Exetools
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   How to inject my dll into all user processes [Win]? (https://forum.exetools.com/showthread.php?t=6528)

britedream 03-07-2005 21:40
Quote:
Originally Posted by MaRKuS-DJM
what i think about this AppInit_DLLs:
this would make us crackers possible to write a DLL which accesses a configuration file (maybe crack.txt) with all neccessary information to inline-patch nearly every packed program (thread instantly checking on loading-time of DLL for neccessary bytes). a configuration file like this one from ASLoad:

Exe:file.exe
Mod:1
Crash:0
Patch:
Offset:original byte:patched byte

what do you think of this? a universal inline-patcher... you don't need cracks anymore, only the neccessary bytes
The problem I see with that,if I understoond your idea correctly, is you need to know when to patch, many targets use the same address for different flags, while others reset flags , and set them few times.so targets are not the same.

niom 03-07-2005 21:49
what about DllMain/global-var initializiation code?

i mean, if an exe is linked to a dll that contains antidebugging/whatever code in its dllmain (or global ctor-like), this code would be executed through the windows loader *before* own dlls are injected, so this could be a problem.

or i'm wrong?

and how could this be solved?

MaRKuS-DJM 03-08-2005 02:12
Quote:
Originally Posted by britedream
The problem I see with that,if I understoond your idea correctly, is you need to know when to patch, many targets use the same address for different flags, while others reset flags , and set them few times.so targets are not the same.
that's true. maybe it could be done through some waiting-values (for example the Module Handle dword) like it is done in diablos dUP for ASProtected apps.
the other problem your mentioned also exists for every type of loader or crack... i think it could be handled.
i got the idea of such a patcher one year before, but through the idea of patching kernel. i didn't know there's a registry value that can inject such dlls.


All times are GMT +8. The time now is 13:59.
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX