Metasploit mailing list archives

DLL Process Injection

From: hdm at metasploit.com (H D Moore)
Date: Fri, 14 Sep 2007 12:53:47 -0500

These are two different things. To use the MSN exploit, you need to force 
MSN to load this exploit DLL into memory. This is normally done by a 
sequence of open process, alloc mem, start thread, loadlibrary calls to 
the target process. The metasploit DLL injection payloads work by 
exploiting a target process and then loading a DLL into memory. In this 
case, you want to load a DLL on the attacking side, to exploit a 
different host.

On Friday 14 September 2007 12:23, Danux wrote:

They say i need to: "inject the dll to msn messenger .... process.

I know metasploit already works that way but i would like to learn how
to do it manually.

I have no skill about DLL programming nor injection, do you have a
tutorial or something like that to understand it?

Current thread:

DLL Process Injection Danux (Sep 14)
- DLL Process Injection H D Moore (Sep 14)
- DLL Process Injection Pusscat (Sep 14)
  - DLL Process Injection Danux (Sep 14)
- <Possible follow-ups>
- DLL Process Injection Michael Brandt asmael () att net (Sep 14)
- Fwd: Re: DLL Process Injection H D Moore (Sep 14)