I'm trying to do a little IAT hooking in explorer.exe. Specs: Windows 7 x64, Visual C++. I've made it to a point where I am capable of reading thunk data from any executable of my choosing except for C:\Windows\Explorer.exe. When I run my program against that I receive an access violation in reading memory from that executable. However, when I run this against C:\Windows\system32\Explorer.exe and C:\Windows\sysWOW64\Explorer.exe I don't have any problems. Why is this? Is C:\Windows\Explorer.exe some sort of symbolic link to one of the other explorer.exe's? What could be keeping me from reading this file?
Reading Explorer.exe's Thunk Data
755 Views Asked by user850275 At
1
There are 1 best solutions below
Related Questions in 64-BIT
- (x64 Nasm) Writeline function on Linux
- How to return a 16 bit value as 64 bit?
- iOS: app doesn't pass the upload for the architecture
- Can't open mkl_intel_s_dll.lib in 64bit Visual Studio environment
- Intel x64 instructions CMPSB/CMPSW/CMPSD/CMPSQ
- Zlib decompression method warning using ios 64bit Architecture
- Assembly x64: Using MULPD instruction with integer
- VirtualBox: VERR_VMX_MSR_VMXON_DISABLED
- 64bit bitmask and javascript
- Delphi xe2 Error compiling ASM code with x64 compiler. Unsupported language feature: 'ASM'
- Cordova 3.8.0 Build Causes Errors in Iphone Apps locking up at Splash Screen
- DirectX libs in x64 program
- Is there any reason to still use int as opposed to long on a 64 bit machine?
- In 64bit R, what should my memory.limit() be set to?
- NASM issue on OSX 64-bit
Related Questions in HOOK
- How to make Homeslider Banner work in custom hook location
- Customize Liferay search portlet
- Modify files and commit after Branch creation in GIT via Hook
- Removing a Wordpress action added from a Plugin and than adding a new action in place of that
- In WHMCS user can login with every wrong or right password
- To Hook Web Content Search Portlet
- Overriding class signature in java
- Sonata Admin: Prevent a persist for a specific condition
- Is it posible to hook redis before key expired
- Redis hooking (publish-subscribe) under stress tests - performance under load
- Are static members in XPosed hook classes shared between processes?
- Log-in Portlet Hook
- Apache Subversion pre-commit to restrict files
- Mercurial list files from changegroup
- Taking Screeshot of extern Window which have an OpenGL ES Window inside
Related Questions in WINDOWS-EXPLORER
- How to open a Windows Explorer in a user-created library?
- Why does it take too long for my shortcut to run my process?
- encoding filenames in zip archive to correct displaying in windows explorer
- directory created by GitBash doesn't appear in Windows explorer
- Way to represent unknown file size in FTP LIST?
- Windows Explorer Icon Cache is broken. How to solve it?
- Tomcat not logging until file is "touched"
- What should I use to open windows explorer in different positions?
- Break a folder with many files to multiple subfolders (Windows 10)
- Open a folder under Program Files in Windows Explorer using C#
- Return first six characters of a binary file
- Can I obtain information about the windows explorer tree (left pane)?
- Edit Windows Context Menu in the C#
- Use OverlayIdentifiers icons in namespace extension
- In python is there a way to use the windows explorer to create a file path which can then be returned as a string?
Related Questions in THUNK
- JavaScript correct usage of a thunk function (with variables)
- More succinct delayed evaluation than function(){return x}?
- Test an asynchronous action with thunk and jest
- How can i get the new state from the mapped props after dispatching an action
- Axios interceptors for refreshing token
- Thunk for clousure, React Native, Expo, IOS
- fetching data in redux using Axios Get
- Calling an action within another one in Redux using TypeScript
- How to get updated state from Redux store using redux-toolkit after component has already rendered?
- Actions must be plain objects. Use custom middleware for async actions error eventhough useing thunk as middleWare
- Jest: How to mock redux-thunk api response?
- Getting some kind of error in react redux with typescript while trying to dispatch a thunk action in a component
- Can a getter return a thunk or value depending on the type call call (virt. property or function)?
- Loading state before display new content
- What is the purpose of thunkToPromise in the co coroutine lib?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
On my Windows 7 x64 system
C:\windows\explorer.exeis a 64-bit binary,PE32+format, whereasc:\windows\syswow64\explorer.exeis a 32-bit binary,PE32format. Is your application designed to read bothPE32andPE32+formats?And when opening
C:\Windows\System32\Explorer.exefrom a 32-bit process that is a redirect to thec:\windows\syswow64\explorer.execopy. From a 64-bit processc:\windows\system32\explorer.exedoesn't exist.