Go Back   Exetools > General > Source Code


Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old 08-27-2022, 16:55
FoxB FoxB is offline
Join Date: Jan 2002
Location: Earth...
Posts: 914
Rept. Given: 14
Rept. Rcvd 122 Times in 82 Posts
Thanks Given: 16
Thanks Rcvd at 633 Times in 267 Posts
FoxB Reputation: 100-199 FoxB Reputation: 100-199
we can not load dll from %systemroot%\system32 in some situations.
the behavor is change if used the registry data for "SafeDllSearchMode" is set 1 in
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]

"DevOverrideEnable" is set 1 in
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
with .local for the executable file extension
Reply With Quote
The Following User Says Thank You to FoxB For This Useful Post:
niculaita (08-27-2022)

dll, hijacking

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Windows Handle Hijacking TechLord General Discussion 2 05-15-2017 20:11

All times are GMT +8. The time now is 22:49.

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2023 )