Overview
Syllabus
Intro
BACKGROUND
WoW64 system call overview
THE SOLUTION
INJECTION CONT.
INJECTION #1 - WOW64LOG.DLL
INJECTION 32 - HEAVEN'S GATE
INJECTION 33 - APC
CFG - CONTROL FLOW GUARD
VALID CALL TARGETS
CFG IN WOW64
BACK TO APC INJECTION
SO WHERE'S THE PROBLEM?
OPTION #1 - NATIVIZE THE PROCESS
NATIVIZE THE PROCESS - DOWNSIDES
OPTION #2 -"THUNKLESS" APC INJECTION
REQUIREMENTS
WHAT'S IN R9?
INLINE HOOKS 101
CONSTRAINTS
API RE-IMPLEMENTATION
BACK TO THE DRAWING BOARD #1
WORKS ON WINDOWS 10 BUT ONLY THERE.
BACK TO THE DRAWING BOARD #2
DEEP HOOKS - RECAP
REFERENCES
Taught by
Hack In The Box Security Conference