Go Back   Exetools > General > Source Code


Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old 07-27-2017, 05:40
zeffy zeffy is offline
Join Date: Jul 2017
Posts: 44
Rept. Given: 3
Rept. Rcvd 7 Times in 6 Posts
Thanks Given: 194
Thanks Rcvd at 163 Times in 47 Posts
zeffy Reputation: 7
[C/ASM] Easy to use DLL hijacking examples

Hi, I've been working on a project where I needed to inject some code into a process via a hijacked DLL. I understand this is a pretty simple thing to do, but when I looked around, there wasn't really a lot of good examples. The automatic project generators I've found also either output poor code or just don't work at all.

So instead, I wrote my own solution. It's a couple of template projects that have all the code required for being a drop in replacement for either winmm.dll or version.dll.


For an example using version.dll (the project that I needed this for): https://github.com/zeffy/disablesteamlinkfilter

- The original DLL and its functions are lazy-loaded upon request using an asm springboard (x86 and x64 are both supported).
- The projects are also set up in a way where you can easily create versions of both dlls for the same code base.
- Works well with Tsuda Kageyu's minhook for additional hooking.

I've found that this method isn't compatible with all processes, but usually at least one of the DLLs will work.

It's still a work in progress, but it works well for me. Any criticisms or suggestions are definitely welcome.

Last edited by zeffy; 07-27-2017 at 18:39. Reason: add example project
Reply With Quote
The Following 8 Users Say Thank You to zeffy For This Useful Post:
conan981 (07-27-2017), copyleft (03-10-2020), Indigo (07-19-2019), ionioni (03-10-2020), niculaita (07-27-2017), SinaDiR (07-27-2017), tonyweb (08-15-2017), zeuscane (07-27-2017)

dll, hijacking

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Windows Handle Hijacking TechLord General Discussion 2 05-15-2017 20:11

All times are GMT +8. The time now is 00:35.

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )