SecurityXploded Blog

Presenting DllHijackAuditor – Smart Tool to Audit Dll Hijack Vulnerability

DllHijackAuditor is the FREE tool to Audit against the  DLL Hijacking Vulnerability for any Windows application. This is recently discovered critical security issue affecting almost all Windows systems on the planet. It appears that large amount of Windows applications are currently susceptible to this vulnerability which can allow any attacker to completely take over the system.

.

[Update (7th Sep 2010): DllHijackAuditor v2 is Released now with new & smart Debugger based Interception Engine]

.

In this direction, DllHijackAuditor helps in discovering all such Vulnerable Dlls in a Windows application which otherwise can lead to successful exploitation resulting in total compromise of the system. With its simple GUI interface DllHijackAuditor makes it easy for anyone to instantly perform the auditing operation. It also presents detailed technical Audit report which can help the developer in fixing all vulnerable points in the application.

.

.

Here are some of the prominent features of DllHijackAuditor

  • Directly & Instantly audit any Windows application.
  • Allows complete testing to uncover all Vulnerable points in the target application
  • Generates complete Auditing report (in HTML format) about all vulnerable hijack points in the Application.
  • GUI based tool, makes it easy for anyone with minimum knowledge to perform the auditing operation.
  • Does not require any special privilege for auditing of the application (unless target application requires)
  • Free from Antivirus as it does not use any shellcodes or exploit codes which trigger Antivirus to terminate the operation.
  • Application does not have to be registered with any file extension.
  • Does not require any external third party tools
  • No installation is required., you can just copy and run anywhere.

.

This tool works on the similar 2 phase lines of operations as that of DllHijackAuditKit by HD Moore. Though it was great tool kit for sweep scanning of all applications, I found some limitations with it. Mainly it helped with applications which are associated with any extension.  So naturally applications which are currently not associated with any extension, were not tested by this toolkit.  Also only launch time auditing was done, there was no scope for auditing all points in the application.

So I  found the strong need for the special tool which will help any one to test a particular application completely and also providing detailed Audit report which will further assist in fixing all the Dll Hijack vulnerability in the application.  This is the story behind the birth of DllHijackAuditor.

.

I would like to thank EvilFingers who ignited the spark with above idea to create such a tool and regards to HD for paving the path with his smart work on DllHijackAuditKit.

.

For more information and to Download, visit the main page of DllHijackAuditor.

.

We welcome any bug reports/suggestions/feeedbacks on this tool.

.

.

.

Leave a Reply