摘要: 当前反键盘记录技术更新迅速,且传统键盘记录方法存在较多缺陷。针对该现状,提出一种新型的键盘记录方法。该方法基于Shadow系统服务描述表(SSDT)及底层回调函数,关联用户模式和内核模式,可以突破目前主流的反键盘记录手段,同时稳定性高、通用性好、隐蔽性强。
关键词:
键盘记录,
回调函数,
Shadow系统服务描述表,
主动防御
Abstract: The technology of anti-key loggers update quickly, and the existent key-logger method has various defects. Aiming at this situation, this paper presents a new type of key-logger. Based on Shadow System Service Description Table(SSDT) and callback function of kernel layer, this method combines the user mode and the kernel mode. It makes the whole design to break the current record of the mainstream anti-keyboard instruments. It has high stability, versatility, and strong stealthiness.
Key words:
key-logger,
callback function,
Shadow System Service Description Table(SSDT),
active defense
中图分类号:
陈俊杰, 施勇, 薛质, 陈欣. 基于SSDT及回调函数的键盘记录方法[J]. 计算机工程, 2010, 36(11): 120-122.
CHEN Dun-Jie, SHI Yong, XUE Zhi, CHEN Xin. Method of Key-logger Based on SSDT and Callback Function[J]. Computer Engineering, 2010, 36(11): 120-122.