ManualMap,ManualMap是我为dll注入编写的一个库，通过将PE文件“手动映射”到进程的远程地址空间。此代码不调用LoadLibrary或使用SetWindowsHookEx（实际上也在内部调用LoadLibrary），而是解析PE文件本身、修复relocs、映射节并构建导入表。它还重定向诸如GetModuleHandle和GetProcAddress之类的API，以便manualmap的模块彼此可见，但对流程中的任何其他模块都不可见。

(ManualMap is a library I wrote for dll injection by 'manually mapping' a PE file into the remote address space of a process. Instead of calling LoadLibrary or using SetWindowsHookEx (which also essentially calls LoadLibrary internally), this code parses the PE file itself, fixes up the relocs, maps the sections, and builds the import table. It also redirects APIs like GetModuleHandle and GetProcAddress so that manualmap'd modules are visible to each other, but are not visible to any other modules in the process.)

1620892249247.rar

2021-5-13 15:50 上传

文件大小: 604 KB
下载次数: 0

ManualMap,ManualMap是我为dll注入编写的一个库，通过将PE文件“手动映射”到进程的远程地址空间。此代码不调用LoadLibrary或使用SetWindowsHookEx（实际上也在内部调用LoadLibrary），而是解析PE文件本身、修复relocs、映射节并构建导入表。它还重定向诸如GetModuleHandle和GetProcAddress之类的API，以便manualmap的模块彼此可见，但对流程中的任何其他模块都不可见。

(ManualMap is a library I wrote for dll injection by 'manually mapping' a PE file into the remote address space of a process. Instead of calling LoadLibrary or using SetWindowsHookEx (which also essentially calls LoadLibrary internally), this code parses the PE file itself, fixes up the relocs, maps the sections, and builds the import table. It also redirects APIs like GetModuleHandle and GetProcAddress so that manualmap'd modules are visible to each other, but are not visible to any other modules in the process.)

1620892249247.rar

2021-5-13 15:50 上传

文件大小: 604 KB
下载次数: 0