Code and DLL injection refer to a method for attackers to manipulate programs and processes to execute another program. DLL injection provides a manner for attributing the malicious .dll to running processes. Processes are tasks that are being handled by the operating system.
There are two kinds of injection:
Static injection - Static injection occurs prior to program execution.
Dynamic injection- Dynamic injection occurs when processes are loaded into memory.
HOW TO DO A STATIC DLL INJECTION
A file is altered, by ‘injecting’ a jump at the beginning of the filespace. This jump directs to arbitrary code written by an attacker into available space of the filespace of a program.
TOOLS WE USE
Sysinternal’s Process Explorer(PE)
OllyDbg
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment