changed ntoskrnl function that we hook to `NtShutdownSystem`

merge-requests/1/head
xerox 5 years ago
parent 10a28f2706
commit 6e35a0cc7e

@ -84,7 +84,7 @@ namespace physmeme
// //
// you can edit this how you choose, im hooking NtTraceControl. // you can edit this how you choose, im hooking NtTraceControl.
// //
const std::pair<std::string_view, std::string_view> syscall_hook = { "NtSystemShutdown", "ntdll.dll" }; const std::pair<std::string_view, std::string_view> syscall_hook = { "NtShutdownSystem", "ntdll.dll" };
// //
// offset of function into a physical page // offset of function into a physical page

Loading…
Cancel
Save