uTorrent - DLL Hijacking Vulnerabilities

2010-08-25T00:00:00
ID EDB-ID:14748
Type exploitdb
Reporter Dr_IDE
Modified 2010-08-25T00:00:00

Description

uTorrent DLL Hijacking Vulnerabilities. Local exploit for windows platform

                                        
                                            ###########################################################################
#
# Title: 	uTorrent <=2.0.3 Dll Hijacking Local Exploits
# By:		Dr_IDE
# Tested:	Windows 7RC
# Note:		These are additional DLL's with unsafe Load Paths
# Reference:	http://www.exploit-db.com/exploits/14726/
#
############################################################################

If the payload .DLL file is renamed to any of these files and placed in the 
utorrent.exe directory, the payload will be executed with users' credentials.

	-userenv.dll

	-shfolder.dll
	
	-dnsapi.dll

	-dwmapi.dll

	-iphlpapi.dll

	-dhcpcsvc.dll

	-dhcpcsvc6.dll

	-rpcrtremote.dll

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/14748.tar.gz (Dr_IDE.bind.dll.tar.gz)

#[pocoftheday.blogspot.com]