Pegasus X DLL hijacking

2023.09.21
us E1.CODERS (US) us
Risk: Low
Local: Yes
Remote: No
CVE: CVE-2023-41064
CWE: N/A

#include <windows.h> // Define the window class WNDCLASSEX wcex; wcex.cbSize = sizeof(WNDCLASSEX); wcex.style = CS_HREDRAW | CS_VREDRAW; wcex.lpfnWndProc = DefWindowProc; wcex.cbClsExtra = 0; wcex.cbWndExtra = 0; wcex.hInstance = GetModuleHandle(NULL); wcex.hIcon = LoadIcon(NULL, IDI_APPLICATION); wcex.hCursor = LoadCursor(NULL, IDC_ARROW); wcex.hbrBackground = (HBRUSH)(COLOR_WINDOW + 1); wcex.lpszMenuName = NULL; wcex.lpszClassName = "CVE-2023-41064"; // Register the window class RegisterClassEx(&wcex); // Create the window HWND hwnd = CreateWindow("CVE-2023-41064", "CVE-2023-41064", WS_OVERLAPPEDWINDOW, CW_USEDEFAULT, 0, CW_USEDEFAULT, 0, NULL, NULL, GetModuleHandle(NULL), NULL); // Show the window ShowWindow(hwnd, SW_SHOW); // Update the window UpdateWindow(hwnd); // Message loop MSG msg; while (GetMessage(&msg, NULL, 0, 0)) { TranslateMessage(&msg); DispatchMessage(&msg); }

References:

https://github.com/apt0factury/CVE-2023-41064/blob/main/Pegasus%20X%20DLL%20hijacking


See this note in RAW Version
Vote for this issue:
75%
25%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top