Self Injecting DLL by Aphex
A .CPL file is a Control Panel Extension. It is intended
to be a source of dialogs for configuring certain system
aspects. In reality it is an ordinary DLL with a special
export. This export is what the shell uses to interface
the different dialogs within the CPL. If this export is
not found the CPL will be immediately unloaded.
For our purposes we rely on the CPL being unloaded. Any
normal DLL that is renamed to CPL will have it's entry
point called when double clicked. This gives the DLL a
pseudo-executable nature. Allowing it to actually inject
itself into a foreign process.
Greets to Positron for mentioning CPLs to me. :)
Delphi Basics - Free Delphi Source Code - Ultimate Programming Resource > Delphi Basics Snippets >