RapidTyping DLL HIJACKING VULNERABILTY

2017.08.07
be Mr.voltage (BE) be
Risk: Medium
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

########################## # Exploit Title: RapidTyping DLL HIJACKING VULNERABILTY # Software Link: http://www.rapidtyping.com/en/downloads/typing-tutor/ver-5/RapidTyping_Setup_5.2.exe # https://www.youtube.com/channel/UCyngNTHNoRLQkWRn3bQjpJQ # Discovered By: Mr.voltage # Version: 5.2 # Vendor Homepage : http://www.rapidtyping.com # Tested on : windows ########################## +--------------------------+ + Vulnerable DLL : + rtbridge.dll + fmodex64.DLL +--------------------------+ Product +-------+ RapidTyping is a convenient and easy-to-use keyboard trainer that will help you improve your typing speed and reduce typos. With its lessons organized around various keyboard groups, the RapidTyping software will teach you touch typing in a short time. +-------+ Make Malicious dll. Exploit: Place a dummy rtbridge.dll or fmodex64.DLL file with the malicious dll . When the file is opened you will get shell. ################################### #Thanks to : Shayan 72 # Discovered By: Mr.voltage # skype: mr.voltage@yahoo.com

References:

https://www.youtube.com/channel/UCyngNTHNoRLQkWRn3bQjpJQ


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top