You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As another method for using LdrUnlockLoaderLock, we could do a scan for the (fairly unique) magic number 0x1000000000000000 and simply overwrite it with ULLONG_MAX (after modifying memory protection of the page), allowing a valid cookie to be generated for any given thread ID. This seems more simple than scanning for the call to LdrpReleaseLoaderLock and less likely to change in the future.
The text was updated successfully, but these errors were encountered:
As another method for using LdrUnlockLoaderLock, we could do a scan for the (fairly unique) magic number 0x1000000000000000 and simply overwrite it with ULLONG_MAX (after modifying memory protection of the page), allowing a valid cookie to be generated for any given thread ID. This seems more simple than scanning for the call to LdrpReleaseLoaderLock and less likely to change in the future.
The text was updated successfully, but these errors were encountered: