- We first, locate the addresses of all the dlls mapped to our process.
- We then construct an array of structs and we fill it up with some data, thats Initialize() function.
- Now, we have a full array, next step is to search for the right address.
- calling GetSuitableAddress(SIZE_T ShellcodeSize) will do the job; thats finding us the right code cave (empty place in memory, fitting the shellcode size)
- in case it is found it will be returned.
- to use it we must adjust memory protection to be writable/executable ... (the poc is directly rwx)
-
Notifications
You must be signed in to change notification settings - Fork 0
Not my code. Only for saving
License
gmh5225/memory-relocalloc
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
About
Not my code. Only for saving
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published