能力值:
( LV2,RANK:10 )
|
-
-
|
能力值:
( LV2,RANK:10 )
|
-
-
过TP ntopenprocess 蓝屏问题
#pragma PAGECODE
__declspec(naked)VOID My_NtOpenPrcoess()
{
__asm
{
push dword ptr [ebp-0x38]
push dword ptr [ebp-0x24]
call Old_ObOpenObjectByPointer_Addr
jmp Old_NtOpenProcess_Addr_229
}
}
HOOK的时候
#pragma PAGECODE
VOID HOOK(){
mov ebx,Old_NtOpenProcess_Addr
add ebx,0x21E
mov al,0xE9
mov byte ptr [ebx],al
lea eax,My_NtOpenPrcoess
sub eax,ebx
sub eax,5
mov [ebx+0x1],eax
}
|
能力值:
( LV2,RANK:10 )
|
-
-
|