Sheng-Hao Ma

icon indicating a website link 30cm.tw/me icon indicating an email [email protected]

icon company TXOne Networks Inc. icon location Taiwan icon location 30cm.tw/me

Results 5 comments of Sheng-Hao Ma
trafficstars

Does not handle certain files (notepad.exe) due to Forwarded functions/GOT/PLT?

could you give a reproductive example to test for sure? or this project crash on notepad.exe (win10+?). and what's your meaning of certain files, is catalog signed?

No Extract Produced

ensure that arch of DLL for hijacking is the same as LSASS e.g. 64-bit DLL for 64-bit LSASS? seems like your DLL is okay & mapped into symbol object directory...

The POC doesnt work

same here. Orz

TypeError: process.electronBinding is not a function

![image](https://user-images.githubusercontent.com/8559056/210302368-cb738873-8bc7-41bf-885b-3911e2d90d97.png) got the same issue here.

about usage of the feature ReachingDefinitions engine

thanks for the answer, but there's still a problem. ಥ_ಥ in angr 9.0.6885, `get_objects_by_offset()` return a useful `Definition` structure ![image](https://user-images.githubusercontent.com/8559056/138411214-98e6c230-400b-45a7-9ee4-0da2620b750d.png) but in latest angr, `load()` return me a VEX structure....