[C/ASM] Easy to use DLL hijacking examples

atom0s · #7 08-21-2017, 17:34

Quote:

Originally Posted by zeffy

Thank you for sharing your code atom0s! I've used something very similar to it before I created these template projects. The reason I opted to use complete ASM instead of inline is because it isn't supported by VC in x64 builds, only x86.

Additionally, calling your InitializeProxy (and thus LoadLibrary) from DllMain can cause the process to deadlock under certain conditions. For this reason, MSDN specifically advises people not to call LoadLibrary from DllMain. Although I've never encountered it happen in practice, that could change in the future or in edge cases. That's why I opted to delay the loading until one of its functions is actually called. Either approach works though.

I generally do the same with late loading, generally via exporting an 'Install' function from the main hook and using a loader to invoke it. The example above was just a quick throw together to show off the macro method of making a fast proxy.

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Windows Handle Hijacking	TechLord	General Discussion	2	05-15-2017 20:11

The Following 2 Users Say Thank You to atom0s For This Useful Post:
Indigo (07-19-2019), zeffy (08-21-2017)