Taking Control, Functions to DLL Injection
11 Pages Posted: 17 Apr 2018
Date Written: March 31, 2007
This article is going to follow from previous articles as well as going into some of the fundamentals that you will need in order to understand the code exploitation process. In this article, we look at one of the primary infection steps used to compromise a Windows host, DLL injection.
DLL injection is one of the most common methods used by malware such as a rootkit to load it into the host’s privileged processes. Once injected, code can be inserted into functions being transmitted between the compromised code and a library function. This step is frequently followed with API hooking where the malicious code is used to vary the library function calls and returns.
This article is part of a monthly series designed to take the reader from a novice to being able to create and deploy their own shellcode and exploits.
Suggested Citation: Suggested Citation