![]() MsgBox, 0x40040, %A_ScriptName%, No Injection Detected MsgBox, 0x40030, %A_ScriptName%, Code Injection In PRBF2 Detected If InStr(list, "api-ms-win-core") || InStr(list, "api-ms-win-crt") Try ListFromArray(list,GetProcessModules(PID)) Return MODULES, DllCall("CloseHandle", "ptr", hProcess) Throw Exception("GetModuleFileNameEx failed", -1) If !(DllCall("psapi\GetModuleFileNameEx", "ptr", hProcess, "ptr", NumGet(hModule, (A_Index - 1) * A_PtrSize, "ptr"), "ptr", &buf, "uint", size)) If !(DllCall("psapi\EnumProcessModulesEx", "ptr", hProcess, "ptr", &hModule, "uint", cb, "uint*", size, "uint", 0x03)) ![]() ![]() Throw Exception("EnumProcessModulesEx failed", -1) If !(DllCall("psapi\EnumProcessModulesEx", "ptr", hProcess, "ptr", 0, "uint", 0, "uint*", size, "uint", 0x03)) Throw Exception("OpenProcess failed", -1)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |