#define HANDLE_TBL_OFF 0x0C4 #define IMAGE_NAME_OFF 0x174 #define HTBL_FLINK_OFF 0x01C #define PID_OFF 0x084 #define HTBL_EPROC_OFF 0x004 VOID ListProcess() { ULONG currEPROC; ULONG currHandleTbl; currEPROC = (ULONG)PsGetCurrentProcess(); currHandleTbl = *(PULONG)(currEPROC + HANDLE_TBL_OFF); while ( TRUE ){ //打印进程 DbgPrint( "PID:%4d ImageName:%s\r\n", *(PULONG)(currEPROC+PID_OFF), (PVOID)(currEPROC+IMAGE_NAME_OFF) ); //下一个进程 currHandleTbl = *(PULONG)(currHandleTbl + HTBL_FLINK_OFF) - HTBL_FLINK_OFF; currEPROC = *(PULONG)(currHandleTbl + HTBL_EPROC_OFF); //回到起始处则结束 if ( !currEPROC ) break; } }
[培训]二进制漏洞攻防(第3期);满10人开班;模糊测试与工具使用二次开发;网络协议漏洞挖掘;Linux内核漏洞挖掘与利用;AOSP漏洞挖掘与利用;代码审计。