I just saw This Question and it made me wonder: Can you use windows hooks or other methods to do code injection with c#? I've seen lots of things about code injection but all of them are done in C/C++. I don't know either of those languages and have a really hard time translating. Does anyone have any ideas on how to do this? ...
I'm patching connect() to redirect network traffic as part of a library (NetHooker) and this works well, but it depends on ws2_32.dll remaining the same and doesn't work if the syscall is used directly. So what I'm wondering is if there's a way to catch the syscall itself without a driver. Anyone know if this is possible? ...
I was wondering if its possible to inject a thread into a remote app domain running in a separate process. My guess is that I could do this using the debugging interfaces (ICorDebug) but I was wondering if there is any other way? ...
I need to dynamically construct an XPath query for an element attribute, where the attribute value is provided by the user. I'm unsure how to go about cleaning or sanitizing this value to prevent the XPath equivalent of a SQL injection attack. For example (in PHP): <?php function xPathQuery($attr) { $xml = simplexml_load_file('exa...
There are some fairly powerful tools like SIMBL or Airfoil/Instant Hijack which use code injection. As far as I understand this, these tools inject their own code in other programs. This idea sounds dangerous to me as this seems to have the potential to make perfectly stable software fragile and "buggy". Also this seems to pose security ...
What would be the best way of inserting functionality into a binary application (3d party, closed source). The target application is on OSX and seems to have been compiled using gcc 3+. I can see the listing of functions implemented in the binary and have debugged and isolated one particular function which I would like to remotely call....
Is there any way to catch all syscalls on Linux? The only solution I know of is using LD_PRELOAD à la fakeroot, but that only works for dynamically linked applications. Furthermore, this approach requires enumerating all syscalls which is something I'd like to avoid. ...
In the grails-framework some objects are using log. This is normally injected by grails. It works on execution of 'grails test-app'. But the same test (an integration-test) fails on execution of 'grails test-app -integration'. What goes wrong here and can I force the injection of the log-object somehow? ...
Report released today on the "top 25" most dangerous programming mistakes. I'm interested to see if any here agree or can spot any glaring omissions (or outdated inclusions). Also, in your opinion which modern dev tools/frameworks are improving (or worsening) these flaws for things like authorization, SQL injection, or code injection? ...
Here is my task: Inject custom managed code into running managed WPF application (i.e. my code should run in other AppDomain) Injected code must be executed on UI thread When I say 'best' I mean that: Injection process must be as stable as possible (no thread deadlocks, etc.) Code should run on x86 and x64 platforms without problem...
I'm using WCF's netTcpBinding, which connects directly to an endpoint and doesn't seems to know anything about socks proxies. I need to use a proxy because most of my clients won't allow direct outbound connections, and enforce the use of socks proxies at all times. My first idea was to configure the .net framework to do that, so I ed...
I'd like to implement the ViewModel part of WPF's MVVM pattern without referencing WPF assemblies. The problematic part is command routing, which requires that ViewModels implement properties of type ICommand so that command bindings can work. Now, I can avoid the ICommand and simply declare the properties as object. Everything still wo...
This way lies madness, I know. I have an executable (the source code to which I do not have access) that I would like to extend via .NET. It's a native executable, so I would need to inject a CLR host in order to do this. My basic idea is to provide scripting-like functionality via a .NET language (C#, for example) and provide hooks in ...
I am saving user-submitted HTML (in a database). I must prevent Javascript injection attacks. The most pernicious I have seen is the script in a style="expression(...)". In addition to this, a fair amount of valid user content will include special characters and XML constructs, so I'd like to avoid a white-list approach if possible. (L...
Is it possible to write a program under windows that will cause a remote process thread to break (stop execution in that thread) upon reaching a predefined address? I have been experimenting with the Windows Debug API, but it seems very limited when it comes to setting breakpoints. The DebugBreakProcess function seemed promising, but I ...
I was curious if anyone knew of a way of monitoring a .Net application's runtime info (what method is being called and such) and injecting extra code to be run on certain methods from a separate running process. say i have two applications: app1.exe that for simplicity's sake could be class Program { static void Main(string[] ...
Hey, I have a Qt Dll wich I inject into a third-party Application using windows detours library: if(!DetourCreateProcessWithDll( Path, NULL, NULL, NULL, TRUE, CREATE_DEFAULT_ERROR_MODE | CREATE_SUSPENDED, NULL, NULL, &si, &pi, "C:\\Program Files\\Microsoft Research\\Detour...
I have a UIWebView component that is going to load a webpage which might contain JavaScript. I want to run some JavaScript of my own before any JavaScript on the loaded webpage runs. I know I can use [myWebView stringByEvaulatingJavaScriptFromString:] on the webViewDidFinishLoad: delegate of the UIWebView, however this will only run my J...
Since I haven't found an answer to the question asked previously here I'm trying a different approach. Is there any way to share memory between two processes? The second process gets the information from an injection since it's a legacy program that it's not being supported anymore. My idea is to inject some code there, in the struc...
I am abot confusing, there are so many functions in PHP, and some using this, some using that. Some people use: htmlspecialchars(), htmlentities(), strip_tags() etc Which is the correct one and what do you guys usually use? Is this correct (advise me a better one, if any): $var = mysql_real_escape_string(htmlentities($_POST['username'...