• Welcome to the world's largest Chinese hacker forum

    Welcome to the world's largest Chinese hacker forum, our forum registration is open! You can now register for technical communication with us, this is a free and open to the world of the BBS, we founded the purpose for the study of network security, please don't release business of black/grey, or on the BBS posts, to seek help hacker if violations, we will permanently frozen your IP and account, thank you for your cooperation. Hacker attack and defense cracking or network Security

    business please click here: Creation Security  From CNHACKTEAM

HOOK技术简介


Nacker

Recommended Posts

注意 纯属笔记为学习!

在DOS时代进行编程时,操作系统提供的编程接口不称为API函数,而是成为中断服务向量。也就是说,当时的操作系统提供的编程接口只有终端,要进行写文件就要调用系统中断,要进行读文件也要调用系统中断(当然,也可以不调用DOS操作系统的中断,而直接调用更底层的中断).......中断服务向量类似于windows系统下的api函数,在操作系统中的某个地址保存着。他以数组的形式保存着,也成为中断向量表。在DOS时代的HOOK技术也就是修改中断向量表中的中断地址。比如,要捕获写操作,那么就修改中断向量表中的关于写文件的地址,将写文件的中断地址保存好,然后替换为自己函数的地址,这样当程序调用写文件中断时,函数就被执行了,当程序执行完以后,可以继续调用原来的中断地址,从而完成写文件的操作。

在windows系统下,HOOK技术的方法比较多,使用比较灵活,常见的HOOK方法有Inline Hook,LATHook,EAT Hook,Windows钩子.........HOOK技术涉及dll相关知识。HOOK也涉及注入的知识,想要把完成HOOK功能的DLL文件加载到进程的目标进程空间中,就要使用注入。

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now