Monday, August 30, 2010
DllHijackAuditor – Smart Tool to Audit Dll Hijack Vulnerability
DllHijackAuditor is the FREE tool to Audit any Windows application for DLL Hijacking Vulnerability which is a critical Security issue that has been recently discovered on Windows systems. It is estimated that large amount of Windows applications are currently susceptible to this vulnerability which can allow allow any attacker to completely take over the remote system on successful exploitation.
In this direction, DllHijackAuditor helps in quickly discovering all such Vulnerable Dlls in any Windows application which can lead to successful exploitation of this DLL Hijack Vulnerability. With its simple GUI interface DllHijackAuditor makes it easy for anyone to instantly perform the auditing operation.
This tool works on the similar 2 phase lines of operations as that of DllHijackAuditKit by HD Moore. Though it was great tool kit for sweep scanning of all applications, I found some limitations with it. Mainly it helped with applications which are associated with any extension. So naturally applications which are currently not associated with any extension, were not tested by this toolkit. Also only launch time auditing was done, there was no scope for auditing all points in the application.