DLL Attack Review Part 1

I would like to share a few details and tricks to DLL Attack that can be useful to some people out there. DLL (Dynamic Link Libraries) attack is an attack where the attacker exploit within the Windows Application search function

Windows application that been mentioned here is a vulnerable /PATH or other location that will be exploited by the attacker where malicious DLLs will be loaded into the application and system. The purpose of the malicious DLL been loaded is to been searched by the application while been executed by the application at the same time.

Types of DLL attack

For those who still not familiar with the attack, there are a few types of DLL attack such as:

DLL search order attackDLL side-loading attackDLL Hijacking attack DLL search order attack

This type of attack normally takes advantage of the search order of the Windows Operating System where a malicious DLL will be loaded into the DLL search order and execute the program from there.

DLL side-loading attack

This type of attack will leverage a directory from WinSxS which normally happens if the program is improperly configured may be open to vulnerabilities and malicious

Read More: https://threatninja.net/dll-attack-review-part-1/