Two weeks ago i wrote an injector that demonstrates code injection technique.
in the beginning the injector purpose was to backdoor the SQL server process,
i made some changes for make it more flexible.
Code Injector will be presented at korean annual information security convention by Raviv Raz during his demonstration of how web attacks lead to total compromise of the internal LAN via the corporate website.
So what we got here?
The CodeInjector used the same technique as DLL Injection that was showed in the previous post.but this time we won’t release the written bytes because now they are part of the target process and been executing.
Code Injector - executable
Code Injector - source
CodeInjector -pn (process name) -s (shellcode)
Bots vs. Politics Hybrid Security discovered a sophisticated new bot-net made up of compromised Internet servers around the world. Servers were commandeer...
3 weeks ago