home
Add a piglix
All Activity
piglix
Tags
Categories
Users
About
FAQ

System Service Descriptor Table

The System Service Descriptor Table (SSDT) is an internal dispatch table within Microsoft Windows.

Hooking SSDT calls is often used as a technique in both Windows rootkits and antivirus software.

In 2010, many computer security products which relied on hooking SSDT calls were shown to be vulnerable to exploits using race conditions to attack the products' security checks.

The pointer to this structure is KeServiceDescriptorTable, exported by ntoskrnl.exe.

...
Wikipedia