Archive

Archive for the ‘NoCode’ Category

Debugging Injected DLLs

May 10th, 2015 No comments

A quick post on how to debug injected DLLs through Visual Studio. This is rather straightforward, but it seems like a fair amount of people are unaware that this can be done. It might possibly because programs typically don’t have DLLs injected to them at runtime, so perhaps people think that debugging them can’t be done in a straightforward way. Fortunately, if you attach to the target process beforehand and inject a DLL, the Visual Studio debugger will detect the loaded DLL and allow for an ordinary debugging experience. The steps are rather simple:

1. Choose to attach to a process through the “Debug” menu in Visual Studio.

dbg1

2. Select the target process from the list and attach.

dbg2

3. Attach to the process and verify that breakpoints can get hit.

dbg3And that’s all there is to it. All of the useful features of the Visual Studio debugger are now available for debugging the injected DLLs.

Everything up on Github

April 16th, 2015 No comments

I’ve finally and painstakingly moved all of the code relating to my previous blogs posts to GitHub. The descriptions in the repositories are not very descriptive (that’s what the actual blog posts are for!), but now the code is available to look at without needing to download and unzip archives. The GitHub site is https://github.com/codereversing/. Going through this also allowed me to see how my programming style (indent, variable/function naming) has evolved. I definitely prefer the more .NET type of style

if(someVariable == 10)
{
    f();
}
else
{
    g();
}

to the more space conscious, but harder to read, K&R C style

if(some_variable == 10) {
    f();
} else {
    g();
}

All future code will be posted on GitHub now instead of zipped and linked through the blog post.

Categories: NoCode Tags: