DynamoRIO/suite/tests/win32/hooker-secur32.template-代码预览-DynamoRIO:运行时代码操控系统，支持多平台程序分析与优化 - AtomGit

DDerek BrueningCode cleanup: remove trailing spaces and tabs
067ac649创建于 2014年2月22日历史提交
ready to hook
ok: can't write
VirtualProtect(kernel32.dll!GetProcessHeaps[0x00000000],4096,PAGE_EXECUTE_READWRITE,prev) = 0 GLE=00000000 prev=00000020
//FIXME * is expanded to regexp in gen_expect.pl
#if defined(PROGRAM_SHEPHERDING) && !defined(patch_proof_list___XXYYALL) && !defined(patch_proof_list___kernel32) && !defined(patch_proof_default_list___kernel32)
hooked GetProcessHeaps
#else
#if !defined(PROGRAM_SHEPHERDING)
hooked GetProcessHeaps
#else
there be witches! what happened to my write?
#endif
#endif
restored old code
VirtualProtect(GetProcessHeaps[0x00000000],4096,PAGE_EXECUTE_READ,...) = 0 GLE=00000000
#if defined(PROGRAM_SHEPHERDING) && !defined(patch_proof_list___XXYYALL) && !defined(patch_proof_list___kernel32) && !defined(patch_proof_default_list___kernel32)
old permissions ...prev=00000040)
#else
#if !defined(PROGRAM_SHEPHERDING)
old permissions ...prev=00000040)
#else
old permissions ...prev=00000020)
#endif
#endif
ok: can't write
all should be good
ok: can't write
VirtualProtect(kernel32.dll!VirtualQueryEx[0x00000000],4096,PAGE_EXECUTE_READWRITE,prev) = 0 GLE=00000000 prev=00000020
#if defined(PROGRAM_SHEPHERDING) && !defined(patch_proof_list___XXYYALL) && !defined(patch_proof_list___kernel32) && !defined(patch_proof_default_list___kernel32)
hooked VirtualQueryEx
#else
#if !defined(PROGRAM_SHEPHERDING)
hooked VirtualQueryEx
#else
there be witches! what happened to my write?
#endif
#endif
restored old code
VirtualProtect(VirtualQueryEx[0x00000000],4096,PAGE_EXECUTE_READ,...) = 0 GLE=00000000
#if defined(PROGRAM_SHEPHERDING) && !defined(patch_proof_list___XXYYALL) && !defined(patch_proof_list___kernel32) && !defined(patch_proof_default_list___kernel32)
old permissions ...prev=00000040)
#else
#if !defined(PROGRAM_SHEPHERDING)
old permissions ...prev=00000040)
#else
old permissions ...prev=00000020)
#endif
#endif
ok: can't write
all should be good
loading secur32
ok: can't write
VirtualProtect(secur32.dll!LsaLogonUser[0x00000000],4096,PAGE_EXECUTE_READWRITE,prev) = 0 GLE=00000000 prev=00000020
#if defined(PROGRAM_SHEPHERDING) && !defined(patch_proof_list___XXYYALL) && !defined(patch_proof_list___secur32) && !defined(patch_proof_default_list___secur32)
hooked LsaLogonUser
#else
#if !defined(PROGRAM_SHEPHERDING)
hooked LsaLogonUser
#else
there be witches! what happened to my write?
#endif
#endif
restored old code
VirtualProtect(LsaLogonUser[0x00000000],4096,PAGE_EXECUTE_READ,...) = 0 GLE=00000000
#if defined(PROGRAM_SHEPHERDING) && !defined(patch_proof_list___XXYYALL) && !defined(patch_proof_list___secur32) && !defined(patch_proof_default_list___secur32)
old permissions ...prev=00000040)
#else
#if !defined(PROGRAM_SHEPHERDING)
old permissions ...prev=00000040)
#else
old permissions ...prev=00000020)
#endif
#endif
ok: can't write
all should be good
ok: can't write
VirtualProtect(secur32.dll!MakeSignature[0x00000000],4096,PAGE_EXECUTE_READWRITE,prev) = 0 GLE=00000000 prev=00000020
#if defined(PROGRAM_SHEPHERDING) && !defined(patch_proof_list___XXYYALL) && !defined(patch_proof_list___secur32) && !defined(patch_proof_default_list___secur32)
hooked MakeSignature
#else
#if !defined(PROGRAM_SHEPHERDING)
hooked MakeSignature
#else
there be witches! what happened to my write?
#endif
#endif
restored old code
VirtualProtect(MakeSignature[0x00000000],4096,PAGE_EXECUTE_READ,...) = 0 GLE=00000000
#if defined(PROGRAM_SHEPHERDING) && !defined(patch_proof_list___XXYYALL) && !defined(patch_proof_list___secur32) && !defined(patch_proof_default_list___secur32)
old permissions ...prev=00000040)
#else
#if !defined(PROGRAM_SHEPHERDING)
old permissions ...prev=00000040)
#else
old permissions ...prev=00000020)
#endif
#endif
ok: can't write
all should be good
hooking done with