SecurityXploded Blog

Released DllHijackAuditor v2 with New & Smart Interception Engine

DllHijackAuditor is the FREE tool to Audit against the  DLL Hijacking Vulnerability for any Windows application. This is recently discovered critical security vulnerability affecting most of Windows systems. Currently large number of applications are currently susceptible to this vulnerability which can allow any attacker to completely take over the system.

.

In the first version of DllHijackAuditor which was released last week, we have encountered few major issues such as inconsistent results for the same application, incorrect auditing results due to failure in interception, fixed file extension used for auditing etc. Improper auditing results were attributed to failure in Injection based interception mechanism which failed to detect the Dlls that were loaded at early phase. New version v2 of DllHijackAuditor is putting an end to all those problems with its new debugger based interception mechanism which ensures perfect auditing results.

.

.

New version of DllHijackAuditor brings in following features,

  • New & Smart ‘Interception Engine’ for consistent and efficient performance without intrusion of target process.
  • Support for specifying as well as auditing of application with custom & multiple Extensions.
  • Timeout Configuration to alter the waiting time for each Application.

.
Here is the short Video demonstration of DllHijackAuditor auditing WireShark for Dll Hijack Vulnerability

.

For more details and to download, visit the main page of DllHijackAuditor.

If you encounter any issues or if you have any good suggestions which can help improve it, please pass it on.

.

Special thanks to clshack for verification and reporting those major problems and regards to Nishant for suggesting good ideas though I could not put up everything in this release.

.

.

.

Leave a Reply