Blog

Friday 31 October 2008 - [New Paper] Reflective Dll Injection

Just released a new paper about Reflective Dll Injection.

Abstract:

Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process. As such the library is responsible for loading itself by implementing a minimal Portable Executable (PE) file loader.

You can download the paper here:
http://www.harmonysecurity.com/files/HS-P005_ReflectiveDllInjection.pdf

And the PoC code here:
http://www.harmonysecurity.com/files/ReflectiveDllInjection_v1.0.zip

Support for Reflective DLL Injection has also been added to Metasploit in the form of a payload stage and a modified VNC DLL.
http://www.metasploit.com/

Labels: , , ,

 

0 Comments:

Post a Comment