Open goiihacker opened 4 years ago
unsigned char Write_Signature32[] = { 0x55, 0x89, 0xE5, 0x53, 0x57, 0x56, 0x83, 0xEC, 0x08, 0xA1, '?' , '?' , '?' , '?' , 0x8B, 0x7D, 0x08, 0x31, 0xE8, 0x89, 0x45, 0xF0, 0x8B, 0x47, 0x18, 0xC7, 0x80, 0x98, 0x00, 0x00, 0x00, 0x01 };
the signature is in valid for chrome 79 and 32 bit. it can works for chrome78
1 get the chrome_child.dll or chrome.dll scope of process memory .eg 5fa10000 643b6000
2 0:014> s -b 5fa10000 643b6000 8B 7D 08 31 E8 89 45 F0 8B 47 18 C7 80 98 00 00 00 01 nothing is found ,
I have updated the signature here unsigned char Write_Signature32[] = { 0x55, 0x89, 0xE5, 0x53, 0x57, 0x56, 0x83, 0xEC, 0x08, 0xA1, '?' , '?' , '?' , '?' , 0x8B, 0x7D, 0x08, 0x31, 0xF6, 0x31, 0xE8, 0x89, 0x45, 0xF0, 0x8B, 0x47, 0x18, 0x89, 0xB0, 0x94, 0x00, 0x00, 0x00 };
unsigned char Write_Signature32[] = { 0x55, 0x89, 0xE5, 0x53, 0x57, 0x56, 0x83, 0xEC, 0x08, 0xA1, '?' , '?' , '?' , '?' , 0x8B, 0x7D, 0x08, 0x31, 0xE8, 0x89, 0x45, 0xF0, 0x8B, 0x47, 0x18, 0xC7, 0x80, 0x98, 0x00, 0x00, 0x00, 0x01 };
the signature is in valid for chrome 79 and 32 bit. it can works for chrome78
1 get the chrome_child.dll or chrome.dll scope of process memory .eg 5fa10000 643b6000
2 0:014> s -b 5fa10000 643b6000 8B 7D 08 31 E8 89 45 F0 8B 47 18 C7 80 98 00 00 00 01 nothing is found ,
I have updated the signature here unsigned char Write_Signature32[] = { 0x55, 0x89, 0xE5, 0x53, 0x57, 0x56, 0x83, 0xEC, 0x08, 0xA1, '?' , '?' , '?' , '?' , 0x8B, 0x7D, 0x08, 0x31, 0xF6, 0x31, 0xE8, 0x89, 0x45, 0xF0, 0x8B, 0x47, 0x18, 0x89, 0xB0, 0x94, 0x00, 0x00, 0x00 };