Application Logs & Developer Backdoors

by SecVulture
Oct. 7, 2017 0 comments INFOSEC Institute Pen Testing & Audits

In the previous article, we have discussed the basics of DLL Hijacking vulnerabilities and how one can find and exploit DLL Hijacking vulnerabilities in DVTA application. In this article, we will discuss some miscellaneous test cases that can be used against Thick Client Applications. These test cases include Application Logging, Developer Backdoors, Unreliable Timestamps and lack of application signing.

http://resources.infosecinstitute.com/damn-vulnerable-thick-client-app-part-8/