Thursday, October 30, 2014 Login · Register
    Login
Username

Password


Remember Me

Not a member yet?
Click here to register.

Forgotten your password?
Request a new one here.

 

    Users Online
  • · Members on IRC: 29   
  • · Total Members: 16,883
  • · Newest Member: kaktycc
  •  

     

        Related Ads
     

     

     

        Top 10 Forum Posters
    UserPosts
    bluechill1411   
    madf0x1291   
    cruizrisner1062   
    Qwexotic1034   
    Null Set870   
    Override604   
    auditorsec603   
    godofcereal599   
    TurboBorland585   
    Teddy477   
     

        Affiliates




  • iExploit


  • iExploit


  • WeChall





  • Thisislegal.com

  •  

        Related Ads
     

    View Thread
         
    Security Override Hacking General Hacking
    DLL hijacking
    Register FAQ Members List Today's Posts Search

    Print Thread
    04-03-2014 06:09 AM DLL hijacking | Edited by jepeeps1 04-03-2014 06:10 AM
    Hey there, so i'm just reading around a bit on the interwebz & just came across something called "DLL hijacking".

    So basically they use flaws in DLL files used by various programs (such as microsoft office powerpoint 2007, windows media player, VLC, etc...).

    On this site: "http://www.exploit-db.com/papers/14813/"

    is explained how a person can infect a computer with the infected files in order to do stuff. My question (as a very noob but interested hacker) is how can u write an infectious dll files, how can you make it act like the right DLL file so the program uses it & after it is infected, how can you (aCooluse the infected computer? Like, what programs could u use in order to do things to said infected computer?

    E.g. (and again i'm nooby) with the infected DLL files, could you make yourself admin on the infected PC and then be able to get to any files on the computer or something?

    Alright just throwing it out there & sharing the website for people who may or may not have heard of this yet.


    PS: http://www.exploit-db.com/exploits/14782/
    PPS: this is a link to an exploited DLL thingy for use on powerpoint 2007, if anyone can explain this to us, thanks!

    Thanks, jep.
     
    Offline
    04-04-2014 03:47 AM RE: DLL hijacking
    Pretty much you just put a dll that does your nasty thing with functions exported to look like the original dll, and then you abuse how windows looks for dll files when a program loads and you place the dll where it would be loaded before the original. This means you have to have a way to put that dll there on the victim, the how to that is a completely different subject entirely. If you are local, there may be some programs that run with admin rights vulnerable to this, by doing so the dll's code would run with higher privileges and you just elevated yourself. At this point you could do whatever you want, because you have arbitrary code running on the victim.

    As for how to write one, look up how to make a windows dll library, then take a closer look at those published vulns/exploits.

    Also for some reason theres a sizable amount of people in the security industry that dont believe this is a real vulnerability. Most of the time it winds up being impractical yes, but if it works it works.
    dmr, September 9, 1941 October 9, 2011

    Never Forget
     
    Offline
    04-04-2014 09:24 AM RE: DLL hijacking
    Thanks for your answer, i'll look up some more about the subject on the interwebz.

    greetz, jep.
     
    Offline
    Jump to Forum:
    Forum powered by fusionBoard