文件名称:Anti-DBG.zip
文件大小:3KB
文件格式:ZIP
更新时间:2020-10-13 14:59:05
Anti-DBG.zip
PLIST_ENTRY GetPsActiveProcessHeadAddr() { PLIST_ENTRY PsActiveProcessHeadAddr = NULL; NTSTATUS status; PEPROCESS eProc = NULL; status = PsLookupProcessByProcessId((HANDLE)4, &eProc); if (!NT_SUCCESS(status)) return NULL; #ifdef WIN32_XP PsActiveProcessHeadAddr = ((PLIST_ENTRY)(((char*)eProc) + 0x88))->Blink; #elif WIN32_7 PsActiveProcessHeadAddr = ((PLIST_ENTRY)(((char*)eProc) + 0xb8))->Blink; #endif //PsActiveProcessHeadAddr = eProc->ActiveProcessLinks->Blink; ObDereferenceObject(eProc); return PsActiveProcessHeadAddr; }
【文件预览】:
DetectDBG.h
MAKEFILE
SOURCES
DetectDBG.c