N


network, filtering, 139140

network filters, diagrammed, 140

newFileSysDevice, device pointer, 146150

newKeyboardDevice global variable, key logging, 172173

newNetworkDevice, device pointer, 146150

NewSystemCallTable

Ghost.c file variable, 33–36

hookManager.h file variable, 37–38

system call table diagrammed, 30

NewZwEnumerateKey, function, 202

NewZwMapViewOfSection function

function, 54–63

hookManager.c file, 36–37

hookManager.h file, 37–38

process injection, 47

NewZwOpenKey, function, 202

NewZwQueryKey, function, 202

noTransferOp, function, 7896

ntddk.h

defining a hook function, 47

Memory Descriptor List, 28–29

ntdll.dll, functions in, 39

ntoskrnl.exe, kernel hooking problems and, 42




Professional Rootkits
Professional Rootkits (Programmer to Programmer)
ISBN: 0470101547
EAN: 2147483647
Year: 2007
Pages: 229
Authors: Ric Vieler

Similar book on Amazon
Rootkits: Subverting the Windows Kernel
Rootkits: Subverting the Windows Kernel
A Guide to Kernel Exploitation: Attacking the Core
A Guide to Kernel Exploitation: Attacking the Core
Reversing: Secrets of Reverse Engineering
Reversing: Secrets of Reverse Engineering
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net