Search Unity

  1. Welcome to the Unity Forums! Please take the time to read our Code of Conduct to familiarize yourself with the forum rules and how to post constructively.

DLL Hijacking

Discussion in 'Windows' started by eusebium, Apr 8, 2022.

  1. eusebium

    eusebium

    Joined:
    Jul 23, 2016
    Posts:
    80
    Hey, Our penetration testers noticed that some DLLs that are used by the app/game are not found when the app/game starts.
    Process Monitor:
    upload_2022-4-8_21-8-20.png
    They were able to replace it with a "malicious" tdh.dll (which normally is found in C\Windows\System32) and execute some code.

    Is that dll used by the Unity Engine? What would be solution in this case? (Code signing, forcing Unity Engine to load only signed libraries, etc.)
     
    eusebium, Apr 8, 2022
    #1

  2. eusebium

    eusebium

    Joined:
    Jul 23, 2016
    Posts:
    80
    eusebium, Apr 8, 2022
    #2