RCE Endeavors 😅

May 10, 2015

Debugging Injected DLLs

Filed under: General x86,General x86-64,NoCode,Programming — admin @ 11:58 AM

A quick post on how to debug injected DLLs through Visual Studio. This is rather straightforward, but it seems like a fair amount of people are unaware that this can be done. It might possibly because programs typically don’t have DLLs injected to them at runtime, so perhaps people think that debugging them can’t be done in a straightforward way. Fortunately, if you attach to the target process beforehand and inject a DLL, the Visual Studio debugger will detect the loaded DLL and allow for an ordinary debugging experience. The steps are rather simple:

1. Choose to attach to a process through the “Debug” menu in Visual Studio.

dbg1

2. Select the target process from the list and attach.

dbg2

3. Attach to the process and verify that breakpoints can get hit.

dbg3And that’s all there is to it. All of the useful features of the Visual Studio debugger are now available for debugging the injected DLLs.

April 16, 2015

Everything up on Github

Filed under: NoCode — admin @ 7:58 PM

I’ve finally and painstakingly moved all of the code relating to my previous blogs posts to GitHub. The descriptions in the repositories are not very descriptive (that’s what the actual blog posts are for!), but now the code is available to look at without needing to download and unzip archives. The GitHub site is https://github.com/codereversing/. Going through this also allowed me to see how my programming style (indent, variable/function naming) has evolved. I definitely prefer the more .NET type of style

if(someVariable == 10)
{
    f();
}
else
{
    g();
}

to the more space conscious, but harder to read, K&R C style

if(some_variable == 10) {
    f();
} else {
    g();
}

All future code will be posted on GitHub now instead of zipped and linked through the blog post.

Powered by WordPress