Stuxnet and driver
CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 3 of 3

Thread: Stuxnet and driver

  1. #1
    Join Date
    Aug 2005
    Posts
    98

    Stuxnet and driver

    As far as I know, driver is used to be an interface between OS and hardware.

    Both Duqu and Stuxnet use a kernel driver to decrypt and load certain encrypted files on the infected computer. The kernel driver serves as an "injection engine" for loading the files into a specific process, according to SecureWorks. "The kernel drivers for both Stuxnet and Duqu use many similar techniques for encryption and stealth, such as a rootkit for hiding files," the security vendor said in its report.

    from:
    http://news.idg.no/cw/art.cfm?id=A0D...F48A30CE1D5495

    1-What is the kernel driver?

    2-I read the article in wikipedia for DLL injection and it makes no sense, May someone tell me about it?What is difference between DLL injection and process injection?

    Thanks in advance

  2. #2
    Join Date
    Jan 2006
    Location
    Chicago, IL
    Posts
    14,986

    Re: Stuxnet and driver

    DLL injection will infect all traffic coming thru it in the future, versus the immediately running process.
    David

    CodeGuru Article: Bound Controls are Evil-VB6
    2013 Samples: MS CODE Samples

    CodeGuru Reviewer
    2006 Dell CSP
    2006, 2007 & 2008 MVP Visual Basic
    If your question has been answered satisfactorily, and it has been helpful, then, please, Rate this Post!

  3. #3
    Join Date
    Aug 2005
    Posts
    98

    Re: Stuxnet and driver

    May you give me a simple code for DLL injection and explain more about it?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Windows Mobile Development Center


Click Here to Expand Forum to Full Width

This is a CodeGuru survey question.


Featured


HTML5 Development Center