Post Mon Aug 29, 2016 6:22 am

DLL Hijacking


For testing purposes i generated a reverse shell as a DLL using MSFVenom and put it in application folder of my application that is vulnerable to DLL search order hijacking. My shell executes, but my application won't start, obviously, as it can not load the needed libraries in the legit DLL file.

Can someone please explain to me how i should go about getting my application to load the legit libraries, as well as my malware? Can I somehow put a pointer in my illegitimate DLL to the real DLL?

Please reply in detail. Thank you!