×
热搜: 高考 专业 大学 考生 考试 招生
导航菜单
首页 >  计算机病毒原理与防范  > 计算机病毒原理与防范

计算机病毒原理与防范

2024-11-08 01:51:250 次浏览 投稿
结构

Screen Shot 2018-06-26 at 16.30.25

病毒基本

病毒基本能力Screen Shot 2018-06-27 at 10.25.28Screen Shot 2018-06-27 at 10.25.44Screen Shot 2018-06-27 at 10.35.33Screen Shot 2018-06-27 at 10.36.59

Screen Shot 2018-06-27 at 10.44.25

文件系统磁盘原理

Screen Shot 2018-06-27 at 11.07.37

Screen Shot 2018-06-27 at 11.07.51Screen Shot 2018-06-27 at 11.08.07

FAT12

DOS时代,主要用于软盘Screen Shot 2018-06-27 at 11.09.13Screen Shot 2018-06-27 at 14.04.14Screen Shot 2018-06-27 at 14.04.22

55aa结束标志Screen Shot 2018-06-27 at 14.06.36Screen Shot 2018-06-27 at 14.06.57

文件定位

Screen Shot 2018-06-27 at 14.09.57Screen Shot 2018-06-27 at 14.10.09Screen Shot 2018-06-27 at 14.11.18Screen Shot 2018-06-27 at 14.18.28

Screen Shot 2018-06-27 at 14.19.47Screen Shot 2018-06-27 at 14.20.36Screen Shot 2018-06-27 at 14.21.06Screen Shot 2018-06-27 at 14.21.54Screen Shot 2018-06-27 at 14.22.55Screen Shot 2018-06-27 at 14.41.30

Screen Shot 2018-06-27 at 14.40.47Screen Shot 2018-06-27 at 14.41.59Screen Shot 2018-06-27 at 14.42.40Screen Shot 2018-06-27 at 14.42.58

文件删除与恢复

Screen Shot 2018-06-27 at 14.44.39Screen Shot 2018-06-27 at 14.46.13Screen Shot 2018-06-27 at 14.46.45

文件创建与分配

Screen Shot 2018-06-27 at 14.47.08

FAT16

Screen Shot 2018-06-27 at 14.47.54

FAT32

Screen Shot 2018-06-27 at 14.48.19Screen Shot 2018-06-27 at 14.49.07

FAT32引导记录

Screen Shot 2018-06-27 at 14.50.08Screen Shot 2018-06-27 at 14.51.13Screen Shot 2018-06-27 at 14.52.59Screen Shot 2018-06-27 at 14.54.39Screen Shot 2018-06-27 at 14.55.32

硬盘数据结构

分区

Screen Shot 2018-06-27 at 14.56.21Screen Shot 2018-06-27 at 14.56.38Screen Shot 2018-06-27 at 14.58.03Screen Shot 2018-06-27 at 14.58.47Screen Shot 2018-06-27 at 15.02.28

硬盘启动

Screen Shot 2018-06-27 at 15.03.17Screen Shot 2018-06-27 at 15.03.43

Screen Shot 2018-06-27 at 15.04.18同时要验证55AA结束标志

DOS病毒

Screen Shot 2018-06-28 at 10.14.31

Screen Shot 2018-06-28 at 10.14.36

病毒程序在正常程序中头插入或尾插入

Screen Shot 2018-06-28 at 15.36.13Screen Shot 2018-06-28 at 18.36.41Screen Shot 2018-07-03 at 21.07.42

简答题:

病毒定义

Screen Shot 2018-07-01 at 16.29.19Screen Shot 2018-07-01 at 16.29.25Screen Shot 2018-07-04 at 08.48.22

PE格式Screen Shot 2018-07-03 at 21.37.11

Screen Shot 2018-07-03 at 21.37.23

FAT32/12

Screen Shot 2018-06-27 at 14.49.07

Screen Shot 2018-06-27 at 14.51.13

Screen Shot 2018-06-27 at 14.55.32

文件名长度 根目录区 32的引导区有保留区

病毒防范

Screen Shot 2018-07-03 at 21.53.36Screen Shot 2018-07-03 at 21.53.43

Screen Shot 2018-07-03 at 21.53.54Screen Shot 2018-07-03 at 21.54.36

虚拟机

Screen Shot 2018-07-03 at 21.54.51

蠕虫

Screen Shot 2018-07-03 at 21.57.43Screen Shot 2018-07-03 at 21.57.32

木马

Screen Shot 2018-07-03 at 21.57.36

RVA地址转换

入口点RVA - 节表 - 查找文件起始位置

可造头 - 入口点RVA - 从节表中找到代码节的文件偏移

计算节头到入口点的差值+文件偏移 -》 入口点偏移量

病毒扫描 - 特征码技术病毒监控 - 程序行为定义 int13h病毒防范 - 查杀

保护模式-实模式

Screen Shot 2018-07-03 at 22.04.38

相关推荐:

栏目热门
最新标签