Analyzing DLL Hijacking Attacks

by Chris Sanders
Sept. 1, 2017 0 comments TechGenix Pen Testing & Audits windows client security

At the end of August 2010 security researchers began releasing details of a class of vulnerabilities that has had some pretty wide spreading affects. The vulnerability discussed by the Slovenian security company Acros gained a significant amount of notoriety when security researcher and Metasploit creator HD Moore discovered hundreds of applications that were vulnerable to the attack vector. The attack that exploits these vulnerabilities has been dubbed DLL Hijacking. In this article I’m going to talk about the architectural flaws that make DLL hijacking a possibility, how to determine if applications you use are vulnerable, and steps you can take to ensure you aren’t a target of this attack.