The essence of DLL hijacking is to deliver an innocent file together with a malicious DLL, in the one directory. Would it be possible to do this via email: a ZIP (or similar) archive containing the two files?
Thoughts about this? I know that an emailed ZIP is searcheable by desktop AV systems; but the signature-based AVs forever play catch-up with the attacks in the wild. Cheers, Paul Paul Szabo [email protected] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
