Monday, October 05, 2015 Login · Register


Remember Me

Not a member yet?
Click here to register.

Forgotten your password?
Request a new one here.


    Users Online
  • · Members on IRC: 0   
  • · Total Members: 21,762
  • · Newest Member: burchmaine


        Related Ads



        Top 10 Forum Posters
    Null Set883   


  • iExploit

  • iExploit

  • WeChall



        Related Ads

    View Thread
    Security Override Hacking General Hacking
    DLL hijacking
    Register FAQ Members List Today's Posts Search

    Print Thread
    04-03-2014 06:09 AM DLL hijacking | Edited by jepeeps1 04-03-2014 06:10 AM
    Hey there, so i'm just reading around a bit on the interwebz & just came across something called "DLL hijacking".

    So basically they use flaws in DLL files used by various programs (such as microsoft office powerpoint 2007, windows media player, VLC, etc...).

    On this site: ""

    is explained how a person can infect a computer with the infected files in order to do stuff. My question (as a very noob but interested hacker) is how can u write an infectious dll files, how can you make it act like the right DLL file so the program uses it & after it is infected, how can you (aCooluse the infected computer? Like, what programs could u use in order to do things to said infected computer?

    E.g. (and again i'm nooby) with the infected DLL files, could you make yourself admin on the infected PC and then be able to get to any files on the computer or something?

    Alright just throwing it out there & sharing the website for people who may or may not have heard of this yet.

    PPS: this is a link to an exploited DLL thingy for use on powerpoint 2007, if anyone can explain this to us, thanks!

    Thanks, jep.
    04-04-2014 03:47 AM RE: DLL hijacking
    Pretty much you just put a dll that does your nasty thing with functions exported to look like the original dll, and then you abuse how windows looks for dll files when a program loads and you place the dll where it would be loaded before the original. This means you have to have a way to put that dll there on the victim, the how to that is a completely different subject entirely. If you are local, there may be some programs that run with admin rights vulnerable to this, by doing so the dll's code would run with higher privileges and you just elevated yourself. At this point you could do whatever you want, because you have arbitrary code running on the victim.

    As for how to write one, look up how to make a windows dll library, then take a closer look at those published vulns/exploits.

    Also for some reason theres a sizable amount of people in the security industry that dont believe this is a real vulnerability. Most of the time it winds up being impractical yes, but if it works it works.
    dmr, September 9, 1941 October 9, 2011

    Never Forget
    04-04-2014 09:24 AM RE: DLL hijacking
    Thanks for your answer, i'll look up some more about the subject on the interwebz.

    greetz, jep.
    Jump to Forum:
    Forum powered by fusionBoard