ketabrah DLL hijacking

Published
Credit
Risk
2017.08.09
Mr.Voltage
Low
CWE
CVE
Local
Remote
N/A
N/A
Yes
No

##########################
# Exploit Title: ketabrah DLL HIJACKING VULNERABILTY
# Software Link: https://www.ketabrah.ir/go/4
# https://www.youtube.com/channel/UCyngNTHNoRLQkWRn3bQjpJQ
# Discovered By: Mr.voltage
# Version: 3.0.0.0
# Vendor Homepage : https://www.ketabrah.ir/
# Tested on : windows
##########################
+--------------------------+
+ Vulnerable DLL :
+ MoonPdfLib.dll
+ libmupdf.dll
+--------------------------+
Make Malicious dll.
Exploit:
Place a dummy MoonPdfLib.dll or libmupdf.DLL file with the malicious dll . When the file is opened you will get shell.



###################################
#Thanks to : Shayan 72

# Discovered By: Mr.voltage

# skype: mr.voltage@yahoo.com

References:

https://www.youtube.com/channel/UCyngNTHNoRLQkWRn3bQjpJQ


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com