Click here to Skip to main content
15,850,446 members

Comments by KUMAR619 (Top 200 by date)

KUMAR619 2-Apr-23 13:38pm View    
Hi @OriginalGriff
Can you please answer my other question posted in the following link. I hope you can address that issue.

https://www.codeproject.com/Questions/5358059/How-to-avoid-DLL-hijacking-in-WPF-application
KUMAR619 1-Apr-23 13:16pm View    
Generally whenever we add any system reference to our project it call that DLL whenever that is require. Those DLL will also trigger other DLLs indirectly.

For example PresentationCore.dll is a system DLL which we can find in .NET Framework folder. That PresentationCore.dll calls d3d9.dll. Even though we are not using d3d9.dll directly but it is used by PresentationCore.dll which we have used in our project. That's why when a hacker user a malicious DLL with the same method of d3d9.dll it is getting hijacked.

Can you help me to get rid of this issue
KUMAR619 1-Apr-23 12:38pm View    
DLL hijacking is happening for d3d9.dll which is a system DLL. In windows there is order of execution of a DLL. If we place a DLL where preference is high then the system DLL is never triggered. Our Infosec team is using Meta exploit method to get the methods of a DLL and truing to replicate the same methods and doing their own logic which is vulnerable to DLL Hijacking.

It is not only for that DLL it happens for all DLL.

We are never referring the d3d9.dll but it is called from Presentation Core DLL which is found under .Net Framework
KUMAR619 1-Apr-23 12:24pm View    
Our infosec team is doing some meta exploit method to get the endpoint of d3d9.dll and they are using the same method to override the system DLLs due to order or DLL execution
DLL hijacking is happening for d3d9.dll which is a system DLL. In windows there is order of execution of a DLL. If we place a DLL where preference is high then the system DLL is never triggered. Our Infosec team is using Meta exploit method to get the methods of a DLL and truing to replicate the same methods and doing their own logic which is vulnerable to DLL Hijacking.

It is not only for that DLL it happens for all DLL.

We are never referring the d3d9.dll but it is called from Presentation Core DLL which is found under .Net Framework
KUMAR619 15-Apr-20 7:21am View    
Sorry Coder969,
You are having a card right and the card reader. First contact the person who gave the card who will be having dll files. Don't treat as third party since you bought the card reader then you have the license to use that device. Hence the demo utility will have dll files in it. Reuse it. Can you provide me specification for both the card and Card reader