DLL or for Dynamic Link Library is a set of functions that can be executed, or data that can be used by a Windows application. Basically it’s an external code repository for programs. Several different programs can reuse the same DLL instead of having that code in their own file. This dramatically reduces required storage space.

But this concept also lead to a security vulnerability known as DLL Hijacking. Here the attacker may change the DLL files used in Windows with his own DLL files which may contain some malicious codes like rootkits or trojans. This is also known as Binary Planting. Once he has implemented this it may be a tough task to detect it because DLL files are loaded in high memory area of the system.

Now it’s time to explore applications for this kind of attacks. For this we’ll use a nice handy tool called DLLHijackAuditor which you can download from here. This is a lightweight application but will do a nice job. Now it’s time to install it.

DLL Hijacking So just start this newly installed application and select the application you want to test against DLL vulnerability. Now click on Start Audit button Now it will install that application and at the installation time it will check whether it is trying to alter any DLL files. if it found so then you can click on Exploits button to check for more details regarding this.

So you can see that the whole process is completed in a fly and without headache. So next time you’ve a suspected application then don’t install it in a usual way. Instead install it using this way just to ensure that it’s safe for you. Enjoy!

Advertisements