Can Reflection help me call a function in an injected DLL?

Question

I have injected a managed .NET DLL into a .NET process.
I've seen some people here on StackOverflow say that you can then call the functions of the injected DLL by using Reflection. This is apparently the technique that Snoop uses.
Is this correct? If so, exactly how could it be done?
Thank you in advance.

Answer 1

Great Article by Eric Gunnerson, only caveat is to watch out for security policies, as these can sometime prevent dynamic loading of assemblies.

http://blogs.msdn.com/b/ericgu/archive/2007/06/05/app-domains-and-dynamic-loading-the-lost-columns.aspx

Answer 2

Here is some sample code to do this:

        // Get all loaded assemblies in current application domain
        Assembly[] assemblies = AppDomain.CurrentDomain.GetAssemblies();

        // Get type of int
        Type intType = assemblies.Select(a => a.GetType("System.Int32")).First();

        // Create object of int using its type
        Object intObj = Activator.CreateInstance(intType);

        // Call int.ToString() method which returns '0'
        String result = intObj.GetType().GetMethod("ToString", new Type[] { }).Invoke(intObj, null).ToString();

Answer 3

see below

Reflection Examples

Answer 4

You could use reflection. Here's an example:

class Program
{
    static void Main()
    {
        var assembly = Assembly.Load("System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a");
        var serverType = assembly.GetType("System.Web.HttpUtility", true);
        var method = serverType.GetMethod("HtmlEncode", BindingFlags.Static | BindingFlags.Public, null, new[] { typeof(string) }, null);
        var result = method.Invoke(null, new[] { "<some value>" });
        Console.WriteLine(result);
    }
}