SSDT and SSTD shadow

!idt

dps nt!KeServiceDescriptorTable

dds KiServiceTable

dq KiServiceTable

ln poi(KiServiceTable + 102 * 4)

 

Hook SSDT(Shadow)

Hooking the System Service Dispatch Table (SSDT)

External Reading

Binary Number Wiki

https://www.mathsisfun.com/binary-number-system.html

https://www.mathsisfun.com/binary-digits.html

posted @ 2022-04-01 16:13  anyboo  阅读(35)  评论(0编辑  收藏  举报