View previous topic :: View next topic |
Author |
Message |
marcussacana How do I cheat? Reputation: 0
Joined: 25 Jun 2017 Posts: 5
|
Posted: Tue Nov 20, 2018 11:15 am Post subject: How can I enumarete all modules of a suspended process? |
|
|
I have created a process with the CREATE_SUSPENDED,
And I want inject a DLL as soon possible, to this I want suspend
the process in the EntryPoint, And to this I want edit the Main module
data to put a int3 or a infinite loop.
To do this I need know before where is the Main Module Entry Point,
How I can do this? Since the EnumProcessModulesEx don't works on a suspended process
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
Posted: Tue Nov 20, 2018 12:13 pm Post subject: |
|
|
you need to let the process run until the main module has been loaded in the target (check out windows debugging and module load notification for the debugger)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
marcussacana How do I cheat? Reputation: 0
Joined: 25 Jun 2017 Posts: 5
|
Posted: Tue Nov 20, 2018 12:36 pm Post subject: |
|
|
So basically, I need create a 'small debugger' and wait by the LOAD_DLL_DEBUG_EVENT?
just a question, the LOAD_DLL_DEBUG_EVENT is triggered before or after the dll is loaded?
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
Posted: Tue Nov 20, 2018 1:23 pm Post subject: |
|
|
after the dll is loaded but before the entrypoint runs (i think)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
marcussacana How do I cheat? Reputation: 0
Joined: 25 Jun 2017 Posts: 5
|
Posted: Tue Nov 20, 2018 4:37 pm Post subject: |
|
|
Worked Thank you!
|
|
Back to top |
|
|
|