Changes between Initial Version and Version 1 of Ticket #1141, comment 2
- Timestamp:
- 11/14/18 11:44:04 (5 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #1141, comment 2
initial v1 1 1 As rozmansi said in today's community meeting we can't hardcode any of the DLL paths. Somebody may have installed Windows to D:\Windows for example. 2 2 3 Also, with local admin privileges the attacker could replace openvpn.exe or openvpn-gui.exe without playing with DLLs.3 The reason why it is better for the attacker to play with the DLLs is to avoid breaking the code signature in openvpn.exe or openvpn-gui.exe and thus alarming the user. Apparently this type of exploit is able to evade AV detection as well (in some cases?).
