Scribd Logo
Upload

Welcome to Scribd!

  • DLL Injection and API Hooking PDF

    Uploaded by

    bbkjbxkj
    63 views14 pages

    Original Title

    38973081-DLL-Injection-and-API-Hooking.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    63 views14 pages

    DLL Injection and API Hooking PDF

    Uploaded by

    bbkjbxkj

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 14

    | 

    
      
     
     
    
    
    

     |   
     
    | 
     
    |   
     
    |  !
    
     
    | ! 
    |
     
    | 
    
    |
     " "
      
     |##
     #  
      $% 
      
    &
    
    ' &(  
     
    |  
    
    | 
     &
    & )*
     &+*,-. &&/
       &&
    AppInit_Dlls %
    &HKLM \
    Software \ Microsoft \ Windows NT \ CurrentVersion \
    Windows \
     "
    
    |$|%
    &
     LoadAppInit_Dlls 
    1
    %
    &.
    
    
     &
    ,-. &&
      & 
    
    0
     | 
      &  
    *,-. &&.
     |   
    && &
    *,-. &&.
     |    # &# 
    
    |  
     
     &
    & )*
     &
     
    && 
    &&
    SetWindowsHookEx
      %  #  
    &&1

     #
     #  
    
    
    1 &&
     
    # .
     *
    && 
    &&
    UnhookWindowsHookEx(HHOOK hHook)
    
    |  
    !
    
    ! 0
     && 
        (
    
    VirtualAllocEx
     " | (
    
     
    && 
       WriteProcessMemory
     )
    &
     #LoadLibrary # GetProcAddress
     "
    
    
      
    
    &&LoadLibrary # 
    CreateRemoteThread1
    
     #  
    && 
     2
      1| 
        (
    
    1
     
    | (DllMain # %| 3 $"43 !! " #
     
     
    
    5   .DllMain  
    # 
    
    && LoadLibrary 
     
      .
     6   
    && 
       2   VirtualFreeEx

    ! 
     && 
        (
    
    VirtualAllocEx
     " | (
    
       
    && 
     2
    WriteProcessMemory
     ) 
    &
     #  FreeLibrary #   GetProcAddress
     "
    
    
         
     
    &&  FreeLibrary #  
    CreateRemoteThread, 
        | ( '$|* 4.
     6  
    && 
     2VirtualFreeEx
    
    | ! 
    |
     "
    
     &&
    
    
     
    5 
      &
    
    | &
     
    
     
     &
     
    &| | 

     
     
    &| .
      & 
    
    0
     7 % &
     |    # &# 
    
    | 
    
    |
     |
    #  
    &
      
      .
     
     &
    1 
    
    
    && # 
     (
    
    
    # 
    (
    
    5
     .
      1 
    #     (

    
      ' 
     
    
    (
    
     5
     .
      & 0
     !88
     
    &
     (
    
    "$7!49! 
    " *# .
     #  
    1 
    
    
    &&&& .
    " "
      
     #  
       
      1
    
        .
     *
    
    (
     &1 
    
    &
     
    
    5.
     %
    
    (
      
    # 5
    &(#&
    .
     
    %
     
      
    
     6  
       
     
    
    .!
     
    &&LoadLibrary
      &  (
    
     
     5
       
    & 
     
    
    
       5 # 
    
    
    # 
    
    
     .
      & 
    
    
     8" * 
     
     8
      
     
     
     $% 
    2. 
    #  
        
    -. 
    %## ## 
    ,. $%## ## *'  
        
     #  # .
    &
     #  & 
    %
    
    
     
    &&
     % 
     
    &# 
    :. 7   # %  1  
      &
     # &
       
    ;. <  # 
    
    % 
     &
    
     
    
     
    &# 
    =. 7 %  
    &# #   
    &
     
    >.  
    &# 1
    -
     , 
    
    &
     # %  5 .
     
    &
    
    
    &(   
      &(    
    
     #| 
       &
       # 
     #| 
     &8   
    .
     
     &
    &&
       # 1
    
    &&
    

     #   # #    .
     !  
       # 1
    
     #   
    #    
     ! 
    
    && 
     # 
    && &
     1  
    #
     #   #     #
    &&
    & 
     6   
    && &&
     
    # 1
    

    
    
     
    
    45#  
    
    &
    
        #&&
      &
      &&&
     
    &
    |4'$
    !
    

    You might also like