Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A dll injection method and system under windows platform

A platform and target process technology, applied in the field of data security, can solve the problems of few restricted conditions, high success rate, and inability to inject, and achieve the effect of less restricted conditions, high success rate, and high stability

Active Publication Date: 2021-01-15
广州锦行网络科技有限公司
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Aiming at the problems existing in the above-mentioned prior art, the present invention discloses a dll injection method and system under the Windows platform. The present invention utilizes sending a breakpoint event to the target program, modifying the breakpoint return address, and jumping to the shellcode to complete the dll injection , which solves the problem in the prior art that the dll cannot be injected into the running process, has a high success rate, and has few restricted conditions

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A dll injection method and system under windows platform
  • A dll injection method and system under windows platform

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0046] Such as figure 1 As shown, the present invention provides a dll injection method under the Windows platform, comprising the following steps:

[0047] S01. prepare injection procedure;

[0048] S02. Elevate the operator's own authority to obtain SeDebugPrivilege authority;

[0049] S03. Send a breakpoint event to the target process;

[0050] S04. The target process responds to the breakpoint event;

[0051] S05. The target process runs to the breakpoint, the program pauses, saves the return address of the stack, and modifies it to the address of the injected program;

[0052] S06. Correct the code of the injection program so that it returns to the original return address after execution;

[0053] S07. The target process continues to run and returns to the injection program part, and the injection program runs to complete the dll injection;

[0054] S08. The target process jumps to the saved return address to continue running.

[0055] Further, the operation steps o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a dll injection method and system under a Windows platform. The dll injection method comprises the following steps: S01, preparing an injection program; S02, improving the authority of the operator; S03, sending a breakpoint event to a target process; S04, enabling the target process to respond to the breakpoint event; S05, running the target process to the breakpoint, suspending the program, storing the return address of the stack, and modifying the return address into the address of the injection program; S06, correcting the code of the injection program, and returning the code to the original return address after the code is executed; S07, enabling the target program continues to run and returning to the injection program part, and completing dll injection afterthe injection program runs; S08, enabling the target program to skip to the stored return address to continue to run, by sending the breakpoint event to the target program, modifying the breakpoint return address and skipping to the shellcode to complete dll injection. Therefore, the problem that in the prior art, dll injection cannot be conducted on the running process is solved, the success rate is high, and limited conditions are few.

Description

technical field [0001] The invention relates to the technical field of data security, in particular to a dll injection method and system under the Windows platform. Background technique [0002] DLL is the abbreviation of Dynamic Link Library, which means dynamic link library. In Windows, many applications are not a complete executable file, they are divided into some relatively independent dynamic link libraries, that is, DLL files, which are placed in the system. When we execute a certain program, the corresponding DLL file will be called, and an application program can have multiple DLL files. In the Windows operating system, each running process lives in its own program space. In theory, each process running on the operating system does not interfere with each other, that is, each process will have an independent program space. DLL injection is to put a DLL into the address space of a certain process, make it a part of that process, and let the target process load its ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F9/445G06F21/56
CPCG06F9/44521G06F21/566
Inventor 张振林
Owner 广州锦行网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com