📄 simple hooking of functions not exported by ntoskrnl_exe - 白日梦 - csdnblog.htm
字号:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd">
<!-- saved from url=(0057)http://blog.csdn.net/CDrea/archive/2006/04/05/652174.aspx -->
<HTML xmlns="http://www.w3.org/1999/xhtml"><HEAD><TITLE>Simple Hooking of Functions not Exported by Ntoskrnl.exe - 白日梦 - CSDNBlog</TITLE>
<META http-equiv=Content-Type content="text/html; charset=utf-8">
<META http-equiv=Content-Language content=zh-CN>
<META content=CDrea name=author>
<META content=Csdn name=Copyright>
<META
content="As many of you will know, hooking functions not exported by ntoskrnl.exe is a real pain, as you need to hard code their position in KeServiceDescriptorTable, and this will change between windows releases."
name=description>
<META content="CDrea,Simple Hooking of Functions not Exported by Ntoskrnl.exe"
name=keywords><LINK media=all
href="Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files/main.css"
type=text/css rel=stylesheet>
<SCRIPT src="" type=text/javascript></SCRIPT>
<SCRIPT
src="Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files/JSUtils.js"
type=text/javascript></SCRIPT>
<LINK href="http://profile.csdn.net/CDrea/picture/1.ico"
rel="Shortcut Icon"><LINK media=all
href="Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files/skinandwrap.css"
type=text/css rel=stylesheet><LINK title=RSS
href="http://blog.csdn.net/cdrea/rss.aspx" type=application/rss+xml
rel=alternate>
<META content="MSHTML 6.00.3790.4237" name=GENERATOR></HEAD>
<BODY id=defaultuser>
<DIV id=csdnblog_allwrap>
<FORM language=javascript id=Form1 name=Form1
onsubmit="javascript:return WebForm_OnSubmit();" action=652174.aspx
method=post><INPUT id=__EVENTTARGET type=hidden name=__EVENTTARGET> <INPUT
id=__EVENTARGUMENT type=hidden name=__EVENTARGUMENT> <INPUT
id=" __VIEWSTATE" type=hidden name=__VIEWSTATE>
<SCRIPT type=text/javascript>
<!--
var theForm = document.forms['Form1'];
if (!theForm) {
theForm = document.Form1;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
// -->
</SCRIPT>
<SCRIPT type=text/javascript>
//<![CDATA[
var Anthem_FormID = "Form1";
//]]>
</SCRIPT>
<SCRIPT
src="Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files/WebResource.axd"
type=text/javascript></SCRIPT>
<SCRIPT
src="D:\zhangjiong\Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files\WebResource(1).axd"
type=text/javascript></SCRIPT>
<SCRIPT type=text/javascript>
<!--
function WebForm_OnSubmit() {
if (typeof(ValidatorOnSubmit) == "function" && ValidatorOnSubmit() == false) return false;
return true;
}
// -->
</SCRIPT>
<DIV id=csdnblog_midwrap>
<DIV id=csdnblog_header>
<H1><A id=Header1_HeaderTitle href="http://blog.csdn.net/cdrea/">白日梦</A></H1>
<H2>我不苟同你的思想,但是我绝对捍卫你思想的自由。<SPAN id=TopicAuthor
style="DISPLAY: none">CDrea</SPAN></H2>
<UL id=personalnav>
<LI><A href="http://passport.csdn.net/UserLogin.aspx">登录</A></LI>
<LI><A href="http://passport.csdn.net/CSDNUserRegister.aspx">注册</A></LI></UL>
<UL id=menu>
<LI><A href="http://hi.csdn.net/CDrea">空间</A></LI>
<LI><A class=on href="http://blog.csdn.net/CDrea">博客</A></LI>
<LI><A href="http://hi.csdn.net/CDrea/profile/contactlist/1.html">好友</A></LI>
<LI><A href="http://blog.csdn.net/CDrea/Gallery.aspx">相册</A></LI>
<LI><A class=last
href="http://hi.csdn.net/CDrea/profile/notebook/1.html">留言</A></LI></UL></DIV>
<DIV id=csdnblog_sidebar>
<DIV class=gutter>
<DIV class=aboutauthor>
<DL>
<DT>CDrea的公告
<DD><IMG src=""><BR><BR>
<DT>软件项目交易
<DD><IFRAME
style="PADDING-RIGHT: 0px; PADDING-LEFT: 0px; PADDING-BOTTOM: 0px; MARGIN: 0px; WIDTH: 180px; PADDING-TOP: 0px; HEIGHT: 32px"
src="Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files/CsdnBlogPage.htm"
frameBorder=0 scrolling=no></IFRAME><SPAN id=SubscriptionList>
<DT>订阅我的博客
<DD><A href="http://blog.csdn.net/cdrea/Rss.aspx"><IMG alt=XML聚合
src="Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files/xml.gif"
border=0></A> <A href="http://feeds.feedsky.com/csdn.net/CDrea"
target=_blank><IMG alt=FeedSky
src="Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files/feedsky.gif"
border=0></A>
<DD><A
href="http://www.xianguo.com/subscribe.php?url=http://blog.csdn.net/cdrea/Rss.aspx"
target=_blank><IMG alt=订阅到鲜果
src="Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files/rss_xianguo.jpg"
border=0></A>
<DD><A
href="http://fusion.google.com/add?feedurl=http://blog.csdn.net/cdrea/Rss.aspx"
target=_blank><IMG alt=订阅到Google
src="Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files/rss_google.gif"
border=0></A>
<DD><A
href="http://www.zhuaxia.com/add_channel.php?url=http://blog.csdn.net/cdrea/Rss.aspx"
target=_blank><IMG alt=订阅到抓虾
src="Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files/rss_zhuaxia.gif"
border=0></A>
<DD><A href="http://www.bloglines.com/sub/http://blog.csdn.net/cdrea/Rss.aspx"
target=_blank><IMG alt=订阅到BlogLines
src="Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files/rss_bloglines.gif"
border=0></A>
<DD><A
href="http://add.my.yahoo.com/rss?url=http://blog.csdn.net/cdrea/Rss.aspx"
target=_blank><IMG alt=订阅到Yahoo
src="Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files/rss_yahoo.gif"
border=0></A>
<DD><A
href="http://rss.gougou.com/find_rss.jsp?url=http://blog.csdn.net/cdrea/Rss.aspx"
target=_blank><IMG alt=订阅到GouGou
src="Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files/rss_gougou.gif"
border=0></A>
<DD><A
href="http://www.pageflakes.com/subscribe.aspx?url=http://blog.csdn.net/cdrea/Rss.aspx"
target=_blank><IMG alt=订阅到飞鸽
src="Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files/rss_pageflakes.gif"
border=0></A>
<DD><A
href="http://www.rojo.com/add-subscription?resource=http://blog.csdn.net/cdrea/Rss.aspx"
target=_blank><IMG alt=订阅到Rojo
src="Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files/rss_rojo.gif"
border=0></A>
<DD><A
href="http://www.newsgator.com/ngs/subscriber/subfext.aspx?url=http://blog.csdn.net/cdrea/Rss.aspx"
target=_blank><IMG alt=订阅到newsgator
src="Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files/rss_newsgator.gif"
border=0></A>
<DD><A
href="http://www.netvibes.com/subscribe.php?url=http://blog.csdn.net/cdrea/Rss.aspx"
target=_blank><IMG alt=订阅到netvibes
src="Simple Hooking of Functions not Exported by Ntoskrnl_exe - 白日梦 - CSDNBlog_files/rss_netvibes.gif"
border=0></A></SPAN>
<DT>文章分类
<DD>
<DIV class=publiclist_sidebar>
<UL>
<LI><A href="http://blog.csdn.net/CDrea/category/92697.aspx">编程之道</A><A
href="http://blog.csdn.net/CDrea/category/92697.aspx/rss">(RSS)</A>
<LI><A href="http://blog.csdn.net/CDrea/category/92948.aspx">支言片语</A><A
href="http://blog.csdn.net/CDrea/category/92948.aspx/rss">(RSS)</A>
<LI><A href="http://blog.csdn.net/CDrea/category/92701.aspx">稚子狂歌</A><A
href="http://blog.csdn.net/CDrea/category/92701.aspx/rss">(RSS)</A></LI></UL></DIV>
<DT>收藏
<DD>
<DIV class=publiclist_sidebar>
<UL></UL></DIV>
<DT>相册
<DT>..::技术::..
<DD><A href="http://gxter.blogchina.com/index.html" target=_blank>Gxter的博客</A>
<DD><A href="http://kruglinski.blogchina.com/index.html"
target=_blank>kruglinski的马桶</A>
<DD><A href="http://blog.csdn.net/LionD8/" target=_blank>LionD8's Blog</A>
<DD><A href="http://www.vfocus.net/blog/" target=_blank>VITTER'S BLOG</A>
<DD><A href="http://www.whitecell.org/" target=_blank>WhiteCell</A>
<DD><A href="http://www.safechina.net/" target=_blank>中华安全网</A>
<DD><A href="http://nyyanbing.blogdriver.com/nyyanbing/index.html"
target=_blank>南阳岩冰's Blog</A>
<DD><A href="http://hexun.com/kidhe/default.html" target=_blank>小何同学的心情不错</A>
<DD><A href="http://blog.hexun.com/youyudexin0269" target=_blank>绚丽的心伤</A><A
href="http://blog.csdn.net/CDrea/archive/2006/04/05/关于JAVA开发"
target=_blank>(RSS)</A>
<DT>..::生活::..
<DD><A href="http://sobolo.com/default.aspx" target=_blank>Sobolo</A>
<DD><A href="http://www.okbbs.com/" target=_blank>智机天下</A>
<DD><A href="http://blog.yesky.com/Blog/se191" target=_self>核反应堆</A>
<DT>..::音乐::..
<DD><A href="http://hexun.com/zhudidongxiao" target=_blank>国韵笛笙</A>
<DD><A href="http://www.icysoul.com/" target=_blank>安魂花园</A>
<DD><A href="http://sobolo.com/blogs/ele/default.aspx" target=_blank>花儿与诗</A>
<DT>存档
<DD>
<DIV class=publiclist_sidebar>
<UL>
<LI><A
href="http://blog.csdn.net/CDrea/archive/2006/05.aspx">2006年05月(1)</A>
<LI><A
href="http://blog.csdn.net/CDrea/archive/2006/04.aspx">2006年04月(5)</A>
<LI><A
href="http://blog.csdn.net/CDrea/archive/2006/01.aspx">2006年01月(2)</A>
<LI><A
href="http://blog.csdn.net/CDrea/archive/2005/08.aspx">2005年08月(5)</A>
<LI><A
href="http://blog.csdn.net/CDrea/archive/2005/07.aspx">2005年07月(1)</A>
<LI><A
href="http://blog.csdn.net/CDrea/archive/2005/03.aspx">2005年03月(1)</A>
<LI><A
href="http://blog.csdn.net/CDrea/archive/2005/02.aspx">2005年02月(3)</A>
<LI><A
href="http://blog.csdn.net/CDrea/archive/2005/01.aspx">2005年01月(3)</A></LI></UL></DIV><SPAN
id=RecentVisitors></SPAN><SPAN id=Anthem_RecentComments_ltlComments__><SPAN
id=RecentComments_ltlComments>
<DT>最近评论
<DD>CDrea:<A title="点击查看《回复:利用 TDI HOOK 实现任意端口复用 》"
href="http://blog.csdn.net/cdrea/archive/2006/05/30/764022.aspx#470320">我已经把DMCanon的代码放到压缩包里了,编译一下就可以了。</A>
<DD>nipcdll:<A title="点击查看《回复:利用 TDI HOOK 实现任意端口复用 》"
href="http://blog.csdn.net/cdrea/archive/2006/05/30/764022.aspx#467230">“网络中最后一个连接做了复用”,那如果想复用135端口的话,应该修改什么呢?</A>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -