Reply To: Injecting Browser Helper Objects Remotely ==?

Home Forums Discussions General Discussion Injecting Browser Helper Objects Remotely ==? Reply To: Injecting Browser Helper Objects Remotely ==?

#6622

Vadim Smirnov
Moderator

Since the dissassembler can’t locate the functions in the dissassembly, please suggest some other way of reversing the dll ?

The DLL can be packed and disassembler can’t decode it without additional effort. However, many things depends from the disassembler you use and particular BHO.

Any further info on this method of attack, that is, how can someone remotely inject BHOs(browser helper objects) into my browser ?

BHO is an in-process COM object and it should be registered as any normal COM object plus it has to create several registry entries specific to BHO. So if the particular BHO was not installed by you, then someone has managed to remotely execute installation code on your system.