Introduction
In this post, You will learn what is DLL Hijacking and also you will learn the difference between DLL Hijacking and Dylib Hijacking.
Below is the video format of the post, Check it out ????????
What is DLL Hijacking ❓
DLL Hijacking or DLL Injection is a privilege escalation method. Usually, attackers use this method after exploiting the target.
The DLL Hijacking is specifically used in windows and in the mac system we call Dylib hijacking.
There has recently been a discovery of a rather sophisticated DLL injection technique called reflective DLL injection.
The DLL injection is like kind of manipulating and it is a clever technique for privilege escalation.
In simple words, DLL means dynamic link library and once the hacker gets into the target he/she will delete a folder from system 32 and add the custom malicious code there which will be very similar to the deleted folder.
Now, If the victim reaches for the original file and clicks the file then this is called DLL.
As soon as the victim clicks on the folder now the hacker will get access to the root.
How to perform a DLL Injection
To perform a DLL Injection or Dylib attack in mac is very easy. The first thing is to get inside the target system.
Once you are inside the target you should be able to create your own malicious code once you have created. Clone it with an application like Adobe software.
Now, On the target system delete the adobe software and add your own malicious adobe in system 32.
We are placing the file in system 32 it is because, When a victim searches for adobe software the system will first search in system 32 and the malicious adobe will be recommended by the system itself.
Is DLL same as Dylib
Yes, The DLL Injection is very similar to the Dylib injection. The only difference between them is the DLL is taking place in windows and the Dylib is in the mac systems.
In windows, the dlopen is used to load the module whereas in mac dlysm is used to open the modules.
