摘要:Creates or opens a file or I/O device. The most commonly used I/O devices are as follows: file, file stream, directory, physical disk, volume, console
阅读全文
posted @ 2018-11-09 17:10
随笔分类 - 内核
摘要:Retrieves a module handle for the specified module. The module must have been loaded by the calling process. Parameters The name of the loaded module
阅读全文
posted @ 2018-11-09 14:46
摘要:Reserves, commits, or changes the state of a region of pages in the virtual address space of the calling process. Memory allocated by this function is
阅读全文
posted @ 2018-11-09 14:43
摘要:本文借助windbg来理解程序中的函数如何使用handle对句柄表进行查询的。所以先要开启Win7下Windbg的内和调试功能。 解决win7下内核调试的问题 win7下debug默认无法进行内核调试(!process等命令无法使用),除非是双机调试。或改用livekd进行调试。 尝试http://
阅读全文
posted @ 2018-11-09 14:03
浙公网安备 33010602011771号