DLL Attack Review Part 1

I would like to share a few details and tricks to that can be useful to some people out there. DLL (Dynamic Link Libraries) attack is an attack where the attacker within the Application search function

Windows application that been mentioned here is a vulnerable /PATH or other location that will be exploited by the attacker where malicious DLLs will be loaded into the application and system. The purpose of the malicious DLL been loaded is to been searched by the application while been executed by the application at the same time.

Types of DLL attack

For those who still not familiar with the attack, there are a few types of DLL attack such as:

DLL search order attackDLL side-loading attackDLL Hijacking attack DLL search order attack

This type of attack normally takes advantage of the search order of the Windows where a malicious DLL will be loaded into the DLL search order and execute the program from there.

DLL side-loading attack

This type of attack will leverage a directory from WinSxS which normally happens if the program is improperly configured may be open to and malicious

Read More: https://threatninja.net/dll-attack-review-part-1/