Home

Awesome

Inject-dll-by-APC

Asynchronous Procedure Calls

test.cpp:

Use APC to inject dll

code from:http://blogs.microsoft.co.il/pavely/2017/03/14/injecting-a-dll-without-a-remote-thread/

More details;

https://3gstudent.github.io/%E9%80%9A%E8%BF%87APC%E5%AE%9E%E7%8E%B0Dll%E6%B3%A8%E5%85%A5-%E7%BB%95%E8%BF%87Sysmon%E7%9B%91%E6%8E%A7

NtCreateThreadEx.cpp:

Use NtCreateThreadEx to inject dll

NtCreateThreadEx + LdrLoadDll.cpp

Use NtCreateThreadEx + LdrLoadDll to inject dll

CreateRemoteThread.cpp

Use CreateRemoteThread to inject dll,usually used under WinXP