IntelSysret漏洞在WIN7X64下的实现分析_第3页
2013-03-13 15:10:46文章来源:点点软件园热度:0
RSP更多最新IT资讯尽在金顺软件园http://www.jinshun168.com/
RBP
返回地址
1. .text:0000000078EA03F0 RtlpUmsPrimaryContextWrap
2. .text:0000000078EA03F0
3. .text:0000000078EA03F0 var_108 = xmmword ptr -108h
4. .text:0000000078EA03F0 var_F8 = xmmword ptr -0F8h#p#分页标题#e#
5. .text:0000000078EA03F0 var_E8 = xmmword ptr -0E8h
6. .text:0000000078EA03F0 var_D8 = xmmword ptr -0D8h
7. .text:0000000078EA03F0 var_C8 = xmmword ptr -0C8h
8. .text:0000000078EA03F0 var_38 = byte ptr -38h
9. [...]
10. .text:0000000078EA0452 mov [rax+30h], r15
11. .text:0000000078EA0456 mov r10, gs:14A0h
12. .text:0000000078EA045F lea r10, [r10+10h]
13. .text:0000000078EA0463 lea r11, loc_78EA0493
14. .text:0000000078EA046A mov [r10+0D0h], rcx //这里将被HOOK
15. .text:0000000078EA0471 mov [r10+0A0h], rbp
16. .text:0000000078EA0478 mov [r10+98h], rsp
17. .text:0000000078EA047F mov [r10+0F8h], r11 // saved return
18. .text:0000000078EA0486 mov r12, 0
19. .text:0000000078EA048D xor r13, r13
20. .text:0000000078EA0490 mov r14, rdx#p#分页标题#e#
21. .text:0000000078EA0493
22. .text:0000000078EA0493 loc_78EA0493:
以上,就是金顺软件园小编给大家带来的IntelSysret漏洞在WIN7X64下的实现分析_第3页全部内容,希望对大家有所帮助!