Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Help] Inject x64 DLL into x64 PE File

Gladiator
Gladiator
in Programming and Coding

Featured Replies

Posted

HelloI have problem with injection 64 bit dll into 64 bit exe file , in case i don't know what i should to do ?
any one can help me with information , sources or some thing that solve my problemThanks

    •
    • Like 1

    Hi,

    Look at VirtualAllocEx + CreateRemoteThread, just start a new thread at LoadLibraryW and provide a newly allocated page as argument.

    Its not much different from x32.

    Greetings,

    Mr. eXoDia

    •
    • Like 1
    • Author

    Thanks Dear Mr.eXoDia & Dear Dreamer for reply


    But i means Code Injection via Dll Directly to PE File not to Process


    Look Likes Armadillo and many other protectors and packers

     
    •
    • Like 1

    my mistake sorry  :pray:


    • Author

     

    Thanks for reply but i mean static dll injection , for example , injecting some asm code to show message box to x64 PE file as new section , change oep to new section and rebuild file to run without any error or etc

    That is not called "injection". ;)


     


    Theoretically, everything is the same as in 32-bit world. The biggest difference is that you pass arguments to function in registers, not on stack.


    What did you try and what exactly did not work?


    • Author

    i had build 32 bit code injection to PE but in 64 bit in need some references and information


    Again - what exactly did you try and what exactly does not work?


     


    Attached is simple demo I made in 10 minutes using HIEW as a hex editor and to assemble x64 code.


    x64_adding_code.zip

    •
    • Like 1

    Is this for your payware EXE packer/protector?


    Looks to me for that article, you need to read up on the differences between x64 PE header and x86....


     


    If it was me, I would just use TitanEngine for such things, plus a decent x64 assembler like AsmJit.


    Edited by mudlord

    • Like 1

    If you wanna execute your DllMain with the executable start: use CFF Explorer (import adder, add a random import).

    Greetings

    •
    • Like 1

    I think he means inserting a DLL like how Armadillo works internally, or ASProtect.


    Ah! Then you need to understand the decryption/encryption of the file inside the executable and you also need to patch some crc checks.

    I think Gladiator is meaning this in a protection sense, so this applies to unprotected apps.


    Might be for a x64 port of his protector?


    Create an account or sign in to comment

    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.