C# written binaries(dll, executables) uses ILA which is very easy to reverse engineer. using dnspy
mscorlib is very important for c# binaries as it contain .net libraries.
mscorlib
We can execute dlls directly in windows using a windows binary called rundll32.exe
rundll32.exe
e.g.
We also need to supply function name we want to invoke inside dll. Which can be determined through reverse engineering.
Last updated 10 months ago
rundll32.exe <dll_name.dll>,<function_name>
