|Home . Services . References . Advisories . Research . News . Company . Blog|
|Binary Planting Home > Online Binary Planting Exposure Tests|
Online Binary Planting Exposure Tests
This page is provided for the benefit of all coporate and home Windows users who wish to test their exposure to binary planting attacks (also called "DLL hijacking", "DLL load hijacking", "DLL preloading", "Unsafe library loading" or "Insecure Library Loading") originating from the Internet. We'll try to keep a working demo of at least one unpatched vulnerability here for as long as there are any available.
Note that these tests are not a demonstration of a realistic attack scenario. In a real attack, for instance, you would not be asked to manually copy-paste an address from one window to another, and the DLL would not be visible in the remote shared folder. These tests have been optimized to make it as independent as possible from your computer configuration. (See this page for real-world attack scenarios.)
Before you begin, be aware that these tests, if successful, will execute code originating from an unknown source (unknown to you, that is) on your computer and obtain your privileges on your computer and in your network. You have absolutely no reason to trust any such code - this code, if it were malicious, could infect your computer with all sorts of malware. If you are, or should be, in any way concerned about the security of your computer and/or network, we encourage you to do this test, as well as any other such exploit tests, on a "sacrificial" computer, preferably a virtual one that you can revert to a known secure state afterwards. Even if you entirely trust us to be nice (which we are), you should know that these tests will take place over an untrusted Internet connection, along which our benign code can be silently replaced by a malicious look-alike without us being able to do anything about it or you being able to detect such replacement. You have been warned.
Current Test Suite - UNFIXED Vulnerabilities
These are the currently available tests exploiting vulnerabilities that haven't been fixed by vendors yet. Choose any test that fits your operating system and follow its link to proceed.
Archive Test Suite - FIXED Vulnerabilities
These are the currently available tests exploiting vulnerabilities that have already been fixed by vendors. Only use these tests to verify whether the associated vulnerabilities have been efficiently fixed on your computer. Choose any test that fits your operating system and follow its link to proceed.
Note that these tests are not suitable for confirming the absence of exposure to binary planting vulnerabilities, but only to confirm the presence of such exposure. There can be many reasons why these tests can fail, including network problems, a specific state of your computer at the time of testing, and the possibility of the vulnerabilities used for testing having been recently fixed. However, these tests can be a useful tool for testing various countermeasures to binary planting attacks in general: if you get "HACKED" consistently without some countermeasure, and avoid getting "HACKED" with that countermeasure in place, the countermeasure's effectiveness, at least to this particular attack originating from the Internet, can be confirmed.
For additional information, go to ACROS Security and ACROS Security Blog.
Please kindly direct any feedback regarding this test to firstname.lastname@example.org.