失效了,在ring3直接调用OpenProcess再也毫无影响。-Ring0 inline hook to deal with the basic idea is that the replacement of their own to write a kernel function to NtOpenProcess for example, is MyNtOpenProcess. And then amend the SSDT table, so that system services into its own function MyNtOpenProcess. And MyNtOpenProcess to do is realize NtOpenProcess the first 10-byte instruction, and then JMP to the original NtOpenProcess the Cross Festival. This NtOpenProcess function of the JMP are the first to write a lapse in ring3 no longer directly call OpenProcess no impact.
Platform: |
Size: 3072 |
Author: sdlylz |
Hits:
Description: 利用hook openprocess实现防止任务管理器结束的方法,但是只能实现防止任务管理器,其他的防不住-Hook openprocess use Task Manager to prevent the realization of the end of the method, but can only achieve the Task Manager to prevent other防不住
Platform: |
Size: 340992 |
Author: 木头 |
Hits:
Description: hook openprocess的例子,delphi的源码-hook openprocess example, delphi source
Platform: |
Size: 340992 |
Author: baicker |
Hits:
Description: 可以SeDebugPrivilege用户权限用打开系统的进程-SeDebugPrivilege user permissions can be used to open the process of system
Platform: |
Size: 1024 |
Author: jking |
Hits:
Description: 打开进程 进程进程访问操作 读写 关闭等等 -Open process
Platform: |
Size: 1652736 |
Author: Chen |
Hits:
Description: 此代码示范了如何利用 CreateToolhelp32Snapshot API函数枚举系统当前进程。以及如何用
HANDLE OpenProcess(...),TerminateProcess(...)来打开和关闭活动进程。
-This code demonstrates how to use function CreateToolhelp32Snapshot API system is currently the process of enumeration. And how to use HANDLE OpenProcess (...), TerminateProcess (...) to the process of opening and closing activity.
Platform: |
Size: 27648 |
Author: bmbm |
Hits:
Description: opeprocess,read,write内核源码
Platform: |
Size: 11264 |
Author: aaaaaaa |
Hits:
Description: 钩openProcess,防被杀,躲过任务管理器-Hook openProcess, anti-killed
Platform: |
Size: 82944 |
Author: wujianling |
Hits:
Description: BOOL InjectDLL(DWORD ProcessID)
{
HANDLE Proc
char buf[50]={0}
LPVOID RemoteString, LoadLibAddy
if(!ProcessID)
return false
Proc = OpenProcess(CREATE_THREAD_ACCESS, FALSE, ProcessID)
if(!Proc)
{
sprintf(buf, "OpenProcess() failed: d", GetLastError())
MessageBox(NULL, buf, "Loader", NULL)
return false
}
LoadLibAddy = (LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA")
RemoteString = (LPVOID)VirtualAllocEx(Proc, NULL, strlen(DLL_NAME), MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE)
WriteProcessMemory(Proc, (LPVOID)RemoteString, DLL_NAME,strlen(DLL_NAME), NULL)
CreateRemoteThread(Proc, NULL, NULL, (LPTHREAD_START_ROUTINE)LoadLibAddy, (LPVOID)RemoteString, NULL, NULL)
CloseHandle(Proc)
return true
} -BOOL InjectDLL(DWORD ProcessID)
{
HANDLE Proc
char buf[50]={0}
LPVOID RemoteString, LoadLibAddy
if(!ProcessID)
return false
Proc = OpenProcess(CREATE_THREAD_ACCESS, FALSE, ProcessID)
if(!Proc)
{
sprintf(buf, "OpenProcess() failed: d", GetLastError())
MessageBox(NULL, buf, "Loader", NULL)
return false
}
LoadLibAddy = (LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA")
RemoteString = (LPVOID)VirtualAllocEx(Proc, NULL, strlen(DLL_NAME), MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE)
WriteProcessMemory(Proc, (LPVOID)RemoteString, DLL_NAME,strlen(DLL_NAME), NULL)
CreateRemoteThread(Proc, NULL, NULL, (LPTHREAD_START_ROUTINE)LoadLibAddy, (LPVOID)RemoteString, NULL, NULL)
CloseHandle(Proc)
return true
}
Platform: |
Size: 26624 |
Author: artofsexy |
Hits:
Description: hook openprocess, vale para aprender alguma coisa, hookapi(OpenProcess)
Platform: |
Size: 354304 |
Author: munizf |
Hits: