From 3938b06cb93f5f09ea982f98af2d6497613dc34d Mon Sep 17 00:00:00 2001
From: Kyle Fleming <radman404@users.noreply.github.com>
Date: Wed, 23 Aug 2023 11:10:47 +0100
Subject: [PATCH] Update DllNotificationInjection.cpp

allocate trampoline size inluded when allocating memory
---
 DllNotificationInjection/DllNotificationInjection.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/DllNotificationInjection/DllNotificationInjection.cpp b/DllNotificationInjection/DllNotificationInjection.cpp
index a28ce2c..1b7b37d 100644
--- a/DllNotificationInjection/DllNotificationInjection.cpp
+++ b/DllNotificationInjection/DllNotificationInjection.cpp
@@ -154,7 +154,7 @@ int main()
     PrintDllNotificationList(hProc, headAddress);
 
     // Allocate memory for our trampoline + restore prologue + shellcode in the remote process
-    LPVOID trampolineEx = VirtualAllocEx(hProc, 0, sizeof(restore) + sizeof(shellcode), MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
+    LPVOID trampolineEx = VirtualAllocEx(hProc, 0, sizeof(trampoline) + sizeof(restore) + sizeof(shellcode), MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
     printf("[+] Allocated memory for restore trampoline + prologue + shellcode in remote process\n");
     printf("[+] Trampoline address in remote process: 0x%p\n", trampolineEx);
 
@@ -244,4 +244,4 @@ int main()
     // Print the remote Dll Notification List
     PrintDllNotificationList(hProc, headAddress);
 
-}
\ No newline at end of file
+}