-
Why not use HeapAlloc?
```C#
IntPtr pHeapCreate = DInvoke.DynamicInvoke.Generic.GetExportAddress(pkernel32, "HeapCreate");
IntPtr pHeapAlloc = DInvoke.DynamicInvoke.Generic.GetExportAddress(pkern…
RcoIl updated
3 years ago
-
Hello,
I tried the dll with x64 executables and it works fine. However, it does not work with x86 (wow64) executables.
Any idea ?
Here is my code :
```csharp
if (IntPtr.Size ==…
-
I'm not sure anyone suggest this topic but I think infer field member should be apply, any reason it apply to local variant should be use with initialized field member.
Befor.
```vb
Public Shared…
-
I think this is meant to work?
```c#
using DInvoke.DynamicInvoke;
using DInvoke.ManualMap;
using Data = DInvoke.Data;
using System;
namespace DInvokeTest
{
class Program
{
…
-
The current version of DInvoke does not resolve export forwards. It assumes that all exports are not forwarded. This may be demonstrated by attempting to resolve `kernel32.dll!InitializeSRWLock`.
-
would be nice to have the possibility to hollow out a x64 process from a x86 Dinvoke assembly.
The only way to do that ( I think) would be to spawn a new x64 processes and obtain a valid handle to i…
-
-
This just loops:
[*] Username given, checking processes
[+] NtOpenProcess Success!
[+] NtOpenProcessToken Success!
[-] NtQueryInformationToken failed - error code: 3221225507
[+] NtQueryInf…
-
Hello @klezVirus thanks for you work, and your tools!
How to build follina doc without hosting, just with command/payload file (ps1, raw, txt..)
#maybe it can be useful https://github.com/komomon…
-
The current implementation for resolving API sets (used when rebuilding the IAT) will fail if an API set is present in the import directory and uses a patch number not included in the map. Whilst not …