About This File
When each dll is loaded new entry is created in PEB_LDR_DATA to describe state of .dll and also newly inserted data will be used later on to access .dll via GetModuleHandle and LoadLibrary.
This is advantage for us because we can load our .dll with faked export table and all calls to APIs will go trough our .dll and end up in real .dll.
Recommended Comments
There are no comments to display.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now