gknows / pyscripter

Automatically exported from code.google.com/p/pyscripter
0 stars 0 forks source link

PyScripter 2.5.3.0 DLL Hijacking #792

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
compile dllhijack.dll:
gcc -shared -o svrapi.dll  dllhijack.c
then put svrapi.dll and create a .py file in the same dir, open the .py file , 
calc.exe execute

What is the expected output? What do you see instead?

What version of the product are you using? On what operating system?
2.5.3.0, Win 7 Pro SP1

Please provide any additional information below.

Original issue reported on code.google.com by gamegame...@gmail.com on 4 Apr 2015 at 1:47

Attachments:

GoogleCodeExporter commented 9 years ago
I have no clue what this is issue is about.

Original comment by pyscripter on 5 Apr 2015 at 11:35

GoogleCodeExporter commented 9 years ago
for real ?
http://en.wikipedia.org/wiki/Dynamic-link_library#DLL_hijacking

Original comment by gamegame...@gmail.com on 5 Apr 2015 at 1:04

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
This is not specific to PyScripter and I cannot do much about it.

From http://resources.infosecinstitute.com/dll-hijacking/
"The list of vulnerable programs seem to be growing daily. Even some anti-virus 
and security products are vulnerable. Imagine that! In this video, we’ll be 
using Windows Address Book program as our exploitable application."

If someone can place (or convince you to place) a viral dll in your machine, 
they could do all sort of other dangerous stuff.   

Original comment by pyscripter on 5 Apr 2015 at 9:47

GoogleCodeExporter commented 9 years ago
I looked a bit further into this.

A solution is described in http://support.microsoft.com/en-us/kb/2264107.  
PyScripter does not use any local dlls, so users can apply either the 
system-wide or the application specific fix.

Original comment by pyscripter on 5 Apr 2015 at 10:03