-
Compile it natively or not: x86_64-w64-mingw32-gcc searchedName.cpp --shared -o searchedName.dll Restart the service / application somehow and check if there is a new admin2 alive. Reflective DLL Injection See https://github.com/stephenfewer/ReflectiveDLLInjection
-
PE Portable Executung or DLL Dynamic Linking Libraries can be edited to remove or add capabilities or own code. Read and modify a PE file The following Python3 script reads a file, prints out a header, modified it to remove ASLR and write a new file without this flag. f = pefile.PE('filename.exe') print(hex(f.OPTIONAL_HEADER.DllCharacteristics)) // print as hex to…