DLL Hijacking
DLL Hijacking is a way for attackers to execute malicious code on the system. This means that if an attacker can place a file on the system, that file could be executed when the user runs an application vulnerable to DLL Hijacking.
If the application looks for some DLL files that are not present in the location during the runtime, then an attacker can place a malicious DLL file with the same name in that location and escalate the privilege.
Tools Procmon.exe
DLL Hacking
Could not load image
DLL Hijacking
Vulnerable Application: Damm Vulnerable Thick Client App (DVTA)
As shown in the screenshot, the path is missing. An attacker can create the folder and DLL file and escalate the privilege.
Last modified 5mo ago
Copy link