DLL vs EXE | Windows DLL Hell

Показать описание

In this video I talk about DLL vs EXE files, static vs dynamic linking, dll injection, and demonstrate how malware can infect your system without ever running a malicious process/exe file, and simply using a legitimate windows process. Example: Blue/Eternal Petya

Wingamer25 is now fighting malware with a flaming katana, why flaming? cause those games make the GPU run hot!
danooct1 has been fighting malware for a long time now, with a DOS box and his grandma's Windows 98 cd. Reinstall..Reinfect..Repeat.

Want to be mentioned here, or just want to support the channel? Check out my Patreon page:

-------------------------------------------

Want to join the TPSC community? Join our Discord server!

Рекомендации по теме

Комментарии

Him having all of those ransomware files is like a police officer having a room full of one of each type of drug

literalcode

This is a nice video, and I do understand it's a bit old but I wanted to mention that dynamic linking is not necessarily all downsides when it comes to security.

In the case of several applications using a dynamically linked routine that's exploitable in some way, then that same exploit may be patched for the shared routine only without having to update every single (and potentially poorly maintained) application that uses it.

Again, I'm sure this is something you're aware of, but I wanted to show there are more benefits to dynamic linking than just memory efficiency

EiB_inc

Thanks! You're doing good work

I learned a lot here. Had a side project where I needed to script running a .dll file, I got up to learning how to call the file with rundll32, but got sidetracked when that wasn't enough. Thanks for showing me the ordinal

jonsprivatelife

The curtain has been pulled back and the Wizard has been revealed. Always great info on this channel. Thanks for and continue posting. :D

Darknamja

That's just one excellent topic!
Great explanation! Kudos!
DLLs? My favorite links. 🤣
Secure OSes? Let me take my spacetimeship so I can check in parallel universe. 🚀😁

elviraeloramilosic

Man you really amazed me! As, I'm a developer I thought I may already know the basics of these dynamic linking, but man, you showed me the "WAY" how they work, and that was truly mind blowing for me

TheMR-

If we keep watching videos like this, I think in few years (maybe months) we all become cybersecurity expert.
Thanks!

ashwaniaugust

For those who don't know you can also right click the start menu and run cmd as admin from there.

It looks like, it now links to powershell rather than cmd but same difference.

KoshyGeorge

Very inrteresting video. Thanks for information!

unknownunknown

Absolutely right. And since we now also have python and nw.js, new problems are at sight, because while a C++ code can be modified to make it hidden from antiviruses, Python and Javascript allow the execution of a dynamically generated code. So you can just encrypt the virus with a different key and boom, the virus is once more impossible to detect via scan. The only way to find it is to detect function calls at runtime.
Or we can be like iOS and disable encrypted files altogether. Which would be a huge security concern.

poryg

Very Nice Explanatio, Sir.Needs More From You.

mithunchandrasaha

thank you Leo, this was very informative :)

Caneladorada

This is so useful for the end user if they are even a little bit computer knowledgeable.

sangitakumari

Really interesting video. Great job !

Btw, right click the start button or use Win + X. You'll have the choice of starting cmd normally or as admin, along with other things.

YannMcRissos

Question. Have there been any other malware like WannaCry that can infect your system simply by being connected to the internet?

non-urbanninja

Hi Leo, Many of these issues of course come from downloading programs with cracks and key generators that manipulate the software in order to use it at no cost. Thanks for the info.

wilfredotorres

I love your videos men keep the good work!

ceclon

Very good referential video here, Leo :-) now when anyone asks if DLL's can be harmful or how they can be harmful if they''re not the executables you can simply refer them here..

callofbooty

If you right click the start button you can access a lot of programs that you usually require searching for.

CyrusHusky

Stuff like this is why I obsessively run everything inside of sandboxie with comodo I.S. set to auto-block the unknown on the hips, firewall, and auto-containment. I also clear the sandbox directories very often

AlrekArinbjorn

DLL vs EXE | Windows DLL Hell

DLL vs EXE | Windows DLL Hell

What Are DLLs?

C# beginners :- Assembly , EXE and DLL

How to edit or modify EXE or DLL file in any Windows computer ?

Should You Install Software Using .EXE or .MSI ?

DLL vs EXE in .NET

How to Sign an EXE or DLL in Visual Studio 2022 Using SignTool

What is the difference between .exe and .dll | Basics of C#

Fix Microsoft Flight Simulator 2024 Microsoft Visual C++ Runtime/VCRUNTIME140.dll/MSVCP140.dll Error

How to Edit a DLL or EXE files using Hexed.it

How to easily embed all dll's into exe - C# Windows Forms

How to Open DLL Files

How to Fix Missing DLL Files In Windows 10/11

How to find out if the EXE or DLL file is 32bit or 64bit in Windows computer ?

exe vs dll | difference between EXE vs DLL | what are the difference between dll and exe file

[FIXED]C:\WINDOWS\SYSTEM32\MSVCP140.dll is either not designed to run on windows [0xc000012f]

DLL Hijacking Tutorial

How to Fix VCRUNTIME140.dll is Missing Error on Windows 10

Fix Error wbemprox.dll Is Either Not Designed To Run On Windows Or It Contains An Error

How to Open .dll With DnSpy 2021 | Learn The Easiest Way to Open .dll With DnSpy 2024

How to Fix All .DLL Files Missing Error In Windows 10/8/7 (100% Works)

How to Fix DLL Errors in Windows 11

[FIXED]C:\WINDOWS\SYSTEM32\MSVCP110.dll is either not designed to run on windows 10 - [0xc000012f]

How-To Create And Use A DLL (Dynamic Link Library) with C++ MSVC Visual Studio 2019 Walkthrough