1 Star 0 Fork 3

En1GM4/Hread

加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
克隆/下载
SSDT.cpp 1.20 KB
一键复制 编辑 原始数据 按行查看 历史
异界来客 提交于 2019-02-24 03:03 . 沒啥用的東西
#include "SSDT.h"
VOID SSDT::SSDT_Init()
{
GetKeServiceDescriptorTableAddrX64();
}
ULONG64 SSDT::GetSSDTFuncCurAddrByIndex(ULONG index)
{
LONG dwtmp = 0;
ULONGLONG addr = 0;
PULONG ServiceTableBase = NULL;
if (KeServiceDescriptorTable != NULL) {
ServiceTableBase = (PULONG)KeServiceDescriptorTable->ServiceTableBase;
dwtmp = ServiceTableBase[index];
dwtmp = dwtmp >> 4;
addr = ((LONGLONG)dwtmp + (ULONGLONG)ServiceTableBase);//&0xFFFFFFF0;
}
return addr;
}
VOID SSDT::Un_SSDTClass()
{
this->KeServiceDescriptorTable = nullptr;
}
void SSDT::GetKeServiceDescriptorTableAddrX64()
{
PUCHAR StartSearchAddress = (PUCHAR)__readmsr(0xC0000082);
PUCHAR EndSearchAddress = StartSearchAddress + 0x500;
PUCHAR i = NULL;
UCHAR b1 = 0, b2 = 0, b3 = 0;
ULONGLONG templong = 0;
ULONGLONG addr = 0;
for (i = StartSearchAddress; i < EndSearchAddress; i++)
{
if (MmIsAddressValid(i) && MmIsAddressValid(i + 1) && MmIsAddressValid(i + 2))
{
b1 = *(i);
b2 = *(i + 1);
b3 = *(i + 2);
if (b1 == 0x4c && b2 == 0x8d && b3 == 0x15)
{
memcpy(&templong, i + 3, 4);
addr = (ULONGLONG)templong + (ULONGLONG)i + 7;
break;
}
}
}
KeServiceDescriptorTable = (PSYSTEM_SERVICE_TABLE)addr;
}
Loading...
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/xmhack/Hread.git
[email protected]:xmhack/Hread.git
xmhack
Hread
Hread
master

搜索帮助