can I do the following in LSS:
-> inject a DLL with
BOOL InjectDll( const CHAR * pcPath, BOOL bAutoUninject)
-> get the address of a function with GetRemoteFuncAddress
-> inject code into a code cave that *calls* the function I just got the
address for ?
For example, could I inject an ecrypting library (DLL) into the ping.exe process, have it grab the function address of a simple xor function, auto breakpoint on the ICMP echo API, run my custom breakpoint execute LSS that creates a codecave, inject code to call the XOR routine and encrypt some stuff into the 'notyetsendpacket' and finally return to the original ICMP send api call ?
In the help file, there is a bit on how to execute code from an injected DLL, but I cant find any help on how to do this from in an LSS script.
A shove into the right direction would be nice.. (or if it's not possible for some reason, that would be nice to know too).