doublepulsar-usermode-injector icon indicating copy to clipboard operation
doublepulsar-usermode-injector copied to clipboard

Published 20 hours ago verified publisher icon WithSecureLabs

Well...

Open ghost opened this issue 8 years ago • 0 comments

This is a nice code. But, i have noticed it before microsoft.

I understand your code too good, that this : http://resources.infosecinstitute.com/code-injection-techniques/#gref

Make me think. Since GetProcAddress will return the address of LoadLibrary. And well

QueueUserAPC is the same at both, except this little detail. Can we discuss about this ? It uses the VirtualAllocEx to allocate a size of shellcode_size ?

ghost avatar Jun 18 '17 03:06 ghost