Jump to content
CCleaner Community Forums
Nergal

Injecting a DLL into Modern UI (aka Metro/Windows-App) App

Recommended Posts

Looks like Microsoft did learn (at least a little) the lesson from Sidebar Gadgets

http://blog.nektra.com/main/2013/02/25/injecting-a-dll-in-modernui-metro-app-win8

 

When you try to inject a library into a Windows 8 Modern UI Metro application you will find that although the injection code works as expected, your DLL will NOT load, LoadLibrary will return FALSE and GetLastError will return ERROR_ACCESS_DENIED.

 

As Far as I can tell they failed to achieve what they were attempting maybe some more technical person may be able to read more into this (like Alan or Keetah)

Share this post


Link to post
Share on other sites

Sidebar gadgets weren't vulnerable to DLL injections. They had cross site scripting issues that are a whole different beast.

 

The only thing Microsoft have achieved here is isolating processes in the modern UI, so that additional code can't be loaded into them and forced to run. A program attempting to do so will not crash, but rather be sent a passive aggressive "you can't do that!" message.

 

Of course, only an executable can inject code into another program. For this situation to occur the system is likely already compromised.

Share this post


Link to post
Share on other sites

thanks, good explanation.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...