BIOS Rootkit为了达到控制系统流程的目的，一般会采用Hook IVT，即Hook中断向量表的方式来实现。IVT Hook的实现和检测，涉及许多具体的问题。因此，我把IVT Hook分几部分来进行讨论。在本节和下面几节中，我们将讨论如何借助Bochs的帮助来查看原始IVT、分析IVT Hook情况以及在此基础上写一个简单的IVT检测程序。闲话少说，这就开始我们的旅程吧-BIOS Rootkit process control system in order to achieve the purpose, would generally be applied Hook IVT, ie interruption Hook way to achieve scale. IVT Hook realization and testing, involving a number of specific issues. Therefore, I have several parts IVT Hook for discussion. In this section and the following sections, we will discuss how to help with Bochs to see the original IVT, analysis of IVT Hook, as well as written on the basis of a simple testing procedure IVT. Bet, which it began our journey