Today I suggest this short but intensive ( :D ) reading. It's a simple tutorial for thread injection in x86 systems. I believe it is useful for everybody likes thread hijacking . It shortly describes 7 simple steps to attack a generic running process by showing code examples to make the reading even faster.
Here the seven main steps:
- Detect the target process
- Identify the main thread
- Suspend the main thread
- Obtain the thread content
- Create the "code-cave" (the code to be injected)
- Spoof the %IP and hijacking control flow
- Resume the thread, continue execution and free the memory
