flat assembler
Message board for the users of flat assembler.
Index
> Windows > Error in CreateThread at windows 64-bit |
Author |
|
bitRAKE 18 Mar 2017, 22:15
Why use SECURITY_ATTRIBUTES? Try NULL to use the default. Why not use CreateRemoteThread instead of injecting a bunch of code into the PE? I can't reproduce the error, and nothing stands out in the snippet posted. I'd be happy to test something more complete. Look at this method:
http://resources.infosecinstitute.com/using-createremotethread-for-dll-injection-on-windows/#gref _________________ ¯\(°_o)/¯ “languages are not safe - uses can be” Bjarne Stroustrup |
|||
18 Mar 2017, 22:15 |
|
EasyCode 22 Mar 2017, 18:15
The CreateThread function needs 6 parameters, all of them QWORD in 64-bit Windows (a QWORD = 8 bytes), that is, 6x8 = 48 bytes. So try to decrement 48 bytes to rsp:
sub rsp, 48 ... ... add rsp, 48 And check that rsp is 16 byte-aligned before calling CreateThread, |
|||
22 Mar 2017, 18:15 |
|
system error 23 Mar 2017, 03:25
With this kind of code, I am not convinced that this code would inject anything. MS security programmers are not that lame to let some attempt for buffer overrun or some random zeros to be left unattended in the code area. Even if this code compiles, there's a chance that Windows will inject its own CC instead. That irony of code injection.
|
|||
23 Mar 2017, 03:25 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.