Skip to content
/ wow64helper Public

A remote 64bit application proc call helper for Wow64(win32 on win64) application.

10 stars 11 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

simdsoft/wow64helper

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
del-tmp.bat
del-tmp.bat
 
 
wow64helper.cpp
wow64helper.cpp
 
 
wow64helper.sln
wow64helper.sln
 
 
wow64helper.vcxproj
wow64helper.vcxproj
 
 
wow64helper.vcxproj.filters
wow64helper.vcxproj.filters
 
 

Repository files navigation

wow64helper

Usage:

wow64helper.exe Option PID OSModuleName ModuleProcName paramsTypes [parameters]...

Option:

  • 0: CreateRemoteThread,
  • 1: RtlCreateUserThread + RtlExitUserThread

paramsTypes:

  • uptr --> uintptr_t or nullptr
  • s --> string, could be placeholder for PHANDLE such as 0000 for 32bit, 00000000 for 64bit
  • ws --> wstring
  • us --> UNICODE_STRING

examples:

  • option=0: 0 13220 kernel.dll LoadLibraryW ws D:\dummy.dll
  • option=1
    • x64: 1 13220 ntdll.dll LdrLoadDll uptr;uptr;us;s 0 0 D:\dummy.dll 00000000
    • x86: 1 13220 ntdll.dll LdrLoadDll uptr;uptr;us;s 0 0 D:\dummy.dll 0000

About

A remote 64bit application proc call helper for Wow64(win32 on win64) application.

Resources

Readme
Activity
Custom properties

Stars

10 stars

Watchers

4 watching

Forks

11 forks
Report repository

Releases 1

v0.0.1 Latest
Aug 7, 2020

Packages

 
 
 

Languages