Finding and Exploiting Hidden Functionality in Windows DLLs
In this presentation, Nerdwell dives deep into Windows DLL hacking and reviews common bug patterns that he’s found in the wild. We first review tools and techniques for interrogating Windows DLLs to identify hidden functionality. Next, we’ll take a look at some common bug patterns related to the use of DLLs in web servers and network services. Then we’ll wrap up with demonstrations of how bug bounty hunters can access and exploit such functionality in a variety of use cases.
About the Author
Nerdwell is a systems and security engineer with a passion for bug bounty and vulnerability research. He currently works in critical infrastructure protection and has experience supporting technology in a variety of industries, ranging from manufacturing to healthcare. With over 20 years’ experiences, Nerdwell understands firsthand the challenges of building and supporting complex technology solutions securely. In addition to finding bugs and performing security research, Nerdwell enjoys networking and sharing knowledge with fellow hackers.
Get Started with Bugcrowd
Every minute that goes by, your unknown vulnerabilities leave you more exposed to cyber attacks.