bin123485 Posted February 15, 2015 Posted February 15, 2015 I try to hook the api EstimateFileRiskLevel with python + pydbg, but failed to get the api address. Is there any way I can hook the api?
kao Posted February 15, 2015 Posted February 15, 2015 Yes. You can start by reading MSDN documentation, especially the Remarks part. 1
bin123485 Posted February 17, 2015 Author Posted February 17, 2015 (edited) Yes. You can start by reading MSDN documentation, especially the Remarks part. I can hook LoadLibrary and GetProcAddress to get the address of EstimateFileRiskLevel, but when I set a bp on EstimateFileRiskLevel and try to download file via IE, IE crash. why ? Edited February 17, 2015 by bin123485
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now