C# written binaries(dll, executables) uses ILA which is very easy to reverse engineer. using dnspy
mscorlib is very important for c# binaries as it contain .net libraries.
mscorlib
We can execute dlls directly in windows using a windows binary called rundll32.exe
rundll32.exe
e.g.
We also need to supply function name we want to invoke inside dll. Which can be determined through reverse engineering.
Last updated 9 months ago
rundll32.exe <dll_name.dll>,<function_name>
