Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A dll injection method and system based on windows platform

A technology for injecting systems and platforms, applied in the field of data security, and can solve problems such as injection failures

Active Publication Date: 2021-04-16
北京明朝万达科技股份有限公司
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] 3) The HOOK technology for the virtual function table of the COM interface is only applicable to the COM interface
This technology will fail to inject when it encounters the shell code of the packer and the service program.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A dll injection method and system based on windows platform
  • A dll injection method and system based on windows platform
  • A dll injection method and system based on windows platform

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment

[0095] Such as Figure 5 , is a specific embodiment realized according to the technical solution of the present invention.

[0096] (1) The process starts.

[0097] (2) Judging whether the process is a sensitive process (needing a leak-proof process), if not, letting go of not injecting the security detection DLL.

[0098] (3) If yes, call the injection module and inject the security detection DLL.

[0099] (4) The safety detection DLL performs safety detection on the process.

[0100] (5) Refuse to open if it is detected to be unsafe.

[0101] (6) If safe, allow to open.

[0102] This technical solution is used to monitor chat tools such as QQ, but the general injection method cannot inject and control the QQ process. Using the injection method of the present invention, the detection DLL is successfully injected, and the chat information of software such as QQ is monitored. good control.

[0103] The technical solution of the invention achieves the following technical e...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a DLL injection method and system based on a Windows platform. The method includes the following steps: starting a process, judging whether the current process needs to inject a safety detection DLL, and if so, obtaining the module name that needs to be injected into the safety detection DLL; judging the module Whether the name is "ntdll.dll", if yes, insert the injection information of the current process into the work queue; the safety detection DLL performs safety detection on the current process; if it is detected to be unsafe, it ends, and if it is safe, the current process is allowed to start. Through the solution of the present invention, more processes can be injected, and anti-virus software will not be accidentally killed, which is more stable and efficient.

Description

technical field [0001] The invention relates to the field of data security, in particular to a method and system for injecting a security detection DLL based on a Windows platform. Background technique [0002] The current WINDOWS security detection DLL injection methods are mainly divided into three categories: Windows message hook, API HOOK and COM HOOK. [0003] 1) Windows message hook (provided by the operating system itself) [0004] Windows message hooks are divided into global message hooks and local message hooks (that is, thread message hooks), such as: message hooks for controlling the keyboard. [0005] 2) API HOOK technology is a technology used to change the execution result of the API. Microsoft itself also uses this technology in the Windows operating system, such as Windows compatibility mode. API HOOK technology is not a proprietary technology of computer viruses, but computer viruses often use this technology to achieve the purpose of hiding themselves. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F9/448G06F21/56
CPCG06F21/562G06F9/448
Inventor 曲恩纯喻波王志海彭洪涛
Owner 北京明朝万达科技股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com