Therefore, whether you are a pentester, a security researcher or a system administrator, your own conception of it may differ from someone else’s. It turns out that it’s a big mistake, for multiple reasons! First, DLL hijacking is just a core concept and, in practice, there are some variants. Whenever I write about something that involves DLL hijacking (e.g.: NetMan DLL Hijacking), I assume that it’s common knowledge and that we are all on the same page. I don’t pretend to know the ultimate truth but I felt the need to write this post in order to hopefully clarify some points. Though, people often don’t really speak about the same thing, hence the overall confusion which leads us nowhere. “ It’s not a vulnerability!” or “ There is a lot of hijackable DLLs on Windows…” are the most common reactions. Whenever a “new” DLL hijacking / planting trick is posted on Twitter, it generates a lot of comments.
0 kommentar(er)
