Thefreedom
JF-Expert Member
- Jan 27, 2019
- 319
- 313
Habari za muda huu friends.
Thefreedom is back agian na leo tutadiscuss very briefly kuhusu dll hijacking katika software ambazo ziko vulnerable to gain access.
lengo kuu ni kujikinga na kujifunza kwa kina ni kwa jinsi gani hawa hackers wanavyoweza kugain access kwenye most secured system via dll hijacking.
nitaenda kueleezea very short upate mwanga kisha utadownload video hapo chini ili ukae kwa mda wako ujifunze kwa kina.
NINI MAANA YA DLL HIJACKING?
DLL hijacking hii ni moja ya technique ambazo hutumiwa na wadukuzi ku gain access kwenye secured system kwa kutumia windows software ambazo hutegemea(load) system Dynamic Link Libraries.
mfano nimedownload setup ya vlc.exe , hii vlc iliiweze kurun kwenye windows os ina dll (libraries) ambazo zinakuwa searched then zikimalizika kuwa processed basi utaona setup windows ya vlc kwenye pc yako. sasa dll hijacking inakuja mfano hii software wakati wa ku load hizo required dll inahitaji dll yenye jina mfano maharage.dll kwenye desktop au windows files , huyu mdukuzi anachofanya anatengeneza backdoor.dll ambayo atairename jina sawa na ile dll ambayo inahitajika na hio VLC ili kumaliza task.
so ukirun vlc.exe basi itanyanyua ile malicious dll na kuiexecute kwenye system ya user pasipo user kufahamu kitu chochote na mwisho mdukuzi huyu ataaingia kwenye system yako silently as administrator na kufanya chochote anachotaka as normal user (ambaye ni wewe mwenye pc)
hivo basi katika huuu uziii nimetumia kaspersky na kama unahisi ndiyo antivirus best kwako basi inabidi uwe makin maana hii exploit hawajaidetect mpaka dkk hii.
na kuthibitisha hii ndo scan result ya malicious dll malicious DLL SCAN RESULTS 1/26 2020
requirements
1. virtualization knowledge
2. windows os ( 7,8,10)
3. internet connection
4. IDA pro free reverse engeenering toolkit download it IDA PRO CLEAN NO VIRUS
5. processor Hacker https://github.com/processhacker/processhacker/releases/download/v2.39/processhacker-2.39-setup.exe
6. processor monitor Process Monitor - Windows Sysinternals
7. KALI LINUX (natumia linux kde 2020.2)
download full MY demostration video HAPA
NOTE: STILL TUNAJIFUNZA SIKO PERFECT SO USITUMIE KUUUMIZA WENGINE
Thefreedom is back agian na leo tutadiscuss very briefly kuhusu dll hijacking katika software ambazo ziko vulnerable to gain access.
lengo kuu ni kujikinga na kujifunza kwa kina ni kwa jinsi gani hawa hackers wanavyoweza kugain access kwenye most secured system via dll hijacking.
nitaenda kueleezea very short upate mwanga kisha utadownload video hapo chini ili ukae kwa mda wako ujifunze kwa kina.
NINI MAANA YA DLL HIJACKING?
DLL hijacking hii ni moja ya technique ambazo hutumiwa na wadukuzi ku gain access kwenye secured system kwa kutumia windows software ambazo hutegemea(load) system Dynamic Link Libraries.
mfano nimedownload setup ya vlc.exe , hii vlc iliiweze kurun kwenye windows os ina dll (libraries) ambazo zinakuwa searched then zikimalizika kuwa processed basi utaona setup windows ya vlc kwenye pc yako. sasa dll hijacking inakuja mfano hii software wakati wa ku load hizo required dll inahitaji dll yenye jina mfano maharage.dll kwenye desktop au windows files , huyu mdukuzi anachofanya anatengeneza backdoor.dll ambayo atairename jina sawa na ile dll ambayo inahitajika na hio VLC ili kumaliza task.
so ukirun vlc.exe basi itanyanyua ile malicious dll na kuiexecute kwenye system ya user pasipo user kufahamu kitu chochote na mwisho mdukuzi huyu ataaingia kwenye system yako silently as administrator na kufanya chochote anachotaka as normal user (ambaye ni wewe mwenye pc)
hivo basi katika huuu uziii nimetumia kaspersky na kama unahisi ndiyo antivirus best kwako basi inabidi uwe makin maana hii exploit hawajaidetect mpaka dkk hii.
na kuthibitisha hii ndo scan result ya malicious dll malicious DLL SCAN RESULTS 1/26 2020
requirements
1. virtualization knowledge
2. windows os ( 7,8,10)
3. internet connection
4. IDA pro free reverse engeenering toolkit download it IDA PRO CLEAN NO VIRUS
5. processor Hacker https://github.com/processhacker/processhacker/releases/download/v2.39/processhacker-2.39-setup.exe
6. processor monitor Process Monitor - Windows Sysinternals
7. KALI LINUX (natumia linux kde 2020.2)
download full MY demostration video HAPA
NOTE: STILL TUNAJIFUNZA SIKO PERFECT SO USITUMIE KUUUMIZA WENGINE