Thread: How to identify the address where the test is done?
View Single Post
  #5  
Old 10-24-2016, 05:37
byvs's Avatar
byvs byvs is offline
Friend
  
Join Date: May 2002
Location: Brazil
Posts: 64
Rept. Given: 4
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 19
Thanks Rcvd at 8 Times in 7 Posts
byvs Reputation: 0
Quote:
Originally Posted by bongos_man View Post
assuming the program is otherwise unprotected and will not try to prevent or detect it, write a loader which injects a dll into the target process's memory and patches bytes in the appropriate place to call a function in your dll that changes the string however you wish. there are lots of tutorials on code injection, here are some good ones:

Three Ways to Inject Your Code into Another Process
A More Complete DLL Injection Solution Using CreateRemoteThread
Code Injection - A Generic Approach for 32bit and 64bit Versions
InjLib - A library that implements remote code injection for all Windows versions
But in practice how do I stop this test and change the string?
Reply With Quote