Injecting Procedure to another process
- DoubleDutch
- Addict
- Posts: 3219
- Joined: Thu Aug 07, 2003 7:01 pm
- Location: United Kingdom
- Contact:
Also one to try is injecting IE and then try to send commands via port 80 to a remote server.... this little trick may be quite evil.
https://deluxepixel.com <- My Business website
https://reportcomplete.com <- School end of term reports system
https://reportcomplete.com <- School end of term reports system
- DoubleDutch
- Addict
- Posts: 3219
- Joined: Thu Aug 07, 2003 7:01 pm
- Location: United Kingdom
- Contact:
Sorry, I was getting carried away
If you inject a looping process into notepad or something, then terminate the "injector", does the process keep running until notepad stops, or does it terminate with the injector? Is there any memory leakage or problem?
If you inject a looping process into notepad or something, then terminate the "injector", does the process keep running until notepad stops, or does it terminate with the injector? Is there any memory leakage or problem?
https://deluxepixel.com <- My Business website
https://reportcomplete.com <- School end of term reports system
https://reportcomplete.com <- School end of term reports system
i looked into why it wasn't working and i found it does work but only rarely it is always stoping at VirtualAllocEx_() it returning null which msdn says is a error and says if you want more on the error use the GetLastError_(). well that returns zero which i look up and that code means it worked. so either there was a error to which there was no code to or VirtualAllocEx_() is lying to me
i figured it somthing with the code you wrote converted the original c++ code you found.
and guess what it did the same exact thing rarely working and when it didn't it stopped on VirtualAllocEx_()
is anyone having the same problem?
i figured it somthing with the code you wrote converted the original c++ code you found.
and guess what it did the same exact thing rarely working and when it didn't it stopped on VirtualAllocEx_()
is anyone having the same problem?
~Dreglor
it was because i thought my way didnt work for everyone... well i guess it was just because i left copypasted broken code there and darkdragon "fixed" it with another method and i thought it would be better well mistakes happen... now there is both methods on 1st postthefool wrote:sorry, but why do you want to put it as suspended?
-
- 666
- Posts: 1033
- Joined: Mon Sep 01, 2003 2:33 pm
interesting... very interesting . Nice to see that Microsoft got something right with Windows XP SP2. I must remember to disable DEP for further testing
http://www.satanicdreams.com/error.jpg
http://www.satanicdreams.com/error.jpg