aboutsummaryrefslogtreecommitdiff
path: root/CodeExecution/Invoke-ReflectivePEInjection.ps1
AgeCommit message (Collapse)AuthorFilesLines
2014-07-10Bug fixes to Invoke-ReflectivePEInjectionclymb3r1-63/+157
Fixed a bug where calling GetProcAddress by ordinal instead of procedure name failed. Fixed a bug where reflectively loading an EXE will cause the entry function (main()) to be called twice instead of once as expected. Added a ForceASLR flag to force ASLR to be used even if the PE file doesn't officially support ASLR. Some minor other changes.
2013-11-13Normalized all scripts to ASCII encodingmattifestation1-1/+1
2013-10-01Switching to ANSI from UTF8 encodingclymb3r1-2/+2
Scripts now work in 2008r2. I thought I tested before uploading but something broke somehow... Now the scripts work in 2008r2 and win8+
2013-09-30Fixes for Windows 8.1/.NET 4.5clymb3r1-2593/+2575
.NET 4.5 introduced breaking changes in the way Marshalling works. Added a fix so ReflectivePEInjection works with Windows 8.1/.NET4.5.
2013-09-03Call to DllMain when unloading reflective DLLclymb3r1-0/+9
Prior to this fix, DllMain with the ProessDetach flag was not called when unloading the reflectively loaded DLL. This was causing very weird crashes in the Invoke-NinjaCopy script which is built on this script. This should fix the crash.
2013-05-31Added Invoke-ReflectivePEInjectionMatt Graeber1-0/+2852
Another awesome addition from Joe Bialek. Invoke-ReflectivePEInjection is a vast improvement over Invoke-ReflectiveDllInjection. It adds the following features: * Now supports loading exe files in memory * Supports reflective dll injection into a remote process * Additional sample Visual Studio solutions
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-29 02:04:51 +0000