Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Block Multiple DLLs ? #8

Open
MukundaK opened this issue Apr 5, 2021 · 1 comment
Open

Block Multiple DLLs ? #8

MukundaK opened this issue Apr 5, 2021 · 1 comment

Comments

@MukundaK
Copy link

MukundaK commented Apr 5, 2021
edited
Loading

Is it possible to block multiple dlls ? cmd and powershell crash when given multiple dll names.

for example,
.\sharpblock.exe -n "dll1.dll" -n "dll2.dll" --disable-bypass-amsi -e "c:\windows\system32\windowspowershell\v1.0\powershell.exe" --disable-bypass-etw --disable-header-patch -w

image
@CCob
Copy link
Owner

CCob commented Apr 10, 2021

That's going to be tough. There are only 4 hardware breakpoints you have to play with and I'm using up all of them for different purposes. DLL entry point patch, AMSI bypass, ETW bypass and command line patch I believe. There is a potential for using software BP's for DLL blocking but not on my radar right now as I don't have the time.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@CCob @MukundaK