so i'm currently creating a dll injector which is x64 and able to inject into a x86 or x64 process. one part of manual mapping is fixing the import address table, which can be done by calling 'GetProcAddress', which returns the function of a certain library. so here is my problem, since i'm compiling in x64 'GetProcAddress' is always returning the x64 function, eventhough i need the x86 functions if i inject into a x86 application. is there any way i can call the x86 function in my x64 program? perhaps a direct syscall or anything like that?
Asked
Active
Viewed 387 times
1
-
2You can't mix x86 and x64 code in the same process. – Mark Ransom Apr 27 '18 at 21:23
-
1And you can't inject an x64 DLL into an x86 process, and vice versa. – Remy Lebeau Apr 27 '18 at 23:06
-
He said the injector is x64, not the injected DLL. Try making sense of the question under the assumption the poster is correct, instead of automatically assuming the opposite. Writing 32-bit addresses into a 32-bit DLL prior to injecting it is perfectly consistent. – Ben Voigt Apr 28 '18 at 04:01
1 Answers
1
Try this:
Spin up a 32 bit process and use its GetProcAddress then IPC (over COM?) to the 64 bit process.
Its an extra process, but its going to work!
Mikhail
- 7,749
- 11
- 62
- 136