PyScripter 2.5.3.0 DLL Hijacking

[GoogleCodeExporter]

What steps will reproduce the problem?
compile dllhijack.dll:
gcc -shared -o svrapi.dll  dllhijack.c
then put svrapi.dll and create a .py file in the same dir, open the .py file , 
calc.exe execute

What is the expected output? What do you see instead?

What version of the product are you using? On what operating system?
2.5.3.0, Win 7 Pro SP1

Please provide any additional information below.

Original issue reported on code.google.com by gamegame...@gmail.com on 4 Apr 2015 at 1:47

Attachments:

• dllhijack.c

[GoogleCodeExporter]

I have no clue what this is issue is about.

Original comment by pyscripter on 5 Apr 2015 at 11:35

• Changed state: Invalid

[GoogleCodeExporter]

for real ?
http://en.wikipedia.org/wiki/Dynamic-link_library#DLL_hijacking

Original comment by gamegame...@gmail.com on 5 Apr 2015 at 1:04

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

This is not specific to PyScripter and I cannot do much about it.

From http://resources.infosecinstitute.com/dll-hijacking/
"The list of vulnerable programs seem to be growing daily. Even some anti-virus 
and security products are vulnerable. Imagine that! In this video, we’ll be 
using Windows Address Book program as our exploitable application."

If someone can place (or convince you to place) a viral dll in your machine, 
they could do all sort of other dangerous stuff.   

Original comment by pyscripter on 5 Apr 2015 at 9:47

• Changed state: Wont-do

[GoogleCodeExporter]

I looked a bit further into this.

A solution is described in http://support.microsoft.com/en-us/kb/2264107.  
PyScripter does not use any local dlls, so users can apply either the 
system-wide or the application specific fix.

Original comment by pyscripter on 5 Apr 2015 at 10:03