Injective Code inside Import Table by Ashkbiz Danehkar

转载 2006年06月07日 18:49:00

Contents

Let’s imagine we could redirect the thoroughfare of the import process accessions into our especial routine by manipulating the import table thunks, it could be possible to filter the importation function demands through our routine. Furthermore, we could settle our routine by this performance, which is done by the professional Portable Executable (PE) Protectors, additionally some sort of rootkits employs this approach to embed its malicious code inside the victim by a troy horse.

In reverse engineering world, we describe it as API redirection technique, nevertheless I am not going to accompany all viewpoints in this area by source code, this article merely represents a brief aspect of this technique by a simple code. I will describe other issues in the absence of the source code; I could not release the code which is related to the commercial projects or intended to the malicious motivation, however I think this article can be used as an introduction into this topic.


http://www.codeproject.com/useritems/inject2it.asp


相关文章推荐

import users to LDAP server step by step

  • 2012年11月16日 17:35
  • 53KB
  • 下载

Import Table(引入表)

首先,您得了解什么是引入函数。一个引入函数是被某模块调用的但又不在调用者模块中的函数,因而命名为"import(引入)"。引入函数实际位于一个或者更多的DLL里。调用者模块里只保留一些函数信息,包括函...

PE文件-引入表[IMPORT TABLE]--转自iczelion,附vc示范

首先,您得了解什么是引入函数。一个引入函数是被某模块调用的但又不在调用者模块中的函数,因而命名为"import(引入)"。引入函数实际位于一个或者更多的DLL里。调用者模块里只保留一些函数信息,包括函...

Sql - Import CSV to DB table

CSV field terminator 字段终止符 row terminator 行终止符 有时候我们可能会把CSV中的数据导入到某个数据库的表中,比如做报表分析的时候...

CRC table-driven Program with C CODE

  • 2011年06月07日 19:50
  • 162KB
  • 下载

inside VC 5 code&Tool055

  • 2007年06月28日 18:30
  • 1.39MB
  • 下载

SQL无法找到对应的表名:ndroid.database.sqlite.SQLiteException: no such table: dcdy (code 1): , while compilin

错误! 调用查询代码代码 public SeleteSpinner() { db = DApplication.getApp().getDB().getInstance()...
内容举报
返回顶部
收藏助手
不良信息举报
您举报文章:Injective Code inside Import Table by Ashkbiz Danehkar
举报原因:
原因补充:

(最多只允许输入30个字)