论坛 | 登录 | 注册

首页/Kernel-Mode/x86 Limit trap - Keyboard Interrupt hook 系统统计  收录文章:124  注册用户:1  当前在线:1  最高在线:830  峰值:2010-1-4 5:29 80x86汇编  汇编原创  汇编教程  汇编源码  其它文章 Windows核心技术  Kernel-Mode  User-Mode 数学理论  计算方法 程序人生  人与程序  关于站长 下载专区  汇编工具  电子书籍  四处寻宝 显示文章  Subject：x86 Limit trap - Keyboard Interrupt hook  Editor:admin  Time:2007-9-28 20:20  Read:4617  Score:0  Print  Writer:chpie  Excerpt:http://www.rootkit.com/  Preface： x86 Limit trap - Keyboard Interrupt Hook.....  Content： x86 Limit trap - Keyboard Interrupt Hook x86 Architecture says if an Interrupt vector beyonds the Limit of IDTR, #General Protection fault is raised. Then swapping our handler with the #GP Handler, We can monitoring every interrupts on the system. there will be an bottle-neck situation created, every interrupt is our own. :) Essential Point is it includes the Keyboard interrupt... - Sequence - 1. Hook #GP(vector 0xD) to our handler 2. cli 3. sidt 4. Modify the limit by 0xFF // only 0 to 31 are allowed. // if it isn't, may the Double fault exception raised, // #DF cause #DF, it will be a Dead-lock. 5. lidt 6. sti 7. Have fun. src and binaries are on my vault http://www.rootkit.com/vault/chpie/x86_LimitTrap.zip ps. KOREAN keyboard hooking forum is available http://cafe.naver.com/inphook.cafe  相关附件  没有相关附件  相关文章  没有相关文章  发表评论  游客在该版块没有评论权限  打分 1 2 3 4 5 6 7 8 9 10  相关评论  暂时没有关于本文的评论  共有记录条 | 当前第页 | 共分0页 « 0 »

Run Time : 62.500 MSEL Powered by：psArticle Version 1.1.0 Copyright © 2003 - 2004 y3gu.All rights Reserved