- A+
RemoteDLL是老外开发的一款DLL注入、卸载工具,它已经在许多顶级程序中使用,如pwdump等,许多间谍软件都使用这种技术隐藏自己的进程,其中包含注入到正常的windows进程中,你可以使用该工具轻松注入进程,并且可以帮助删除恶意的DLL。它支持下面的DLL注入方法:
1:CreateRemoteThread
2:NtCreateThread [Good for DLL Injection across sessions on Vista/Windows 7]
3:QueueUseAPC [Delayed Injection]
作者称从V1升级到V2版本花了五年时间,新版本支持了win8系统。
V2版本更新内容:
1:Inject DLL into Remote Process even across Session boundaries
2:Remove DLL from Remote Process completely.
3:Supports multiple Injection methods including CreateRemoteThread, NTCreateThread, QueueUserAPC
Works with ASLR (Address Space Layout Randomization) by dynamically calculating addresses.
4:Advanced Process List with detailed process information like PID, Session, ASLR, DEP, Username etc.
5:Fully Portable. Also comes with Installer for local installation/un-installation.
6:Works on all Windows systems starting from Windows 2K to Windows 8
目前该版本不支持64位系统,作者正在开发,本站会进一步更新内容。
- 我的微信
- 这是我的微信扫一扫
- 我的微信公众号
- 我的微信公众号扫一扫