| ... | @@ -14,7 +14,7 @@ Cases in which it's possible to still DLL Hijack are: |
... | @@ -14,7 +14,7 @@ Cases in which it's possible to still DLL Hijack are: |
|
|
##### This section will encompass a walk-through of finding vulnerable programs and DLL hijacking them to get escalated code execution.
|
|
##### This section will encompass a walk-through of finding vulnerable programs and DLL hijacking them to get escalated code execution.
|
|
|
|
|
|
|
|
The easiest way to find vulnerable program to search a CVE database.
|
|
The easiest way to find vulnerable program to search a CVE database.
|
|
|
In the example I use for this walk-trough I used https://cve.mitre.org/ and looked for commonly used programs susceptible to DLL Hijacking.
|
|
In the example I use for this walk-through I used https://cve.mitre.org/ and looked for commonly used programs susceptible to DLL Hijacking.
|
|
|
I settled on using Audacity, an open-source audio mixing software, as my attack vector.
|
|
I settled on using Audacity, an open-source audio mixing software, as my attack vector.
|
|
|
|
|
|
|
|
|
|
|
| ... | @@ -57,3 +57,5 @@ That's a lot of cmd windows! |
... | @@ -57,3 +57,5 @@ That's a lot of cmd windows! |
|
|
|
|
|
|
|
#### Sources:
|
|
#### Sources:
|
|
|
https://hacknpentest.com/windows-privilege-escalation-dll-hijacking/
|
|
https://hacknpentest.com/windows-privilege-escalation-dll-hijacking/
|
|
|
|
https://pentestlab.blog/2017/03/27/dll-hijacking/
|
|
|
|
https://liberty-shell.com/sec/2019/03/12/dll-hijacking/ |
