The issue Imagine being deep into a kernel debugging session and suddenly your debugger stops working as expected. (This has been going on for years at this point and it doesn’t look like there...
Writing A (covert) Dynamic Loader in x86-64 MASM [0x02]
[0x02] - The Problem Imports: As the analysts we’d like to quickly get an idea of what this binary is doing statically. So we sit down, open our favorite tool and check what kind of file...
Writing A (covert) Dynamic Loader in x86-64 MASM [0x01]
[0x01] - General Code Structure What we’re doing: How we’re doing it: We’ll start by declaring the only two imports we require to bootstrap our loader. ; HMODULE GetModul...
Writing A (covert) Dynamic Loader in x86-64 MASM [0x00]
[0x00] - Introduction Assumptions about the reader’s knowledge: Understanding of C code (pointers, structs, control flow …); Some Python3 experience (basic operations); Some Assem...
- 1
- 1 / 1