Skip to content

ROCKFAL1/Apc2Injector

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Apc2Injector

Example of injection with QueueUserAPC2 (Works only starting from Windows 11)

Dependencies

  • wil (RAII handles is very convenient)
  • xbyak (To generate a shellcode for APC)

Usage

Apc2Injector {dll_path} {exe_name}  

dll_path - Path to dll payload. Can be a relative path
exe_name - Name of target process.

For example:

 Apc2Injector Apc2Dll.dll explorer.exe

How does it work?

Main stages

  1. Defining target process and getting handle
  2. Loading path to dll into target process
  3. Loading shell code of APC function to target process
  4. Take handle on target process thread (I prefer to take main thread)
  5. Call QueueUserAPC2

TODO

  • Support of Wow64 targets
  • Detailed description of injection method
  • Add more comments (?)

About

Example of injection with QueueUserAPC2

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published