Informative Information for the Uninformed
Current
v9
v8
v7
v6
v5
v4
v3
v2
v1
All
About
Vol 3
»
2006.Jan
Next:
Foreword
Up:
Bypassing PatchGuard on Windows
Previous:
Bypassing PatchGuard on Windows
Contents
Foreword
Introduction
Implementation
Initializing PatchGuard
Protected Structure Initialization
System Images
GDT/IDT
SSDT
Processor MSRs
Debug Routines
Obfuscating the PatchGuard Contexts
Executing the PatchGuard Verification Routine
Reporting Verification Inconsistencies
Bypass Approaches
Exception Handler Hooking
KeBugCheckEx Hook
Finding the Timer
Hybrid Interception
Simulated Hot Patching
Conclusion
Bibliography