Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Use functions 'RhCreateStealthRemoteThread' to inject dll failed. #159
I have tried to use rbx to replace ebx.But it doesn't work correctly same as using ebx.however, if you use rbx, the target process will trash when it come back to the old rip not trash in the function 'WaitForSingleObject'. Maybe, there are my other error code cause the use rbx trash.I will check my code as fast as possible.I n the other hand, my machine is win10 x64 pro 14393. 2016年12月12日 上午6:44，"Justin Stenning" <email@example.com>写道：…
@slivermeteor <https://github.com/slivermeteor> did you have a chance to test that change? Did it work correctly for 64-bit targets? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#159 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AT3Vn1j4IiBFJuFIKnGxS_mmj-vkykkkks5rHHzogaJpZM4LJFo3> .
@spazzarama hello,do you still pay attention to this issuse. I have try to use the EasyHook original code to compile the Easyhook64.dll, then try to use it to install a remote hook.At the win7 64-bit to hook 64-bit targets,although the 'NativeInjectionEntryPoint' can be call success, the target will trash when it come back the old rip. At the win10 64-bit, it will tarsh in the 'WaitForSingleObject' at the 'StealthStub_ASM_x64' proc.So I think it is a bug of EasyHook.