From Collaborative RCE Tool Library

Jump to: navigation, search

ManualMap

Tool name: ManualMap
Rating: 0.0 (0 votes)
Author: Darawk                        
Website: N/A
Current version:
Last updated: September 9, 2005
Direct D/L link: Locally archived copy
License type: Free / Open Source
Description: ManualMap is a library I wrote for dll injection by 'manually mapping' a PE file into the remote address space of a process. Instead of calling LoadLibrary or using SetWindowsHookEx (which also essentially calls LoadLibrary internally), this code parses the PE file itself, fixes up the relocs, maps the sections, and builds the import table. It also redirects APIs like GetModuleHandle and GetProcAddress so that manualmap'd modules are visible to each other, but are not visible to any other modules in the process.
Related URLs:
Related tutorial: Evading hack detection mechanisms in online games:
http://www.rootkit.com/newsread.php?newsid=360


RSS feed Feed containing all updates for this tool.

You are welcome to add your own useful notes about this tool, for others to see!



If you find that any information for the tool above is missing, outdated or incorrect, please edit it!
(please also edit it if you think it fits well in some additional category, since this can also be controlled)


Views
Category Navigation Tree
   Needs New Category  (3)