DLL hijacking is a method of injecting malicious code into a given service or application by loading an evil DLL, often replacing the original one, that will be executed when the service starts. This is possible due to the way some Windows applications search and load DLLs, more specifically, if the path to a service’s DLL isn’t already loaded or stored in the system, Windows will start looking for it in the environment path, an attacker can therefore place the malicious DLL in a directory that is part of it to trigger the malicious code.
https://steflan-security.com/windows-privilege-escalation-dll-hijacking/
[link] [comments]
from hacking: security in practice https://ift.tt/31zHqoQ
Comments
Post a Comment