摘要:
获取ssdt表中所有函数的地址for (int i = 0; i NumberOfServices; i++){KdPrint(("NumberOfService[%d]-------%X\n", i, KeServiceDescriptorTable->ServiceTableBase[i]));}需要这样定义typedef struct _ServiceDescriptorTable {unsigned int* ServiceTableBase; //System Service Dispatch Table 的基地址 unsigned int* Service 阅读全文