Get Help Now
    24/7 Support

    AtomBombing: Brand New Code Injection for Windows

    AtomBombing – a code injection technique that uses a table of atoms and Windows Asynchronous Procedure Call (APC).

    Implementation of the code was a powerful weapon in the hacker arsenal for many years.

    AtomBombing works in three main stages:
    1. Write-What-Where – Writing arbitrary data to arbitrary locations in the target process’s address space.
    2. Execution – Hijacking a thread of the target process to execute the code written in stage 1.
    3. Restoration – Cleaning up and restoring the execution of the thread hijacked in stage 2.

    A detailed description of each stage can be found here.

    The author opens the question of the study on the method of open, which will allow us to find creative ideas to solve the problem. As the saying goes: to be continued …



    DISCLAIMER: THIS POST IS FOR INFORMATIONAL PURPOSES ONLY AND IS NOT TO BE CONSIDERED LEGAL ADVICE ON ANY SUBJECT MATTER. DIGITAL FORENSICS CORP. IS NOT A LAWFIRM AND DOES NOT PROVIDE LEGAL ADVICE OR SERVICES. By viewing posts, the reader understands there is no attorney-client relationship, the post should not be used as a substitute for legal advice from a licensed professional attorney, and readers are urged to consult their own legal counsel on any specific legal questions concerning a specific situation.