A forum for reverse engineering, OS internals and malware analysis 

Ask your beginner questions here.
 #32631  by FrankoooEFC
 Tue Feb 26, 2019 7:11 pm
so am trying to create a kernel injector , i have seen blackbone injection technique and its messy and a bit complicated for me to look at his source code and i don't want to touch apc injection methods. so problem is i can't think of a way to create it i mean if someone could help me and tell me where i could find this type of things that i am going to list i would appreciate it a lot from you guys .

so my idea of injecting my dll would be like the following ( manual map my dll into the target process -> Hijack an existing thread to run my shellcode and to call my dll entrypoint -> Fix imports -> Done!

i want to use IAT hooking , but for me i haven't hooked anything before neither in usermode or kernel mode. so need some help with this.

and i want to know which functions i can use for this injector if someone can link a github rep example or msdn functions so i can learn from them that would be great , thanks in advance for anyone that are willing to help me with my problem .

Note : this is only for educational purposes :)
 #32680  by richy1
 Mon Mar 11, 2019 6:54 pm
blackbone isn`t too messy... just take your time, understand god DarthTon`s work and go for it. You can pretty much just port some UM mmap injector to kernelmode without a big deal! (in case you know a little bit what you are talking about)