Jump to content
Skribul222

[CHALLENGE] Stop the dll injection/injectors

Recommended Posts

Posted (edited)

Ok si programul unde e?

Sau vrei sa facem noi un program care sa detecteze injectarea si sa o opreasca? Nu esti foarte specific.

Edited by xpaulx
Posted

Kernel-mode hook pe CreateRemoteThread(Ex), adica rootkit.

Poti face un driver care suprascrie SSDT-ul, gasesti acolo NtCreateRemoteThread.

PS: Abtineti-va de la replici inutile.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...