lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-Id: <200810311754.m9VHsFmj005527@www5.securityfocus.com>
Date: Fri, 31 Oct 2008 11:54:15 -0600
From: stephen_fewer@...monysecurity.com
To: bugtraq@...urityfocus.com
Subject: [Paper] Reflective Dll Injection

Hello, Just released a short paper on Reflective Dll Injection.

Abstract: Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process. As such the library is responsible for loading itself by implementing a minimal Portable Executable (PE) loader.

You can download the paper here:
http://www.harmonysecurity.com/files/HS-P005_ReflectiveDllInjection.pdf

And the PoC code here:
http://www.harmonysecurity.com/files/ReflectiveDllInjection_v1.0.zip

Support for Reflective DLL Injection has been added to Metasploit in the form of a payload stage and a modified VNC DLL (both are currently in the development tree).

Cheers

Stephen Fewer

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ