-
-
win7下的MPspTerminateThreadByPointer....
-
发表于:
2010-1-24 11:55
4240
-
win7下的MPspTerminateThreadByPointer....
代码先贴上:
ULONG funAddr;
PEPROCESS pEProc;
ULONG pTempThread;
ULONG pid=*(PULONG)pInputBuffer;
*(PULONG)pOutputBuffer=0;
ULONG pNextEntry, pListHead, pThNextEntry,pThListHead;
if (NT_SUCCESS(PsLookupProcessByProcessId((HANDLE)pid,&pEProc)))
{
funAddr=(ULONG)GetKillFunAddr(FindPspTerminateThreadByPointer);
if (funAddr)
{
MPspTerminateThreadByPointer=(PSPTERMINATETHREADBYPOINTER)funAddr;
pThListHead=(ULONG)pEProc+GetOffset(ThreadListHead_OFFSET);
pThNextEntry=*(PULONG)pThListHead;
while(pThNextEntry!=pThListHead){
pTempThread=pThNextEntry-GetOffset(ThreadListEntry_OFFSET);
if (!(*(PDWORD)(pTempThread+GetOffset(Terminated_OFFSET))&1))
{
MPspTerminateThreadByPointer((PETHREAD)pTempThread,0);
}
pThNextEntry = *(PULONG)pThNextEntry;
}
*(PULONG)pOutputBuffer=1;
}
}
sizeofWrite = OutputBuffLength;
break;
PspTerminateThreadByPointer在WIN7下也找到了,但有时结束线程时机子就挂了....各位大大请问是什么原因?
各偏移都是对的
刚学驱动,代码写的不是很好,请见谅.
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
