Can Reflection help me call a function in an injected DLL?

StackOverflow https://stackoverflow.com/questions/4448220

  •  10-10-2019
  •  | 
  •  

Question

I have injected a managed .NET DLL into a .NET process.
I've seen some people here on StackOverflow say that you can then call the functions of the injected DLL by using Reflection. This is apparently the technique that Snoop uses.
Is this correct? If so, exactly how could it be done?
Thank you in advance.

Was it helpful?

Solution

You could use reflection. Here's an example:

class Program
{
    static void Main()
    {
        var assembly = Assembly.Load("System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a");
        var serverType = assembly.GetType("System.Web.HttpUtility", true);
        var method = serverType.GetMethod("HtmlEncode", BindingFlags.Static | BindingFlags.Public, null, new[] { typeof(string) }, null);
        var result = method.Invoke(null, new[] { "<some value>" });
        Console.WriteLine(result);
    }
}

OTHER TIPS

Here is some sample code to do this:

        // Get all loaded assemblies in current application domain
        Assembly[] assemblies = AppDomain.CurrentDomain.GetAssemblies();

        // Get type of int
        Type intType = assemblies.Select(a => a.GetType("System.Int32")).First();

        // Create object of int using its type
        Object intObj = Activator.CreateInstance(intType);

        // Call int.ToString() method which returns '0'
        String result = intObj.GetType().GetMethod("ToString", new Type[] { }).Invoke(intObj, null).ToString();

Great Article by Eric Gunnerson, only caveat is to watch out for security policies, as these can sometime prevent dynamic loading of assemblies.

http://blogs.msdn.com/b/ericgu/archive/2007/06/05/app-domains-and-dynamic-loading-the-lost-columns.aspx

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top