Exetools  

Go Back   Exetools > General > Community Tools
Reload this Page StringDecryptor
Register Forum Rules FAQ Calendar

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #3  
Old 08-21-2024, 21:05
th3tuga th3tuga is offline
Friend
  
Join Date: Oct 2023
Posts: 31
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 16 Times in 10 Posts
th3tuga Reputation: 0
Quote:
Originally Posted by chants View Post
Is there a way to hook the decrypt call and do this at runtime if the control flow obfuscation can't be unraveled? I suppose when you say encrypted, you mean by something that .NET has code to decrypt. So theoretically a hook would say the original string address, the caller address, and after forwarding the payload would have the decypted info too, which could be interesting.
It is already loaded and run in memory. See the description.
But on the fly should be possible through dll injection.
Reply With Quote
The Following User Says Thank You to th3tuga For This Useful Post:
chants (08-22-2024)
 

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


All times are GMT +8. The time now is 02:40.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )