Weekly Shaarli
Week 09 (February 27, 2023)
You can use this program but I wrote a simple python script which enumerates the exported functions from the provided DLL (
dll-def.py
)A simple way to prevent DLL hijacking from happening would be for applications to always use absolute paths instead of relative ones. Although some applications (notably portable ones) will not always be able to do so, applications located in \system32\ and relying on DLLs in the same folder have no excuse for doing otherwise. The better option, which only very few Windows executables seem to do, is to verify all DLLs before loading them (e.g. by checking their signatures) - this would largely eliminate the problem.