Code Injection - Disable Dynamic Code Mitigation (ACG)
Code injection series part 4
1 December 2019 22:00 0 messages
Prerequisites: This document requires some knowledge about Windows system programming. Also, it is mandatory to be familiar with concepts presented in Code injection series part 1 and 2.
License : Copyright Emeric Nasi (@EmericNasi), some rights reserved
This work is licensed under a Creative Commons Attribution 4.0 International License.
I Introduction
In this post I am going to show how to bypass Binary Signature Mitigation Policy (CIG) and disable Dynamic Code Mitigation Policy (ACG) implemented in Windows 10 to protect some process. Without these bypasses it is not possible to inject code and deploy hooks into Microsoft Edge.
If you wish to read more about this, the document can be downloaded in a PDF format
Also in this section
2 September 2020 – Code Injection - Weaponize GhostWriting Injection
1 December 2019 – Code Injection - Exploit WNF callback
5 September 2019 – Code Injection - Bypass start address protection
1 September 2019 – Code Injection - Process PE Injection Basics