DLL Injection Into All Processes - Part 6 - Coding Injected FAKE.DLL
953 بار بازدید -
3 سال پیش
-
Coding it in WinAPI/C++ using
Coding it in WinAPI/C++ using Visual Studio - Coding Injected FAKE.DLL
Blog post: https://dennisbabkin.com/blog/?i=AAA10800
https://www.seevid.ir/fa/w/bWXwpz3U_mE Intro
https://www.seevid.ir/fa/w/bWXwpz3U_mE Adding new C++ project - FAKE.dll
https://www.seevid.ir/fa/w/bWXwpz3U_mE Review of restrictions of injection of our DLL into a process: ntdll.dll, kernel32.dll
https://www.seevid.ir/fa/w/bWXwpz3U_mE Adding new DllTypes.h file
https://www.seevid.ir/fa/w/bWXwpz3U_mE Removing C-Run-Time (CRT) from our FAKE.dll for the 64-bit build
https://www.seevid.ir/fa/w/bWXwpz3U_mE Adding Exports.def file
https://www.seevid.ir/fa/w/bWXwpz3U_mE Adding loadcfg.c file to enable Control Flow Guard (CFG) for our FAKE.dll
https://www.seevid.ir/fa/w/bWXwpz3U_mE Adding loadcfg64.asm file and x64 Assembly into it for CFG
https://www.seevid.ir/fa/w/bWXwpz3U_mE Removing C-Run-Time (CRT) from our FAKE.dll for the 32-bit build
https://www.seevid.ir/fa/w/bWXwpz3U_mE Coding loadcfg32.asm file with x86 Assembly into it for CFG
https://www.seevid.ir/fa/w/bWXwpz3U_mE Adding LogToFile() function using native functions from ntdll.dll
https://www.seevid.ir/fa/w/bWXwpz3U_mE Adding LogToFileFmt() function
https://www.seevid.ir/fa/w/bWXwpz3U_mE Adding code in DllMain() to run when our DLL is injected into a process
#kernel #driver #tutorial #cpp #win32
3 سال پیش
در تاریخ 1400/03/08 منتشر شده
است.
953
بـار بازدید شده