DLL Injection with SetThreadContext

Tuesday, September 5, 2017

There are several techniques available for injecting a DLL into a process. Each has its own strengths and drawbacks. The simplest one uses the CreateRemoteThread function to create a new thread in the target process and point the thread's start function to the the LoadLibrary function, as LoadLibray and a thread's starting function have the same prototype from a binary perspective (both accept a pointer). This method is the easiest to use but also the most visible. Creating a new thread can be "noticed" in several ways, such as with an ETW event. If a driver is present and is hooking...
no comments

Packaging Apps into Single Files

Tuesday, May 9, 2017

One of the hallmarks of easy-to-use tools is simple installation, preferably no installation at all. The classic example is the Sysinternals tools. Each tool is a single executable, self contained, and can be run from anywhere, including network shares and web locations. These tools have no dependencies (except for built-in Windows DLLs), or so it seems. One canonical example is Process Explorer that hides within it two binaries. The first is a kernel driver, used to extract information from the system that cannot be done from user mode (such as reading values of kernel variables), and the other is a 64...
tags: , , , ,
no comments

Building a Cross Platform Game with MonoGame – Part 2

Thursday, March 19, 2015

In the first part we’ve seen how to install MonoGame for use with Visual Studio and how to create a new project. We’ve seen some of the boilerplate code created by the project wizard and discussed briefly the game asset file. We are now ready to put our own special stuff into the game. We’ll start by doing some cleanup, as our project has the default spinning cube. I’ve also renamed the Game class from Game1 to InavdersGame and the C# file correspondingly. Open InvadersGame.cs and remove all the code in the Draw method except the Clear call:protected override void Draw(GameTime...
one comment

Building a Cross Platform 2D Game with MonoGame (Part 1)

Thursday, March 12, 2015

Ever since Microsoft ditched the XNA framework (for whatever reason), it didn’t provide any viable alternative for .NET developers. Microsoft attempted to encourage developers to switch to native DirectX to do game development (and other apps that would otherwise benefit from XNA). But DirectX is not a real alternative “out of the box” for .NET (and even C++) developers; DirectX is very low-level, and it’s almost impractical to create a full-fledged game with DirectX directly; DirectX is a great base for game engines. For writing an actual game, developers typically use some framework that sits on top of...