I'm trying to do a little IAT hooking in explorer.exe. Specs: Windows 7 x64, Visual C++. I've made it to a point where I am capable of reading thunk data from any executable of my choosing except for C:\Windows\Explorer.exe. When I run my program against that I receive an access violation in reading memory from that executable. However, when I run this against C:\Windows\system32\Explorer.exe and C:\Windows\sysWOW64\Explorer.exe I don't have any problems. Why is this? Is C:\Windows\Explorer.exe some sort of symbolic link to one of the other explorer.exe's? What could be keeping me from reading this file?
Reading Explorer.exe's Thunk Data
755 Views Asked by user850275 At
1
There are 1 best solutions below
Related Questions in 64-BIT
- GDI - Why the printing StartPage() function works in 32 bit but raises an exception in 64 bit?
- GNU AS ASM to bytecode dump
- How do I use .lib to compile and link in c++ builder 11.3 windows 64bits platform?
- Windows 64-bit: Do overlapped MMF windows mean more RAM consumption (doubling the RAM where the file views overlap)?
- Invoke jar from C++ using JNI
- SQLBindCol for long integer value on 64Bit platform?
- Assembly segmentation fault in example code
- PowerShell switch block and values coded in 64 bits
- How can I get a 32-bit output with Python on a 64-bit system?
- Recompiled APK throws error "This release is not compliant with the Google Play 64-bit requirement"
- Porting code that wraps ODBC API to 64 bit questions
- ilink64 Error Fatal: Unable to open file 'VCL.VIRTUALIMAGELIST.O'
- Open and write file in nasm for Windows 64bit
- C display tansparent text on any background
- Problem with quicksort function on arrays of 64 bits integers in C
Related Questions in HOOK
- How to modify HTML in WordPress core file
- I want to use toilet to modify hook_function
- Is there a way to add a pre-hook in R?
- Vite / Rollup Static Asset Copy Hook
- Mouse hook with non-English language results in extremely laggy mouse
- Retrieve Extra parameters from Airflow Connection
- In Wordpress, I want to filter the content when a page is updated or created
- Is it possible to hook a non-configurable property like window.location.hostname, in JavaScript?
- Is there a WordPress hook that fires before post.php, from which I can get the post ID?
- Woocommerce - Hide other shipping methods if free shipping is available not working properly
- Woocommerce 8.6.1 checkout form hooks not fired
- Storing Individual Quiz Answers in LearnPress Plugin - WordPress
- runing a feature with after hooks in cucumber
- Modify redis.Cmder content in hook
- IAT hook is not working with notepad.exe on Windows
Related Questions in WINDOWS-EXPLORER
- Windows 11 - How to modify the title of a group of items in the Windows Explorer context menu?
- How to edit windows file details?
- Can't use my phone as a folder path in windows
- ZIP file with Unicode file names fails to unzip on MIUI phone
- Create ICO file with transparent background which looks error-free in explorer preview
- Using kube-prometheus-stack how to find metrics in other namespaces?
- What is the difference between CMF_NODEFAULT and CMF_DONOTPICKDEFAULT?
- Preventing DLLHost Process Shutdown or Keeping Explorer Window Responsive during Long-Running IExplorerCommand::Invoke Operation in C++
- Hiding visible columns in Windows Explorer via IColumnManager of Windows Shell doesn't work
- Get the file path from portable device in windows
- Python: How to change directory to a path copied and pasted from Windows Explorer
- C# — How to collect a selection of files in the active window of Windows File Explorer?
- Disable Quick Access Folder Options using PowerShell
- Http2 WebDav support for windows explorer propfind not working
- Error [ERR_MODULE_NOT_FOUND]: Cannot find package 'cookie-es' | After Nuxt 3 build in Windows 10
Related Questions in THUNK
- fetching data in redux using Axios Get
- Thunk for clousure, React Native, Expo, IOS
- dispatch(fetchPosts()) give empty state
- Then works but await doesn't work with Promise from thunk action
- Return Promise response from Async Thunk
- Problem with redux-toolkit (createAsyncThunk) in react native expo app
- Please explain coding for "thunks."
- How does action creator which is a thunk receive a store's dispatch method?
- Wait for API fetch to complete before defining const in Redux
- useEffect / dispatch multiple network calls
- calling another function in another action
- SyntaxError: Unexpected token '<', "<!DOCTYPE "... is not valid JSON when Fetching Data
- Receiving 404 Error from Axios post request to MongoDB
- can you clarify the use of thunks in redux toolkit? a few specific questions
- How to retrieve data after successful redux dispatch inside a SignIn form component
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
On my Windows 7 x64 system
C:\windows\explorer.exeis a 64-bit binary,PE32+format, whereasc:\windows\syswow64\explorer.exeis a 32-bit binary,PE32format. Is your application designed to read bothPE32andPE32+formats?And when opening
C:\Windows\System32\Explorer.exefrom a 32-bit process that is a redirect to thec:\windows\syswow64\explorer.execopy. From a 64-bit processc:\windows\system32\explorer.exedoesn't exist.