摘要： API Hooking (LoadLibrary)IntroductionIf Windows is made to protect against API hooking, Trojan horses would not have effected our systems. I believe it is a loop hole from Microsoft. But from a programmer's point of view, it is a kernel level approach to PE (Portableexecutable) signature modific 阅读全文

摘要： http://msdn.microsoft.com/en-us/library/aa365430(v=vs.85).aspxOpenFile functionHFILE WINAPI OpenFile( _In_ LPCSTR lpFileName, _Out_ LPOFSTRUCT lpReOpenBuff, _In_ UINT uStyle ); Return valueIf the function succeeds, the return value specifies a file handle to use when performing file I/O. ... 阅读全文