#1
|
|||
|
|||
Usermode APC Injection
By: karman
Credits: The owner of the web "kkamagui.springnote.com" Hi, this is a modification of a code (Code Injection) that uses QueueUserAPC to inject a dll (it also use NtMapViewOfSection because some anticheats hooks NtWriteVirtualMemory) Code:
#define _WIN32_WINNT 0x0500 #include http://www.rompiendocodigo.net/ |
#2
|
|||
|
|||
Fails if process doesn't have alertable threads.
|
#3
|
||||
|
||||
Well int this case code always works as prior to execution of NtContinue there is call for NtTestAlert which will trigger APCs, and also NtContinue how it is called by LdrInitializeThunk always has Alertable set to 1, so APCs will always get executed in this example.
__________________
http://accessroot.com |
#4
|
|||
|
|||
The Following User Says Thank You to aliali For This Useful Post: | ||
Gladiyator (06-05-2017) |
#5
|
||||
|
||||
Quote:
I think it's not working on windows 10 x64 any idea to fix it ? |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
[Delphi/Native API] ZwTerminateProcess without declaration from UserMode | Agmcz | Source Code | 3 | 07-25-2018 04:48 |
Code Injection | R@dier | General Discussion | 18 | 10-30-2003 04:00 |