Author image

Code Injection

Code injection is a technique where you can insert code into a process and then reroute its execution to traverse through your injected custom code segment.

Working from a debugger eg. OllyDbg, we can search for “code caves”, ie. sequences of nop (or "DB 00" in Olly) instructions that are large enough to "fit" our custom code.

Alternatively we can also allocate more memory in the target process to store the code. This is what we will do in this case.

One of the best ways to inject code is via dlls, because they are meant to be loaded by multiple processes at runtime.

Compulsory ingredients:

  1. injector process - DLLInjector project - the process that will "inject" the code
  2. the process to inject - ProcessToInject project - the process...

Author image

DLL & Linking Tutorial

A DLL (.dll) or dynamic link library (or shared library for *nix connoisseurs - .so for Linux and .dylib for MAC) is a library containing code and data that can be used by multiple programs at the same time. Dlls reduce the size of the executable and the memory usage of the operating system in general, since all applications just need to refer to a single place in memory to use a function in the library (instead of each application having its own copy of it).

Dlls help with separating concerns and reasoning about your code. It also serves for separate compilation, if we change the dll then we need to compile only the dll; the application code remains unaffected and unaware of the change (in this context it resembles the PIMPL idiom). It's worth noting that dll's are a little slower compared to static libraries (which are included in the executable/process), but that speed...