Over the year several mechanisms were developed by vendors to prevent code injection. A common mechanism is to detect invalid start address of the injected thread. Here, as an example we are going to see how to bypass Firefox protections and Get-InjectedThread detection mechanism.
Prerequisites: This document requires some knowledge about Windows system programming. Also, it is mandatory to be familiar with concepts presented in Code injection series part 1.
License : Copyright Emeric Nasi (@EmericNasi), some rights reserved
This work is licensed under a Creative Commons Attribution 4.0 International License.
I Introduction
Over the year several mechanisms were developed by vendors to prevent code injection. A common mechanism is to detect invalid start address of the injected thread. Here, as an example we are going to see how to bypass Firefox protections and Get-InjectedThread detection mechanism.
If you wish to read more about this, the document can be downloaded in a PDF format