Installing an Outlook Client Filter


Microsoft Outlook uses registry entries to control client extension attachment. During initialization, Outlook checks its Extensions registry key for a special value. If this special value is found, Outlook will reinitialize its client extension table to attach every client extension specified under the Extensions key.

The Outlook Extensions registry key is HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Exchange\ Client\Extensions.

The special value required to reinitialize the client extension table is

Outlook Setup Extension (this is a string value)

The contents of the Outlook Setup Extension value must be as follows:

 4.0;Outxxx.dll;7;000000000000000;0000000000;OutXXX

If Microsoft Outlook finds this special value under the Extensions key, it will re-register every client extension specified under the Extensions key.

Client extension registry entries must be specified using the following form:

  • Value = Name of Extension (this is a string value)

  • Data = 4.0; Location of library; 1;00100100001000;0001000

For our purposes we can use the following:

 MyClientExtension = 4.0;C:\OutlookExtension.dll;1;00100100001000;0001000

After re-registering the client extensions specified under the Extensions key, Outlook will delete the special Outlook Setup Extension string value. Outlook will then use an internalized client extension table until a new special Extension string value is placed under the Extensions key. Outlook will not include a new client extension without the special Extensions string value, so you cannot simply add a string value defining the location of your client extension.




Professional Rootkits
Professional Rootkits (Programmer to Programmer)
ISBN: 0470101547
EAN: 2147483647
Year: 2007
Pages: 229
Authors: Ric Vieler

Similar book on Amazon
Rootkits: Subverting the Windows Kernel
Rootkits: Subverting the Windows Kernel
A Guide to Kernel Exploitation: Attacking the Core
A Guide to Kernel Exploitation: Attacking the Core
Reversing: Secrets of Reverse Engineering
Reversing: Secrets of Reverse Engineering
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net