index_D

 < Day Day Up >   


Index


[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] [Z]

Data bus
DATA BYTE for keyboard ports
DbgPrint statement
DDK (Driver Development Kit)
Debug statements, logging
Debug View tool
Decompressing .sys files
Deferred Procedure Calls (DPCs)
Descriptor checks
Descriptor privilege levels (DPLs)
DetermineOSVersion function
Detour patching 2nd
     function byte checking in
     NonPagedPool memory for
     overwritten instruction tracking
     rerouting control flow
     runtime address fixups in
DetourFunctionNtDevice IoControlFile function
DetourFunctionSeAccessCheck function
Device drivers. [See Drivers]
Device IRQLs (DIRQLs)
DEVICE_EXTENSION structure
DeviceIoControl function 2nd
DeviceTree utility 2nd
Direct code-byte patching method
Direct Kernel Object Manipulation (DKOM)
     benefits and drawbacks
     device driver communications
     hiding with
         device drivers
         processes
         synchronization issues
     operating system version determination
     process token privilege and group elevation with
         adding SIDs to tokens
         finding tokens
         log events in
         modifying tokens
DIRQLs (Device IRQLs)
Disguised TCP/IP protocols
     ASCII payloads in
     DNS requests in
     encryption in
     timing in
     traffic patterns in
DISPATCH_LEVEL
DispatchPassDown function
DispatchRead function 2nd
DKOM. [See Direct Kernel Object Manipulation (DKOM)]
DLLs
     forwarding
     injecting into processes
     listing
DNS (Domain Name Service)
DPCs [See Deferred Procedure Calls]
DPLs [See Descriptor Privilege Levels]
DrainOutputBuffer function 2nd
Driver Development Kit (DDK)
Driver tables for IRPs
DRIVER type
DRIVER_OBJECT structure
DriverEntry function
     detour patches
     device driver communication
     file filter drivers
     file handles
     I/O request packets
     IDTs
     jump templates
     kernel hooks
     keyboard LEDs
     keystroke monitors
     processes
     protocol registering
     runtime patching
     scancode mapping 2nd
     SSDT hooks
     symbolic links
     threads in 2nd
     Windows device drivers 2nd
Drivers
     communicating with
     for introducing code into kernel
     for network operations
     hiding
     layered
         file filter
         keyboard sniffers
         KLOG rootkit for
     loading
    Windows. [See Windows device drivers]
DriverUnload function

 < Day Day Up >   


Rootkits(c) Subverting the Windows Kernel
Rootkits: Subverting the Windows Kernel
ISBN: 0321294319
EAN: 2147483647
Year: 2006
Pages: 111

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net