Enhanced DLLHijackAuditKit

/* DLLHijackAuditKit (C) 2010 Rapid7 LLC */


Modified by
Aung Khant, YGN Ethical Hacker Group, Yangon, Myanmar

- Added sleep timer suport
- Added regex support to scan only desired application and its associated file extensions

Why did we modify?

By default, DLLHijackAuditKit scans all associated file extensions with all installed applications in default timer of 3 seconds.
DLLHijackAuditor from SecurityXploded is great for targetting only one application.
However, according to our testing, it sometimes misses flaws.

So, we tried to save time by adding timer support and regex support to our favorite HDM's

How is useful?

Sleep timer - for some applications like Adobe CS, which takes a few seconds to reach fully usable state
              You do need to look at both analyze.js and audit.js for the two variables below.
              You should adjust them depending on the application's loading time.
    var snap_time = 1000;
    var sleep_time = 5000;
Regex           - for each application you want and your desired extensions

    scan_app  -  You need to look at the default data value of your desired application extension
                 in regedit editor.
                 It could be like Adobe.Illustrator.ColorBook
                 then you can
    scan_app = /Adobe.Illustrator/gi;   


DLLHijackAuditKit also missed flaws sometimes.
If it doesn't show exploitability, do manual analysis.


Vulnerabilities produced from DLLHijackAuditKit


Popular posts from this blog

CubeCart 3.0.20 (3.0.x) and lower | Multiple Cross Site Scripting Vulnerabilities

Open-Realty CMS 3.x | Persistent Cross Site Scripting (XSS) Vulnerability

OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities (CVE-2012-0872)