内核线程注入x86
主要通过Ring0层驱动Attach到目标进程然后调用NtCreateThreadEx来执行ShellCode,ShellCode做了一个注入Dll的简单行为。
文件下载
资源详情
[{"title":"( 98 个子文件 28.34MB ) 内核线程注入x86","children":[{"title":"内核线程注入x86","children":[{"title":".vs","children":[{"title":"内核线程注入x86","children":[{"title":"v14","children":[{"title":".suo <span style='color:#111;'> 38.00KB </span>","children":null,"spread":false}],"spread":true}],"spread":true}],"spread":true},{"title":"内核线程注入x86.VC.db <span style='color:#111;'> 43.21MB </span>","children":null,"spread":false},{"title":"内核线程注入x86.sln <span style='color:#111;'> 4.65KB </span>","children":null,"spread":false},{"title":"Ring0","children":[{"title":"Core.c <span style='color:#111;'> 411B </span>","children":null,"spread":false},{"title":"Ring0.vcxproj.user <span style='color:#111;'> 165B </span>","children":null,"spread":false},{"title":"Ring0.vcxproj <span style='color:#111;'> 7.24KB </span>","children":null,"spread":false},{"title":"Ring0.c <span style='color:#111;'> 15.23KB </span>","children":null,"spread":false},{"title":"Core.h <span style='color:#111;'> 104B </span>","children":null,"spread":false},{"title":"Ring0.vcxproj.filters <span style='color:#111;'> 1.58KB </span>","children":null,"spread":false},{"title":"Ring0.h <span style='color:#111;'> 1.96KB </span>","children":null,"spread":false},{"title":"Common.h <span style='color:#111;'> 12.83KB </span>","children":null,"spread":false},{"title":"Debug","children":[{"title":"Core.obj <span style='color:#111;'> 13.05KB </span>","children":null,"spread":false},{"title":"Ring0.tlog","children":[{"title":"CL.write.1.tlog <span style='color:#111;'> 998B </span>","children":null,"spread":false},{"title":"CL.read.1.tlog <span style='color:#111;'> 13.85KB </span>","children":null,"spread":false},{"title":"signtool.write.1.tlog <span style='color:#111;'> 216B </span>","children":null,"spread":false},{"title":"signtool.command.1.tlog <span style='color:#111;'> 230B </span>","children":null,"spread":false},{"title":"signtool.read.1.tlog <span style='color:#111;'> 378B </span>","children":null,"spread":false},{"title":"CL.command.1.tlog <span style='color:#111;'> 2.51KB </span>","children":null,"spread":false},{"title":"link.write.1.tlog <span style='color:#111;'> 448B </span>","children":null,"spread":false},{"title":"signtool.timestamp.1.tlog <span style='color:#111;'> 98B </span>","children":null,"spread":false},{"title":"link.command.1.tlog <span style='color:#111;'> 2.25KB </span>","children":null,"spread":false},{"title":"link.read.1.tlog <span style='color:#111;'> 1.53KB </span>","children":null,"spread":false},{"title":"Ring0.lastbuildstate <span style='color:#111;'> 260B </span>","children":null,"spread":false}],"spread":false},{"title":"vc140.pdb <span style='color:#111;'> 148.00KB </span>","children":null,"spread":false},{"title":"Ring0.obj <span style='color:#111;'> 35.59KB </span>","children":null,"spread":false},{"title":"Ring0.log <span style='color:#111;'> 1.97KB </span>","children":null,"spread":false},{"title":"Ring0.Build.CppClean.log <span style='color:#111;'> 1.51KB </span>","children":null,"spread":false}],"spread":true},{"title":"Import.h <span style='color:#111;'> 1006B </span>","children":null,"spread":false}],"spread":true},{"title":"Ring3","children":[{"title":"Ring3.h <span style='color:#111;'> 415B </span>","children":null,"spread":false},{"title":"Ring3.vcxproj <span style='color:#111;'> 7.21KB </span>","children":null,"spread":false},{"title":"x64","children":[{"title":"Debug","children":[{"title":"Ring3.log <span style='color:#111;'> 386B </span>","children":null,"spread":false},{"title":"Ring3.Build.CppClean.log <span style='color:#111;'> 1.10KB </span>","children":null,"spread":false},{"title":"Ring3.tlog","children":[{"title":"CL.write.1.tlog <span style='color:#111;'> 464B </span>","children":null,"spread":false},{"title":"CL.read.1.tlog <span style='color:#111;'> 26.67KB </span>","children":null,"spread":false},{"title":"Ring3.lastbuildstate <span style='color:#111;'> 223B </span>","children":null,"spread":false},{"title":"CL.command.1.tlog <span style='color:#111;'> 596B </span>","children":null,"spread":false},{"title":"link.write.1.tlog <span style='color:#111;'> 448B </span>","children":null,"spread":false},{"title":"link.command.1.tlog <span style='color:#111;'> 1.14KB </span>","children":null,"spread":false},{"title":"link.read.1.tlog <span style='color:#111;'> 2.71KB </span>","children":null,"spread":false}],"spread":true}],"spread":true}],"spread":true},{"title":"Ring3.cpp <span style='color:#111;'> 1.98KB </span>","children":null,"spread":false},{"title":"Ring3.vcxproj.filters <span style='color:#111;'> 810B </span>","children":null,"spread":false},{"title":"Debug","children":[{"title":"Ring3.obj <span style='color:#111;'> 50.89KB </span>","children":null,"spread":false},{"title":"Ring3.log <span style='color:#111;'> 223B </span>","children":null,"spread":false},{"title":"vc140.pdb <span style='color:#111;'> 404.00KB </span>","children":null,"spread":false},{"title":"vc140.idb <span style='color:#111;'> 755.00KB </span>","children":null,"spread":false},{"title":"Ring3.Build.CppClean.log <span style='color:#111;'> 1.09KB </span>","children":null,"spread":false},{"title":"Ring3.tlog","children":[{"title":"CL.write.1.tlog <span style='color:#111;'> 464B </span>","children":null,"spread":false},{"title":"CL.read.1.tlog <span style='color:#111;'> 26.73KB </span>","children":null,"spread":false},{"title":"Ring3.lastbuildstate <span style='color:#111;'> 228B </span>","children":null,"spread":false},{"title":"CL.command.1.tlog <span style='color:#111;'> 640B </span>","children":null,"spread":false},{"title":"link.write.1.tlog <span style='color:#111;'> 440B </span>","children":null,"spread":false},{"title":"link.command.1.tlog <span style='color:#111;'> 1.11KB </span>","children":null,"spread":false},{"title":"link.read.1.tlog <span style='color:#111;'> 2.66KB </span>","children":null,"spread":false}],"spread":false}],"spread":true}],"spread":true},{"title":"ipch","children":[{"title":"DLL-e26f8fb3","children":[{"title":"DLLX86-2a2884ae.ipch <span style='color:#111;'> 19.31MB </span>","children":null,"spread":false},{"title":"DLL-5fa58448.ipch <span style='color:#111;'> 19.31MB </span>","children":null,"spread":false}],"spread":true}],"spread":true},{"title":"Debug","children":[{"title":"Dllx86.dll <span style='color:#111;'> 34.50KB </span>","children":null,"spread":false},{"title":"Dllx86.pdb <span style='color:#111;'> 1004.00KB </span>","children":null,"spread":false},{"title":"Ring0.sys <span style='color:#111;'> 10.70KB </span>","children":null,"spread":false},{"title":"Dllx86.ilk <span style='color:#111;'> 227.63KB </span>","children":null,"spread":false},{"title":"Ring0.pdb <span style='color:#111;'> 308.00KB </span>","children":null,"spread":false},{"title":"Ring3.ilk <span style='color:#111;'> 302.73KB </span>","children":null,"spread":false},{"title":"Ring0","children":[{"title":"Ring0.sys <span style='color:#111;'> 10.70KB </span>","children":null,"spread":false}],"spread":false},{"title":"Ring3.exe <span style='color:#111;'> 37.50KB </span>","children":null,"spread":false},{"title":"Ring3.pdb <span style='color:#111;'> 804.00KB </span>","children":null,"spread":false},{"title":"Ring0.cer <span style='color:#111;'> 848B </span>","children":null,"spread":false}],"spread":true},{"title":"Dll","children":[{"title":"stdafx.cpp <span style='color:#111;'> 207B </span>","children":null,"spread":false},{"title":"stdafx.h <span style='color:#111;'> 315B </span>","children":null,"spread":false},{"title":"dllmain.cpp <span style='color:#111;'> 465B </span>","children":null,"spread":false},{"title":"targetver.h <span style='color:#111;'> 240B </span>","children":null,"spread":false},{"title":"Dll.vcxproj.filters <span style='color:#111;'> 1.37KB </span>","children":null,"spread":false},{"title":"x64","children":[{"title":"Debug","children":[{"title":"Dll.Build.CppClean.log <span style='color:#111;'> 1.31KB </span>","children":null,"spread":false},{"title":"Dll.log <span style='color:#111;'> 244B </span>","children":null,"spread":false},{"title":"Dll.tlog","children":[{"title":"CL.write.1.tlog <span style='color:#111;'> 1.42KB </span>","children":null,"spread":false},{"title":"CL.read.1.tlog <span style='color:#111;'> 23.88KB </span>","children":null,"spread":false},{"title":"CL.command.1.tlog <span style='color:#111;'> 2.11KB </span>","children":null,"spread":false},{"title":"link.write.1.tlog <span style='color:#111;'> 662B </span>","children":null,"spread":false},{"title":"link.command.1.tlog <span style='color:#111;'> 1.42KB </span>","children":null,"spread":false},{"title":"link.read.1.tlog <span style='color:#111;'> 3.08KB </span>","children":null,"spread":false},{"title":"Dll.lastbuildstate <span style='color:#111;'> 223B </span>","children":null,"spread":false}],"spread":false}],"spread":false}],"spread":false},{"title":"Dll.cpp <span style='color:#111;'> 75B </span>","children":null,"spread":false},{"title":"Dll.vcxproj <span style='color:#111;'> 8.90KB </span>","children":null,"spread":false},{"title":"Debug","children":[{"title":"dllmain.obj <span style='color:#111;'> 8.77KB </span>","children":null,"spread":false},{"title":"Dllx86.Build.CppClean.log <span style='color:#111;'> 1.30KB </span>","children":null,"spread":false},{"title":"vc140.pdb <span style='color:#111;'> 484.00KB </span>","children":null,"spread":false},{"title":"stdafx.obj <span style='color:#111;'> 137.47KB </span>","children":null,"spread":false},{"title":"Dll.Build.CppClean.log <span style='color:#111;'> 1.25KB </span>","children":null,"spread":false},{"title":"Dll.obj <span style='color:#111;'> 2.08KB </span>","children":null,"spread":false},{"title":"vc140.idb <span style='color:#111;'> 403.00KB </span>","children":null,"spread":false},{"title":"Dll.log <span style='color:#111;'> 248B </span>","children":null,"spread":false},{"title":"Dllx86.pch <span style='color:#111;'> 7.44MB </span>","children":null,"spread":false},{"title":"Dll.tlog","children":[{"title":"CL.write.1.tlog <span style='color:#111;'> 1.43KB </span>","children":null,"spread":false},{"title":"CL.read.1.tlog <span style='color:#111;'> 23.87KB </span>","children":null,"spread":false},{"title":"CL.command.1.tlog <span style='color:#111;'> 2.24KB </span>","children":null,"spread":false},{"title":"link.write.1.tlog <span style='color:#111;'> 668B </span>","children":null,"spread":false},{"title":"link.command.1.tlog <span style='color:#111;'> 1.40KB </span>","children":null,"spread":false},{"title":"link.read.1.tlog <span style='color:#111;'> 3.03KB </span>","children":null,"spread":false},{"title":"Dll.lastbuildstate <span style='color:#111;'> 228B </span>","children":null,"spread":false}],"spread":false}],"spread":false},{"title":"ReadMe.txt <span style='color:#111;'> 1.82KB </span>","children":null,"spread":false}],"spread":true}],"spread":true}],"spread":true}]
评论信息
其他资源
- 2017Java期末考试真题100道(附答案解析)
- 径向基神经网络MATLAB仿真
- 基于电子病历数据的临床决策支持研究
- LPDDR4X jedec SPEC
- 京东项目实战.zip
- VC上位机MFC利用串口控件发送接收数据
- 用matlab实现牛顿迭代法
- linux c 进程间通信 消息队列
- 《设计一个美梦》—有关百度锁屏的故事
- 具有三种原色的蚂蚁,用于轨道启动
- 生成ABAP查询报表_4.1.xls
- 扫描大师(V8.15.0.616).rar
- SQLA1704_Documentation_Chinese_HTML_Help.zip
- 天翼云弹性云主机用户使用指南v1.pdf
- sourceinsight3.5最后一版.zip
- 一种新型基于TEC的精密温控器设计
- 实现一个FTP服务系统
- 图片颜色转换-图片反色处理
- 基于颜色的目标追踪源码
- NLPCC2013评估任务_跨领域情感分类
- windows 进程看门狗批处理脚本 用于进程守护
- 高频开关型逆变器及其并联并网技术.rar
免责申明
【只为小站】的资源来自网友分享,仅供学习研究,请务必在下载后24小时内给予删除,不得用于其他任何用途,否则后果自负。基于互联网的特殊性,【只为小站】 无法对用户传输的作品、信息、内容的权属或合法性、合规性、真实性、科学性、完整权、有效性等进行实质审查;无论 【只为小站】 经营者是否已进行审查,用户均应自行承担因其传输的作品、信息、内容而可能或已经产生的侵权或权属纠纷等法律责任。
本站所有资源不代表本站的观点或立场,基于网友分享,根据中国法律《信息网络传播权保护条例》第二十二条之规定,若资源存在侵权或相关问题请联系本站客服人员,zhiweidada#qq.com,请把#换成@,本站将给予最大的支持与配合,做到及时反馈和处理。关于更多版权及免责申明参见 版权及免责申明
本站所有资源不代表本站的观点或立场,基于网友分享,根据中国法律《信息网络传播权保护条例》第二十二条之规定,若资源存在侵权或相关问题请联系本站客服人员,zhiweidada#qq.com,请把#换成@,本站将给予最大的支持与配合,做到及时反馈和处理。关于更多版权及免责申明参见 版权及免责申明