DLL Injection Into All Processes - Part 5 - Coding Windows Driver: Creating Section - KnownDlls

Coding it in WinAPI/C++ using Visual Studio - Coding Windows Driver: Creating Section - KnownDlls Blog post: https://dennisbabkin.com/blog/?i=AAA10800 0:00 Intro 1:24 Fixing previous bug in the CSection::GetSection() function 3:44 Coding CSection::FreeSection() function 9:49 Adding DBG_VERBOSE_DRV preprocessor directive for verbose debugging output 13:51 Adding code to call CSection::FreeSection() function 17:10 Starting to code CSection::CreateKnownDllSection() function 20:27 Setting up to "steal" security descriptor from the existing KnownDll - kernel32.dll 21:22 Opening existing kernel32.dll section 30:58 Testing current build of the driver 34:14 Adding code to call CSection::GetSection() function 39:17 Testing again the current build of the driver 41:21 Going back to coding CSection::CreateKnownDllSection() function 42:20 Retrieving security descriptor from kernel32.dll section with ZwQuerySecurityObject 47:22 Description of the OBJ_PERMANENT section object 49:48 Differentiation of our Fake.dll section names for KnownDlls 57:22 Allocating memory for the security descriptor from the kernel32.dll section #kernel #driver #tutorial #cpp #win32