Only write the modified field in the exe header
This commit is contained in:
parent
95dec1b0fd
commit
6a237fd247
@ -87,7 +87,8 @@ static inline void inject(HANDLE process, const void *payload, size_t payloadSiz
|
|||||||
write_protected_process_memory(process, importDescriptors, &firstDescriptor, sizeof(firstDescriptor));
|
write_protected_process_memory(process, importDescriptors, &firstDescriptor, sizeof(firstDescriptor));
|
||||||
|
|
||||||
// Step 2: break the image data directory entry
|
// Step 2: break the image data directory entry
|
||||||
ntHeaders->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].Size = 0;
|
size_t ddOffset = ((char*)&(ntHeaders->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].Size)) - exeHeader;
|
||||||
|
DWORD newSize = 0;
|
||||||
|
|
||||||
write_protected_process_memory(process, exe, exeHeader, sizeof(exeHeader));
|
write_protected_process_memory(process, exe + ddOffset, &newSize, sizeof(newSize));
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user