" Since 2004, Enigma Group has been providing its members a legal and safe security resource where they can develop their pen-testing skills on various challenges provided by this site. These challenges teach members the many types of exploits that are found in today's code; thus, helping them to become better programmers in the mean time. By knowing your enemy, you can defeat your enemy. "

September 07, 2010, 09:16:36 am *
Welcome, Guest. Please login or register.

Login with username, password and session length


<-- Please vote for us on the Progenic TopList!

Has this site helped you? Then help us with your support.
News: Download your copy of The Enigma Group Manual, intended for new members, as an introduction to this site.
 
Enigma Information
Main Index
EG Manual
Disclaimer
Legal Information
Hall of Fame
Hall of Shame
Member Rankings
Members List
Meet the Staff

Training Missions
Read Me First New
Basic Skills
Realistic Scenarios
Cryptography
Software Cracking
Linux ELF Binary Cracking
Logical Thinking
Programming
Captcha Cracking New
Patching
Steganography
Deface This Wall
/dev/null
/dev/urandom
/dev/extra New

Knowledge Bank
Discussion Forums
Enigma Chat New
RSS Feeds
Articles / Tutorials
Videos
Online EG MP3 Player
Enigma Zine
Downloads
Tools

Code Resources
Submit Code
Ajax
ASM
Bash
C
CPP
Csharp
Delphi
Haskell
Java
Javascript
Jython
Lisp
mIRC
MySQL
Perl
PHP
Python
QBASIC
VisualBasic

The Urinal

Click Here To Vote For EG!

hakipedia

Has Enigma Group Helped You? Then Help Us By Advertising For Us. Place One Of The Following Images On Your Site.

enigma group

enigma group

enigma group

enigma group
Pages: [1]
« previous next »
  Print  
Author Topic: Malicious DLLs.  (Read 112 times)
0 Members and 1 Guest are viewing this topic.
Vap0r
Newbie
*
Offline Offline

Posts: 43
Rep: 0
on: July 27, 2010, 06:41:33 am �
How would I craft a malicious dll? I tried in Visual Studio 2010 using C#, but it kept giving me an error on some basic stuff. Does anybody have a short, detailed guide? Or does it look like I'm gonna have to learn how to write .dll files first, then malicious ones later? What normally does a malicious .dll do? Just deliver a payload? Or does it normally do all the work, it seems to me the functionality of the code in a dll is limited. Thanks for your time, Vap0r.
Logged
blink_212
Developer
Veteran
*****
Online Online

Posts: 1027
Rep: 49
Reply #1 on: July 27, 2010, 07:37:09 am �
By malicious dlls, I assume you mean dll injection? Throw that into google and it comes up with a few tutorials.

blink
Logged
I dont post.



Quote from: amiyabsb on March 27, 2010, 07:02:35 am
can anybody help me taking over the site in someother way... plz or else i loose my contract am a pen tester...

experts suggestions are needed..........
Vap0r
Newbie
*
Offline Offline

Posts: 43
Rep: 0
Reply #2 on: July 28, 2010, 10:14:01 am �
Hmmm. This appears to be exactly what I wanted, thanks blink, I was having trouble with the term "malicious dll" turning up tons of past security reports and vulnerabilities.

In case you're wondering, (you're probably not), I plan to try this out as a PoC, I know it's been done, but I still want to try it. http://www.kb.cert.org/vuls/id/940193
Logged
Raze
Newbie
*
Offline Offline

Posts: 24
Rep: 4
Reply #3 on: July 29, 2010, 08:02:55 am �
C# doesn't generate native DLLs that can be used in such an exploit. You'll need to go with C/C++, Delphi, or ASM (or something else like D). You might want to look into managed C++ which let's you do bad stuff like normal C++ with all the fun of .net (won't work if they don't have .net though). The most you could do with C# is make a comvisible dll and use that for something.
Logged
If you're on my dick then I hope you hurt your knees
Psiber_Syn
EnigmaClusive
Sr. Member
*****
Online Online

Posts: 443
Rep: 42


⎝⏠⏝⏠⎠
Reply #4 on: July 29, 2010, 08:50:57 am �
This sounds like a fun project be sure to post us any code you come up with and id really like to see that POC you were speaking of when it gets done :-)
Logged
_-Psiber_Syn-_
<aVoid`IT>  slaps Psiber_Syn around a bit with a large trout
<aVoid`IT>  consider yourself rewarded
=-=   aVoid`IT was booted from #enigmagroup by YOU (Psiber_Syn) Pwned
<Ultraminor^> I exploited your mother
       <Ultraminor^> 's server
Vap0r
Newbie
*
Offline Offline

Posts: 43
Rep: 0
Reply #5 on: July 30, 2010, 11:13:19 pm �
Quote from: Raze on July 29, 2010, 08:02:55 am
C# doesn't generate native DLLs that can be used in such an exploit. You'll need to go with C/C++, Delphi, or ASM (or something else like D). You might want to look into managed C++ which let's you do bad stuff like normal C++ with all the fun of .net (won't work if they don't have .net though). The most you could do with C# is make a comvisible dll and use that for something.

And I found this out, unfortunately, a few details are left out so people without knowledge of the windows shell dll and how exactly link icons are handled are left in the dark. I'm gonna work a bit more on this, and hopefully find something that will work.
Logged
Pages: [1]
  Print  
« previous next »
 
Jump to:  

Back To Top