[Source] ThePerfectInjector
Página 1 de 1
[Source] ThePerfectInjector
- Load vulnerable driver
- Map physical memory to user-mode
- Search for certain offsets (UniqueProcessId, DirectoryTableBase, ActiveProcessLinks)
- Save current EProcess and CR3 values for user-mode use
- Allocate enough kernel pool memory for our injector stub and image
- Unload vulnerable driver
- Map our image to the kernel memory (Fix .relocs and create a stub that gets the imports for us as I cannot bother reading EProcess->Peb)
- Wait for target process
- Expose the kernel page to target process
- Hook TlsGetValue system-wide and make it check for pid before jumping to our stub at kernel memory
- Wait for Stub->SpinningThreadCount to be non zero
- Unhook TlsGetValue, set Stub->Free = TRUE
- Profit.
https://github.com/can1357/ThePerfectInjector
uNreal- ADM
Tópicos semelhantes
» [Source] Form In Dll C++
» [Source] TriggerBot C++ & C#
» [Source] SC Injector CMD C++
» [Source] Process Injection
» [Source]Draw Primitives again
» [Source] TriggerBot C++ & C#
» [Source] SC Injector CMD C++
» [Source] Process Injection
» [Source]Draw Primitives again
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos