===================================================
kerberos spy v1.01 WIN2K\WINXP
by Rustem Fasihov
===================================================
0. Features
1. Thanx
2. New
3. Files list
0. Features
0. All known spyes work as debuggers
- kerberos not run program as debugger
1. You can hook not only WinAPI function
2. Plugin support thats give you unlimited control of functions
3. Possible work as packed program loader.
4. Programmed on assembler
Extract kerberos.zip to folder C:\kerberos
Spy report of program function calls appear in text *.rep file in
spyed program folder. For better view this file use fixed width
font (Courier New, Terminal ...).
If spy fails - try to decrease count of hooked functions
- very effective solution
1. Thanx
To kero in kerberos user interface modification.
Kerberos - interface - modification
1) + drag'n'drop ( -> "File")
2) + fill "Process ID" Editbox (if process has visible window):
a) if your mouse has wheel
kerberos window -> foreground,
place cursor over needful window and roll mouse wheel
b) else
"Process ID" Editbox -> focus,
place cursor over needful window and press key F8
+critical pieces of code optimized and now speed of spy work more faster
+ke_plug.asm - plugin template small changed (look it)
+module name show !!!
+bug fixed - in ADDRESS table calculation (now RET_ADDRESS)
+bug fixed - Windows version check in ke_load.exe
+function databse corrected
+string identification !!!
+almost all of the API functions can be hooked
(exept functions smaller than 5 bytes)
3. Files:
ke_load.exe - kerberos spy injector
ke_core.dll - kerberos spy core
ke_spy.xt - kerberos spy database
ke_plug.dll - kerberos spy plugin
(C)Rustem Fasihov 2004-2005
<fasihov@mail.ru>
下载:
http://wasm.ru/baixado.php?mode=tool&id=313
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课