idigger
idigger
same request
Thanks for the tip
I've tried other programs. They all not running.
Add bellow code ``` if (!bSource32 && bHasReloc) { if (RunPEReloc64(&PI, hFileContent)) { printf("[+] The injection has succeed2 !\n"); HANDLE ps = OpenProcess(SYNCHRONIZE | PROCESS_QUERY_INFORMATION, FALSE, PI.dwProcessId); if (ps) {...
x32 is ok! ``` PS C:\test> ./runpe payload32.exe c:\windows\syswow64\svchost.exe [PROCESS HOLLOWING] [+] PE file content : 0x00000238F29EFFF0 [+] The PE file is valid. [+] Target Process PEB : 0x000000000300B000 [+]...
payload.c ```c #include int APIENTRY WinMain( HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow ) { MessageBox(0, "hello world", "Hi", MB_OK); return 0; } ```
At present, all x64 process-hollowing programs on the web do not work on windows 11 24H2, Looking forward to your good news.