![]() ![]() So I guess I'll need to figure a way out to kind of 'monitor' that I guess lol. Well from my understanding the target would be to hook opengl.dll to modify the opacity of walls in game. Think of what might be attractive targets of injecion, and so on, and write code that counters just that.Thanks that was very informative. Think of what might be attractive targets of injecion, and so on, and write code that counters just that.īasically, if you haven't already, know what code is required to accomplish that which you want to prevent. ![]() Right now, I have a dll called APSHook.dll, which is for a fingerprint reader I have on this laptop, so it work with all applications(Browsers and anything else that commonly requires credentials).īasically, if you haven't already, know what code is required to accomplish that which you want to prevent. Key is HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs. Make sure that the import table contains the addresses of the functions in the proper dll, not some other dll.ģ) Check the registry for the default loaded dlls. Put yourself in the attacker's shoes, and find out what you would want to hook if you were to write cracks / hacks for the game. I have, however, not tried writing stuff to prevent them, but I know what I would do:ġ) If you can be sure the dll isn't loaded at startup(Registry fix that makes the app load it by default as it does with kernel32.dll, except kernel32.dll and user32.dll area always loaded and aren't there), I would take a snapshot of dlls when the process is started, and then compare the snapshot and make sure that an extra dll hasn't been loaded.Ģ) Find where function calls are imported from, functions that an malicious user would gain something from by hooking them. I have done much coding on dll injections, including writing code that can use 2 or 3 different methods of injecting the dll, and code that writes code in the remote process' address space and executes it so it calls a function in the dll and what not.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |