[Offtopic] Is it possible to get the state of the registers from another application context?

Mar 3, 2017
25
0
1
#1
Of course, when my app runs, it won't have the same context of the other one, unless I didn't want an app but some sort of code injection in the hacked app. What I want to know is, is there a way to obtain the other app's context data, specially the content of its register via another app? That would of course be a MAJOR security flaw, but considering the user wants this to happen, and they would turn some security stuff off somehow (since I am the user and I want to hack another app), is it possible to do it? For clarity, I'm talking about windows 10, 64 architecture, but the app I want to hack runs on x86.
 

Eric

Administrator
Administrator
Mar 2, 2017
40
2
8
#2
openthread
suspendthread
getthreadcontext
resumethread
closehandle
 
Mar 3, 2017
25
0
1
#3
Eric post_id=293 time=1488574399 user_id=59 said:
openthread
suspendthread
getthreadcontext
resumethread
closehandle
Thank you very much for the answer!

I'm sorry. I'm not very much experienced. I'm trying my best to keep up with you guys, but it's not easy. Let me see if I understand you:

openthread I open the Process I want to hack into from inside mine, as a thread? Can I do this do a running process?
suspendthread I suspend the hacked process' thread, thus saving its context. Two questions: What if the process is separate from mine, as I mentioned above, and what if it is multithreaded. For the multhreaded case, is there a risk of me suspending the wrong thread?

the other 3 steps (specially the last one) lead me strongly to believe that, in the case you're imagining, I start the process from inside mine. Is that the only way it can be done. Can I do that by literally hacking into an independent process context, who's not programmed to share anything with my process?
 

Eric

Administrator
Administrator
Mar 2, 2017
40
2
8
#4
OpenThread works on threads your process hasn't opened as well. Just give it the processID, and be an administrator
it returns a handle you can use with the other 4 api's
 
Mar 3, 2017
25
0
1
#5
This is awesome, thank you! There's no upvote thingy. You really gave me hope.
 
Top Bottom