We don't display ads so we rely on your Bitcoin donations to 1KWEk9QaiJb2NwP5YFmR24LyUBa4JyuKqZ
Post date: Aug 20, 2010 1:26:21 AM
{
Self Injecting DLL by Aphex
A .CPL file is a Control Panel Extension. It is intended
to be a source of dialogs for configuring certain system
aspects. In reality it is an ordinary DLL with a special
export. This export is what the shell uses to interface
the different dialogs within the CPL. If this export is
not found the CPL will be immediately unloaded.
For our purposes we rely on the CPL being unloaded. Any
normal DLL that is renamed to CPL will have it's entry
point called when double clicked. This gives the DLL a
pseudo-executable nature. Allowing it to actually inject
itself into a foreign process.
Greets to Positron for mentioning CPLs to me. :)
}