Kill IceSword-vulnerability warning-the black bar safety net

Posted By Inking This article is a study of the Rootkit... and the SSDT Hook magical－against ring0 inline hook after the results. According to the SSDT Hook magical－against ring0 inline hook said, IceSword inline Hook the NtOpenProcess function, but when I wrote out the code when how also unable ...

The Flash vulnerability used in shellcode analysis-vulnerability warning-the black bar safety net

Title: 【original】flash vulnerability used in shellcode analysis Author: Regulus small Cong Time: 2008-06-02,1 9:2 9 Links: http://bbs.pediy.com/showthread.php?t=65907 Author home page: http://hi.baidu.com/yicong2007 The purpose: purely to learn, do not for malicious purposes In recent days flash...

the flash vulnerability used in shellcode analysis-vulnerability warning-the black bar safety net

Title: 【original】flash vulnerability used in shellcode analysis Author: Regulus small Cong Time: 2008-06-02,1 9:2 9 Links: http://bbs.pediy.com/showthread.php?t=65907 Author home page: http://hi.baidu.com/yicong2007 The purpose: purely to learn, do not for malicious purposes In recent days flash...

Kill KV 2 0 0 8, Rising, etc. most of the mollusc-vulnerability warning-the black bar safety net

Article author: sudami [email protected] Information source: evil octal information security team www.eviloctal.com） Original source: http://hi.baidu.com/sudami/blog/item/a0f114dac68fe3dfb6fd481a.html Preface: Writing this article is not to spread the virus technology,but for the majority of compute...

maxthon2(voyagers 2) mxsafe. dll for web Trojan protection, and bypass-vulnerability warning-the black bar safety net

author: voidph4nt0m.org publish: 2007-09-27 http://www.ph4nt0m.org Text Mode maxthon2voyagers 2 mxsafe. dll for web Trojan protection as well as bypass ----------------------------------------------------------------------- maxthon2 boot time loading mxsafe. dll for some of the api hook. In the...

Breakthrough IceSword process itself protection method-vulnerability warning-the black bar safety net

IceSword drive on its own process to do the protection, so that the malicious program is terminated not him. IceSword did not use HOOK the SSDT method, but is also useless what is too perverted method, but the Inline Hook the NtOpenProcess And NtTerminateProcess several functions, namely to modif...

Breakthrough IceSword own process protection-vulnerability warning-the black bar safety net

IceSword drive on its own process to do the protection, so that the malicious program is terminated not him. IceSword did not use HOOK the SSDT method, but is also useless what too BT method, but the Inline Hook the NtOpenProcess And NtTerminateProcess several functions, namely to modify the...