Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: locating DLL base in Win7?

From: Jun Koi <junkoi2004 () gmail com>
Date: Wed, 13 Jul 2011 11:31:44 +0800
any idea on this new method, guys?

thanks,
J

On Fri, Jul 8, 2011 at 7:17 PM, Jun Koi <junkoi2004 () gmail com> wrote:

hi,

anybody seen this interesting note?

http://www.insomniasec.com/publications/some_win7_code.txt

i looked at those code, and dont understand how they work. few questions:

1) so it seems accesing to PEB is no longer necessary?

2) what exactly are those structures kept in the low part of DS segment??

3) is this only for Win7, or this technique is also valid with prior
versions of Windows?

thanks,
Jun


_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: