How can I proctect my .NET application against DLL Hijacking?

Question

We have a .NET 3.5 application with registered extensions. How can we protect it against DLL Hijacking attacks?

Because of legacy & design problems strong naming

Answer 1

Robert,

In fairness to Jim's question about "what kind of design would that be". By answering, instead of just saying "it is what it is" you could give us insight into the constraints our suggestions/solutions must fall within.

Put another way, without knowing why the legacy code prevents you from doing it the "right way" it's hard to provide ideal workarounds to your problem.

Unless your architecture prevents the MD5 checksum idea suggested by Vishalgiri, I'd suggest taking his advice. Again though, without knowing what application(s) call these DLLs and why they can't be signed, it's hard to know if this will work for you.

My idea might be a lot simpler, but can you not adjust your application to preload the DLL from a predefined location? For example, only allow it to load from the BIN folder of your main applicaton, and failing that - never try again?

See this link on how to load from a distinct path: http://www.chilkatsoft.com/p/p_502.asp

This may be faster than writing all the MD5 checksum code. Even though I like that idea as well.