-
-
win7下的MPspTerminateThreadByPointer....
-
发表于:
2010-1-24 11:55
4234
-
win7下的MPspTerminateThreadByPointer....
代码先贴上:
ULONG funAddr;
PEPROCESS pEProc;
ULONG pTempThread;
ULONG pid=*(PULONG)pInputBuffer;
*(PULONG)pOutputBuffer=0;
ULONG pNextEntry, pListHead, pThNextEntry,pThListHead;
if (NT_SUCCESS(PsLookupProcessByProcessId((HANDLE)pid,&pEProc)))
{
funAddr=(ULONG)GetKillFunAddr(FindPspTerminateThreadByPointer);
if (funAddr)
{
MPspTerminateThreadByPointer=(PSPTERMINATETHREADBYPOINTER)funAddr;
pThListHead=(ULONG)pEProc+GetOffset(ThreadListHead_OFFSET);
pThNextEntry=*(PULONG)pThListHead;
while(pThNextEntry!=pThListHead){
pTempThread=pThNextEntry-GetOffset(ThreadListEntry_OFFSET);
if (!(*(PDWORD)(pTempThread+GetOffset(Terminated_OFFSET))&1))
{
MPspTerminateThreadByPointer((PETHREAD)pTempThread,0);
}
pThNextEntry = *(PULONG)pThNextEntry;
}
*(PULONG)pOutputBuffer=1;
}
}
sizeofWrite = OutputBuffLength;
break;
PspTerminateThreadByPointer在WIN7下也找到了,但有时结束线程时机子就挂了....各位大大请问是什么原因?
各偏移都是对的
刚学驱动,代码写的不是很好,请见谅.
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
