Questions tagged [injection]
The injection tag has no usage guidance.
50
questions
0
votes
0
answers
28
views
PowerPC Macintosh code injection
I'm reverse engineering a game for the old PowerPC MacOS 9 pc via the static analysis in IDA Pro windows but I want to inject code during runtime(for example via the dynamic library) in an emulator ...
0
votes
0
answers
98
views
How to inject (a lot of) code into a running program?
I've seen a number of tutorials on changing several binary digits of an executable, like changing assembly je to jn. But what I want to add new functionalities.
#include <iostream>
#include <...
4
votes
0
answers
236
views
How to correctly inject a [jump + address] instruction into another process (code injection)?
I am trying to inject a jump instruction into another process (External injection), although the injection operation has been completed the address was not correct.
For example:
unsigned int addr = ...
2
votes
0
answers
159
views
Find an address of injected code via GetModuleHandleA
I am reversing really old game (20 years old).
l2.exe loads Dsetup.dll Network.dll. (not sure about order)
inside of the Dsetup.dll i found and injection (kind of protection) into module Network.dll. ...
4
votes
2
answers
627
views
How to reverse a game and inject a dll in client program?
I am trying to make a bot for a game. But when I open the game in debugger like Ollydbg or in x64dbg the game simply closes and also it doesn't appears in the Attach to the process list in File menu ...
0
votes
0
answers
225
views
How can i inject xamarin smali code into another apk?
I tried to make a simple foreground service android application using xamarin... then decompile and inject it into another apk...but it always crashes.
here is adb logcat :
05-31 23:57:34.158 7680 ...
2
votes
1
answer
493
views
Hooking IAT in remote process with Python?
I'm trying to hook a win32 function call (CreateFileW) inside of a notepad process to have the function do additional actions before returning what it should do. Ultimately, this will assist me in ...
2
votes
1
answer
797
views
How to analyze dumped process?
I'm trying to reverse engineer a malware which uses a Process Hollow technique. This malware uses an API hashing technique and contains some RC4 encryption algorithm references.
I already knew the ...
0
votes
1
answer
151
views
Why a single "nop" crashed the game?
I hope answer to my question is not game/app specific and can be answered in communities like this.
So, I tried to use some internal functions of a game, like pick a target. No malicious intentions, ...
-1
votes
1
answer
175
views
PE Self Injection Not Working
I'm working on different PE Injection technique. I want to inject PE file into virtual memory of the current executable. After that, I want to execute the injected PE file, I wrote an injection code, ...
0
votes
1
answer
783
views
Recreating ping command injection using curl instead using web page on Huawei router
I have an ARM based Huawei router and Im trying to do injection vulnerability on page under diagnostics where's "ping" feature is. So first I tried this command -c 1 127.0.0.1 and it worked
-...
2
votes
1
answer
411
views
Import Address Table in Process Hollowing
I know that the PE loader is the one that is responsible for assigning addresses in a PE Import Address Table, so why when we inject code using process hollowing we don't build the IAT?
We just copy ...
1
vote
1
answer
157
views
How to split bytes into instructions in binary ELF file for x86
I'm working on a static code injector for ELF files. I need to "steal" some bytes in order to write jump to my code on their place and then execute stolen instructions somewhere in the ...
0
votes
1
answer
307
views
Call libc functions from the payload statically injected into ELF binary
I am working on ELF-injector, which given some payload (currently it's an assembly file with .text section only) will inject it into ELF binary. I had related post here.
Now I would like to make it ...
1
vote
1
answer
300
views
Converting a data address offset to the equivalent struct in a C++ module
I have an offset to a property within a player class that I need to access data from. It's made of a specific struct that I have already assembled. IDA reports the accessing offset as so:
v32 = ( v3 + ...