NetHook-master
所属分类:钩子与API截获
开发工具:C#
文件大小:27KB
下载次数:1
上传日期:2018-11-16 16:47:24
上 传 者:
逆向思维
说明: Hook是Windows中提供的一种用以替换DOS下“中断”的系统机制,中文译为“挂钩”或“钩子”。在对特定的系统事件进行hook后,一旦发生已hook事件
(Hook is a system mechanism provided by Windows to replace "interrupt" in DOS. It is translated as "hook" or "hook" in Chinese. After hook is carried out on a specific system event, the hook event occurs.)
文件列表:
LICENSE (35141, 2016-05-21)
NetHook.cs (1398, 2016-05-21)
NetHook.csproj (2296, 2016-05-21)
NetHook_x64.cs (6381, 2016-05-21)
NetHook_x86.cs (6277, 2016-05-21)
Properties (0, 2016-05-21)
Properties\AssemblyInfo.cs (1277, 2016-05-21)
Sample (0, 2016-05-21)
Sample\Demo.cs (1575, 2016-05-21)
bin (0, 2016-05-21)
bin\Debug (0, 2016-05-21)
bin\Debug\NetHook.dll (9216, 2016-05-21)
bin\Debug\NetHook.pdb (26112, 2016-05-21)
# NetHook
it is a can make .net / clr applications can be the underlying hook winapi, and modify api execution flow. you can use it to accomplish want in RING3 layer any hook a winapi.in the open source code, contains a code demo.
in the nethook use the code asm code.
1. x86 // E9 00 00 00 00
jmp rva
2. x*** // 48 B8 00 00 00 00 00 00 00 00 FF E0
mov rax, va
jmp rax
but of course, there are many ways, and not just above two, for example, in x***, you also can do.
mov rax, va // 48H B8H XX XX XX XX XX XX XX XX 50H C3H
push rax
ret
近期下载者:
相关文件:
收藏者: