December 19th, 2018

It rather involved being on the other side of this airtight hatchway: Hanging the loader

A security vulnerability report pointed out that a malicious file can cause the module loader to enter an infinite loop, thereby causing a denial of service on the process doing the loading.

This was by itself not interesting. After all, if you have managed to get the system to attempt to load your DLL, and you want to use it to cause a denial of service, then you don’t need to get this fancy. You can just put Sleep(INFINITE); in your DLL_PROCESS_ATTACH handler!

In other words, you’re already on the other side of the airtight hatchway. And you’re bragging that you can do something annoying like a denial service, apparently unaware that being on the other side of the airtight hatchway gives you the ability to do far more interesting (and threatening) things.

Topics
Other

Author

Raymond has been involved in the evolution of Windows for more than 30 years. In 2003, he began a Web site known as The Old New Thing which has grown in popularity far beyond his wildest imagination, a development which still gives him the heebie-jeebies. The Web site spawned a book, coincidentally also titled The Old New Thing (Addison Wesley 2007). He occasionally appears on the Windows Dev Docs Twitter account to tell stories which convey no useful information.

0 comments

Discussion are closed.