Informative Information for the Uninformed
Current
v9
v8
v7
v6
v5
v4
v3
v2
v1
All
About
Vol 3
»
2006.Jan
Next:
Contents
Contents
Bypassing PatchGuard on Windows x64
Dec 1, 2005
skape
Skywing
mmiller@hick.org
Skywing@valhallalegends.com
Contents
Foreword
Introduction
Implementation
Initializing PatchGuard
Protected Structure Initialization
System Images
GDT/IDT
SSDT
Processor MSRs
Debug Routines
Obfuscating the PatchGuard Contexts
Executing the PatchGuard Verification Routine
Reporting Verification Inconsistencies
Bypass Approaches
Exception Handler Hooking
KeBugCheckEx Hook
Finding the Timer
Hybrid Interception
Simulated Hot Patching
Conclusion
Bibliography
About this document ...