https://www.123865.com/s/RqMTjv-qn8fv
学着用了一下MinHook,带有注册表防护、进程拦截之类的防护因为兼容性问题,目前会对以下加白不做注入
for Wpath in [
r"Program Files\Google\Chrome\Application\chrome.exe",
r"Windows\System32\csrss.exe",
r"Windows\explorer.exe",
r"Windows\System32\conhost.exe",
r"Windows\System32\svchost.exe",
r"Windows\System32\WerFault.exe",
r"Windows\System32\taskhostw.exe",
r"Program Files\WindowsApps",
r"Windows\System32\dwm.exe",
r"Windows\System32\winlogon.exe",
r"Windows\SystemApps",
r"Windows\System32\wbem\WmiPrvSE.exe",
r"Windows\System32\RuntimeBroker.exe",
r"Windows\System32\SearchIndexer.exe",
r"Windows\System32\wbem\WMIADAP.exe",
r"Windows\System32\fontdrvhost.exe",
r"Windows\System32\AggregatorHost.exe",
r"Program Files\Microsoft VS Code\bin\code.exe",
r"Program Files\Tencent\QQ"
]:
|
发表于 2026-2-11 14:42:06
楼主