What's the best way to secure dll files [closed]
https://stackoverflow.com/questions/7927171
-
15-02-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
We have a large application build in C++ builder, that at startup looks at a folder and loads all the present dll files. I figured this might not be such a good thing and tried my thoughts by creating a dll that only fired up a web browser and opened a picture with the word owned :P
Anyway, it worked. So the system could be compromised in any way by a dll being switched out or a new one added. Remote admin access, format drives, you name it.
So my thoughts went toward trying to plug this hole. What's the best practice for this? I was thinking of some kind of signing of the dll's. Having the .exe holding a list of names of valid dll's doesn't actually solve it since a dll could be replaces. A list of names and checksums would work, but would be nice to keep the auto-loading feature but only load correctly signed dll's.
Edit: I'm looking into using signtool.exe which seems to do the job. But I can't find any good reference as how to actually check the signature of the dll in C++ afterwards. Anyone who has a link?
Solution
It sounds like you are vulnerable to the dll hijacking exploit which affected basically everything written for Windows (and yet another example of how Microsoft couldn't secure a brick.). Microsoft has recommendations for mitigating this flaw.
OTHER TIPS
You should protect the folder containing the DLLs so that only those with Administrative access can write to it.
Beyond that, anyone who can write to such a folder can do just about anything else they want to, and there's not much you can do about it.
