Fiddler application default installation path have write access by user.
Affected Executable file ,
fiddler.exe
EnableLoopback.exe ( privilege escalation )
Affected dll ,
imageres.dll
bcp47mm.dll
shlwapi.dll
fwbase.dll
DNSAPI.dll
FirewallAPI.dll
WindowsCodecs.dll
CRYPTBASE.dll
Poc video :
More detail about Dll Hijacking,
https://attack.mitre.org/techniques/T1038/
https://resources.infosecinstitute.com/mitre-attck-vulnerability-dll-search-order-hijacking/
https://cwe.mitre.org/data/definitions/427.html
No comments:
Post a Comment