Open in app

Sign In

Write

Sign In

Abhi Gowda
Abhi Gowda

18 Followers

Home

About

Pinned

Thick Client Security-Basic DLL Hijacking Vulnerability

Description: Loading dll files from an untrusted source can cause an application to execute malicious commands on behalf of an attacker. It allows an unauthenticated malicious attacker to exploit the DLL loading vulnerability. user whose device is undergoing this exploit won’t even realize it until the process has been exploited…

3 min read

DLL Hijacking Vulnerability POC
DLL Hijacking Vulnerability POC

3 min read


Pinned

Thick Client Security-Reverse Shell Using DLL Hijacking Vulnerability

In the Below example, i will be explaining how to exploit dll hijacking vulnerability to get reverse shell of a victim machine. Tools & OS used: Windows 7, Kali linux ,vulnerable application, process monitor(microsoft sysinternals tool). Pre Conditions to escalate privilege using DLL Hijacking Vulnerability: Write Permission on a system…

3 min read

Reverse Shell Using DLL Hijacking Vulnerability
Reverse Shell Using DLL Hijacking Vulnerability

3 min read


Dec 5, 2022

Cloud Configuration Review Using ScoutSuite Tool

User can install ScoutSuite tool using PIP or Git. Commands are mentioned below. Via PIP $ virtualenv -p python3 venv $ source venv/bin/activate $ pip install scoutsuite $ scout — help Via Git $ git clone https://github.com/nccgroup/ScoutSuite $ cd ScoutSuite $ virtualenv -p python3 venv $ source venv/bin/activate $ pip install -r requirements.txt $ python…

2 min read

Cloud Configuration Review Using ScoutSuite Tool
Cloud Configuration Review Using ScoutSuite Tool

2 min read


Jul 20, 2022

Windows Unquoted Search Path

If the path to the service binary is not enclosed in quotes and contains white spaces, As a result, a local user will be able to elevate the privilege to administrator privilege shell by placing an executable in a higher level directory within the path. Steps to test: Step 1…

Thick Client Security

1 min read

Thick Client Security

1 min read


Jul 14, 2022

Using Components with known vulnerabilities

Sometimes, while developing application older version of framework or older version of dependence software's are used. These older software’s might have open CVE’s and vulnerable to multiple attacks. Steps to test: Step 1: Identify the software/framework version by referring to config files or via other information gathering techniques as shown in below figure. If you are testing internal application then request the product team for the tech stack information which includes details of all software’s and their versions used by application.

Thick Client Security

1 min read

Using Components with known vulnerabilities
Using Components with known vulnerabilities
Thick Client Security

1 min read


Feb 11, 2021

Thick Client Security-Manual Analysis for Vulnerabilities

Manual Analysis is very important in thick client security. When the thick client is installed, many sensitive files are stored locally under installation folders. Check all the configuration files for the sensitive information like FTP passwords, MDB password, License keys, Default passwords, API keys etc. Example 1: Below screenshot has username and password disclosed in one of the config file. Example 2: Below screenshot has license information disclosed in one of the .js file, which can be tampered to increase license validity.

Thick Client Security

1 min read

Thick Client Security-Manual Analysis for Vulnerabilities
Thick Client Security-Manual Analysis for Vulnerabilities
Thick Client Security

1 min read


Feb 10, 2021

Thick Client Security-Sensitive Info In Memory

In majority of cases information stored in memory won’t be encrypted. This unencrypted information might reveal sensitive data of particular thick client application. By using “Process Hacker” tool we can check for sensitive data stored in memory. Steps to test: Step 1: Download & install the “Process Hacker” tool from…

Thick Client Security

1 min read

Thick Client Security-Sensitive Info In Memory
Thick Client Security-Sensitive Info In Memory
Thick Client Security

1 min read


Feb 3, 2021

Thick Client Security-Passwords In Registry

When the thick client application is installed and signed up. the sensitive information like password will be stored in registry. Use windows operating system “registry editor” tool to view registry entries. by using this tool we can search for keywords like username, passwords etc.. or we can navigate to particular registry path of installed thickclient application and look for sensitive information.

Thick Client Security

1 min read

Passwords In Registry Entry
Passwords In Registry Entry
Thick Client Security

1 min read


Feb 2, 2021

Thick Client Security-Sensitive Information In Hexdump

Hexdump is a utility that displays the contents of binary files in hexadecimal, decimal, octal, or ASCII. It’s a utility for inspection and can be used for data recovery, reverse engineering and programming. In some cases Hexdump stores sensitive information like Usernames, Keys, Passwords, Tokens etc. Steps to test: Step…

Thick Client Security

2 min read

Sensitive Information In Hexdump
Sensitive Information In Hexdump
Thick Client Security

2 min read


Jan 29, 2021

Thick Client Security-Improper File & Folder Permissions

When the thick client application is installed majority of times files and folders are more permissive than required. Attacker can use these excessive files and folders permissions to perform malicious activities. Even these excessive permissions leads to DLL hijacking attack. At a time we can verify the given permissions for…

Thick Client Security

2 min read

Improper File & Folder Permissions
Improper File & Folder Permissions
Thick Client Security

2 min read

Abhi Gowda

Abhi Gowda

18 Followers

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech