Full Disclosure mailing list archives

Re: DLL Hijacking Against Installers In Browser Download Folders for Phish and Profit

From: Gynvael Coldwind <gynvael () coldwind pl>
Date: Mon, 13 Aug 2012 19:19:07 +0200

Well, what can I say - your write up is accurate.

Though last time I've seen it, around 5 years ago, it was still called
DLL spoofing and not DLL hijacking, and was one of the arguments why
"carpet bombing" (automatic download) in Safair/Chrome must be fixed
:)
E.g. http://gynvael.coldwind.pl/?id=55

-- 
gynvael.coldwind//vx

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

DLL Hijacking Against Installers In Browser Download Folders for Phish and Profit Matt Howard (Aug 13)
- Re: DLL Hijacking Against Installers In Browser Download Folders for Phish and Profit Gynvael Coldwind (Aug 13)
  - Re: DLL Hijacking Against Installers In Browser Download Folders for Phish and Profit Christian Sciberras (Aug 13)
    - Re: DLL Hijacking Against Installers In Browser Download Folders for Phish and Profit Matt Howard (Aug 13)