You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I compiled the DLL (RdpThief.dll) and injected it into mstsc.exe process. It is able to hook ADVAPI32!CredIsMarshaledCredentialW but is unable to hook SSPICLI!SspiPrepareForCredRead and dpapi!cryptprotectmemory. I was able to verify this by attaching a debugger and looking at the assembly. Only the CredIsMarshaledCredentialW function has jump into the loaded dll. Any pointers on how do I debug this issue or have you encountered this before?
Are some DLLs immune to hooking?
The text was updated successfully, but these errors were encountered:
I compiled the DLL (RdpThief.dll) and injected it into mstsc.exe process. It is able to hook
ADVAPI32!CredIsMarshaledCredentialWbut is unable to hookSSPICLI!SspiPrepareForCredReadanddpapi!cryptprotectmemory. I was able to verify this by attaching a debugger and looking at the assembly. Only theCredIsMarshaledCredentialWfunction has jump into the loaded dll. Any pointers on how do I debug this issue or have you encountered this before?Are some DLLs immune to hooking?
The text was updated successfully, but these errors were encountered: