|
[求助]请教虚拟设备的WDM驱动里AddDevice调用的发起原因?
不知道com0com的方式是什么,一般的虚拟驱动的方式都是在手动添加硬件然后有inf文件,这样激活了AddDevice |
|
[求助]rar的密码可以破解吗?
等计算机的飞速发展吧,估计过个一二十年,计算机的速度飞跃那么个几十万倍,也许暴力破解能行 |
|
[原创]六一献小礼:完整可编译NT4's NTFS源码(可稳定替换xp原版ntfs.sys)
到断点了,我一直单步走,然后在初始化spin lock就错误了 |
|
[原创]六一献小礼:完整可编译NT4's NTFS源码(可稳定替换xp原版ntfs.sys)
连续运行能通过,可是单步不行? 另外停在 ASSERT((*Fcb)->Resource->NumberOfSharedWaiters == 0); 不能通过,输入忽略也不行 |
|
[原创]六一献小礼:完整可编译NT4's NTFS源码(可稳定替换xp原版ntfs.sys)
我的运行不能通过,我用的是virtualbox xp sp3. 在DriverEntry 中就不能通过中断在KeInitializeSpinLock *** Fatal System Error: 0x00000050 (0xCC9FB098,0x00000001,0xFA9F44C8,0x00000000) Driver at fault: *** Ntfs.sys - Address FA9F44C8 base at FA9DD000, DateStamp 4a44bda5 . A fatal system error has occurred. Debugger entered on first try; Bugcheck callbacks have not been invoked. A fatal system error has occurred. The debuggee is ready to run nt!RtlpBreakWithStatusInstruction: 804e4592 cc int 3 大牛帮助看看是什么原因的错误? 我用的是wdk 6001.18002编译 |
|
[求助]请教虚拟设备的WDM驱动里AddDevice调用的发起原因?
我也有这个疑惑... |
|
[讨论]想给QQ加个DLL真麻烦啊
注入可以的,我测试过,qq2008正式版 |
|
[求助]CreateFileMapping对应哪个Irp?
我跟了一下记事本本程序,发现他没有ReadFile,而是用的FILEMAP CreateFileMapping MapViewOfFile 这样的处理怎么用过滤驱动处理呢? |
|
|
|
[原创]六一献小礼:完整可编译NT4's NTFS源码(可稳定替换xp原版ntfs.sys)
更改了几个地方,终于可以编译通过,呵呵不知道有什么问题没有 lfsprocs.h: /*#define LfsReleaseLfcb(LFCB) \ if ((LFCB)->Sync->Resource.OwnerThreads[0].OwnerThread == ExGetCurrentResourceThread()) {\ ExReleaseResource( &(LFCB)->Sync->Resource ); \ }//*/ #define LfsReleaseLfcb(LFCB) \ if ((LFCB)->Sync->Resource.OwnerEntry.OwnerThread == ExGetCurrentResourceThread()) {\ ExReleaseResource( &(LFCB)->Sync->Resource ); \ } #define LfsAcquireLch(LCH) \ ExAcquireResourceExclusive( &(LCH)->Sync->Resource, TRUE ) /*#define LfsReleaseLch(LCH) \ if ((LCH)->Sync->Resource.OwnerThreads[0].OwnerThread == ExGetCurrentResourceThread()) { \ ExReleaseResource( &(LCH)->Sync->Resource ); \ }//*/ #define LfsReleaseLch(LCH) \ if ((LCH)->Sync->Resource.OwnerEntry.OwnerThread == ExGetCurrentResourceThread()) { \ ExReleaseResource( &(LCH)->Sync->Resource ); \ } restrsup.c logsup.c TransactionStateNormal ;//TransactionActive; TransactionStateIndoubt ;//TransactionPrepared; TransactionStateCommittedNotify;//TransactionCommitted; 欢迎指正错误(有没有改错)呵呵 |
|
[原创]六一献小礼:完整可编译NT4's NTFS源码(可稳定替换xp原版ntfs.sys)
好象是ERESOURCE这个结构引起的 |
|
[原创]六一献小礼:完整可编译NT4's NTFS源码(可稳定替换xp原版ntfs.sys)
我用wdk 2008 不能编译通过(使用xp2的环境). 问一下楼主的编译环境,谢谢___有点贪心..... D:\WINDDK\6001.18002\src\fengjl>cd MyNtfs D:\WINDDK\6001.18002\src\fengjl\MyNtfs>build BUILD: Compile and Link for x86 BUILD: Loading d:\winddk\6001.18002\build.dat... BUILD: Computing Include file dependencies: BUILD: Start time: Thu Jun 25 15:25:44 2009 BUILD: Examining d:\winddk\6001.18002\src\fengjl\myntfs directory for files to c ompile. BUILD: Saving d:\winddk\6001.18002\build.dat... BUILD: Compiling and Linking d:\winddk\6001.18002\src\fengjl\myntfs directory _NT_TARGET_VERSION SET TO WINXP Compiling - ntfsinit.c errors in directory d:\winddk\6001.18002\src\fengjl\myntfs d:\winddk\6001.18002\src\fengjl\myntfs\inc\lfs.h(154) : error C2011: '_TRANSACTI ON_STATE' : 'enum' type redefinition d:\winddk\6001.18002\src\fengjl\myntfs\sdk\inc\ntioapi.h(803) : error C2011: '_F ILE_FS_VOLUME_INFORMATION' : 'struct' type redefinition d:\winddk\6001.18002\src\fengjl\myntfs\sdk\inc\ntioapi.h(812) : error C2011: '_F ILE_FS_SIZE_INFORMATION' : 'struct' type redefinition d:\winddk\6001.18002\src\fengjl\myntfs\sdk\inc\ntioapi.h(828) : error C2011: '_F ILE_FS_LABEL_INFORMATION' : 'struct' type redefinition d:\winddk\6001.18002\src\fengjl\myntfs\lfs\cachesup.c(681) : error C2039: 'Owner Threads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\registry.c(313) : error C2039: 'Owner Threads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\registry.c(649) : error C2039: 'Owner Threads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\registry.c(974) : error C2039: 'Owner Threads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\registry.c(1061) : error C2039: 'Owne rThreads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\registry.c(1175) : error C2039: 'Owne rThreads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\registry.c(1345) : error C2039: 'Owne rThreads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\registry.c(1929) : error C2039: 'Owne rThreads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\lbcbsup.c(115) : error C2039: 'OwnerT hreads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\querylog.c(224) : error C2039: 'Owner Threads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\querylog.c(265) : error C2039: 'Owner Threads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\querylog.c(451) : error C2039: 'Owner Threads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\querylog.c(568) : error C2039: 'Owner Threads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\querylog.c(689) : error C2039: 'Owner Threads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\querylog.c(791) : error C2039: 'Owner Threads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\restart.c(174) : error C2039: 'OwnerT hreads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\restart.c(237) : error C2039: 'OwnerT hreads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\restart.c(424) : error C2039: 'OwnerT hreads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\restart.c(557) : error C2039: 'OwnerT hreads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\write.c(174) : error C2039: 'OwnerThr eads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\write.c(337) : error C2039: 'OwnerThr eads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\lfs\write.c(456) : error C2039: 'OwnerThr eads' : is not a member of '_ERESOURCE' d:\winddk\6001.18002\src\fengjl\myntfs\restrsup.c(1628) : error C2065: 'Transact ionActive' : undeclared identifier d:\winddk\6001.18002\src\fengjl\myntfs\restrsup.c(1962) : error C2065: 'Transact ionPrepared' : undeclared identifier d:\winddk\6001.18002\src\fengjl\myntfs\restrsup.c(1981) : error C2065: 'Transact ionCommitted' : undeclared identifier Linking Executable - objchk_wxp_x86\i386\myntfs.sys link : error LNK1181: cannot open input file 'd:\winddk\6001.18002\src\fengjl\my ntfs\objchk_wxp_x86\i386\ntfsinit.obj' BUILD: Finish time: Thu Jun 25 15:25:53 2009 BUILD: Done 3 files compiled - 386 Warnings - 29 Errors - 475 LPS 1 executable built - 1 Error D:\WINDDK\6001.18002\src\fengjl\MyNtfs> |
|
[原创]《寒江独钓:Windows内核安全编程》已发售
前三章看过,还在等待我的订购. 楼上有不能编译的兄弟,可能跟路径有关系,我发现在我的桌面的路径就不能编译,放到ddk\src下就可以了,可能是目录不能出现空格或者中文的原因 |
|
《Windows编程循序渐进》已经上市,敬请关注(附样章)
洋章就够看一阵子的,虽然目前没有买这个书的计划(书太多了啊),谢谢楼主的样章 |
|
[求助]研究逆向分析在中国IT界的前途如何
坚持,就是胜利 |
|
[原创]堆结构示意图
这样的确是清楚了,书上的堆的描述让我研究了很长时间,虽然这些书上都写上了,可是这样的图更清晰 |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值