rejetto forum
Software => HFS ~ HTTP File Server => Bug reports => Topic started by: yeyint on July 29, 2017, 08:30:13 PM
-
The HSF Server application passes an insufficiently qualified path in loading an external library when a user launch the application.
Affected Library List
---------------------
# dwmapi.dll
# WindowsCodecs.dll
# apphelp.dll
# RICHED32.dll
# wsock32.dll
# DNSAPI.dll
# IPHLPAPI.dll
# rasadh1p.dll
Please find the following for demo. I rename the malicious dll file (which is execute calculator) as apphelp.dll in this demo.
https://www.youtube.com/watch?v=VGjRA-P0opM
Thanks
Ye
REFERENCES
https://support.microsoft.com/en-us/help/2389418/secure-loading-of-libraries-to-prevent-dll-preloading-attacks
https://cwe.mitre.org/data/definitions/427.html
http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx
-
it make no sense dude
-
i had missed this report, actually.
I'm not personally calling that DLL, and i'm not sure why it is called.
The results on google are quite confusing.
Would anyone have information, please share.
-
rejjeto, i private messaged you about this....
what i have seen and what was shown was indeed dll hacking, but is not a probelm or a bug with your program, but a os system issues with a bad visual update. it was his pc casuing the issue..
this is not a bug that i have found.
-
;D ;D ;D LOVE
-
it make no sense dude
;D ;D ;D