codeproject
2873/tips-on-internationalization-of-software
430684/loading-win-dlls-manually-without-loadlibrary
3356/Internationalization-and-Multiple-Language-Support?msg=1114625#xx1114625xx
The Windows CRT exposes 5 symbols mainCRTStartup , wmainCRTStartup , wWinMainCRTStartup , _DllMainCRTStartup and WinMainCRTStartup
https://github.com/MicrosoftDocs/cpp-docs/blob/main/docs/atl/linking-to-the-crt-in-your-atl-project.md
https://learn.microsoft.com/zh-tw/cpp/build/reference/entry-entry-point-symbol?view=msvc-170
https://stackoverflow.com/questions/28005324/linking-to-crt-unresolved-external-symbol-winmaincrtstartup
https://reverseengineering.stackexchange.com/questions/16870/import-table-vs-import-address-table
https://learn.microsoft.com/zh-tw/windows/win32/debug/pe-format?redirectedfrom=MSDN
https://learn.microsoft.com/zh-tw/windows/win32/debug/pe-format?redirectedfrom=MSDN#import_directory_table
import address table (IAT)
entry point function
https://learn.microsoft.com/zh-tw/cpp/build/reference/entry-entry-point-symbol?view=msvc-170
https://learn.microsoft.com/zh-tw/windows/win32/dlls/dynamic-link-library-entry-point-function
http://in4k.untergrund.net/various%20web%20articles/Creating_Small_Win32_Executables_-_Fast_Builds.htm
https://github.com/Mattiwatti/WinMain-is-usually-a-function/blob/master/src/main-semireadable.cpp
https://www.ired.team/offensive-security/code-injection-process-injection/import-adress-table-iat-hooking
http://www.heaventools.com/PE_Explorer_exe-import-viewer.htm
The Import Address Table is now write-protected, and what that means for rogue patching - The Old New Thing
https://devblogs.microsoft.com/oldnewthing/20221006-07/?p=107257
https://www.codeguru.com/windows/injective-code-inside-an-import-table/
Injective Code inside Import Table - CodeProject
Export Table Import Table Resource Table Exception Table Certificate File Relocation Table Debug Data Architecture Data Global Ptr Thread Local Storage Table Load Config Table Bound Import Table Import Address Table Delay Import Descriptor COM+ Runtime Header Reserved
https://www.codeproject.com/Articles/14360/Injective-Code-inside-Import-Table
A dive into the PE file format - PE file structure - Part 5: PE Imports (Import Directory Table, ILT, IAT) - 0xRick’s Blog
Bound Import Data Directory Import Lookup Table (ILT) Hint/Name Table Import Address Table (IAT)
https://0xrick.github.io/win-internals/pe6/
https://chromium.googlesource.com/external/pefile/+/714882b7d254e2580fe93e2669d2f0e1463d4408/pefile.py
https://github.com/omriher/CapTipper/blob/master/pefile.py
https://f3real.github.io/iat_hooking.html
2024年1月29日 星期一
exe function importt table executable Import Address Table IAT Import Directory Table ILT IAT Windows Portable Executable PE format pefile Portable Executable profile
訂閱:
張貼留言 (Atom)
沒有留言:
張貼留言