[讨论]KeUserModeCallback相关问题-编程技术-看雪-安全社区|安全招聘|kanxue.com

最新回复 (3)
yeweijun 雪币： 235 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 5 回帖 43 粉丝 0 关注私信	yeweijun 2 楼 kd> dt _peb 7ffda000 ntdll!_PEB +0x000 InheritedAddressSpace : 0 '' +0x001 ReadImageFileExecOptions : 0 '' +0x002 BeingDebugged : 0 '' +0x003 SpareBool : 0 '' +0x004 Mutant : 0xffffffff +0x008 ImageBaseAddress : 0x00400000 +0x00c Ldr : 0x00241e90 _PEB_LDR_DATA +0x010 ProcessParameters : 0x00020000 _RTL_USER_PROCESS_PARAMETERS +0x014 SubSystemData : (null) +0x018 ProcessHeap : 0x00140000 +0x01c FastPebLock : 0x7c99d600 _RTL_CRITICAL_SECTION +0x020 FastPebLockRoutine : 0x7c921000 +0x024 FastPebUnlockRoutine : 0x7c9210e0 +0x028 EnvironmentUpdateCount : 1 +0x02c KernelCallbackTable : 0x77d12970 kd> dds 0x77d12970 l20 77d12970 77d27f3c USER32!__fnCOPYDATA 77d12974 77d587b3 USER32!__fnCOPYGLOBALDATA 77d12978 77d28ec8 USER32!__fnDWORD 77d1297c 77d2b149 USER32!__fnNCDESTROY 77d12980 77d5876c USER32!__fnDWORDOPTINLPMSG 77d12984 77d5896d USER32!__fnINOUTDRAG 77d12988 77d3b84d USER32!__fnGETTEXTLENGTHS 77d1298c 77d58c42 USER32!__fnINCNTOUTSTRING 77d12990 77d285c1 USER32!__fnINCNTOUTSTRINGNULL 77d12994 77d58b0f USER32!__fnINLPCOMPAREITEMSTRUCT 77d12998 77d2ce26 USER32!__fnINLPCREATESTRUCT 77d1299c 77d58b4d USER32!__fnINLPDELETEITEMSTRUCT 77d129a0 77d4feec USER32!__fnINLPDRAWITEMSTRUCT 77d129a4 77d58b8b USER32!__fnINLPHELPINFOSTRUCT 77d129a8 77d58b8b USER32!__fnINLPHELPINFOSTRUCT 77d129ac 77d589ad USER32!__fnINLPMDICREATESTRUCT 77d129b0 77d4f65c USER32!__fnINOUTLPMEASUREITEMSTRUCT 77d129b4 77d2be16 USER32!__fnINLPWINDOWPOS 77d129b8 77d2d063 USER32!__fnINOUTLPPOINT5 77d129bc 77d2bd0d USER32!__fnINOUTLPSCROLLINFO 77d129c0 77d3e285 USER32!__fnINOUTLPRECT 77d129c4 77d2bf4c USER32!__fnINOUTNCCALCSIZE 77d129c8 77d2bd0d USER32!__fnINOUTLPSCROLLINFO 77d129cc 77d589ff USER32!__fnINPAINTCLIPBRD 77d129d0 77d58a66 USER32!__fnINSIZECLIPBRD 77d129d4 77d30d41 USER32!__fnINDESTROYCLIPBRD 77d129d8 77d2aca1 USER32!__fnINSTRINGNULL 77d129dc 77d2aca1 USER32!__fnINSTRINGNULL 77d129e0 77d1e68c USER32!__fnINDEVICECHANGE 77d129e4 77d58cd7 USER32!__fnINOUTNEXTMENU 77d129e8 77d593f5 USER32!__fnLOGONNOTIFY 77d129ec 77d58728 USER32!__fnOUTDWORDDWORD 2011-6-16 12:07 0
gimbow 雪币： 15 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 3 回帖 13 粉丝 0 关注私信	gimbow 3 楼小菜初学，谢谢指导 2011-6-16 15:09 0
染色体雪币： 23 活跃值： (11) 能力值： ( LV2，RANK：10 ) 在线值：发帖 58 回帖 144 粉丝 0 关注私信	染色体 4 楼学习呵呵 2011-6-21 01:44 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

最新回复 (3)
yeweijun 雪币： 235 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 5 回帖 43 粉丝 0 关注私信	yeweijun 2 楼 kd> dt _peb 7ffda000 ntdll!_PEB +0x000 InheritedAddressSpace : 0 '' +0x001 ReadImageFileExecOptions : 0 '' +0x002 BeingDebugged : 0 '' +0x003 SpareBool : 0 '' +0x004 Mutant : 0xffffffff +0x008 ImageBaseAddress : 0x00400000 +0x00c Ldr : 0x00241e90 _PEB_LDR_DATA +0x010 ProcessParameters : 0x00020000 _RTL_USER_PROCESS_PARAMETERS +0x014 SubSystemData : (null) +0x018 ProcessHeap : 0x00140000 +0x01c FastPebLock : 0x7c99d600 _RTL_CRITICAL_SECTION +0x020 FastPebLockRoutine : 0x7c921000 +0x024 FastPebUnlockRoutine : 0x7c9210e0 +0x028 EnvironmentUpdateCount : 1 +0x02c KernelCallbackTable : 0x77d12970 kd> dds 0x77d12970 l20 77d12970 77d27f3c USER32!__fnCOPYDATA 77d12974 77d587b3 USER32!__fnCOPYGLOBALDATA 77d12978 77d28ec8 USER32!__fnDWORD 77d1297c 77d2b149 USER32!__fnNCDESTROY 77d12980 77d5876c USER32!__fnDWORDOPTINLPMSG 77d12984 77d5896d USER32!__fnINOUTDRAG 77d12988 77d3b84d USER32!__fnGETTEXTLENGTHS 77d1298c 77d58c42 USER32!__fnINCNTOUTSTRING 77d12990 77d285c1 USER32!__fnINCNTOUTSTRINGNULL 77d12994 77d58b0f USER32!__fnINLPCOMPAREITEMSTRUCT 77d12998 77d2ce26 USER32!__fnINLPCREATESTRUCT 77d1299c 77d58b4d USER32!__fnINLPDELETEITEMSTRUCT 77d129a0 77d4feec USER32!__fnINLPDRAWITEMSTRUCT 77d129a4 77d58b8b USER32!__fnINLPHELPINFOSTRUCT 77d129a8 77d58b8b USER32!__fnINLPHELPINFOSTRUCT 77d129ac 77d589ad USER32!__fnINLPMDICREATESTRUCT 77d129b0 77d4f65c USER32!__fnINOUTLPMEASUREITEMSTRUCT 77d129b4 77d2be16 USER32!__fnINLPWINDOWPOS 77d129b8 77d2d063 USER32!__fnINOUTLPPOINT5 77d129bc 77d2bd0d USER32!__fnINOUTLPSCROLLINFO 77d129c0 77d3e285 USER32!__fnINOUTLPRECT 77d129c4 77d2bf4c USER32!__fnINOUTNCCALCSIZE 77d129c8 77d2bd0d USER32!__fnINOUTLPSCROLLINFO 77d129cc 77d589ff USER32!__fnINPAINTCLIPBRD 77d129d0 77d58a66 USER32!__fnINSIZECLIPBRD 77d129d4 77d30d41 USER32!__fnINDESTROYCLIPBRD 77d129d8 77d2aca1 USER32!__fnINSTRINGNULL 77d129dc 77d2aca1 USER32!__fnINSTRINGNULL 77d129e0 77d1e68c USER32!__fnINDEVICECHANGE 77d129e4 77d58cd7 USER32!__fnINOUTNEXTMENU 77d129e8 77d593f5 USER32!__fnLOGONNOTIFY 77d129ec 77d58728 USER32!__fnOUTDWORDDWORD 2011-6-16 12:07 0
gimbow 雪币： 15 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 3 回帖 13 粉丝 0 关注私信	gimbow 3 楼小菜初学，谢谢指导 2011-6-16 15:09 0
染色体雪币： 23 活跃值： (11) 能力值： ( LV2，RANK：10 ) 在线值：发帖 58 回帖 144 粉丝 0 关注私信	染色体 4 楼学习呵呵 2011-6-21 01:44 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复