Meow's CyberAttack - Application/Server Attacks - Injection - DLL injection

• Meow’s CyberAttack - Application/Server Attacks - Injection - DLL injection
  • DLL injection

book: S+ 7th ch9

---

Meow’s CyberAttack - Application/Server Attacks - Injection - DLL injection

---

DLL injection

DLL

• a compiled set of code that an application can use without recreating the code.

• Windows programs frequently make use of dynamic linked libraries (DLLs) that are loaded into the memory space of the application.

• Applications commonly use a Dynamic Link Library (DLL) or multiple DLLs.

• Example:

  • most programming languages include math-based DLLs.

  • Instead of writing the code to discover the square root of a number, a developer can include the appropriate DLL and access the square root function within it.

DLL injection:

• the malware tries to inject code into the memory process space of a library .

• injects a DLL into a system’s memory and causes it to run.

  • to compromise the program calling the DLL.

  • a rather sophisticated attack.

Example:

• attacker creates a DLL malware.dll, includes several malicious functions.

  • the attacker attaches to a running process,

  • allocates memory within the running process,

  • connects the malicious DLL within the allocated memory, executes functions within the DLL.