Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up

Patching AmsiOpenSession by forcing an error branching.

NotificationsYou must be signed in to change notification settings

Gurpreet06/AMSI_Patcher

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 

Repository files navigation

Thanks to @D1rkMtr for the technique of usingjne from amsi!AmsiOpenSession. I have used his AMSI patch code template and added other methods. This script skips entering amsi!AmsiOpenSession+0x4c viaret, by directly pastingc3 at the beginning of the amsi!AmsiOpenSession. As a result, we end up directly at amsi!AmsiCloseSession.

Methods Added

  • The script checks whetherNtProtectVirtualMemory andNtAllocateVirtualMemory are hooked by any security vendor or not.

Proof

image

About

Patching AmsiOpenSession by forcing an error branching.

Topics

Resources

Stars

Watchers

Forks

Languages

[8]ページ先頭
©2009-2025 Movatter.jp