| 基于DLL技术的特洛伊木马植入新方案 |
| |
| 引用本文: | 潘勉,薛质,李建华,李生红.基于DLL技术的特洛伊木马植入新方案[J].计算机工程,2004,30(18):110-112,161. |
| |
| 作者姓名: | 潘勉 薛质 李建华 李生红 |
| |
| 作者单位: | 1. 上海交通大学信息安全工程学院,上海,200030
2. 上海交通大学电子工程系,上海,200030 |
| |
| 基金项目: | 国家“863”计划基金资助项目(2001AA121042):“安全主动网技术研究” |
| |
| 摘 要: | 研究了如何将Windows环境下的动态链接库(DLL)技术与远程线程插入技术结合起来实现特洛伊木马植入的新方案。在该方案中,提出了特洛伊木马程序DLL模块化,并且创建了独立的特洛伊木马植入应用程序,由该植入程序实现从特洛伊木马程序中分离出来的植入功能。采用该方案实现的木马植入,具有很好的隐蔽性和灵活性。
|
| 关 键 词: | 特洛伊木马 DLL 进程 线程 植入 |
| 文章编号: | 1000-3428(2004)18-0110-03 |
New Scheme for the Injection of Trojan Horse Based on DLL |
| |
| PAN Mian,XUE Zhi,LI Jianhua,LI Shenghong.New Scheme for the Injection of Trojan Horse Based on DLL[J].Computer Engineering,2004,30(18):110-112,161. |
| |
| Authors: | PAN Mian XUE Zhi LI Jianhua LI Shenghong |
| |
| Affiliation: | PAN Mian1,XUE Zhi1,LI Jianhua1,LI Shenghong2 |
| |
| Abstract: | A new scheme is studied to realize the injection of Trojan horse by combining the technology of DLL(dynamic linking library) and that of remote thread injection on the Windows platform. The idea of replacing traditional Trojan horse program with Trojan horse DLL and the notion of creating single Trojan horse injection program to realize the special function of Trojan horse injection are proposed. It is rather safe and flexible to inject Trojan horse by adopting this scheme. |
| |
| Keywords: | Trojan horse DLL Process Thread Injection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
