DIY vulnerability discovery with DLL Side Loading

  • Tuesday, 22 Sep 2015 10:00PM EDT (23 Sep 2015 02:00 UTC)
  • Speaker: Jake Williams

In this talk, Jake (contributing author on FOR526, FOR610, and SEC760) will teach you how to discover vulnerabilities like a rock star using DLL side loading. This technique (ab)uses the way Windows searches for DLLs to load into a program. The behavior is nearly laughable and introduces serious risks, especially when developers don't understand filesystem permissions. Attackers know this and use it for privilege escalation and stealthy persistence.

Once you understand how DLL side loading works, you'll be able to find it in your next investigation. Plus you'll look like a infosec rock star when you find vulnerabilities in your organization's custom software.