Skip to main content
Information Security

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

3
  • Well, you don't exactly exploit an application to execute arbitrary code. As I understand it, reflective DLL injection is merely loading a DLL in another application without the use of the standard api calls like "CreateRemoteThread". So long as you have rights to write into another processes address space, you can do it. It doesn't require an exploit to accomplish it. See "BTMemoryModule" for a Delphi port of Joachim Bauch's work...complete with ready to compile example code: code.google.com/p/memorymodule Commented Oct 1, 2012 at 13:56
  • The whole purpose of reflective DLL injection is that you never write injected DLL file on disk so that you can avoid detection by AV. If you don't have the file on disk you can't use the regular injection technique (i.e CreateRemoteThread) hence you should use something as reflective DLL injection and that BTW makes the detection of the injected DLL harder. Commented Dec 24, 2012 at 10:19
  • @Mick I don't think you are stating that clearly. You do exploit an application to execute arbitrary code. However, if you are already ON the system, post-exploitation, then it is irrelevant... you can now write to memory in a process within your privilege rights, and then call the main in your injected DLL. Commented Jun 17, 2014 at 15:26