I've been interested in reflective PE injection, particularly .exe files. I was wondering, is there a way to pass command line arguments (argc and argv) to a reflectively loaded .exe file?
I've noticed that, as part of the reflective loading process, calling CreateRemoteThread with the lpParameter argument allows for parameters to be passed, but would the reflectively loaded .exe file recognize this as argc/argv?
If not is there a way to hook argc/argv in either the reflectively loaded .exe or the host process in order to present argc/argv to the reflectively loaded guest .exe?
Aucun commentaire:
Enregistrer un commentaire