reversing
테크 맵
코끼리_땃쥐
2022. 5. 26. 20:38
API 후킹의 모든 기술적 범주를 포함하는 테크 맵
| Method | Object | Location | Technique | API | |
| static | File | 1) IAT 2) Code 3) EAT |
X | X | |
| dynamic | Process Memory 00000000 ~ 7FFFFFFF |
A) Debug (Interactive) |
DebugActiveProcess GetThreadContext SetThreadContext |
||
| B) Injection (stand alone) |
B-1) Independant Code |
CreateRemoteThread | |||
| B-2) DLL file | Registry(AppInit_DLLs) BHO(IE only) |
||||
| SetWindowsHookEx CreateremoteThread |
|||||