Injective Code inside Import Table by Ashkbiz Danehkar

转载 2006年06月07日 18:49:00

Contents

Let’s imagine we could redirect the thoroughfare of the import process accessions into our especial routine by manipulating the import table thunks, it could be possible to filter the importation function demands through our routine. Furthermore, we could settle our routine by this performance, which is done by the professional Portable Executable (PE) Protectors, additionally some sort of rootkits employs this approach to embed its malicious code inside the victim by a troy horse.

In reverse engineering world, we describe it as API redirection technique, nevertheless I am not going to accompany all viewpoints in this area by source code, this article merely represents a brief aspect of this technique by a simple code. I will describe other issues in the absence of the source code; I could not release the code which is related to the commercial projects or intended to the malicious motivation, however I think this article can be used as an introduction into this topic.


http://www.codeproject.com/useritems/inject2it.asp


举报

相关文章推荐

Import Table(引入表)

首先,您得了解什么是引入函数。一个引入函数是被某模块调用的但又不在调用者模块中的函数,因而命名为"import(引入)"。引入函数实际位于一个或者更多的DLL里。调用者模块里只保留一些函数信息,包括函...

PE文件-引入表[IMPORT TABLE]--转自iczelion,附vc示范

首先,您得了解什么是引入函数。一个引入函数是被某模块调用的但又不在调用者模块中的函数,因而命名为"import(引入)"。引入函数实际位于一个或者更多的DLL里。调用者模块里只保留一些函数信息,包括函...

我是如何成为一名python大咖的?

人生苦短,都说必须python,那么我分享下我是如何从小白成为Python资深开发者的吧。2014年我大学刚毕业..

Sql - Import CSV to DB table

CSV field terminator 字段终止符 row terminator 行终止符 有时候我们可能会把CSV中的数据导入到某个数据库的表中,比如做报表分析的时候...
返回顶部
收藏助手
不良信息举报
您举报文章:深度学习:神经网络中的前向传播和反向传播算法推导
举报原因:
原因补充:

(最多只允许输入30个字)