|
[求助]WS2_32!recv接收到的数据包好像没有走NtDeviceIoControlFile
楼上的,我是设计为单入口,单出口,所以使用了break |
|
[求助]WS2_32!recv接收到的数据包好像没有走NtDeviceIoControlFile
代码如下: __asm { push OutputBufferLength push OutputBuffer push InputBufferLength push InputBuffer push IoControlCode push IoStatusBlock push ApcContext push ApcRoutine push Event push FileHandle call pNtDeviceIoControl mov stat ,eax } //如果原始函数失败了(例如RECV无数据) if (!NT_SUCCESS(stat)) { break; } //检查是否为TCP收发指令 if ( IoControlCode != AFD_SEND && IoControlCode != AFD_RECV) { _stprintf_s( szOut , 10240 , _T("IoControlCode = 0X%X\n") , IoControlCode ); OutputDebugString(szOut); break; } //访问AFD INFO结构,获得SEND或RECV的BUFFER信息 //这里可能是有问题的BUFFER,因此我们要加TRY EXCEPT // if ( CheckReadMemory( InputBuffer , sizeof(PAFD_INFO)) ) { break; } //从InputBuffer得到Buffer和Len AfdInfo = (PAFD_INFO)InputBuffer ; if( AfdInfo == NULL ) { _stprintf_s( szOut , 10240 , _T("[fdInfo == NULL] IoControlCode = 0X%X\n") , IoControlCode ); OutputDebugString(szOut); break; } if ( CheckReadMemory( AfdInfo->BufferArray->buf , AfdInfo->BufferArray->len ) ) { break; } Buffer = AfdInfo->BufferArray->buf ; Len = AfdInfo->BufferArray->len; if ( CheckReadMemory( AfdInfo->BufferArray->buf , Len ) ) { break; } memset( szOut , 0 , 10240 ); switch( IoControlCode ) { case AFD_SEND: { sprintf_s( szOut , 10240 , "%u_AFD_SEND" , GetCurrentProcessId() ); } break; case AFD_RECV: { sprintf_s( szOut , 10240, "%u_AFD_RECV" , GetCurrentProcessId() ); } break; default:break; } |
|
|
|
[求助]WS2_32!recv接收到的数据包好像没有走NtDeviceIoControlFile
#define AFD_RECV 0x12017 |
|
[求助]WS2_32!recv接收到的数据包好像没有走NtDeviceIoControlFile
WS2_32!send是要调用NtDeviceIoControlFile的 |
|
[招聘][招聘]加密知名企业高薪急聘外壳研发软件工程师!
薪水有点低! |
|
[社招]网易诚招游戏安全工程师(驱动方向)(更新2013 校园招聘)
要是在北京,可以考虑 |
|
[招聘]算法工程师
高中毕业生,飘过 |
|
[招聘]
希望在北京工作 |
|
[求助]修复ASProtext壳IAT的问题
我记得, ImportREC_fix自带一个ASProtext的插件,用这个插件修复,试试! |
|
[注意]测试你的肺活量,按住键盘0,憋气,看你能有多少行,男人不做假!
00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 |
|
****
可惜不在北京呀 |
|
[讨论]汇编语言中,多个模块文件的包含问题
多谢大侠指点! |
|
[求助]使用CreateRemote 注入MSVCR90D.dll总是失败
确实注入不进去!有个错误的提示! |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值