ReflectiveDllInjection_v1.0
所属分类:系统编程
开发工具:Visual C++
文件大小:164KB
下载次数:20
上传日期:2012-05-15 16:48:18
上 传 者:
wuyingjxwl
说明: 在Windows平台上,本地和远程库注射技术
多年来一直存在。作为开采技术的远程库注入
在2004年推出Skape和JT[1]。他们的技术采用的shellcode修补主机进程NTDLL在运行时库,并迫使Windows加载本地加载动态链接库DLL)从内存中的镜象。这种技术的叫做反射DLL注入。
(Under the Windows platform, library injection techniques both local and remote have
been around for many years. Remote library injection as an exploitation technique was
introduced in 2004 by Skape and JT[1]. Their technique employs shellcode to patch the
host processes ntdll library at run time and forces the native Windows loader to load a
Dynamic Link Library (DLL) image from memory. As an alternative to this technique I
present Reflective DLL Injection.)
文件列表:
ReflectiveDllInjection\HS-P005_ReflectiveDllInjection.pdf (165921, 2008-10-31)
ReflectiveDllInjection\source (0, 2008-10-31)
ReflectiveDllInjection\source\ReflectiveDll.c (827, 2008-10-15)
ReflectiveDllInjection\source\ReflectiveLoader.c (15054, 2008-10-15)
ReflectiveDllInjection\source\ReflectiveLoader.h (7269, 2008-10-15)
ReflectiveDllInjection\workspace (0, 2008-10-31)
ReflectiveDllInjection\workspace\ReflectiveDll.sln (900, 2008-10-15)
ReflectiveDllInjection\workspace\ReflectiveDll.vcproj (4332, 2008-10-31)
ReflectiveDllInjection (0, 2008-10-31)
This is an empty Reflective Dll project* for building you own Dll's for use with testing Reflective Dll Injection.
The ReflectiveLoader is located in the file ./source/ReflectiveLoader.c
You implement your functionality in the Init function which is located in the file ./source/ReflectiveDll.c
* Download Microsoft Visual C++ 2008 Express Edition here: http://www.microsoft.com/express/vc/
近期下载者:
相关文件:
收藏者: