CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
+ Reply to Thread
Results 1 to 3 of 3
  1. December 4th, 2011 11:18 AM #1
    Abalfazl
    Abalfazl is offline Member Abalfazl is an unknown quantity at this point (<10)
    Join Date
    Aug 2005
    Posts
    98

    Stuxnet and driver

    As far as I know, driver is used to be an interface between OS and hardware.

    Both Duqu and Stuxnet use a kernel driver to decrypt and load certain encrypted files on the infected computer. The kernel driver serves as an "injection engine" for loading the files into a specific process, according to SecureWorks. "The kernel drivers for both Stuxnet and Duqu use many similar techniques for encryption and stealth, such as a rootkit for hiding files," the security vendor said in its report.

    from:
    http://news.idg.no/cw/art.cfm?id=A0D...F48A30CE1D5495

    1-What is the kernel driver?

    2-I read the article in wikipedia for DLL injection and it makes no sense, May someone tell me about it?What is difference between DLL injection and process injection?

    Thanks in advance
    Reply With Quote Reply With Quote
  2. December 6th, 2011 02:52 AM #2
    dglienna's Avatar
    dglienna
    dglienna is offline ex MVP - Visual Basic Power Poster dglienna has a reputation beyond repute (3000+) dglienna has a reputation beyond repute (3000+) dglienna has a reputation beyond repute (3000+) dglienna has a reputation beyond repute (3000+) dglienna has a reputation beyond repute (3000+) dglienna has a reputation beyond repute (3000+) dglienna has a reputation beyond repute (3000+) dglienna has a reputation beyond repute (3000+) dglienna has a reputation beyond repute (3000+) dglienna has a reputation beyond repute (3000+) dglienna has a reputation beyond repute (3000+)
    Join Date
    Jan 2006
    Location
    Chicago, IL
    Posts
    14,587

    Re: Stuxnet and driver

    DLL injection will infect all traffic coming thru it in the future, versus the immediately running process.
    David

    CodeGuru Article: Bound Controls are Evil-VB6
     2012 Samples: MS CODE Samples
    CodeGuru Reviewer
    2006 Dell CSP
    2006, 2007 & 2008 MVP Visual Basic
    If your question has been answered satisfactorily, and it has been helpful, then, please, Rate this Post!
    Reply With Quote Reply With Quote
  3. December 8th, 2011 01:58 PM #3
    Abalfazl
    Abalfazl is offline Member Abalfazl is an unknown quantity at this point (<10)
    Join Date
    Aug 2005
    Posts
    98

    Re: Stuxnet and driver

    May you give me a simple code for DLL injection and explain more about it?
    Reply With Quote Reply With Quote
+ Reply to Thread
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules


HTML5 Development Center

Click Here to Expand Forum to Full Width