QueueUserAPC()
Using Asynchronous Procedure Calls (APC) (QueueUserAPC) to perform Remote Process Injection.
Last updated
Was this helpful?
Using Asynchronous Procedure Calls (APC) (QueueUserAPC) to perform Remote Process Injection.
Last updated
Was this helpful?
Get a handle to an existing process on the system or create a new sacrificial process
OpenProcess()
CreateProcess()
CreateProcessAsUser()
Allocate some memory in the chosen remote process
VirtualAllocEx()
Write shell-code to the remote process, or write a DLL to the remote process
GetProcAddress()
LoadLibrary()
WriteProcessMemory()
Queue a new procedure call in the remote process thread, and wait for it to be executed
Thread32First()
Thread32Next()
OpenThread()
QueueUserAPC()