SUPERAntiSpyware Professional X 10.0.1264 DLL Hijacking / Privilege Escalation

Title: SUPERAntiSpyware Professional X Version =10.0.1264 "version.dll" Local Privilege Escalation Date: 03.04.2024 Author: M. Akil Gündoğan Vendor Homepage: https://superantispyware.com/ Version: 10.0.1262 and lastest version 10.0.1264 Tested on: Windows 10 Professional x64 PoC Video:...

7-Zip 16 DLL Hijacking

Microsoft Windows Environment Variable Expansion Issue Leads To Remote DLL Hijack Attack vector: 7-ZIP v.16 7-ZIP v.16 and possibly other softwares that utilizes the HTML Help System are prone to a remote DLL hijacking issue which leads to arbitrary code execution. PoC attached. because the OS...

Government Sector in Central Asia Targeted With New HAWKBALL Backdoor Delivered via Microsoft Office Vulnerabilities

FireEye Labs recently observed an attack against the government sector in Central Asia. The attack involved the new HAWKBALL backdoor being delivered via well-known Microsoft Office vulnerabilities CVE-2017-11882 and CVE-2018-0802. HAWKBALL is a backdoor that attackers can use to collect...

CVE-2017-9046

winpm-32.exe in Pegasus Mail aka Pmail v4.72 build 572 allows code execution via a crafted ssgp.dll file that must be installed locally. For example, if ssgp.dll is on the desktop and executes arbitrary code in the DllMain function, then clicking on a mailto: link on a remote web page triggers th...

Code injection

winpm-32.exe in Pegasus Mail aka Pmail v4.72 build 572 allows code execution via a crafted ssgp.dll file that must be installed locally. For example, if ssgp.dll is on the desktop and executes arbitrary code in the DllMain function, then clicking on a mailto: link on a remote web page triggers th...

CVE-2017-9046

winpm-32.exe in Pegasus Mail aka Pmail v4.72 build 572 allows code execution via a crafted ssgp.dll file that must be installed locally. For example, if ssgp.dll is on the desktop and executes arbitrary code in the DllMain function, then clicking on a mailto: link on a remote web page triggers th...

The use of EMET vulnerability to disable EMET protection-vulnerability warning-the black bar safety net

Microsoft developed the enhanced mitigation experience Toolkit（EMET）is a user-mode program to add security mitigation measures of the project, rather than the built-inoperating systemin the program. It is as a DLL in the“protected”program run through the code for various changes, so that the...

Using EMET to Disable EMET

UPDATE July 7: This post has been updated in advance of a Black Hat 2016 presentation. Microsoft’s Enhanced Mitigation Experience Toolkit EMET is a project that adds security mitigations to user mode programs beyond those built in to the operating system. It runs inside “protected” programs as a...

Arora 0.10.0 Windows Qt 4.5.3 DLL Hijack

/ Exploit Title: Arora 0.10.0 Windows Qt 4.5.3 DLL Hijacking Exploit wintab32.dll Date: 27/10/2012 Author: Metropolis Url: http://metropolis.fr.cr Software Link: http://code.google.com/p/arora/downloads/detail?name=Arora%200.10.0-1%20Installer.exe&can=2&q= Version: 0.10.0 Tested on: Windows 7...

Recover MyFiles 3.8.4.3300 DLL Hijacking Exploit

Exploit for windows platform in category local exploits =============================================== Recover MyFiles 3.8.4.3300 DLL Hijacking Exploit =============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=0 0 1 1 | | | | | | | | | | | | \ \ / / 0 ...

Microsoft Windows Internet Communication Settings - schannel.dll DLL Hijacking

Microsoft Windows Internet Communication Settings - schannel.dll DLL Hijacking / Exploit Title: Windows Internet Communication Settings DLL Hijacking Exploit schannel.dll Date: 25/08/2010 Author: ALPdaemon Email: ALPdaemon at yahoo dot com Software Link: N/A Tested on: Windows XP SP3 English...

Apple QuickTime - CRGN Atom Local Crash

Apple QuickTime - CRGN Atom Local Crash 0:000 !exploitable -v HostMachine\HostUser Executing Processor Architecture is x86 Debuggee is in User Mode Debuggee is a live user mode debugging session on the local machine Event Type: Exception Exception Faulting Address: 0x66830f9b First Chance Excepti...

Managed to inject in-depth study-vulnerability warning-the black bar safety net

This is what I posted in the hacker line of Defense of the 2 0 0 8 year 1 2 on an article, here it is on the network for starters. The attachment is I wrote a tool“the Super SpySuperSpy”, including a window-detection function, and even be able to detect the VC's own SPY++can't detect the window; ...

Quake 3 Engine Client (Windows x86) - CS_ITEms Remote Overflow

Quake 3 Engine Client Windows x86 - CSITEms Remote Overflow / Quake 3 Engine Client CSITEMS Remote Stack Overflow Exploit Win32 Written by RunningBon E-Mail: [email protected] IRC: irc.rizon.net kik This is a DLL, which gets injected into the server exe. You will need Microsoft Detours library...