Injecting a DLL as a Debugger

Previous page
Table of content
Next page
[Previous] [Next]

A debugger can perform special actions on a debuggee process. When a debuggee loads, the system automatically notifies the debugger when the debuggee's address space is ready but before the debuggee's primary thread executes any code. At this point, the debugger can force some code into the debuggee's address space (using WriteProcessMemory, for example) and then cause the debuggee's primary thread to execute that code.

This technique requires that you manipulate the debuggee thread's CONTEXT structure, which means that you must write CPU-specific code. You have to modify your source code to work correctly on different CPU platforms. In addition, you probably have to hand-code the machine language instructions that you want the debuggee to execute. Also, the relationship between a debugger and its debuggee is solid. If the debugger terminates, Windows automatically kills the debuggee. You cannot prevent this.


Previous page
Table of content
Next page
Programming Applications for Microsoft Windows
Programming Applications for Microsoft Windows (Microsoft Programming Series)
ISBN: 1572319968
EAN: 2147483647
Year: 1999
Pages: 193
Authors: Jeffrey Richter
BUY ON AMAZON
CompTIA Project+ Study Guide: Exam PK0-003
Beginning Cryptography with Java
Java for RPG Programmers, 2nd Edition
C++ GUI Programming with Qt 3
Java How to Program (6th Edition) (How to Program (Deitel))
Quantitative Methods in Project Management
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy