Persian Hack Team Expose DLL Hijacking Bug

8 years ago

Hackers of the team Persian Hack Team has discover a DLL hijacking vulnerability -requires local access to exploit- in: CodeBlocks -version 12.11-
DLL hijacking involve replacement of desired DLL -Dynamic Link Library- with a malicious DLL of the same name to make exploit of the attacker’s choice 

Link to bug is here and all discover vulns if find here 

The bug is discovered by Mojtaba MobhaM
Vendor Homepage: http://www.codeblocks.org/

More detail:

Vulnerable Library is: –codestat.dll

Dir : C:\Program Files (x86)\CodeBlocks\share\CodeBlocks\plugins
Rename Evil DLL TO codestat.dll

Demo: https://youtu.be/iL1NTzR6V6c

Mojtaba MobhaM –[email protected]
Home : http://persian-team.ir/

Greetz is go to: T3NZOG4N & FireKernel

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *