Patching Module (DLL) in memory?
I have a target which I need to patch a dll in memory without touching the actual dll on the local disk. This dll is very likely to be updated, however the code I wish to patch is unlikely to change. So far, I am using Process Patcher by The Welsh Dragon, however I find it's strict patching abilities inapropriate... Does anyone know of a nice "Search N Destroy" type patcher (wildcards not necessary, but a bonus ;) ) that can patch a loaded module (dll) in a target?
|
Is the DLL file load dynamic?
|
The DLL was statically loaded. Instead of using the ready-available tools like a lazy arse I decided to write my own patcher for this. ToolHelp32 API Does wonders as well as VirtualProtect/ReadProcessMemory/WriteProcessMemory. Guess I got real lazy
|
I got this dll injection tutorial very interesting,it got something like redirecting api calls ;)
hxxp://pc.nanobot2k.org/Tutorials/dllinjection.zip |
The article API Spying Techniques for Windows 9x, NT and 2000 (hxxp://www.internals.com/articles_main.htm) has a nice overview of the various dll injection / api hooking techniques available on windows. The book "Microsoft Windows Internals" by David Soloman et al has some good info on system level hooks.
|
I've read this article (Three ways to inject code )
h--p://www.codeproject.com/threads/winspy.asp I think that it guide you |
All times are GMT +8. The time now is 08:35. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX