DLL Hijacking: DVTA

Overview

A Kali GUI machine and a Windows machine provided to you. Multi views for the Windows machine access has given to you. 1. regular user (student) 2. administrator access for application analysis.

Your task is to find the Hijackable DLL location from the vulnerable application, which is installed on the windows machine. Run Process Monitor utility to identify the missing and Hijackable DLL locations in provided vulnerable application then perform privilege escalation from a regular user (student) by planting a malicious DLL to the missing path.

Note: Use student machine for all the privilege escalation activities. The Administrator access is only given for analysis and running an application purpose.

DVTA Application Location: C:\Users\Administrator\Desktop\dvta\bin\Release\DVTA.exe

Objective: Gain access to administrator privilege meterpreter session.

Instructions:

• You can check the IP address of the machine by running "ipconfig" command on the command prompt i.e cmd.exe

• Do not attack the gateway located at IP address 10.0.0.1

Solutions

The solution for this lab can be found in the following manual: https://assets.ine.com/labs/ad-manuals/walkthrough-2104.pdf