Advanced Ip Scanner – Dll Hijacking

DLL hijacking is an attack that exploits the Windows search and load algorithm, allowing an attacker to inject code into an application through disk manipulation. In other words, simply putting a DLL file in the right place causes a vulnerable application to load that malicious DLL

Vulnerable Application:

Vulnerable Version: Advanced_IP_Scanner_2.5.3850

Vulnerable DLL: C:\Users\<NAME OF USER>\AppData\Local\Temp\Advanced IP Scanner 2\dnssd.dll

Steps to reproduce:
1 – Put a malicious DLL on Vulnerable DLL place
2 – Open Advanced IP Scanner, and run it on portable mode
3 – The malicious dll is going to be executed

This vulnerability has been published according to the responsible disclosure model, the vulnerability is still present in the product.

Etiquetas: Sin etiquetas

Add a Comment

Your email address will not be published. Required fields are marked *