Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > General Forum
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 01-29-2012, 12:13 AM
vbaddicts vbaddicts is offline
Junior Member
 
Join Date: Oct 2011
Posts: 3
Default ActiveX DLL Injection ?

NOTE: administrators -> if this isn't the correct forum please move it and if the content is inappropriate please delete and pm me notification. Thanks.

O.K. so here is what i'm attempting to do: using assembly code cause a remote process to load an activex dll (CoLoadLibrary) create an instance of a class (DllGetClassObject) call a method on that class and then unload (CoFreeLibrary).

So far I've got the target to load the dll correctly. I then call GetProcAddress to retrieve the entry point for DllGetClassObject in the activex dll. I pass a pointer to memory allocated for the interfaces vtable, a pointer to IClassFactory's IID, and a pointer to CPatchManager's CLSID.

I keep getting error code: CLASS_E_CLASSNOTAVAILABLE

If anyone can point out what I'm doing wrong or give me some general idea of what I should be doing I would appreciate it, here is the code i'm using for calling DllGetClassObject:

Code:
mov eax, GETPROCADDRESSPTR

push dword DLLGETCLASSOBJECTNAME
push dword LIBRARYMODULEHANDLE
call eax

;check return value
cmp eax, 0
jnz GETPROCADDRSUCCESS3

;handle error here
jmp INJECTIONERROR

GETPROCADDRSUCCESS3:

;call DllGetClassObject for IClassFactory
push dword ICLASSFACTORYINTERFACE
push dword ICLASSFACTORYIID
push dword CPATCHMANAGERCLSID
call eax
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.