[C/ASM] Easy to use DLL hijacking examples

zeffy · #1 08-23-2017, 15:46

Quote:

Originally Posted by atom0s

I generally do the same with late loading, generally via exporting an 'Install' function from the main hook and using a loader to invoke it. The example above was just a quick throw together to show off the macro method of making a fast proxy.

That's a neat idea about exporting an 'Install' function!

I've actually been working on simplifying my project using macros similar to how you did (except in the assembly), which has made it much easier to maintain compared to before. I also fixed the "random" crashing bug that I referred to earlier (which was caused by stack corruption and some of the volatile registers getting mutilated by my proc resolver function

). If you or anyone else is interested in taking a look, here's an example of the changes I've made:
https://github.com/zeffy/proxydll_te...inmm/winmm.asm

Edit: OK I really fixed the register mutilation now... I was restoring r8 to r9 and r9 to r8 in the last commit.

Thread Tools
Show Printable Version Email this Page
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Windows Handle Hijacking	TechLord	General Discussion	2	05-15-2017 20:11

The Following 3 Users Say Thank You to zeffy For This Useful Post:
Hypnz (08-23-2017), Indigo (07-19-2019), niculaita (08-23-2017)