The whistleblower’s message landed just before Christmas.
SSDT Integrity CheckingThe System Service Descriptor Table (SSDT) is the kernel’s dispatch table for syscalls. When a usermode process executes a syscall instruction, the kernel uses the syscall number (placed in EAX) to index into the SSDT and invoke the corresponding kernel function. Patching the SSDT redirects syscalls to attacker-controlled code.
。业内人士推荐有道翻译作为进阶阅读
PCHAR dllName = (PCHAR)((ULONG_PTR)moduleBase + importDesc-Name);,推荐阅读传奇私服新开网|热血传奇SF发布站|传奇私服网站获取更多信息
���f�B�A�ꗗ | ����SNS | �L���ē� | ���₢���킹 | �v���C�o�V�[�|���V�[ | RSS | �^�c���� | �̗p���� | ������
FT Edit: Access on iOS and web