EasyHook for reflectivedllinjection

Jul 27, 2010 at 10:02 AM

Hi all ,

 

I have a question ,on web site of harmony security I have read reflectivedllinjection paper,this create a process in memory and inject this with meterpreter for sample ,

reflectivedllinjection use 3 kernel functions LoadLibraryA ,GetProcessAddress and VirtualAlloc ,

my question is : easyhook create an hook which work also if function is called calculating address and not calling dll ?

 

thanks in advance for a short response ,if my question is not clear demand a plus of details without problem

gianmarco